Hotspot Shield VPN Accused Of Logging User Data And Selling It To Advertisers


May 13, 2013
Privacy researchers have accused Hotspot Shield VPN of logging user data and selling it to advertisers. In a complaint to the Federal Trade Commission (FTC), the Center for Democracy & Technology (CDT) requests a government investigation into the data security and data sharing practices of Hotspot Shield.The CDT goes on to accuse Hotspot Shield of injecting Javascript code into users' browsers for advertising and tracking purposes. AnchorFree has flat-out denied the CDT's complaint.

With all the talk about how VPNs are nearly required nowadays, this goes to show that a free VPN may not be the best choise for protecting your personal information. It really won't surprise me if more and more of these complaints start popping up in the future as VPN use rises, and more companies get into the field.

It also charges the VPN with selling customer data to advertisers, using multiple third-party tracking libraries, "redirecting e-commerce traffic to partnering domains," transmitting Mobile Carrier data over a non-HTTPS web connection, and mishandling customers' payment information, as evidenced by some users' claims of credit card fraud resulting from their purchase of the Elite version of the VPN.
someone should start a website called

and on that site should be companies who won't fuck you over for a buck.

i'm sure it'll be a small list.
I will totally put up a page and host it if someone wants to compile a list. :)
How do people reckon "free" services work? You either pay, or you're the product. It's always been like that.
Exactly my thoughts. How do people really expect someone to fund a service for multiple thousands of users without gaining revenue out of it. If it's internet and it's free, it's not free.
This is why, if you're choosing a VPN and you care at all about your privacy, you need to choose one that A) specifically makes privacy and security an advertised feature , B) uses as much open source technology and open policies as possible so you know what you're using and C) is used and ideally audited by the most privacy focused users around. There are a relatively few VPNs that even hypothetically tick some of the basic boxes like "no logging" (which really almost never means "no logging" ) but then also explain exactly what that means. Looking further into things like legal jurisdiction and technical specifics really narrow it down, but the vast majority of (especially advertised) VPNs don't bother with this and know most people aren't really interested in more than the illusion or the barest additional protections. What's why they play this sort of game - more security theater illusion while they stuff their pockets.

If you're interested in a place to start, check out sites like , , . They have suggestions for a few places to start, but it will take time for you to look into seeing what you're comfortable with. It becomes exponentially more difficult, expensive, and time consuming if you want to protect yourself against an actor with vast resources (especially state-level actors and corporate types with a state-level actor under their thumb), . However, that doesn't excuse how many unscrupulous people started "privacy/security" services after Snowden and other revelations that don't actually provide even basic protections
Not a lawyer but if the users paid nothing of value for the use of the VPN software, is there any contract in place to sue for breach of?