Following Edward Snowden’s PRISM revelations, the issue of online privacy has been thrust into the spotlight like never before. This media coverage appears to have led to more people signing-up to Virtual Private Networks. But will VPNs protect you from PRISM and do they offer any real privacy protections for their users?
PRISM certainly seems to have sparked a increasing interest in VPNs. Since the scandal broke IVPN (the VPN company I work for) saw a 56% increase in sign-ups (compared to the previous two months) and, in our survey, a majority of VPN users said PRISM was the main influence behind their decision to sign-up. TorrentFreak also did some research and found the VPNs Ipredator, Private Internet Access and Privacy.io to have all experienced an increase in sign-ups since PRISM was uncovered.
Bursting the VPN Bubble
But we need to burst our own bubble. Signing-up to a VPN is not going to protect you from the threat presented by PRISM. If the government has a “backdoo”‘ into Google, then it will be able to read your emails whether you’re connected to a VPN or not. Like the free-to-use TOR, VPNs help users mask their IP address, but your personal data is stored on Google’s servers and there’s not much you can do about that, other than avoiding Google (as well as Facebook, Yahoo, Hotmail and every other company implicated in the programme).
Nevertheless, the fact PRISM has encouraged more people to take online privacy seriously – and sign up to a VPN – is positive. But, once again, there’s another bubble to burst. Yes, VPNs are very effective at shielding your internet activity from potential evesdroppers, but not all VPN companies take online privacy seriously. In fact, some of the most popular VPNs on the market offer little protection above that of a regular ISP.
For instance, one of the key benefits of using a VPN is that you can avoid the data retention activities of your ISP. In the EU, it is currently mandatory for all ISPs to keep a log of every website you’ve visited, as well as email logs, for two years after you leave the service. While the US doesn’t have data retention legislation in place, most ISPs log data anyway to help law enforcement. VPNs allow you to circumvent this practice. Nevertheless, many VPN companies log your data in the same way an ISP does.