We tend to think of our devices as fairly private. After all, we have passwords and PINs guarding access to them, and some of us even have the data on them encrypted. However, none of these privacy measures matter once we connect to the Internet and begin accessing and transmitting information. On the web, the two primary privacy concerns are having your online activity tracked and having your confidential data intercepted. Luckily, there is an easy way to restore privacy and reduce risk.
Who is tracking you on the web, and why?
Much of your online activity can be (and often is) easily tracked. While you may feel anonymous when visiting websites, in reality, there are several pieces of identifiable information accompanying you as you browse. First is the IP address assigned to your device by your Internet Service Provider (ISP). Like your phone number, your IP address correlates to your account with the ISP. Although the ISPs may assign you a different IP address every day, they do keep logs of IP assignments. Your IP also gets logged by the web servers of the websites you visit. Furthermore, depending on the data privacy laws in your country, your ISP may also log your internet activity, including the web pages you visit and the data you send and receive. This data is generally accessible to government authorities.
The other identifiable information is carried by your own web browser in the form of “cookies.” These short snippets of code help websites identify you as a repeat visitor and help advertising networks like Google and Bing track your browsing history to serve you more relevant ads. While cookies were meant meant for relatively harmless purposes, government security agencies like the NSA have been able to leverage them for the purposes of surveillance.
An even greater risk to privacy than being tracked is having your data intercepted. While your home Wi-Fi router encrypts the flow of information between it and your device, you lose this basic level of protection when connecting to the Wi-Fi hotspots at hotels, coffee shops and other public locations. On these networks, your connection is not encrypted, and any information you submit, including website URLs and login credentials can be intercepted.
VPN to the rescue
Fortunately, there is a relatively simple and affordable way to mitigate both risks with a Virtual Private Network (VPN). You may have already used one on your work laptop when away from the office. Now, you can have one all of your own. The main benefit of the VPN is that it provides a safe encrypted tunnel between your device and the VPN server. This protects your communication over the public networks. As an additional privacy benefit, the VPN server also assigns your device a new IP address, effectively anonymizing you as you use the web.
There is a great number of VPN services available to consumers, with several popular ones including NordVPN, ExpressVPN, Avast and HMA. Many offer free trials and flexible billing plans. Some also have unique features, for example NordVPN’s automatic kill switch will close the applications of your choosing if your VPN connection is interrupted. Choose one based on the number of device connections you need to protect, features, compatible devices (iOS, Android, Windows, etc) and price.
After downloading the client application, connecting to a VPN is a single-click action.
Performance tip: Depending on the VPN server you connect to, your connection speed may degrade. Most VPN services will automatically connect you to the geographically closest server. I recommend that you experiment with multiple servers using the speed test. I’ve found that server located in a data center over a thousand miles away may consistently provide faster speeds than the one next door. Find the one you like and save it as your default.
P.S. Can’t I just use my work VPN?
You certainly can, and it will protect you while on a public network, but you should be under no illusion that you have privacy. Corporate VPNs are configured to protect the company — not users. Corporate IT security departments extensively log user activity and monitor web usage. Most companies reserve the right to monitor and access all data communications on their devices and networks, and