Many popular free VPN services can pose serious risks to your online safety.
Free VPNs are often riddled with aggressive advertising or malware. Many collect and monetize user data by selling it to third parties. Hola VPN, for example, was caught selling its users’ bandwidth to botnets.
A large number of free VPNs also have weak encryption and leak IP or DNS data.
In 2019, we tested 150 free Android VPNs and found that over 85% had security flaws. You can see the results of our investigations here:
Not every free VPN is dangerous, though. Some free VPNs are very good for small and specific tasks like browsing safely on public WiFi or accessing a short geo-blocked video on YouTube.
It can be enticing to use a VPN without a long-term commitment, but you should be aware that even safe free VPNs have limitations.
For example, it’s rare for a free VPN to support streaming services or P2P traffic. Most have a reduced server network, and many will limit your speeds or cap your data usage. What’s more, many popular free services are simply proxies.
Here are the potential dangers of using an unverified free VPN:
Data Logging & Advertising
Free VPN services need to make money to support their business. Most services do it through advertising. Free VPN apps with ads have third-party code that can send personal data back to the ad platform.
Some free VPNs even log your web data and sell it to third-parties.
If you are using a VPN to use the internet privately, avoid those that have advertising.
Data Leaks & Weak Encryption
Strong encryption and a secure server network cost money. Many free VPNs are poorly maintained – as a result, they simply aren’t secure.
We see many popular free VPNs like YogaVPN and TurboVPN leak DNS and IP address information. Basically, free ‘VPNs’ like these are proxies that don’t encrypt your data.
Ownership & Accountability
We look into who’s behind each free VPN. Our previous research discovered that 60% of popular free VPNs had suspicious links to China, as well as privacy flaws.
Most of the popular free VPN services on the App Store or Google Play Store belong to companies that do not prioritise user privacy. At the very worst, some of them are actively looking to harvest your data.
How Do Free VPNs Make Money?
VPNs aren’t free to run. There are development, infrastructure, and staff costs, to list a few. It isn’t really possible to run a VPN for free.
How a free VPN makes its money is really important. As the saying goes: if you aren’t paying for a product, then you are the product. These are most common ways free VPNs make money:
- Being subsidised by a paid service (another VPN or security software)
- Advertisements
- Selling user data
It’s safer to choose free VPNs that are subsidized by paid VPN services. Windscribe, TunnelBear, and ProtonVPN are good examples. These companies don’t have to monetize their free applications directly.
Other free VPNs generate income by running advertisements in their apps. This is most common with mobile-only free VPNs. These apps often prompt you to upgrade to an ad-free (paid) version of the VPN.
Advertisements aren’t ideal from a privacy standpoint. But many users make that trade-off in order to use a free service.
The worst free VPNs make money by selling your browsing data to advertisers and other third parties. The best case scenario here is that you’re made into a product for marketers. The worst case scenario is that your personal details are for sale online.
In short, paid VPNs are almost always better than free VPNs. They are faster, more secure, and don’t have data usage limits.