One alarming trend that I often see is people conflating privacy and anonymity. They act like a VPN is an invisibility cloak where once it’s enabled they simply disappear. That couldn’t be further from the truth. See, the Internet as we know it is a giant network based on many smaller networks. That means there is a large degree of trust in who is handling your data, and how, and for how long. When you Cloudflare’s 1.1.1.1 DNS, your DNS requests are not 100% obfuscated or private. You’re just shifting the trust from your ISP (who you may or may not trust) to a company like Cloudflare (who you may or may not trust). Yes, there are more secure protocols but that’s a different article.
Who can I trust?
Who to trust? That’s a difficult question especially when everyone’s needs are so unique. If you are simply trying to keep private information private (relatively speaking) then a VPN such as Cloudflare Warp+ or Google VPN is absolutely fine. By using their product you are saying that I trust Cloudflare and Google with my data because they most likely have a vested interesting in not violating my trust.
These companies aren’t perfect, though. Many have very muddy pasts and often the larger they are, the more pressure there is. Look at Cloudflare, for instance. They are heralded by the EFF as one of the largest anti censorship companies out there, yet Cloudflare has been forced to ‘censor’ (aka terminate services) numerous times – either by judges or societal pressure.[1][2]
Eliminate the middle man
If your answer is “I don’t trust anybody” unfortunately you are out of luck, unless you’re shift off clearnet and use Tor, i2p, IPFS, or similar. What you can do is limit the amount of people you have to trust. In a typical VPN scenario, you are relying on not only the VPN provider, but any and all infrastructure (ASNs, datacenters) they rely on. Any of those middle men can and will cut you off if they receive enough pressure.
Alternatively, you can host your own VPN on any number of privacy respecting VPS providers. VPS providers such as Digital Ocean, Vultr, etc are like landlords. They (generally) will stay out of your business as long as you pay on time and don’t attract too much heat. I’ve never had a landlord monitor my comings and goings or what I’m up to. When you are your own VPN provider, you have several distinct advantages:
You no longer take someone at their word that they’re not logging you.
It’s your server and you retain complete control. You can see with your own eyes what data is being retained.
You can delete your entire server instance instantly if need be
Much like a burner phone, you can destroy your entire server in a moments notice and be up in running with a fresh server in moments
Your IP probably isn’t blacklisted
IP addresses are not infinite and unfortunately when you connect to a VPN, you are essentially ‘guilty’ of the previous user’s behavior. With a VPN you may not be able to sign in or even access your favorite site. Generally speaking, when you are assigned a dedicated IP, there is a significantly less chance of that IP being blacklisted.
References
- “CloudFlare Forced to Censor Anti-Censorship Site” TorrentFreak, Jul 2015
- “Everyone’s Mad At Cloudflare; Is There Room For Principled Takes On Moderation?” TechDirt, Sep 2022