Senator Ron Wyden and Representative Anna Eshoo are urging the Federal Trade Commission (FTC) to take action against abusive and deceptive practices in the VPN industry. They note that many Americans benefit from the increased privacy and security that VPNs offer, but some VPN providers can overpromise or be dishonest with their subscribers.
This article was written by Ernesto Van der Sar and originally published by Torrent Freak.
VPNs are valuable tools for people who want to use the Internet securely with decent privacy. They are vital for whistleblowers and people who rebel against Government oppression.
One of the problems, however, is that not all VPN services take privacy seriously.
This isn’t a new revelation. At TorrentFreak, we first highlighted this issue more than a decade ago. This revealed that the privacy policies at some VPN services were rather weak. Things become even more problematic when VPN providers say one thing and do another.
Lawmakers Urge FTC to ‘Monitor’ VPNs
There is currently little regulation in the VPN industry, prompting Senator Ron Wyden and Representative Anna Eshoo to sound the alarm bell. In a letter, sent last week, they urge FTC chair Lina Khan to take action.
“We write to urge you to use your authority to take enforcement actions against the problematic actors in the consumer Virtual Private Network (VPN) industry, focusing particularly on those that engage in deceptive advertising and data collection practices,” the letter reads.
“The VPN industry is extremely opaque, and many VPN providers exploit, mislead, and take advantage of unwitting consumers,” the lawmakers add.
Problems in the VPN industry have been highlighted in several reports and studies already. They are often the result of heavy competition. Many VPNs have the best interests of consumers in mind but others are simply interested in making profits.
This can lead to shady VPNs collecting and selling user data or promising not to log personal data but simultaneously handing ‘logged’ data over to the authorities. These are serious problems that have raised new concerns in response to the anti-abortion laws.
“Leading groups advise women seeking abortions that VPN with ‘no-log’ policies can be trusted to protect their data. While many popular VPN providers aggressively market their ‘no-log’ policies which allow users to anonymously surf the web, it’s nearly impossible to verify their claims.
“In various cases, VPN providers that advertise a strict ‘no-log’ policy have provided user activity logs to law enforcement,” the lawmakers add, pointing to a logging debacle at one of the larger VPNs.
The letter provides a detailed overview of the various problems and concerns. This includes a study on several free VPN apps that collected and shared data, as well as a more recent Consumer Reports study that identified some hyperbolic claims, including a reference to “military-grade encryption.”
VPN review sites are also put in the spotlight. These reviews often include affiliate links, which could lead to bias. That also applies to some of the bigger review sites that are owned by VPN companies.
Senator Wyden and Representative Eshoo are not against VPN use. On the contrary, they believe it can be vital. However, the FTC should step in to remove the bad apples, where possible. Making people aware of the potential benefits and risks could also be helpful.
“We urge the Federal Trade Commission (FTC) to take immediate action under Section 5 of the FTC Act to curtail abusive and deceptive data practices in companies providing VPN services to protect internet users seeking abortions.
“We also urge the FTC to develop a brochure for abortion-seekers on how best to protect their data, including a clear outline of the risks and benefits of VPN usage,” the lawmakers conclude.