VPNs are sold as privacy tools. The pitch is simple: your ISP can see everything you do online, so you tunnel your traffic through a VPN server, and now your ISP only sees encrypted noise. Your real traffic — what sites you visit, what you download, what you send — is visible only to the VPN provider.
This logic is sound. The problem is the second half of the sentence.
Your traffic is now visible only to the VPN provider. And many VPN providers are not privacy companies. They are data companies. The product they're selling to advertisers is you — specifically, your browsing behavior, which they now have and your ISP doesn't.
This is not a hypothetical risk. It has been documented, in court filings, regulatory actions, and investigative journalism. The VPN industry has a data broker problem, and most users have no idea.
How VPN Providers Monetize Your Traffic
The Free VPN Problem
Free VPNs are almost universally data collection tools. The business logic is straightforward: running VPN infrastructure costs money. If you're not paying for it, you're funding it with something else. That something is your data.
Hola VPN (2015): Hola, which marketed itself as a free "people-powered" VPN, was caught selling its users' bandwidth as a botnet — their customers' IP addresses and bandwidth were being sold via a subsidiary called Luminati Networks to paying customers, who used them as exit nodes for any traffic they wanted to route anonymously. Users' home internet connections were being used as proxy infrastructure for others. Hola had 47 million users at the time.
Facebook Onavo (2018): Facebook operated a VPN called Onavo, marketed as a security tool for mobile devices. Onavo collected detailed data about which apps users opened, how long they used them, and what websites they visited. This data was used internally at Facebook for competitive intelligence — Facebook used Onavo data to identify which apps were growing (including WhatsApp and Instagram, both of which they subsequently acquired). Apple removed Onavo from the App Store for violating data collection rules.
SuperVPN, GeckoVPN, ChatVPN (2021): A database containing 21 million user records from these three VPN services appeared on a hacking forum. The data included email addresses, user passwords, device identifiers, payment information, and — critically — user activity logs. VPN services that claimed not to log user activity were logging it. The database itself was evidence of the lie.
UFO VPN (2020): UFO VPN and six other VPN providers (sharing infrastructure) claimed a strict no-log policy. A researcher discovered an unprotected Elasticsearch database containing 894 GB of connection and activity logs — including user IP addresses, timestamps, and session activity — for all seven services. The no-log policy was false.
The Paid VPN Problem
Paid VPNs are better, but the issues don't disappear with a subscription.
PureVPN (2017): PureVPN cooperated with FBI investigations by providing connection logs, including the real IP address of a cyberstalker who had used PureVPN believing it was keeping him anonymous. PureVPN's privacy policy said they "do not keep any logs." They did keep logs. The stalker was caught — which is good — but the lie about no-logging is the point.
IPVanish (2016): Homeland Security Investigations subpoenaed IPVanish for information about a user. IPVanish provided connection logs, timestamps, and the user's real IP address. Their no-log policy was not honored.
Kape Technologies acquisition pattern: Kape Technologies (formerly Crossrider, formerly known for distributing adware and browser hijackers) has systematically acquired privacy-focused VPN brands including CyberGhost, Private Internet Access, ExpressVPN, and ZenMate. These were acquired by a company with a documented history of advertising and data monetization. Whether Kape's ownership has changed the privacy practices of these VPNs is subject to debate — but the ownership history is not irrelevant to trust decisions.
The Jurisdiction Problem
VPN providers are governed by the laws of the country where they're incorporated. "No-log" policies are only as meaningful as the legal environment in which they operate.
- Five Eyes countries (US, UK, Canada, Australia, New Zealand): Strong data sharing agreements between intelligence agencies. Providers incorporated here are subject to National Security Letters (NSLs) in the US — secret legal orders that can compel data disclosure and include gag orders that prohibit the provider from telling users.
- 14 Eyes countries: Extends the surveillance network further.
- Countries with mutual legal assistance treaties: Even VPNs in non-Eyes countries may be compelled to share data with foreign law enforcement via treaties.
No VPN jurisdiction is truly outside global legal reach for serious investigations. The "Panama Papers" jurisdiction selection is a legal strategy, not a technical guarantee.
What a VPN Actually Protects
Understanding what VPNs do requires being precise about threat models.
What VPNs do protect:
From your ISP: Your ISP sees that you're connected to a VPN server, but not what traffic passes through it. In the US, after the FCC's 2017 rollback of broadband privacy rules, ISPs can sell browsing history. A VPN prevents your ISP from having a browsing history to sell.
On public WiFi: A VPN encrypts your traffic on untrusted networks (coffee shop WiFi, hotel networks). Without a VPN, anyone on the same network can potentially intercept unencrypted HTTP traffic.
Your IP address from websites: Websites see the VPN's IP address, not yours. This is meaningful for hiding your approximate location and making it harder to track you across sites via IP address.
Certain geoblocking: Accessing content that's restricted by geography — a common use case, not a privacy one.
What VPNs don't protect:
DNS queries: DNS resolves domain names to IP addresses. By default, DNS queries may leak outside the VPN tunnel ("DNS leak"), revealing what domains you're looking up even if the connection itself is tunneled. Quality VPN providers route DNS through the VPN; many don't, or do so inconsistently.
Browser fingerprinting: Your browser has a unique fingerprint — combination of screen resolution, fonts installed, plugins, canvas rendering, WebGL, timezone, and hundreds of other signals. A VPN does nothing to change your browser fingerprint. Sites that use fingerprinting can track you across sessions regardless of IP address.
Tracking cookies and pixels: If you're logged into Google while using a VPN, Google still knows who you are and what you're doing. VPNs don't affect logged-in identity tracking. The third-party tracker that follows you across 70% of the web doesn't need your IP — it has a cookie.
Your VPN provider: As documented above, your VPN provider sees your traffic. You've just moved the trust problem, not eliminated it.
Metadata: Timing, volume, and pattern of traffic is visible even when content is encrypted. Traffic analysis can be informative even without reading the content.
Account-linked activity: If you log into Amazon, Facebook, or your email through a VPN, those services still have your identity. The VPN only protects the transport layer.
Reading a VPN Privacy Policy
Most VPN privacy policies are structured to sound protective while being carefully written to allow broad data collection.
What to look for:
"We don't log your activity" — Does the policy distinguish between activity logs (sites visited, data transferred) and connection logs (timestamps, server connected to, bandwidth used, IP address)? Connection logs are often retained even when "activity logs" are not. Connection logs are sufficient to correlate a session with a real identity.
"We may share with law enforcement" — This clause exists in virtually every privacy policy. The question is what data they have to share. A true no-log VPN that doesn't record connection metadata has nothing to hand over beyond account registration information.
"We may share with our parent company and affiliates" — If the VPN was acquired by a company with advertising interests, this clause is the backdoor.
"We may use anonymized or aggregated data" — Anonymized and aggregated traffic data can still be re-identified. "Anonymous" analytics with sufficient granularity is not truly anonymous.
"Jurisdiction: [country]" — Cross-reference with surveillance alliance memberships and data retention laws in that jurisdiction.
Independent Audits
Several VPN providers have commissioned independent audits of their no-logging claims. This is a meaningful signal — it's harder to lie when you've paid an auditor to look.
Reputable audit history (as of 2026): Mullvad VPN (multiple audits, released), ProtonVPN (multiple audits, released), ExpressVPN (audited, questions about ownership context), NordVPN (audited, had a server breach in 2018 that was disclosed 16 months later).
Audits have limitations: they're point-in-time, they examine what auditors are shown, and they don't cover legal requests made after the audit. But they're better than nothing.
The Technical Solutions to the VPN Trust Problem
If the core issue is that you're trading ISP surveillance for VPN provider surveillance, the technical solution is to eliminate the trusted intermediary.
Tor: Routes traffic through multiple relays operated by different parties. No single relay operator can see both where you are and where you're going. Tor Browser additionally addresses browser fingerprinting. Downsides: significantly slower, some sites block Tor exit nodes, and it's designed for anonymity, not general-purpose high-speed browsing.
Run your own VPN: Using a service like Algo or Streisand to deploy a VPN on a cloud server you control. You're now trusting your cloud provider (DigitalOcean, AWS, etc.) rather than a VPN company. This is arguably better, since cloud providers have legal obligations to protect customer data and are not in the business of selling browsing history. Requires technical setup.
WARP (Cloudflare): Cloudflare's 1.1.1.1 with WARP routes DNS and traffic through Cloudflare. You're trusting Cloudflare, which is a large US company with a privacy-first reputation and significant legal team. Not zero-trust, but lower-risk than random VPN companies.
Distributed privacy infrastructure: Emerging protocols (Mullvad's DAITA, Nym mixnet, i2p) attempt to make traffic analysis resistant through noise injection and mixing. Earlier-stage technology, less practical for general use.
The Broader Pattern: Privacy Tools as Surveillance Tools
VPNs are not unique. The same pattern appears across the privacy tool ecosystem:
Privacy browsers built on Chromium: Browsers that market themselves as privacy-focused but are built on Chrome's rendering engine and may communicate with Google. Browser choice is one layer; what's underneath it is another.
Incognito/private mode: Does not hide browsing from ISPs, network administrators, employers, or websites. Hides browsing from others with physical access to your device. Marketed as privacy, delivers something much narrower.
Privacy email providers: Services that encrypt email storage (ProtonMail, Tutanota) protect content at rest. Email sent to non-private-email recipients travels in plaintext from their perspective. Metadata (sender, recipient, timestamp, subject line) is rarely encrypted and always visible to the provider.
"Privacy-friendly" analytics: Analytics tools marketed as cookie-free or privacy-first still collect behavioral data — they just don't use cookies. IP addresses are still logged. Behavior is still tracked.
The pattern: privacy is marketed at the layer where it's easiest to implement and sells best, while data collection continues at adjacent layers.
For AI Requests: The Same Structural Problem
The VPN situation — trusting a privacy intermediary that may not be trustworthy — maps directly to AI privacy.
When you send a prompt to an AI provider:
- Your IP address is logged
- The prompt content is processed
- The provider's data policies govern retention and use
- Legal process can compel disclosure
The technical solution is the same class as the VPN solution: a privacy-preserving intermediary that actually doesn't log, or a mechanism that removes identifying information before it reaches the provider.
For AI requests, the meaningful implementation is:
- PII scrubbing: Strip identifying information from the prompt before it reaches the AI provider
- IP anonymization: Proxy the request so the provider sees the proxy's IP, not yours
- Zero logging: The proxy explicitly does not retain prompt content
This is what distinguishes a privacy proxy from just another VPN-style promise. The promise has to be architecturally enforced, not just stated in a privacy policy.
# Test what TIAMAT strips before forwarding to OpenAI:
curl -X POST https://tiamat.live/api/scrub \
-H "Content-Type: application/json" \
-d '{"text": "Help me with my patient Sarah Johnson DOB 1985-03-15, MRN 4872619, presenting with hypertension."}'
# Returns:
# {
# "scrubbed": "Help me with my patient [NAME_1] DOB [DATE_1], MRN [ID_1], presenting with hypertension.",
# "entities": {
# "NAME_1": "Sarah Johnson",
# "DATE_1": "1985-03-15",
# "ID_1": "4872619"
# }
# }
# Provider never sees Sarah Johnson's name or MRN.
What Good VPN Hygiene Looks Like
If you use a VPN:
Pay for it: Free VPNs are almost always data collection tools. $5-10/month is the cost of a product that doesn't need to monetize you.
Check jurisdiction: Prefer non-Five-Eyes jurisdictions for providers that matter for legal process resistance. Sweden, Switzerland, Romania, Iceland.
Look for audits: Mullvad, ProtonVPN, IVPN have done credible independent audits. Audit reports should be published, not just claimed.
Check ownership: Kape Technologies owns ExpressVPN, CyberGhost, PIA, ZenMate. Consider this when making trust decisions.
Enable DNS leak protection: Verify it's actually working with dnsleaktest.com while connected.
Combine with browser-level protections: Firefox + uBlock Origin + resist fingerprinting. A VPN alone doesn't block trackers or fingerprinting.
Use Tor for high-sensitivity activities: No VPN provides Tor-level anonymity. If the activity requires anonymity rather than just privacy, use Tor.
The goal is not perfect privacy — that's not achievable with current infrastructure. The goal is reducing the set of entities who have insight into your behavior to a manageable, trustworthy, and small set.
Every layer that removes a surveillance party makes the aggregate picture significantly better. But that's only true if the layer you're adding isn't itself surveillance.
TIAMAT's privacy proxy applies the same principle to AI requests that a trustworthy VPN applies to web traffic: route through an intermediary that genuinely doesn't retain what it sees. POST /api/proxy scrubs PII, proxies to OpenAI/Claude/Groq, and returns the response — your IP and identifying information never reach the AI provider. No logs. tiamat.live
Top comments (0)