An almost daily drumbeat of data breaches and online privacy violations has fueled public interest in VPN services such as ProtonVPN. This article explains what VPNs are, what they do, and whether you need one. Our sister article, How does a VPN work?, provides a more detailed and technical overview of what is going on under the hood.
What is a VPN?
A virtual private network (VPN) is a suite of technologies, the primary aim of which is to improve your privacy when using the internet. It connects your computer, smartphone, or tablet to another computer, called a VPN server, via an encrypted “tunnel” that protects your data from prying eyes.
- A VPN app connects your device to a VPN server, which is run by a VPN provider (such as ProtonVPN).
- The connection between your device and the VPN server is encrypted, preventing your internet service provider (ISP) from seeing the contents of your data as it travels between them.
- The VPN server sits between your ISP and the internet, blocking your ISP from seeing your online activity and preventing the websites you visit from seeing your real IP address.
- VPN providers (including ProtonVPN, of course) maintain VPN servers located all over the world. This is great for bypassing censorship and “spoofing” your geographic location.
Benefits of a VPN
This deceptively simple setup is very useful. A VPN:
- Prevents your internet service provider from seeing your activity online.
- Prevents websites you visit from knowing your real IP address.
- Prevents public WiFi hosts from selling your browsing habits to advertisers.
- Protects you from WiFi hackers when using insecure public hotspots.
All mass surveillance systems in the world rely on ISPs logging their users’ browsing histories and making these logs available to government agencies. Because a VPN prevents your ISP from seeing the information you send and receive online, it therefore also:
- Prevents untargeted mass surveillance by the NSA or your government.
Almost as a by-product of how VPNs work, using a VPN offers important additional advantages. Although these could be viewed as side effects, they are the main reason many people use a VPN:
- Defeats censorship, be it government censorship on political, social, or religious grounds, or website blocking by your school or workplace network administrator.
- Allows you to access streaming services that are usually only available to people in a specific country.
- Allows you to safely use P2P file sharing (BitTorrent).
A VPN is, therefore, something of a Swiss army knife among internet tools and one that everyone should have in their toolkit.
Why you need a VPN
From your ISP and government
A VPN encrypts the connection between your device and the VPN server. This prevents your ISP from seeing the contents of your data, including destination data that can usually tell it which websites and other resources you connect to on the internet.
Your VPN provider also handles DNS translation, which is normally performed and logged by your ISP. DNS is basically like a big phone book that translates the easy-to-remember URLs that people use into the numbers computers really use to identify websites and other internet resources.
DNS, for example, translates the URL www.protonvpn.com into its corresponding IP address of 220.127.116.11. Keeping logs of DNS translation is the main way that most ISPs keep tabs on what their customers do online.
The upshot of all this is that using a VPN prevents your ISP from knowing what you do on the internet. It can’t see your data, and it can’t see which websites you visit.
As we have already touched on, what your ISP doesn’t know, your government and global surveillance bodies such as the NSA and GCHQ are also unlikely to know. A VPN prevents your browsing history from being caught up in untargeted dragnet mass surveillance programs that invariably rely on the logs kept by your ISP.
A VPN will not, of course, prevent targeted surveillance, in which an adversary (such as your government) is willing to expend time and resources spying on you as a known individual.
The VPN server acts as a shield that blocks the “view” both ways. Your ISP can’t see which websites you connect to (just the VPN server), and websites you connect to can’t see your real unique IP address (again, they just see the IP address of the VPN server).
A VPN, therefore, stops the easiest-to-perform and most invasive kind of web tracking. Be aware, however, that preventing other common forms of web tracking, such as cookies and browser fingerprinting, is beyond the scope of what a VPN can do.
A VPN should, therefore, be used in combination with browser-based anti-tracking solutions to provide a wide-spectrum defense against the multitude of threats to our privacy that the internet facilitates.
WiFi connections on insecure public hotspots, such as the one you use in an airport lounge or your local cafe, can be easily hacked by criminals who wish to steal your data. It is also very easy to accidentally connect to a fake “evil twin” hotspot with a name like “airport wifi,” which is a sneaky tactic commonly used by criminal hackers to access your data.
Using a VPN protects you from public WiFi hackers of all stripes since all data between your device and the VPN is securely encrypted. It should be said, though, that the huge uptake of HTTPS over the last years (please see How does a VPN work? for more details) means that WiFi hackers are simply not the threat they once were.
A greater threat these days comes from “legitimate” WiFi router hosts. Many public WiFi hotspots are commercial enterprises, something made clear when you are forced to agree to a lengthy set of terms and conditions before you are allowed to use the service. What these terms and conditions boil down to is that the WiFi host can monitor your internet activity to sell your browsing history to advertising and analytics companies.
There has also been growing concern about the possibility of Airbnb hosts and the like abusing their positions of trust to spy on guests’ internet activities. In all such cases, a VPN will protect you from these invasive practices.
VPNs are highly effective at defeating censorship efforts. If your country blocks content, then simply connect to a VPN server located somewhere the content is not blocked. If your school, college, or workplace blocks content, connecting to any VPN server will bypass that block.
If using a VPN to bypass censorship, please carefully consider the risks involved if you are caught. Using OpenVPN in TLS mode can be highly effective at hiding VPN traffic as regular HTTPS traffic, but it can be detected by the advanced deep packet inspection (DPI) techniques used by some governments.
It is also possible that your organization or government has blacklisted IP addresses known to belong to VPN services, in which case trying to connect to a blocked VPN server address could bring up a red flag. It’s also worth remembering that your boss might simply just walk into your room at the wrong moment.
Although VPNs can defeat most censorship efforts, it is possible for a powerful enough adversary (such as the Chinese government) to implement blocks that even a VPN cannot overcome. In such cases, using the Tor network with unlisted Tor servers and/or Tor bridges that use pluggable transports to evade deep packet inspection techniques may be the most effective solution.
For all the freedom-enabling privacy benefits a VPN can offer, one of the most popular uses for VPNs is to stream media content that only is supposed to be available in certain countries.
The world-famous BBC iPlayer, for example, is available for free to anyone who appears to be in the UK. And US residents enjoy a much larger Netflix catalog than customers in other countries, despite most people paying a similar monthly subscription cost no matter where they are located.
A VPN allows you to “spoof” your location in order to pretend to be in a certain country, and thus access services only available in that country from anywhere in the world.
Most such services do still require a valid subscription, but Netflix customers (for example) can log in to regional versions of the service (including the US one) using valid accounts that are registered anywhere.
ProtonVPN users with Plus or Visionary plans can access a wide selection of popular streaming sites using our service.
P2P file sharing
As with websites you visit, a VPN will hide your real IP address from peers when file sharing using the BitTorrent protocol. This makes using a VPN an essential precaution for torrenters. A VPN is also useful for accessing torrent sites that may be blocked by your ISP.
Yes and no. Yes, because it stops your ISP from knowing what you do online, and because it stops websites you visit from knowing your real IP address. Using a VPN can, therefore, provide a high level of privacy when online.
No, because the VPN provider knows who you are and is able to monitor and log your activity. Good VPN services such as ProtonVPN take great care to mitigate this issue by maintaining a strict no-logs policy.
No logs VPNs such as ProtonVPN keep no logs of users’ activities that might at a future point compromise their privacy.
Other than payment details, which are never tied to users’ online activities, the only log that ProtonVPN keeps is a timestamp of your last successful login attempt, which is overwritten each time you log in. This is done to prevent abuse.
As with any VPN service, ProtonVPN could, in theory, be legally compelled to monitor a specific account in real time, or even to turn on logging for that account. We would resist any such move to the best of ability. Our situation in this regard is greatly helped by the fact that we are based in Switzerland, home of some of the strongest data privacy laws in the world.
ProtonVPN can unblock a wide selection of popular streaming services, including Netflix and Hulu, by connecting to our Plus servers. You still need a valid account with these services to access their content.
A Netflix account registered anywhere in the world is sufficient to access an unblocked Netflix site anywhere else in the world. To access Hulu, however, you need an account that is registered in the United States.
Services such as BBC iPlayer and ALL4 allow anyone to register for free from an unblocked UK IP address.
A kill switch helps to protect your privacy by disabling your internet connection if there is a problem with the VPN connection. This ensures that you do not unknowingly or accidentally connect to the internet without the VPN running properly.
ProtonVPN features kill switches in its Windows, macOS, Linux, and Android apps. Apple’s restrictive developer guidelines mean that it is not possible to implement a kill switch in iOS, but our iOS app has an “Always-on” feature instead, that will swiftly and automatically reconnect you if you disconnect.
We can’t speak for all VPN services, but ProtonVPN keeps no logs that can compromise your privacy, is based in Switzerland, home of some of the strongest data privacy laws in the world, uses only the strongest VPN protocols and encryption suites possible, and makes the source code of all our apps freely available for anyone to audit.
We have commissioned professional third-party audits of all our apps, the results of which are publicly available.
Again, we can only speak for ourselves. ProtonVPN uses the OpenVPN and IKEv2 protocols for its apps, which experts agree are the most secure VPN protocols yet devised. We also implement these at their strongest encryption settings.
Our open source apps feature kill switches to protect you against VPN dropouts, and built-in DNS and IPv6 leak protection ensure there is no possibility your privacy can be compromised.
Our servers are all “hardened” with multiple security layers and failsafes, in addition to using robust physical security measures. Where security is of paramount importance, you might like to consider using our special Secure Core service for additional protection.
Many routers these days feature a built-in VPN client. Alternatively, you can replace the firmware that comes with just about any router with an open source alternative such as DD-WRT that supports VPN connections.
The advantage of using a VPN on your router is that all devices which connect to the router are protected by the VPN. The router also counts as just one VPN connection, no matter how many devices you connect to it.
If you have a dual-band router, you can set up the VPN on one band and connect devices that you don’t want to use the VPN on to the other. ProtonVPN has detailed VPN router setup guides for a number of popular routers.
A VPN provides privacy while surfing the net: from your ISP, from your government, and from websites you visit. Millions of people around the world use VPN services as an invaluable tool to defeat censorship and access the open internet. It also protects you from “free” WiFi providers.
ProtonVPN is a community-driven VPN service that places the privacy of our users first and foremost. We keep no logs, and what little data we do store is protected by Swiss data protection laws. All of our apps are open source and independently audited, and we support journalists and activists in the struggle for a free and open internet.
You can follow us on social media to stay up to date on the latest ProtonVPN releases:
To get a free ProtonMail encrypted email account, visit protonmail.com.