The terms “5 Eyes“, “9 Eyes“, and “14 Eyes” often appear in the privacy community, especially when discussing VPNs.
In short, these are just international surveillance alliances representing various countries around the world. These surveillance alliances work together to collect and share mass surveillance data. In other words, they are essentially acting as one global-surveillance entity to spy on you and record your activities.
In this guide we’ll explain the different “X” eyes surveillance alliances and why this topic is important when choosing a VPN service.
The Five Eyes (FVEY) surveillance alliance includes:
- New Zealand
- United Kingdom
- United States
The history of this alliance goes all the way back to WWII and the UKUSA Agreement. This agreement officially formalized a partnership between the United Kingdom and United States for sharing intelligence. The partnership continued throughout the Cold War and has only strengthened following the “War on Terror” and subsequent “terrorist” events.
Edward Snowden brought renewed focus to the Five Eyes surveillance alliance in 2013 when he exposed the surveillance activities of the US government and its allies.
According to Wikipedia, these are the different “5 Eyes” surveillance agencies working together to collect and record your activities:
It is no surprise that some of the Five Eyes countries listed above are also the worst abusers of online privacy:
- United Kingdom – Since the passage of the Investigatory Powers Act in 2016, internet service providers and telecoms have been recording browsing history, connection times, and text messages. The data is stored for two years and is available to UK government agencies and their partners without any warrant necessary.
- United States – The US government has been implementing Orwellian mass surveillance collection methods with the help of large telecoms and internet service providers (see the PRISM program). Recently internet service providers have been given the legal authority to record user activity and sell this to third parties (and you can’t opt out).
- Australia – Australia has also implemented sweeping data retention laws similar to the United Kingdom. (See the best VPN for Australia guide.)
+ Israel – Israel must be included when discussing the Five Eyes surveillance partners. As many sources point out, it is one of the closest partners with the US government and National Surveillance Agency (NSA). Here are a few examples documenting this:
- Wikipedia claims Israel is an official “observer” to the Five Eyes alliance
- Source – NSA shares raw surveillance data directly with Israel; very close cooperation between US/Israeli surveillance agencies
- Source – “Shady Companies with Ties to Israel Wiretap the USA for the NSA”
- Source – Israeli authorities yield wider surveillance powers than US authorities
+ Singapore, South Korea, and Japan – Singapore and South Korea are also reported to be close partners in the Five Eyes alliance. Japan also appears to be a close surveillance partner with the United States (source; source; source).
+ British Overseas Territories – It should be noted that the different British Overseas Territories also fall under varying degrees of UK influence. While many of these territories exercise some independence, they are still legally connected to the United Kingdom.
Broad authority – The other drawback with these Five Eyes countries is that they have tremendous authority to force companies to hand over data. This is particularly easy for US authorities, where they can also demand non-disclosure through gag orders.
The Nine Eyes countries include all of the previous Five Eyes countries plus:
The existence of the Nine Eyes alliance is referenced in Wikipedia and other sources online. It is just an extension of the Five Eyes alliance with similar cooperation to collect and share mass surveillance data.
The 14 Eyes surveillance countries include all of the previous Nine Eyes countries plus:
As before, the original surveillance agreement was extended to these other countries. The official name of this group of countries is referred to as SIGINT Seniors Europe (SSEUR).
VPN services located in 14 Eyes countries and territories
Note: this list includes VPNs that are located in:
- Five Eyes (United States, United Kingdom, Australia, Canada, and New Zealand)
- Nine Eyes (Five Eyes + Denmark, France, Netherlands, and Norway)
- Fourteen Eyes (Nine Eyes + Germany, Belgium, Italy, Sweden, and Spain)
- Additional partners (Israel, Singapore, South Korea, Japan, and all British Overseas Territories)
Avira Phantom VPN (Germany)
Betternet (Betternet review) (Canada)
ExpressVPN (ExpressVPN review) (British Virgin Islands)
Hide My IP (USA)
Hotspot Shield (USA)
IPVanish (IPVanish review) (USA)
My Expat Network (UK)
Norton WiFi Privacy (USA)
Opera [Proxy] Browser* (Norway) [Note: Opera is not actually a VPN, but instead a proxy.]
Private Internet Access (Private Internet Access review) (USA)
PrivatePackets.io (British Indian Ocean)
RA4W VPN (USA)
TunnelBear (TunnelBear review) (Canada)
Unseen Online (USA)
VPN Gate (Japan)
VPN Land (Canada)
VPN Master (USA)
VPN Unlimited (VPN Unlimited review) (USA)
WASEL Pro (Netherlands)
Windscribe (Windscribe review) (Canada)
Credit: This list was compiled with data provided by ThatOnePrivacyGuy and his VPN Comparison Chart.
Does it even matter?
In the end, it’s difficult to determine exactly how much influence a VPN’s jurisdiction has on your privacy and data.
This is especially true when you consider that these surveillance entities operate globally and have the capability to monitor communications around the world. Therefore an “offshore” VPN may not be the silver bullet that some people claim.
Example: US authorities compelled a Hong Kong “no logs” VPN service (PureVPN) to log user data and hand over this information to arrest and prosecute the VPN user (see article). All of this took place with an “offshore” VPN that has a “zero log policy” and promises to make its customers “invisible” to third parties.
This shows that “no logs” marketing claims do not always align with reality. And furthermore, choosing an offshore provider may in fact be worse than choosing a US-based VPN service with good data protection policies and practices.
Ultimately, jurisdiction is just one of many factors to consider when looking for the best VPN service for your specific needs.
If you want additional protection, you may want to consider using a multi-hop VPN chain. Similar to the Tor network, this setup routes your traffic across different VPN server “hops” before exiting onto the internet. Multi-hop VPNs give you a higher level of privacy and online anonymity.
VPN providers offering multi-hop VPN chains include:
- Perfect Privacy (based in Switzerland) – Create self-configurable VPN chains with up to four servers; or use their new NeuroRouting feature, which is a dynamic multi-hop setup that can be used on any device.
- VPN.ac (based in Romania) – Currently offering 18 different double-hop configurations, along with very advanced encryption.
- NordVPN.com (based in Panama) – Currently offering 16 different double-hop configurations, along with an ad-blocker. (See also 77% discount price.)
- ZorroVPN (based in Belize) – Create self-configurable VPN chains with up to four servers (but they do not offer any apps, so you will need to use third-party software).