Most people want a VPN so they can have privacy and security when browsing the web. One of the main selling points of a VPN is that it prevents your ISP from being able to track your internet usage. But a VPN can’t protect you from all forms of tracking. If you’re looking at buying a VPN you should make sure you understand the sort of tracking a VPN can, and can’t protect you from.
When using a VPN, your ISP will be unable to monitor your browsing activity. They’ll be able to identify that you are using a VPN and how much data you are sending and receiving, but not what websites you’re accessing. Think of it like using shopping bags – your nosy neighbour can see you are carrying them, but not what’s in them!
Data leaks are a potential risk to your privacy from your ISP. An incorrectly configured VPN can leak your DNS, or Domain Name System, requests to your ISP letting them determine which websites you’re browsing to, although not what specific page on that site. To protect yourself against this risk, you should ensure that any VPN provider you consider advertises that they tunnel DNS requests over the VPN connection or don’t leak DNS requests.
Tip: DNS, or Domain Name System, is a protocol used on the internet to translate URLs into IP addresses. DNS is a plain-text protocol, so even if you change your DNS servers, your ISP can still see what domains you’re requesting.
In a worst-case scenario, your VPN connection could drop without you noticing, this would allow your ISP to see any browsing data sent after the VPN drops. A VPN kill switch can protect against this, by blocking all network traffic from your device if it detects that your VPN connection has dropped.
Your ISP isn’t the only potential risk that could track you in this way. A hacker on an unencrypted public Wi-Fi hotspot or an untrusted device on your private network can also listen to your network traffic.
When using a VPN, all of your network traffic is routed through a VPN server. It would be really easy for the VPN provider to log, monitor, analyse, and sell your usage data, in exactly the same way your ISP could, if you’re weren’t using a VPN. There is no way to stop a VPN provider from being able to do this, however, you can choose to use a VPN that has a strict “no-logs” policy.
Tip: A transparency report can show that a VPN provider doesn’t keep logs. The company is legally obliged to comply with lawful requests, but if they don’t log anything, they have no data to hand over.
Advertising networks make their money by tracking and analysing the browsing habits of everyone on the internet. It can even be possible for them to individually identify you from data such as computer hardware configuration, browsing data, and website logins. A VPN can help you separate yourself from your advertising profile, but over time the ad networks will build up another advertising profile for you that may be similar enough to match your normal one.
To be able to make a clean break from your advertising profile, you need to change as many things as possible and stick to them when using the VPN. The single most important step is to make sure you don’t use any of the same accounts both off, and on the VPN. Utilising an ad-blocker, such as uBlock-Origin, can also be a really big help, by blocking advertising and tracking scripts from ever loading in your browser.
Tip: Some VPN providers may offer their own ad-blocker built into the VPN. These are generally decent but may be difficult to modify if they break website functionality.
To go further you should also try not to use the same websites, view similar content, or use the exact same set of browser extensions. All of these small factors can be used to build up a very specific profile of you as an individual.