VPN Demand During Internet Shutdowns
Whenever governments around the world restrict access to social media and other online sources of information, demand for VPN services typically skyrockets as those affected scramble to circumvent the shutdown.
Internet shutdowns have cost the world over $15BN since 2018 alone and continue to be popular with regimes looking to restrict the flow of information.
A VPN, or Virtual Private Network, is a simple anti-censorship software tool. It encrypts users’ traffic and masks their IP address, hiding their identity and activity from internet censors.
Intentional internet shutdowns disproportionately affect the global south and although many VPN services are inexpensive, the resulting increase in demand naturally tends to be focused on free VPN Android apps.
Our research has previously highlighted the dangers of free VPNs and by monitoring these apps, we hope to ensure that those in need can access vital information without compromising their privacy, security, or even physical safety.
After identifying the most downloaded VPN Android apps during a particular incident, we run the following tests:
- Traffic analysis to determine what personal data is being logged or shared by the apps
- Leak testing to identify whether apps expose users’ activity via DNS or IP leaks
- Code analysis to determine whether any high-risk permissions have associated functionality that could impact user privacy
The results are compiled below by country. The number of VPNs tested varies according to the severity and extent of the internet shutdown.
What VPN Privacy Issues Did We Find?
We found the following types of user data being shared to third-party servers:
- Real IP address: can be used to track down and identify individuals based on their internet activity. Sharing it with third parties is especially problematic during censorship events.
- Google Advertising ID: this unique ID is often shared by free VPN apps with advertisers in order to track VPN users’ online activity to better target ads. As with sharing IP addresses, this takes on heightened privacy risk during internet shutdowns.
- Device information: Details ranging from operator, make and model to current battery level and storage space remaining are shared with third parties, such as advertisers and monetizing services.
We also found DNS and IP leaks, which pose a huge risk to the safety of VPN users during a shutdown. These fundamental failings expose users’ online activity, leaving them open to persecution from the authorities imposing the restrictions.
During our code analysis we most frequently found combinations of the
WRITE_EXTERNAL_STORAGE permission and third-party advertising code that creates files on VPN users’ devices to assist in tracking ad performance.
Why Does It Matter?
Internet shutdowns already trample on the digital rights of those affected. It feels especially egregious when the victims of repression are exploited and put at risk by the very services purporting to help them.
By logging or sharing any identifying information at all, VPN services put their users at risk of exposure should the authorities decide to pursue those evading censorship.
The best VPN services won’t collect or share any personal user information at all, which leaves no opportunity for authorities to attempt to seize such data to persecute dissidents.
We will be updating and adding to this page regularly as major internet shutdowns take place around the world.