CHOOSING YOUR VPN:
A MATTER OF TRUST

Internet Users Rely on VPNs For Privacy –
But Well-Known Providers Have a Questionable Track Record

In This Report

Virtual Private Networks, known as VPNs, are used by many people to shield their online identity, activities, and location. VPNs have laudable uses, from enabling the anonymity of whistleblowers and political dissidents to safeguarding business communications from cyber intrusions – especially for those working remotely.

This report, a joint investigation by Digital Citizens Alliance and White Bullet, found many VPNs engaging in shady efforts to woo potential customers and associating with entities in the dark underbelly of the Internet known to target users for harm.

VPNs – A Question of Need,
A Matter of Trust

Reason Why Users Purchase VPN Chart

  • While relying on online reviews is the most common way people choose a VPN service, some review sites aren’t the independent and neutral arbiters they pretend to be. Kape Technologies, the owner of ExpressVPN, acquired multiple VPN review sites in 2021, and these sites immediately began to recommend ExpressVPN.

  • While VPNs tout privacy, they associate themselves with illegal content theft websites – a nefarious $2.3 billion dollar industry that has been demonstrated to intentionally expose their users to malware designed to violate their privacy. The investigation found that providers such as ExpressVPN and NordVPN spend an estimated $45 million a year advertising on piracy sites. VPN marketing efforts on piracy efforts go beyond ads – the investigation found thousands of examples where ExpressVPN was promoted on piracy sites, where the sites and the VPNs both stood to benefit from the arrangement.

  • Users may not realize that their VPN provider logs their online activities. Free VPNs may make money by selling that data to third parties. And, as the example above illustrates, VPNs that claim to not retain user data may not be abiding by that promise. The Center for Democracy and Technology – a well-respected tech think tank - has raised concerns that the claims made by VPNs that they protect user data have proven too often to be false.
Digital Citizens Alliance Logo
white bullet logo

© 2025