Mullvad is one of the VPN services that I use, and currently my favorite. It is also a favorite of privacytools.io, which is one of my favorite places to go to read about different tools for keeping my data and my online activity as close to “mine” as possible. Mullvad’s blog announces how they’ve further decreased the information that they store about their own customers, which is an enormous selling point for me. This is also something that I would like more of the companies that I do business with to adopt - numbered accounts.
A VPN’s purpose is to hide what you’re doing from eyes that can see your traffic, this is namely your ISP, but can also include your employer, the local coffee shop, the library (any network that your computer connects to and than does business on that network). A VPN service encrypts all or most of the traffic leaving your computer, send it first to the VPN concentrator, and then it is off on the remainder of its journey. Return traffic does the reverse of that, going to the VPN service, and then encrypted, and then to your computer. As noted aggressively in full write ups of what a VPN does and doesn’t do, this doesn’t actually do anything to keep you anonymous on the Internet, it only shields what you’re doing from prying eyes.
During my unfortunate years as a Comcast customer, it seems that Comcast is very interested in keeping their customer’s browsing data visible to them, presumably for package and re-sale, much like Facebook’s business model. Even if that information were to be saved and used exclusively for internal metrics, it certainly would run afoul of the United States’ 3rd Party Doctrine, and could be used against you in law enforcement overreach.
If you’re concerned about who at your ISP can see what you’re doing (and you should be) or who else on a public network can see what you’re doing (and you should be), take a look at a commercial VPN, ideally one that’s based outside of the United States’ legal jurisdiction. I like Mullvad, but there are others that are nearly as good. Take a look at privacytools.io’s list of VPNs to see which is right for you.
Further links on privacy:
- Mike Maffattone’s Medium article (nearly all of which can apply to all public wifi networks, not just Starbucks): Why browsing on Starbucks Wi-Fi is dangerous and how you can best play it safe
- Kate Dwyer’s recent article for Marie Clarie: Is My Workplace Watching Me?
- Jay Thakkar’s explanation of SSL Inspection / TLS Interception that your employer (and others) can leverage against you and your privacy: What is SSL Inspection? How does it work?