The iOS and Android app stores are filled with security apps masquerading as beneficial aids to user privacy and security. We’ve seen huge examples of “Free VPN apps” like Onavo VPN being used by Facebook to harvest data at a massive scale. Onavo VPN has since been removed from the iOS app store but remains on the Google Play Store. But it’s only one of hundreds or even thousands of potentially unsafe free VPN apps out there that claim to protect user security but do anything but.
By installing an app onto a phone, and rerouting your traffic through it, users can accidentally do more harm than good. The tricky part is that there are beneficial VPN apps like TorGuard–which do not collect logs and only serves to protect user privacy, but for the beginning end user, it can be hard to differentiate the good from the bad–especially since the bad apps usually spend all their money on marketing and inflated user reviews to get in front of the customer. So, what should we do about it?
Well, now it looks like senators in the USA are urging the US Department of Homeland Security to do something about it. Senators, as well as privacy experts, have realized that most free VPN apps and their claims are not private at all.
Senator Ron Wyden and Marco Rubio have written letters claiming that applications can even compromise the safety and security of US citizens and employees. The reason being is that most of the apps being used have links to China–where data is always passed through the government by law.
“We are particularly concerned about the potential threat posed by foreign-made apps that are affiliated with countries of national security concerns,” write the Senators. These apps are “private browsers”, “private VPNs”, and various other security apps.
The letter to the US Department of Homeland Security mentions Dolphin, Yandex, and Opera–which has made waves in the VPN headlines since “Opera VPN” has been a thing. Opera VPN, like many other free VPNs makes no secret that they log a large amount of data. With all this valuable user data sitting around many security professionals are worried the company could potentially transmit user’s private info right back to the Chinese government, since it’s a Chinese owned company.
Previous investigations into apps on the Play Store have revealed that as many as 9 out of 10 apps on the store are either based in China or have Chinese ownership. And we’ve covered on the blog numerous times with how bad things are there related to censorship, data control, and “internet sovereignty”. The fact that Chinese investors own a large portion of the VPN market is not only ironic, it’s downright dangerous.
The senators claim that these apps can harm the security by mishandling data. “In light of these concerns, we urge you to conduct a threat assessment on the national security risks associated with the continued use by US government employees of VPNs, mobile data proxies and other similar apps that are vulnerable to foreign government surveillance.” However, it seems like the Senators’ primary concern is that no federal employees should be using the apps. But the problem is much bigger than that, and here at TorGuard VPN, we believe that the user data of the everyday internet “person” is just as important anyone else. If you find an app on the iOS or Google Play Store that is a “free VPN” or “Free private browser” we urge you to remain very cautious since your very data and privacy could be at risk!