Even worse than TikTok, these popular VPNs can read your private data


Staff member
Global Mod
VPNs are very popular and allow you to protect your anonymity on the internet. Today, experts warn that hidden personal data can be accessed by VPNs themselves, raising serious questions about how this private data is used.

While TikTok can be heavily penalized for suspected security vulnerabilities, millions of people download Chinese VPN apps that carry significant privacy risks.

Unscrupulous VPNs

Some VPNs can even access encrypted content about you, such as your email address or your bank details. Access allowed by accessing the devices of users who sometimes put too much trust in these tools.

According to a Washington Post investigation, some popular VPNs have misled consumers about their practices while concealing their origin, ownership, and location. This also applies to VPNs based in China or operated by Chinese citizens.

According to Dennis Batchelder, who works for AppEsteem, an application security specialist for antivirus companies: “You have a bunch of lazy people who call themselves VPNs and monetize your data, just like Google. I would have reservations about VPNs in any country that can tell your company they want your data back. »

Chinese-origin VPNs are particularly singled out because the Beijing government can force Chinese tech companies to provide information to government agencies. This is also one of the criticisms that the US Congress expresses against TikTok.

Significant visibility in app stores

American tech giants such as Google and Apple indirectly contribute to the popularity of certain VPN applications. Indeed, they sell them advertising space on the App Store and Play Store, while collecting a commission for every sale made on their platforms.

To illustrate its research, the Washington Post takes the application as an example “Turbo VPN” which ranks among the top results in the Google Play Store, with over 100 million downloads. The company behind this tool, Innovative Connecting, is headquartered in Singapore and registered in the Cayman Islands. In recent years, several Chinese nationals have served as the company’s director. “As with many other applications, there is no way to prove who or where the real owners are,” the newspaper said.

Two other apps like “ThunderVPN” to which we belong well positioned in the Play Store “Signal Lab”, which has nothing to do with the application intended for encrypted communication. The company may have a website, but the only way to contact them is through a Gmail address.

Read : One of the Internet’s biggest threats is back
The company, reportedly based in Hong Kong, says in its privacy policy that its VPNs keep no logs of user activity. On the other hand, it reserves the right to monitor activities to investigate “any possible violation” of the terms of use. Thus, the activity of each user can be tracked.

The Apple App Store should not be left behind with VPNs from companies in Hong Kong or Singapore, with complicated administrative arrangements defending themselves against any ties to the Chinese government. Apple contacted the Washington Post about this matter and replied by email:

“VPN apps are powerful tools that can be used to track users’ internet traffic, so we have strict guidelines on what VPN app developers must do to get into the App Store. »
Same story at Google, which declined to go into details:

“Google Play has policies to ensure user safety that all developers, including VPN apps, must adhere to. We take security and privacy claims against apps seriously, and if we determine that an app has violated our policies, we’ll take appropriate action. »
According to security experts contacted for the study, free VPNs are the most likely to violate privacy practices because they have an added financial incentive to capture user data to sell relevant ads.

Source :

Washington message