The Dangers of Free VPNs

Find all our investigations into the dangers of free VPN services. Since 2018, we've uncovered hidden security flaws, Chinese ownership, and shady operators behind many popular apps.
Free VPN investigation header image
Simon Migliano

Key Findings 2018–2021:

Free VPN Ownership Investigations

  • Free VPN Ownership Investigation (2018): 59% of the most popular free VPN mobile apps were revealed to be secretly Chinese-owned. The majority of these apps were found to have substandard privacy protections.
  • Free VPN Update (2019): Apple and Google failed to act on our findings: 77% of the free VPN apps flagged as potentially unsafe were still available.
  • Chinese Ownership Investigation (2020): 10 of the most popular free VPN mobile apps in the US are still Chinese-owned. Another four have suspected links to mainland China.

Free VPN Security Investigations

  • Free VPN Risk Index (2018/19): We tested 150 free VPN apps and 25% failed to protect user privacy due to DNS and other leaks. 85% featured excessive permissions or functions with potential for privacy abuses.
  • Free VPN Update (2019): Apple and Google failed to act once more – 90% of the apps flagged as potentially unsafe were still available six months later.
  • Internet Shutdown VPN Security (2021): We are tracking the VPNs rising to popularity during major censorship incidents and testing them for privacy and security issues. 80% share or log users’ real IP addresses.

Free VPN iOS App Store Privacy

Are Free VPNs Safe?

Over the past three years, we have conducted a series of investigations into the dangers of free VPNs. This article summarizes our main findings and introduces a body of evidence demonstrating the true cost of using a free VPN.


A Virtual Private Network encrypts a user’s internet connection and diverts their traffic via a remote server in order to hide their IP address. They are primarily used to keep internet activity private, evade censorship, and use public WiFi securely.

The best VPN software usually comes with a monthly subscription cost, but a subsection of providers offer VPN applications completely for free.

Most free VPNs claim to provide all the protection of a paid VPN, without any of the cost. Unfortunately, many free VPNs put users at greater risk than using no VPN at all.

With most free VPNs, you may not pay financially, but you pay with your privacy and security.

These free VPN apps are often the first port of call for users suffering from censorship or an internet shutdown.

It’s common for such users to download the first VPN that appears in the search results, assuming that a large number of downloads or a place in the app store means that the VPN is safe to use.

This is far from guaranteed.

While it is possible to find a safe free VPN, many of the most popular free services available are in fact dangerous to use.

Based on the combined findings of our reports, we recommend consumers strongly consider premium VPN services or at the very least research safe free VPN alternatives.

Free VPN Investigations Explained

By 2018, it was becoming increasingly clear that Apple and Google were struggling to manage the increasingly popular VPN category in their app stores.

Generic free VPNs had amassed tens of millions of installs, pushing more established VPN services down in the search results.

That same year, we published the first ever free VPN ownership investigation to shine a light on who owned and operated these free VPN services.

In doing so, we revealed the companies that had access to the sensitive data of hundreds of millions of users around the world.

Since then, we’ve used our expertise and experience in reviewing VPN services to examine every aspect of these hugely popular free VPNs.

This article brings all of this extensive research together. We’ve organized the reports by theme to make it easier to understand the extent of the dangers posed by so many of these apps.

Use the page navigation to jump to each relevant section and see our key findings. We recommend bookmarking this page, as we will continue to update it as we publish new research on free VPNs.

Free VPN Ownership Investigations

Illustration showing Apple and Google as ostriches with their heads in the sand over the problems with free VPN apps in their app stores

Apple and Google’s response to our free VPN ownership investigations.

We have been researching the ownership of free VPN services since 2018, when we were the first to uncover the extent of hidden Chinese ownership of the most popular free VPN apps in Apple and Google’s app stores.

Key Findings

Here is a summary of the findings from our free VPN ownership research:

  • Free VPN Ownership Investigation (2018)
    • 59% of the most popular free VPN mobile apps were revealed to be secretly Chinese-owned.
    • 86% of free VPN apps had substandard privacy policies, if they had them at all.
    • 64% had no dedicated website – several had no online footprint beyond app store listings.
  • Free VPN Update (2019)
    • Six months on, Apple and Google had failed to act to address these safety risks despite formal notice of our findings.
    • 77% of the VPN apps flagged as potentially unsafe are still available.
    • Android installations of potentially risky free VPN apps increased 85% to 214 million.
  • Chinese Ownership Investigation (2020)
    • 10 of the most popular free VPN mobile apps in the US are Chinese-owned. Another four have suspected links to mainland China.
    • With over 223 million global installations, these apps have a huge reach.
    • 12 of these free VPN apps have privacy policies that are substandard or worse. Six are “poor” to “very poor”.

Free VPN Security Investigations

Free VPN Risk Index headline image showing free VPN services in Google Play on an Android device

The Free VPN Risk Index analyzes the security of 150 free Android VPN apps.

As well as investigating the ownership of free VPN services, we also undertook a huge study of the security of the top 150 free VPN apps in the Google Play Store. Using this data, we created the Free VPN Risk Index.

We discovered that one-in-four free VPN apps failed to properly protect their users’ privacy. We also found the vast majority had excessive permissions or code that posed potential privacy and security risks.

After formally notifying Google of our findings and requesting action to raise standards in the category, we conducted a full update six months later to determine whether the situation had improved.

In 2021, we also began tracking the most popular VPN Android apps during individual internet shutdowns and testing them for privacy and security issues. Our initial findings focused on major incidents in Myanmar and Nigeria, where we found 80% of the most popular VPN apps shared or logged users’ IP addresses.

Here is a summary of the findings from our free VPN security research:

Key Findings

  • Free VPN Risk Index (2019)
    • We tested 150 free VPN apps with over 260M installs. 25% failed to protect user privacy due to DNS and other leaks.
    • 85% featured excessive permissions or functions with the potential for privacy abuses.
  • Free VPN Update (2019)
    • Six months on from the Risk Index, Google had failed to address the significant security risks despite formal notice of our findings.
    • 74% of the apps flagged as potentially unsafe still posed a risk.
    • The free VPN apps flagged as potentially unsafe had amassed 518 million installs from the Play store at the time – almost doubling from 260 million in just six months.
  • Internet Shutdown VPN Security (2021)
    • We have so far tested the 10 most popular VPN apps in Myanmar since the February 2021 coup and the 5 most popular in Nigeria since the Twitter ban in June 2021. We will add to this report as new internet shutdowns take place.
    • 12 apps tested to date log or share user IP addresses while 11 shared users’ unique Google Advertising Identifier.
    • 3 free VPN apps in Myanmar exposed users’ internet activity via DNS and/or IP leaks.

Free VPN iOS App Store Privacy

Free VPN apps have a poor record of complying with Apple privacy guidelines

Free VPN apps have a poor record of complying with Apple’s privacy guidelines.

Apple has increasingly positioned itself as a privacy champion, culminating in the launch of its contentious new “App Tracking Transparency” feature.

Since 2019, we’ve been investigating just how effective Apple really is when it comes to enforcing privacy protections in free VPN iOS apps.

When Apple updated its rules to ban VPN apps from sharing data with third parties, our research revealed it was failing to enforce these rules for the most prominent free VPNs in the App Store.

When Apple introduced mandatory privacy labels, our investigations showed just how few of the free VPN apps that Apple displayed most prominently in the iOS App store had fully-accurate labels.

Below is a summary of the combined findings of these reports.

Key Findings

  • Free VPN iOS Apps Data Sharing (2019)
    • 16 of the 20 top-ranked free VPN iOS apps breached Apple’s data-sharing rules.
    • Non-compliant free VPN apps had amassed 6 million monthly installations.
  • Free VPN iOS App Store privacy labels (2021)
    • 49 unique applications appear in the 20 top-ranked VPN apps in the US, UK, CA, and AU locales (90% were free VPNs). Just 6 of these free VPN apps (12%) had fully accurate privacy labels.
    • 9 free VPN apps (18%) lacked privacy labels as they had failed to submit any details to Apple.
    • 14 free VPN apps (29%) failed to properly disclose the collection of user IP addresses.


The authors of all our investigations abide by the journalists’ code of conduct.