Many Free Mobile VPN Apps Are Based In China Or Have Chinese Ownership

A new study has found that more than half of the top free mobile VPN returned by Play Store and App Store searches are from developers based in China or with Chinese ownership, raising serious concerns about data privacy. "Our investigation uncovered that over half of the top free VPN apps either had Chinese ownership or were actually based in China, which has aggressively clamped down on VPN services over the past year and maintains an iron grip on the internet within its borders," said Simon Migliano, Head of Research at Metric Labs, a company that runs the Top10VPN portal. ZDNet reports: The researcher says he analyzed the top 20 free VPN apps that appear in searches for VPN apps on the Google and Apple mobile app stores, for both the US and UK locales. He says that 17 of the 30 apps he analyzed (10 apps appeared on both stores) had formal links to China, either being a legally registered Chinese entity or by having Chinese ownership, based on business registration and shareholder information Migliano shared with ZDNet.

The expert says that 86 percent of the apps he analyzed had "unacceptable privacy policies." For example, some apps didn't say if they logged traffic, some apps appeared to use generic privacy policies that didn't even mention the term VPN, while some apps didn't feature a privacy policy at all. On top of this, other apps admitted in their policies to sharing data with third-parties, tracking users, and sending and sharing data with Chinese third-parties. Almost half of the free VPN apps also appeared to take the privacy policy as a joke, with some hosting the policy as a plain text file on Pastebin, AWS servers, or raw IP addresses, with no domain name. In addition, 64 percent of the apps also didn't bother setting up a dedicated website for their VPN service, operating strictly from the Play Store.

How about Proton?

[goombah99]

I think proton is swiss?

Re:Of course they are

[jpkeating3]

Is this a new low? One germane comment. The second uses the subject as an excuse for politics, then massive explosion, with shards of illogic and ill will scattered across the screen. I was hoping for something informative on privacy vs. privacy risks, and tips on VPNs (I may need one for future work). Slashdot these days clearly posts topics designed to encourage rants, not discussions; unfortunately, that bleeds over into technical stories as well. Nothing to read here today.

Re:Chinese have a reason for a VPN

[Aighearach]

You might have an childish and absurd concept of how business works in China, and how Chinese companies get started and get positioned in the marketplace. Also, how the internet works in China.

I'll give you a hint: The Great Firewall is not stateless.

Lemmee get this straight

[Snotnose]

I use a VPN to download music/movies while keeping my ISP off my back. Who could possibly care less than I do about Copyright?

Oh yeah, that would be the Chinese.

You get what you pay for

[hyades1]

I'm normally pretty contemptuous of the snide, know-it-all geektards who infest places like Linux help forums. You go there for help when you're just starting out with some kind of software, and you get sneered at and disparaged for asking simple questions.

But this is a bit different. If you're computer savvy enough to know why you need a VPN, you already know enough to figure out why some are better than others. Even few minutes of research should tell you what you need to look for in the policies and practices of any VPN you're thinking of entering a relationship with.

What you see right up front should tell you that some of the free ones, especially if they're owned by the Chinese (who seem dedicated to making Big Brother look like a Libertarian), are a bad, bad idea. They're probably worse than nothing at all, actually, because like a leaky condom, they're just going to give you a false sense of security while you're getting screwed.

Re:You get what you pay for

[DNS-and-BIND]

I'm curious: how are they going to screw me, exactly? Let's say for some bizarre reason the Chinese government wanted to trick me into installing a free VPN and then somehow use it against me. What form could that possibly take?

From where I'm sitting, I have far more to fear from my own government than the Chinese. The only reason they even set up these free VPNs is to keep track of their own people who use VPNs to vault the Great Firewall. As long as I'm not involved in attempting to overthrow the Communist Party, how would they even be interested in me? Heck, I can go years between even doing anything remotely relating to China or its government. I write snarky comments once in a while, but the CPC doesn't give a shit about anything anyone writes in English.

On the other hand, the US intelligence community regards the American people as the enemy. Why else do they spend such tremendous efforts to spy on us?

Re:This is a surprise?

[cascadingstylesheet]

Who did people think were paying for the servers and bandwidth? If you're not paying, then you're not the customer. Real VPN providers are cheap; if you don't spring the couple bucks a year that one of them costs, well, you sort of deserve what you get.

So if one of these starts charging a couple of bucks a year, you'll think it's legit?

How do you know that hasn't already happened? They could be vacuuming all your data and charging you for the privilege ...

That's the problem with trust; it's not simple. For example, why should I trust some random guys in Switzerland? Or why should I trust some guy who rolled his own Firefox fork? I may want to, but why should I? It will be because of some vague trust marks of some kind.

Are they safe?

[MancunianMaskMan]

is anyone reminded of the creepy feeling in Marathon Man where he is "rescued", driven round the block and asked some questions, and then returned to his captors; it turns out that it was all part of a plan?

Here's a VPN to set you free from government intrusion.OK it's illegal but we're getting away with it. Go on, you can speak your mind now!