Web users need to take the initiative and read the privacy policies of the privacy platforms they

As Online Privacy Becomes Commercialized, Consumers Need to Get Educated

Commercial Virtual Private Networks (VPNs) are playing an increasing role in the current battle between privacy-conscious web users and government agencies seeking to increase their surveillance reach. But as online privacy becomes yet another product, ready to be branded and packaged, the problem of dishonest vendors, and a lack of education amongst customers, threatens to undermine any real benefit the market can bring.

Since the PRISM revelations, VPN usage is on the increase. IVPN saw an increase in sign-ups of around 56% in the two months following Edward Snowden's revelations. Other VPNs also reported an increase in business (as did privacy-orientated search engine DuckDuckGo). On the face of it, this is great news. More web users are starting to take online privacy seriously and are aware their private data is no longer (or never was) secure. But it also highlights a lack of education amongst web users. Why? Because VPNs will do virtually nothing to protect your data from the kind of surveillance outlined in the leaked PRISM documents.

The whole point of PRISM was to create backdoors into the web's most popular services, such as Google, Yahoo and Facebook. These backdoors allowed the NSA to intercept user data and harvest their information. That information could then be linked to the user's account and identity. VPNs can prevent an eavesdropper knowing a user's location and IP address, and prevent an ISP from recording your internet activity, but once you've signed up for a Gmail account you're on your own––that data is stored on Google's servers and is accessible by anyone who may have a backdoor onto those servers.

Web users need to take the initiative and read the privacy policies of the privacy platforms they're signing up for.

So, there is evidently a danger of web users not being properly educated on how to protect their data and a risk that VPN companies will exploit the climate of fear generated by the PRISM revelations, offering a wrong solution to the problem. Indeed, some VPNs have been less than honest when it comes to promoting their services in other ways. For instance, one of the key reasons to use a VPN––as touched on above––is its ability to avoid the data retention practices of an ISP. Nearly all ISPs will retain user data for a set period of time in the United States, and every ISP in Europe is forced by law to retain data for the entirety of a users' subscription and up to two years after the subscription ends.

VPNs are able to get around the above by wiping their logs of user activity regularly and reducing the period of data retention to, in some cases, minutes. The problem is not all VPNs actually state how regularly they wipe user data, and when you look closely at their privacy policies, you'll find some of the most popular services retain data for just as long as a regular ISP. Some of the biggest VPNs on the market may retain user data for two years, whereas others may only retain information for a few months.

It's therefore very important for web users to understand what kind of online privacy they are getting for their money and whether or not that service is actually offering the kind of protection they expect. Organizations such as the Electronic Frontier Foundation do a great job at educating the public on these matters, but web users also need to take the initiative themselves and actually read the privacy policies of the privacy platforms they're signing up for. 

About the Author

Nick Pearson is CEO of IVPN.

Featured

  • The Business Case for Video Analytics: Understanding the Real ROI

    For security professionals who may be hesitant to invest in video analytics, now's the time to reconsider. In a newly released Omdia report commissioned by BriefCam (now Milestone Systems), the research firm uncovered a compelling story: more than 85% of North American and European organizations that use video analytics achieve a return on investment within just one year. The study, which surveyed 140 end users across multiple industries, demonstrates that security technology is no longer just for security — it's a cross-organizational tool that delivers measurable business value far beyond traditional safety applications. Read Now

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Only 35 Percent of Companies Include Cybersecurity Teams When Implementing AI

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

Featured Cybersecurity

Webinars

New Products

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3