The terms “5 Eyes“, “9 Eyes“, and “14 Eyes” often appear in the privacy community, especially when discussing VPNs.
In short, these are just international surveillance alliances representing various countries around the world. These surveillance alliances work together to collect and share mass surveillance data. In other words, they are essentially acting as one global-surveillance entity to spy on you and record your activities.
In this guide we’ll explain the different “X” eyes surveillance alliances and why this topic is important when choosing a VPN service.
The Five Eyes (FVEY) surveillance alliance includes:
- New Zealand
- United Kingdom
- United States
The history of this alliance goes all the way back to WWII and the UKUSA Agreement. This agreement officially formalized a partnership between the United Kingdom and United States for sharing intelligence. The partnership continued throughout the Cold War and has only strengthened following the “War on Terror” and subsequent “terrorist” events.
Edward Snowden brought renewed focus to the Five Eyes surveillance alliance in 2013 when he exposed the surveillance activities of the US government and its allies.
According to Wikipedia, these are the different “5 Eyes” surveillance agencies working together to collect and record your activities:
It is no surprise that some of the Five Eyes countries listed above are also the worst abusers of online privacy:
- United Kingdom – Since the passage of the Investigatory Powers Act in 2016, internet service providers and telecoms have been recording browsing history, connection times, and text messages. The data is stored for two years and is available to UK government agencies and their partners without any warrant necessary.
- United States – The US government has been implementing Orwellian mass surveillance collection methods with the help of large telecoms and internet service providers (see the PRISM program). Recently internet service providers have been given the legal authority to record user activity and sell this to third parties (and you can’t opt out).
- Australia – Australia has recently implemented sweeping data retention laws similar to the United Kingdom.
+ Israel – Israel must be included when discussing the Five Eyes surveillance partners. As many sources point out, it is one of the closest partners with the US government and National Surveillance Agency (NSA). Here are a few examples documenting this:
- Source – NSA shares raw surveillance data directly with Israel; very close cooperation between US/Israeli surveillance agencies
- Source – “Shady Companies with Ties to Israel Wiretap the USA for the NSA”
- Source – Israeli authorities yield wider surveillance powers than US authorities
- Wikipedia also claims Israel is an official “observer” to the Five Eyes alliance
+ Singapore and South Korea – Singapore and South Korea are also reported to be close partners in the Five Eyes alliance.
+ British Overseas Territories – It should be noted that the different British Overseas Territories also fall under varying degrees of UK influence. While many of these territories exercise some independence, they are still legally connected to the United Kingdom.
Broad authority – The other drawback with these Five Eyes countries is that they have tremendous authority to force companies to hand over data. This is particularly easy for US authorities, where they can also demand non-disclosure through gag orders.
The Nine Eyes countries include all of the previous Five Eyes countries plus:
The existence of the Nine Eyes alliance is referenced in Wikipedia and other sources online. It is just an extension of the Five Eyes alliance with similar cooperation to collect and share mass surveillance data.
The 14 Eyes surveillance countries include all of the previous Nine Eyes countries plus:
As before, the original surveillance agreement was extended to these other countries. The official name of this group of countries is referred to as SIGINT Seniors Europe (SSEUR).
VPN services located in 14 Eyes countries and territories
Note: this list includes VPNs that are located in:
- Five Eyes (United States, United Kingdom, Australia, Canada, and New Zealand)
- Nine Eyes (Five Eyes + Denmark, France, Netherlands, and Norway)
- Fourteen Eyes (Nine Eyes + Germany, Belgium, Italy, Sweden, and Spain)
- Additional partners (Israel, Singapore, South Korea, and all British Overseas Territories)
Avira Phantom VPN (Germany)
ExpressVPN (British Virgin Islands)
Hide My IP (USA)
Hotspot Shield (USA)
My Expat Network (UK)
Norton WiFi Privacy (USA)
Opera [Proxy] Browser* (Norway) [Note: Opera is not actually a VPN, but instead a proxy.]
Private Internet Access (USA)
PrivatePackets.io (British Indian Ocean)
RA4W VPN (USA)
Unseen Online (USA)
VPN Land (Canada)
VPN Master (USA)
VPN Unlimited (USA)
WASEL Pro (Netherlands)
Credit: This list was compiled with data provided by ThatOnePrivacyGuy and his VPN Comparison Chart.
Does it even matter?
In the end, it’s difficult to determine exactly how much influence a VPN’s jurisdiction has on your privacy and data.
The United States and United Kingdom have immense global influence. Recently, US authorities compelled a Hong Kong “no logs” VPN service (PureVPN) to log user data and hand over this information to arrest the VPN user (see article). So it’s clear that a good privacy jurisdiction is no silver bullet.
Ultimately, jurisdiction is just one of many factors to consider when looking for the best VPN service.
If you want additional protection, you may want to consider using a multi-hop VPN chain. Similar to the Tor network, this setup routes your traffic across different VPN server “hops” before exiting onto the internet. Multi-hop VPNs give you a higher level of privacy and online anonymity.
VPN providers offering multi-hop VPN chains include:
- Perfect Privacy (based in Switzerland) – Create self-configurable VPN chains with up to four servers; or use their new NeuroRouting feature, which is a dynamic multi-hop setup that can be used on any device.
- VPN.ac (based in Romania) – Currently offering 18 different double-hop configurations, along with very advanced encryption.
- ZorroVPN (based in Belize) – Create self-configurable VPN chains with up to four servers (but they do not offer any apps, so you will need to use third-party software).