VPN Transparency Project

Author: WhoVPN

  • Betternet

    Betternet is a freemium VPN service that comes from the family of Pango services, alongside Hotspot Shield, VPN360 and Ultra VPN. This is an important detail that users must understand when putting faith into a VPN service to not just conceal, but protect their true identity. Further, Pango has a questionable track record and should generally be considered not trustworthy.

    Terms of Service

    Remember when I said Pango wasn’t trustworthy? It’s because their Terms of Service straight up says they’ll snitch on you to law enforcement if they deem it necessary or appropriate We already know from their Privacy Policy that they keep aggregated logs of websites their users go to. See the picture we’re painting here? They are not a privacy company.

    if you post any User Content that is prohibited by this Agreement, then we may—but have no obligation to—take any remedial action that we, in our sole discretion, deem necessary and/or appropriate under the circumstances, such as, without limitation, suspending or terminating your account, removing your User Content, and/or reporting you to law enforcement authorities, either directly or indirectly.

    Torrenting/P2P

    One of the most common reasons people use VPNs is to use p2p/torrent services without revealing their IP address. This is usually not an issue if your VPN provider is registered in a foreign country, as they can usually disregard DMCA violation notices. Unfortunately, Betternet is registered in the United States which means they are obligated under law to take action against your account if they receive a DMCA notice. Generally speaking this just means they’ll terminate your account but depending on the severity or specifics of the matter, it could become a legal and/or criminal situation.

    Connection Info

    Frequently, VPN services oversell their services to increase profit margin, or sometimes just straight up throttle their servers. After a speed test using speed.cloudflare.com and fast.com I observed reliable speeds of 200Mbps down and 40Mbps up with a latency of 66ms. Obviously these results are subjective and may not reflect global results, but it’s an indication of their server quality.

    Logging Policy

    While Betternet’s logging policy is not the worst I’ve ever seen, there are a few potential red flags that users should be aware of. Most notably, in their Privacy Policy, they state that they log:

    the domains that have been accessed by our users, but on an anonymized basis such that we do not know which user accessed which domain, nor the full URL that would indicate which web pages were visited.

    First and foremost, if you didn’t know that VPN providers can see which domains you are visiting, well… Now you know. That’s not the alarming part though. The alarming part is that they log this information to “monitor, support and optimize our VPN services.”

    App Telemetry

    I was pleasantly surprised to see that aside from core services, the only third party connection the app made was to Google Firebase for usage analytics. There were no hard coded tracking or advertising scripts. The most popular connections were

    • *.cloudfront.com – where the core services are hosted
    • *.apple.com – required for App Store services
    • firebaseinstallations.googleapis.com – tracks app usage and does include analytics

  • Avoid Pango

    The history of behavior and practices exhibited by Pango and its associated companies stands in stark contrast to the core principles expected of privacy-respecting organizations. These principles typically emphasize transparency, stringent protection of user data, and a commitment to maintaining user anonymity and security. However, Pango’s record, particularly with its VPN services like Hotspot Shield and Betternet, has raised significant concerns. Instances of alleged deceptive trade practices, unethical logging, data sharing that contradicts promises of anonymity, and the inclusion of adware in software installations are all antithetical to the foundational ethos of privacy-focused entities. Moreover, the criticisms leveled at these services for concealing their corporate affiliations further undermine the trust required by users seeking privacy and security solutions. This pattern of behavior suggests a divergence from the industry’s standard privacy and security commitments, leading to skepticism and wariness among users and privacy advocates.

    Hotspot Shield, in particular, has been reported for allegedly deceptive trade practices involving unethical logging and data sharing practices that contradict its “anonymous browsing” promise. This includes accusations by the Center for Democracy & Technology (CDT) of unfair and deceptive trade practices, as well as a discovery of adware in at least their Windows installer. Betternet, another VPN service under Pango, was founded by the son of Iran’s Vice President and later acquired by Pango. It was ranked as the fourth most hits on VirusTotal among VPN apps tested by Australia’s national science agency, CSIRO. These incidents have raised concerns about how OVPN will operate as a privacy-focused VPN service under Pango’s ownership, despite OVPN’s assurances that there will be no changes to its operations and that it will continue to function independently with its unique features1.

    Additionally, Pango was acquired by AURA in July 2020, which further broadened AURA’s focus to include VPN services. This acquisition has led to concerns about the transparency and trustworthiness of VPN services under corporate ownership. Hotspot Shield, prior to its acquisition by AURA, was cited for using aggressive tracking libraries and was involved in controversies regarding user privacy and security. Many of the VPN services under AURA and Pango continue to operate, but there are issues regarding their efforts to conceal their corporate ownership, which can be misleading for users.2

    However, AURA’s privacy policy claims to be reassuring, stating that it does not collect VPN browsing activities that can be traced back to individual users and does not inspect the contents of what users browse, view, or do through the company’s VPN services. The policy mentions that only anonymous and aggregated information is collected. The long-term implications of these policies and their adherence remain to be seen.

    In summary, Pango’s acquisition of various VPN services, including OVPN, has been met with skepticism and concern regarding user privacy and security. The controversies mainly arise from past incidents involving Pango’s owned VPN services like Hotspot Shield and Betternet, which have been accused of deceptive practices and privacy infringements. Despite assurances from Pango and AURA, the trustworthiness and transparency of these VPN services continue to be questioned.

    1. https://alternativeto.net/news/2023/5/ovpn-acquired-by-pango-parent-company-of-hotspot-shield-what-does-it-mean-for-users-/ ↩︎
    2. https://www.technadu.com/companies-own-todays-most-popular-vpns-hidden-true-owners-revealed/307475/ ↩︎

  • Oy Crea Nova Hosting Solution Ltd

    Oy Crea Nova Hosting Solution Ltd, with Autonomous System Number (ASN) 51765, has been a significant player in the web hosting and data center industry. Founded over 12 years ago, the company operates a Border Gateway Protocol (BGP) network that peers with 15 other networks and utilizes 5 upstream carriers. Their network status, as registered on November 2, 2010, shows a substantial presence in the data hosting sphere.

    The company, also known as CreaNova Datacenter, has a global geographic scope and supports a balanced traffic ratio with traffic levels between 100-200Gbps. It offers around 2000 IPv4 prefixes and 500 IPv6 prefixes, indicating a significant scale of operations in the data networking realm.

    Quick Stats

    Total Servers

    40

    Unique VPNs

    10

    One notable incident involving Oy Crea Nova Hosting Solution Ltd in the context of the VPN industry was their engagement with NordVPN, a major VPN service provider. NordVPN terminated its contract with Oy Crea Nova Hosting Solution Ltd following a security breach at a Helsinki data center operated by the Finnish company. This breach, which occurred due to a poorly secured remote-management system and an expired private key, raised concerns over the potential creation of spoof NordVPN servers to harvest personal information. The breach and its subsequent revelation highlighted significant security concerns within the VPN industry, especially regarding the security practices of data center providers. NordVPN attributed the security lapse to Crea Nova, suggesting negligence in their security protocols. However, Crea Nova countered these claims, indicating a complex situation where responsibilities for security were shared between the provider and its clients.

    Oy Crea Nova Hosting Solution Ltd’s terms and conditions emphasize the client’s responsibility for server content and security, including the obligation to maintain server security and integrity. This suggests a business model where clients are expected to play an active role in ensuring the security of their hosted solutions.

    Overall, the relevance of Oy Crea Nova Hosting Solution Ltd to the VPN industry lies in their role as a data center provider and the implications of their security practices on the broader VPN service ecosystem. Incidents like the NordVPN breach highlight the critical nature of robust security measures in data centers, especially when handling sensitive data and services like VPNs.

  • Clouvider Limited

    Clouvider Limited, operating under the Autonomous System Number (ASN) AS62240, is based in the United Kingdom. The company is recognized for its high-quality hosting solutions, offering a range of services including dedicated servers, colocation, and cloud services​​. Established in 2013, Clouvider boasts a substantial presence in the hosting industry with over 9,133 hosted domains and a substantial allocation of IP addresses, including 364,288 IPv4 addresses​.

    In the context of the VPN industry, Clouvider is particularly influential. Clouvider’s network is noted for its strength and customizable nature, making it a top-tier choice for hosting services. While Clouvider itself is not a VPN provider, its robust infrastructure plays a vital role in supporting many VPN services, enhancing their performance and security measures. This support is underpinned by the company’s commitment to adhering to strict UK data privacy laws, ensuring a secure and high-speed network environment for VPN service providers​​.

    Clouvider experienced a security issue in 2021 where one of their websites, clouvider.net, was defaced. The company assured that this website held no customer data and was merely a redirect to their main site, clouvider.co.uk, with minimal file structure. They emphasized that the defacement did not impact any subdomains connected to functional internal infrastructure servers. Clouvider committed to releasing a detailed statement upon the conclusion of their investigation into this incident​​.

    In summary, Clouvider Limited is a prominent UK-based hosting provider with significant involvement in the VPN industry, offering robust and reliable infrastructure that underpins many VPN services. The company’s reputation in the hosting market is bolstered by their commitment to security and data privacy, despite experiencing a defacement incident on one of their websites.

    Total Servers

    2391

    Countries

    Australia, Singapore, New Zealand, Vietnam, Vietnam, Andorra, Bermuda, Trinidad and Tobago, Taiwan, Dominican Republic, Japan, India, Philippines, Hong Kong, Germany, Netherlands, Turkey, Algeria, Egypt, Indonesia, Ghana, Cuba, Jamaica, Uruguay, Nepal, Bosnia and Herzegovina, Cayman Islands

    Unique VPNs

    12

    Cities

    32

    (see all)

    Sydney, Perth, Unknown, Singapore, Brisbane, Melbourne, Auckland, Adelaide, Hanoi, Andorra la Vella, Hamilton, Port of Spain, Taipei, Santo Domingo, Tokyo, New Delhi, Manila, Hong Kong, Central, Nuremberg, Amsterdam, Bursa, Algiers, Cairo, Jakarta, Accra, Havana, Kingston, Montevideo, Kathmandu, Zenica, George Town

    Unique IPs

    2391

  • LeapSwitch Networks

    LeapSwitch Networks, based in Pune, India and founded in 2010, is a prominent cloud services provider. They offer a range of services, including managed cloud services, IaaS, PaaS, and DRaaS. LeapSwitch also partners with AWS and Azure, positioning themselves as a comprehensive cloud services provider.

    Regarding ASN 132335, LeapSwitch Networks Pvt Ltd has a significant presence, indicated by its numerous IPv4 and IPv6 addresses, hosted domains, peers, and downstreams. The ASN is noted for hosting services, including VPN and BitTorrent.

    Notably, according to our database, Windscribe VPN leases some servers from LeapSwitch Networks. This highlights LeapSwitch’s involvement in the VPN industry, providing essential infrastructure that supports VPN functionalities, such as hosting VPN servers. Their diverse hosting services, with servers in multiple countries including the USA, India, Portugal, Spain, and Ukraine, cater to a global customer base, emphasizing their importance in web hosting and cloud services industries.

  • GSL Networks

    GSL Networks Pty Ltd, registered in Queensland, Australia on April 8, 2017, operates under the Australian Business Number (ABN) 15 620 899 765 and Australian Company Number (ACN) 620 899 765. It is an Australian proprietary company limited by shares.

    In the VPN industry, GSL Networks has a notable presence, as it manages a considerable range of IP addresses under Autonomous System Number (ASN) 137409. It has 12 upstream providers, including notable names like Sprint, Cogent Communications, Telstra Global, and NTT America. Additionally, it has 82 downstreams, suggesting a significant role in the routing of internet traffic.

    GSL Networks offers services essential for CDN (Content Delivery Network) and VPN providers. Its global network is designed for low latency, end-to-end security, and inline DDoS protection. They offer direct access to major providers and peering with over 2000 networks. Their expansive network, complete with full redundancy, facilitates high-capacity direct interconnection links between content networks and end users. GSL Networks’ network of interconnected data centers spans major international cities across various regions including APAC, EMEA, New Zealand, and North America.

    However, GSL Networks has faced scrutiny for its association with VPN services. It has been identified as a potentially medium fraud risk ISP, with approximately 29% of the web traffic it manages suspected to be potentially fraudulent. A notable 8% of their IP addresses are dedicated to anonymizing VPNs. The countries primarily served by GSL Networks’ IP addresses include Australia, the United States, New Zealand, Singapore, and the Netherlands.

    VPNs that use GSL Networks include Private Internet Access, NordVPN, ExpressVPN, CyberGhost VPN, StrongVPN, and ProtonVPN. This involvement with various VPN providers highlights GSL Networks’ significant role in the VPN industry, though it also raises concerns regarding the nature of the traffic and the potential risks associated with its services.

    Quick Stats

    At this time there are 2,391 entries in our VPN IP database, representing about 2.8% of total IPs.

  • Datacamp Limited

    DataCamp Limited, a private company incorporated in the UK on January 11, 2011, is primarily known for its data processing, hosting, and related activities. However, its relevance to the VPN industry arises from its operation of subsidiaries like CDN77 and Datapacket, positioning it as a significant player in cloud hosting and content delivery networks (CDNs).

    DataCamp Limited’s engagement with the VPN industry became particularly notable due to legal controversies. In late September 2021, the company faced a lawsuit from independent film companies, accusing it of providing services to multiple VPN providers. The film companies alleged that despite receiving numerous warnings, DataCamp did not close the accounts of these VPN providers, leading to accusations of contributory and vicarious copyright infringement.

    VPNs known to use DataCamp’s services include NordVPN, VPN 360, Hotspot Shield, TorGuard, ProtonVPN, Brave, Mozilla VPN, and StrongVPN. The significance of these relationships is underscored by a lawsuit filed by the International Broadcaster Coalition Against Piracy (IBCAP) in February 2022. This complaint, filed in the Northern District of Illinois, claimed that DataCamp facilitated the infringement of IBCAP member copyrights by allowing 11 pirate services to use its CDN. DataCamp allegedly received nearly 400 separate infringement notices but did not act sufficiently to halt these unauthorized services. The lawsuit sought damages of up to $32,550,000 and emphasized the role of CDN companies in supporting pirated content distribution.

    Datacamp Limited Servers by Country

    1. United States: 1451 IPs
    2. Germany: 474 IPs
    3. United Kingdom: 435 IPs
    4. Czechia: 410 IPs
    5. Switzerland: 409 IPs
    6. Ukraine: 350 IPs
    7. Slovakia: 348 IPs
    8. Singapore: 314 IPs
    9. Netherlands: 293 IPs
    10. Brazil: 289 IPs

    Global Top 10 Subnets

    • Subnet “102.129.143” with 256 IPs
    • Subnet “138.199.60” with 256 IPs
    • Subnet “93.113.202” with 256 IPs
    • Subnet “156.146.40” with 256 IPs
    • Subnet “149.102.246” with 256 IPs
    • Subnet “143.244.45” with 256 IPs
    • Subnet “109.61.80” with 254 IPs
    • Subnet “156.146.55” with 254 IPs
    • Subnet “185.180.14” with 253 IPs
    • Subnet “185.102.217” with 247 IPs

    In summary, DataCamp Limited’s relevance to the VPN industry is multi-faceted. While it provides essential infrastructure through its CDN services, its alleged involvement in supporting VPN providers associated with copyright infringement has led to significant legal challenges and highlighted the complex relationship between CDN providers, VPN services, and copyright law.

    See also:

  • Eritrea

    In Eritrea, a small country in the Horn of Africa, the intersection of geopolitical issues, government surveillance, privacy concerns, and censorship paints a complex and challenging picture. This article delves into the current state of these issues in Eritrea, focusing on available facts and recent developments.

    Geopolitical Context

    Eritrea’s geopolitical standing is heavily influenced by its tense relationship with neighboring Ethiopia and its strategic location by the Red Sea. Historically, these factors have impacted its internal policies, including those related to information control and surveillance.

    Government Surveillance and Privacy Issues

    Eritrea is often cited as having stringent government surveillance measures. According to Human Rights Watch and other international observers, the Eritrean government maintains a tight grip on its citizens through extensive networks of informants and controls over communication.

    The nation lacks specific privacy laws that protect citizens from government surveillance, leading to a situation where privacy rights are not adequately safeguarded. The government’s control extends to telecommunication systems, making private communication difficult.

    Censorship and Internet Access

    Censorship is a significant issue in Eritrea. The Press Freedom Index by Reporters Without Borders ranks Eritrea among the lowest in the world for press freedom. The government controls all media outlets, and there is no independent press.

    Internet penetration in Eritrea is one of the lowest globally, with reports suggesting less than 2% of the population has internet access. This limited access is further compounded by government censorship and monitoring of online activities.

    Torrenting and Online Activities

    Regarding internet activities such as torrenting, the low internet penetration rate combined with strict government oversight implies that engaging in such activities would be risky. There are no specific laws in Eritrea addressing torrenting, but the overarching control of internet content and activities suggests a high likelihood of repercussions for engaging in unauthorized online activities.

    Conclusion

    Eritrea presents a challenging environment for privacy, free speech, and internet freedom. The government’s extensive surveillance and control over communication mediums, coupled with the lack of specific legal protections for privacy, create a situation where personal freedoms are significantly constrained. While there is a lack of detailed, publicly available information on many of these issues due to the closed nature of the country, the overall picture that emerges is one of stringent control and limited freedom for Eritreans, particularly in their online activities.

    See also:

  • Macao

    Macao, a Special Administrative Region of China, presents a unique case study in geopolitical tensions, government surveillance, privacy, and censorship. Its status as a former Portuguese colony and a current hub for international tourism, particularly gambling, adds layers to its geopolitical significance.

    Government Surveillance and Privacy Issues Macao operates under the “One Country, Two Systems” principle, similar to Hong Kong. However, its approach to digital surveillance and privacy has increasingly aligned with mainland China’s stringent measures. The Macao government has implemented sophisticated surveillance systems, ostensibly for security reasons, particularly in the context of its booming casino industry.

    In recent years, there have been reported increases in digital monitoring, often justified as efforts to combat fraud and money laundering in casinos. However, these measures raise significant privacy concerns. For example, the installation of facial recognition technology in ATMs and public spaces has not been without controversy, mirroring wider trends in mainland China.

    Censorship Issues Censorship in Macao, while not as pronounced as in mainland China, has seen a gradual increase. Internet censorship, particularly of content deemed politically sensitive or contrary to the interests of the Chinese government, is a growing concern. The application of China’s Great Firewall in Macao remains limited but is a potential future scenario, especially considering increasing political integration with the mainland.

    Torrenting and Digital Piracy Regarding digital piracy, such as torrenting, Macao’s laws are somewhat ambiguous. While there is no specific legislation targeting torrenting, copyright laws do apply. Enforcement, however, is inconsistent. Instances of crackdowns on digital piracy are sporadic and often tied to larger copyright infringement cases.

    Notably, Macao does not have a robust legal framework for addressing digital privacy and security issues. This lack of specific legal guidelines leaves a gray area regarding the legality and repercussions of activities like torrenting.

    Conclusion In conclusion, Macao’s geopolitical position, coupled with its complex relationship with mainland China, creates a unique environment for issues of surveillance, privacy, and censorship. While it currently enjoys a degree of autonomy, the trends suggest a gradual alignment with mainland China’s approaches to these issues. As such, the future of digital privacy and freedom in Macao remains uncertain, warranting close observation and analysis.

    See also:

  • Cayman Islands

    Nestled in the cerulean embrace of the Caribbean Sea, the Cayman Islands represent a fascinating confluence of global finance, regional politics, and digital challenges. This British Overseas Territory, though small in size, plays an outsized role in global finance, owing to its status as a major offshore financial center. This unique position places the islands at the crossroads of geopolitical and digital realms, navigating complex issues of privacy, data security, and freedom of speech.

    From a geopolitical standpoint, the Cayman Islands have traditionally maintained a low-profile yet strategic significance. Their economic model, heavily reliant on banking and financial services, draws scrutiny and pressure from larger nations advocating for greater financial transparency and regulation. This tension is not just a matter of economics but also intersects with global concerns over money laundering, tax evasion, and financial crimes. The islands, in response, have been walking a tightrope, balancing international expectations with their own economic interests.

    When it comes to privacy, the islands’ status as a financial hub brings its own set of challenges. High-net-worth individuals and corporations often seek the confidentiality that the jurisdiction offers. However, in an era where data breaches and cyber threats are rampant, maintaining this confidentiality is increasingly complex. The local government and financial institutions are thus continually investing in and updating their cybersecurity measures to protect sensitive financial information.

    Censorship and freedom of speech in the Cayman Islands present a nuanced picture. While the territory upholds democratic values, including freedom of expression, it is not immune to the global debates surrounding the regulation of online content. Issues such as defamation and responsible use of social media are pertinent, reflecting a broader struggle to balance free speech with the need to prevent harm and misinformation. Unlike some of its neighbors, the Cayman Islands have not been noted for stringent censorship practices, but the digital age continually tests these boundaries.

    In conclusion, the Cayman Islands, while seemingly a tranquil paradise, are at the heart of a complex web of geopolitical and digital issues. Their role as a financial center places them at the forefront of global debates on privacy and data security, while also exposing them to the challenges of maintaining freedom of speech in a rapidly evolving digital landscape. As the world becomes more interconnected, the experiences of the Cayman Islands offer valuable insights into the delicate balancing act between economic interests, privacy, and the free flow of information.

    See also: