| Best VPN Services | |
| #1 | ExpressVPN.com |
| #2 | Perfect-Privacy.com |
| #3 | NordVPN.com |
| #4 | VPNArea.com |
| #5 | VPN.ac |
| #6 | VyprVPN.com |
| #7 | ZorroVPN.com |
What if many of the “best VPN” services that promise to give you security and privacy are actually exposing your identity to third parties?
In my search for the best VPN for 2019, I’ve reviewed, researched, and tested all of the popular VPN providers – and the results were alarming. Many VPNs recommended on large, trusted websites suffer from data leaks, broken features, and critical flaws. These problems not only render the VPN useless, but they also expose your identity, location, and data to third parties.
Here’s a recent example of a popular VPN I tested, which was found to have IPv4 leaks:
Unfortunately, IP address leaks and DNS leaks are quite common with both paid and free VPN services. This fact is also confirmed by various studies (84% of Android VPN apps tested leak IP addresses or DNS requests).
What is the best VPN for 2019?
While there is no “one-size-fits-all” VPN service that will be perfect for everyone, the VPN that performed the best in all categories of testing is ExpressVPN. Following closely behind is Perfect Privacy in second place, with NordVPN coming in third place.
With that being said, any of the recommended VPNs in this report may be the best for you – it all depends on your own unique needs.
Ranking criteria – The goal of this best VPN report is to filter through all the noise and identify the most secure VPNs that passed all tests and meet the following criteria:
- Located in a good privacy jurisdiction (outside of 5/9/14 Eyes countries) to keep your data safe
- Passed all tests with no leaks found whatsoever (no IP address leaks or DNS leaks)
- Good performance throughout the server network (speed and reliability)
- High-quality VPN apps with all features working correctly
- Supports the OpenVPN protocol and strong encryption standards
- Offers a money-back guarantee (between 7 and 30 days)
- Trustworthy and well-established VPN provider with a good track record
Here are the best VPN services for 2019:
1. ExpressVPN – Best all-around VPN service for 2019
| Rank | #1 |
| Based in | British Virgin Islands |
| Logs | No logs |
| Price | $6.67/mo. |
| Support | 24/7 Live chat |
| Refund | 30 days |
| Website | ExpressVPN.com |
In an overcrowded VPN market, ExpressVPN continues to stand out from the rest and remains the top recommendation on Restore Privacy. While many VPNs suffer from bugs and random issues, ExpressVPN consistently works with excellent performance and the most secure VPN apps.
Based on my own testing and research, here are some highlights from the ExpressVPN review:
- Verified no logs: ExpressVPN is one of the few verified no logs VPNs that has undergone a third-party audit to validate their no-logs policy and privacy protection measures.
- Audited: In January 2019, ExpressVPN passed a third-party audit performed by Cure53, a reputable cybersecurity firm based in Berlin.
- Secure: ExpressVPN uses the highest encryption standards: an AES 256-bit cipher with a 4096-bit RSA key and SHA-512 HMAC authentication. ExpressVPN apps also incorporate a “Network Lock” kill switch feature (no leaks were identified in testing).
- Secure servers: Since April 2019, ExpressVPN runs all servers in RAM-disk mode, rather than on hard drives. This makes it impossible to physically store any logs or data on the servers and also improves security (see the TrustedServer feature).
- Apps for browsers: Browser extensions are available for Chrome, Firefox, and Safari that are open source and incorporate HTTPS Everywhere from EFF.
- Apps for all devices: User-friendly apps are available for all major devices and operating systems, including routers, Linux, Windows, Mac OS, Android, iOS, smart TVs and more.
- Split tunneling: Split tunneling is available with the Windows, Mac OS, and router apps. (This is the ability to route certain apps or website traffic outside of the encrypted VPN tunnel.)
- VPN router: If you want to use a VPN on a router, ExpressVPN offers a dedicated router app. The app makes using a VPN on a router very easy, while also giving you the ability to quickly switch between server locations.
- Works with Netflix: ExpressVPN is the best VPN for Netflix, with 24/7 access to many different regions, as well as a high-performance network for HD streaming.
- Torrenting: It is also a great VPN for torrenting, with no restrictions on torrenting traffic or bandwidth.
- Safe jurisdiction: ExpressVPN is based in the British Virgin Islands, an excellent privacy jurisdiction outside of 5/9/14 eyes countries.
- Responsive support: ExpressVPN offers 24/7 live chat support directly through the website, in addition to a huge selection of setup videos and manuals.
- Fastest VPN tested: In terms of speeds, ExpressVPN is the best VPN I’ve used. It consistently gives me around 150 Mbps with nearby servers (on a 160 Mbps connection), as well as great speeds with long-distance connections, such as streaming Netflix from ExpressVPN servers in the US. (All speed tests are posted in the review.)
Main drawbacks:
- More expensive than some competitors (but see the 49% discount coupon)
Refund policy: All subscription plans come with a full 30 day money-back guarantee, no questions asked.
https://www.expressvpn.com/
Coupon for Restore Privacy Readers
Sign up for the 12 month plan, and get 3 months FREE (49% Off)
Get 49% Off ExpressVPN >>
(Discount is applied automatically.)
(See the ExpressVPN review for more test results and analysis.)
2. Perfect Privacy – Premium VPN with advanced security features
| Rank | #2 |
| Based in | Switzerland |
| Logs | No logs |
| Price | $8.95/mo. |
| Support | Email & forum |
| Refund | 7 days |
| Website | Perfect-Privacy.com |
If you are looking to attain the highest levels of privacy and security, Perfect Privacy may be a good choice. Although it may be overkill for some users, Perfect Privacy offers a number of advanced features, but this also makes it somewhat less user-friendly.
Here are the main highlights from the Perfect Privacy review:
- Multi-hop: Multi-hop VPN cascades are supported on the Windows and Mac OS apps. (See my multi-hop VPN article for details.) The NeuroRouting feature (supported on all devices) dynamically routes traffic across multiple hops in the VPN network (similar to Tor).
- Unlimited: With Perfect Privacy, you get an unlimited number of connections and unlimited bandwidth (no restrictions).
- Ad/tracking blocker: The TrackStop feature blocks thousands of advertisement, malware, tracking, and phishing domains at the VPN server level.
- Safe jurisdiction: Perfect Privacy is based in Switzerland, a good privacy jurisdiction
- Secure servers: The entire server network is composed of dedicated bare-metal servers that are running in RAM-disk mode (no hard drives). (See the real-time server bandwidth.)
- IPv6 support: Perfect Privacy is one of the few VPNs on the market with full IPv6 support (you get both an IPv4 and IPv6 address)
- Secure apps: Very secure apps with customizable DNS and IP leak protection (no leaks found)
- No logs: Perfect Privacy is also a verified no logs VPN service (servers were seized in Rotterdam, no customer data affected).
Main drawbacks:
- More expensive at $8.95 per month with the two-year plan
- Does not work well with Netflix and other streaming services (blocked)
- Less user-friendly than other options and limited apps for mobile devices
Refund policy: 7 day refund window with all subscriptions.
https://www.perfect-privacy.com/
(See the Perfect Privacy review for more test results and analysis.)
3. NordVPN – Best budget VPN service with great features
| Rank | #3 |
| Based in | Panama |
| Logs | No logs |
| Price | $3.49/mo. |
| Support | 24/7 Live chat |
| Refund | 30 days |
| Website | NordVPN.com |
NordVPN is another VPN that has climbed in the rankings. In the past few years, I’ve seen NordVPN make major improvements in their service, such as hardening the kill switch, adding new features, and greatly expanding their server network to improve performance. NordVPN now holds the #3 spot and it continues to perform well.
Here are some highlights from the NordVPN review:
- Safe jurisdiction: NordVPN is based in Panama, which is an excellent jurisdiction for privacy.
- Huge server network: The server network is very large, with 5,200+ servers in 60 countries
- Apps for all devices: NordVPN offers a large selection of user-friendly apps for all devices and operating systems.
- Specialty servers: There are specialty servers, including double-VPN servers (traffic is encrypted over two locations), Tor-over-VPN servers, obfuscated servers (stealth VPN) and more.
- Ad/tracking blocker: The CyberSec ad blocking feature blocks tracking, malware, and advertising domains at the VPN server level.
- Dedicated IPs: NordVPN offers dedicated IP addresses throughout the world, which can be added on to your subscription.
- No logs: NordVPN is a verified no logs VPN provider, having passed a third-party audit of their logging policies in November 2018, performed by PricewaterhouseCoopers AG, Zurich, Switzerland.
- Works with Netflix: NordVPN provides 24/7 access to Netflix regions all over the world.
- Great value: Competitive price at only $3.49 per month (with the three-year plan)
- Responsive support: You get 24/7 live chat support directly through the website, as well as many support manuals.
- Very secure: Secure VPN apps with no leaks or privacy issues identified; strong encryption standards.
- Reliable: Although NordVPN is not the fastest VPN I’ve tested, the speeds and connections were reliable.
Main drawbacks:
- NordVPN does pretty good with speeds, but there is some variability with performance in the server network (not the fastest VPN, but still above average)
- The 70% discount is only available for three-year plans
Refund policy: All subscription plans come with a full 30 day money-back guarantee.
https://nordvpn.com/
NordVPN Official 70% Off Coupon
Get 70% off NordVPN (drops the price down to $3.49 per month)
70% Off NordVPN >>
(Discount is applied automatically.)
(See the NordVPN review for more test results and analysis.)
4. VPNArea – Good all-around VPN for privacy, security
| Rank | #4 |
| Based in | Bulgaria |
| Logs | No logs |
| Price | $2.99/mo. |
| Support | 24/7 Live chat |
| Refund | 30 days |
| Website | VPNArea.com |
VPNArea is a low-profile VPN service that doesn’t get too much attention, but it does well in the areas of privacy, security, and streaming. With the new discount pricing, it also offers a good value for your money.
Here are some highlights from the VPNArea review:
- Secure: VPNArea offers strong security features with good leak protection settings (no leaks identified testing)
- Ad blocking: Ad-blocking DNS servers are available in the VPNArea apps.
- Dedicated IPs: If you need a VPN with a dedicated IP address, VPNArea is a great option with different locations around the world.
- Good support: VPNArea offers 24/7 live chat support, email support, and many installation manuals.
- Account sharing: Although many VPNs prohibit account sharing, VPNArea allows account sharing, with up to six simultaneous connections per subscription.
- No logs: VPNArea is a no logs VPN service (but not yet audited or verified).
- Netflix support: Dedicated server hubs for streaming Netflix, BBC iPlayer, and SkyGo
- Safe jurisdiction: VPNArea is based in Bulgaria, a privacy-friendly jurisdiction not part of 5/9/14 eyes.
- Competitive pricing: VPNArea has lowered prices with a three-year plan for $2.99 per month.
Main drawbacks:
- Limited number of Netflix servers available
- Desktop apps feel a bit clunky, but still work well
Refund policy: There is a 30 day refund policy with one year and three year plans, and a 14 day refund window for one month plans.
https://vpnarea.com/
(See the VPNArea review for more test results and analysis.)
5. VPN.ac – Security-focused VPN service
| Rank | #5 |
| Based in | Romania |
| Logs | Connection logs |
| Price | $3.75/mo. |
| Support | |
| Refund | 7 days |
| Website | VPN.ac |
VPN.ac is a security-focused VPN that offers excellent performance and features, for a competitive price. It is based in Romania and was started by a team of network security professionals. VPN.ac did very well in testing. Here are a few highlights from the VPN.ac review:
- Secure: Very secure applications and infrastructure, with support for numerous VPN protocols and encryption options, including WireGuard.
- Secure servers: VPN.ac’s entire network is composed of dedicated bare-metal servers
- Double-hop VPN: Right now, VPN.ac offers 22 different double-VPN server configurations.
- Good apps: You get user-friendly VPN apps with support for all major operating systems
- Browser extensions: Secure proxy browser extensions for Firefox, Chrome, and Opera browsers
- Obfuscation: Great obfuscation features to hide VPN traffic and get around VPN blocking (a good VPN for China)
- Safe jurisdiction: VPN.ac is based in Romania, a good privacy jurisdiction that’s not a member of the 5/9/14 eyes alliances.
- Competitive prices: $3.75 per month with the two-year plan. You can also get a discounted one-week trial (see the FAQ page).
Main drawbacks:
- The main drawback with VPN.ac is the connection logs. Basic connection logs (no activity data) are kept for 24 hours for network security and optimization (but all data is automatically erased every day). This is explained more on the VPN.ac website.
Refund policy: All plans come with a 7 day refund window.
https://vpn.ac/
(See the VPN.ac review for more test results and analysis.)
6. VyprVPN – A verified no-logs VPN based in Switzerland
| Rank | #6 |
| Based in | Switzerland |
| Logs | No logs |
| Price | $3.75/mo. |
| Support | 24/7 live chat |
| Refund | 30 days |
| Website | VyprVPN.com |
VyprVPN is an interesting VPN service that has evolved over the years. Although it previously maintained connection logs, VyprVPN went through a full third-party audit in 2018 to transition to a no logs VPN service. It is also one of the few VPNs that own all the servers in their network.
Although VyprVPN is technically a Switzerland-based VPN service (where the business is incorporated), it also has operations in Austin, Texas. While this may be an issue for some, the no logs policy and third party audit are certainly reassuring. Plus, VyprVPN is one of the oldest VPN providers in the industry with a good track record. Other highlights from the review:
- Decent speeds throughout the server network
- Works with Netflix
- User-friendly applications for all major devices and operating systems
- 24/7 live chat support
Main drawbacks:
- The obfuscation feature (Chameleon protocol) is only available with premium accounts
- No cryptocurrency payment options
https://www.vyprvpn.com
(See also my VyprVPN review for more test results.)
7. ZorroVPN – A privacy-focused VPN, but rather limited
| Rank | #7 |
| Based in | Belize |
| Logs | No logs |
| Price | $10.00/mo. |
| Support | |
| Refund | 7 days |
| Website | ZorroVPN.com |
ZorroVPN is a smaller, privacy-focused VPN service that doesn’t get too much attention, but it did well in testing for the ZorroVPN review. It is based in Belize and offers some interesting features.
For features, ZorroVPN has multi-hop VPN connections (up to four servers) and the ability to create custom VPN chains incorporating Tor and proxy servers. Although ZorroVPN suggests using open-source VPN clients, they are currently developing a custom client for Windows and Linux (currently in Beta). ZorroVPN is a no logs service and I found the performance to be quite good in my tests.
While ZorroVPN does have some interesting features, it also comes with some drawbacks:
- No custom apps (but Windows and Linux are in beta)
- Expensive
- No support for Netflix and other streaming services
- Setup can be more complex with third-party apps and firewall rules (because there’s no kill switch)
https://zorrovpn.com/
(See also my ZorroVPN review)
15 Other VPN services (not necessarily recommended)
I regularly receive emails and comments along the lines of, “What about [fill in the blank] VPN service?”
There are many VPNs on the market, and unfortunately, there’s not enough time in the day to review them all. Below is a brief overview of some of the other VPNs that I am regularly asked about by Restore Privacy readers.
Some of these VPNs may be worth considering, but others should probably be avoided.
1. AirVPN – A VPN based in Italy
AirVPN is a well-regarded VPN provider with a good track record. Although it is based in Italy (14 Eyes), AirVPN is a “no logs” service with a strong commitment to privacy. There are a few drawbacks I found when testing the service:
- Average speeds
- Poor customer support
- VPN apps are not very user-friendly (but still work well)
2. CyberGhost VPN – Owned by a company that makes malware
CyberGhost is a VPN with an interesting history. It started out in Romania with a development team from Germany. However, in 2017, CyberGhost was sold to an Israeli company, Crossrider, for about $10 million. Now here’s where things get interesting:
- Crossrider is a company that is well-known for producing malware (a data collection tool).
- Crossrider is also involved in ad injection. Symantic issued an alert about “high” risk Crossrider files that “collect information about the user, such as IP address, operating system, and Web browser information.”
- Ad injection has also been used for state surveillance data collection efforts.
- Due to the various “past activities” of Crossrider, the management decided to change the business name to “Kape” in 2018.
https://www.cyberghostvpn.com/
3. HideMyAss – A UK VPN with a history of providing logs to authorities
The UK VPN service “HideMyAss” – or HMA – also has a troubling history when it comes to logs. According to Invisbler, HideMyAss appears to have logged user data and provided this to authorities, who used this information to arrest and jail a hacker. This case is sometimes called the “LulzSec Fiasco” when the FBI used logs from HMA to identify someone behind a Sony Pictures hack.
The 25 year old HideMyAss user ended up receiving a one year prison term, one year home detention, 1,000 hours of community service, and was also ordered to pay $605,663 to Sony Pictures. I’ve also found that many HideMyAss servers are not where they claim to be (the use of “virtual server locations”). HideMyAss is now owned by AVG.
https://www.hidemyass.com/
4. Hotspot Shield VPN – A free VPN with a troubling history
Hotspot Shield was named in a research paper for “actively injecting JavaScript codes using iframes for advertising and tracking purposes” with their Android VPN app. Furthermore, analysis of Hotspot Shield VPN’s code revealed that they “actively use more than 5 different third-party tracking libraries.” Hotspot Shield was also found to be redirecting user traffic to e-commerce domains, such as alibaba.com and eBay.com through partner networks.
In 2017, Hotspot Shield was officially named in an FTC complaint for alleged traffic interception. In 2018, Hotspot Shield was again in the news for a security flaw that revealed user locations. The company behind Hotspot Shield is AnchorFree, which runs other free VPN services as well.
https://www.hotspotshield.com/
5. IPVanish – A fast VPN in the US, but with a troubled past
IPVanish is another interesting case of a “no logs” VPN service that provided logs to authorities. As I covered in the IPVanish logs article, IPVanish admitted to providing logs to US authorities who were investigating alleged crimes. IPVanish explained to Restore Privacy, however, that this took place under a previous management structure that is no longer in control of the company.
Speaking of ownership, in April 2019, PCMag claimed that its parent company, Ziff Davis, which is owned by j2 Global, now owns Encrypt.me, IPVanish, and StrongVPN.
6. Ivacy – A white label version of PureVPN?
Ivacy is a VPN service officially based in Singapore. However, as others have noted, there are many connections between Ivacy and PureVPN, which also ties into Gaditek, a company that appears to be running the show out of Pakistan.
For many years there have been rumors (and lots of evidence) connecting Ivacy to PureVPN. Finally, in March 2019, Ivacy admitted that PureVPN has “minor stakes” in Ivacy. (We’ll examine PureVPN more below.) To understand why this is concerning, just look into PureVPN.
[https://www.ivacy.com/]
7. Mullvad – A VPN in Sweden
Mullvad appears to be a decent VPN service out of Sweden, with a good reputation in the industry. It has good privacy and security features and also claims to be a no logs VPN service, with some minor caveats.
There are a few drawbacks with Sweden, however, with the 14 Eyes jurisdiction and troubling data retention policies.
https://mullvad.net/
8. Opera VPN – A proxy browser extension owned by a Chinese Consortium
Although Opera may have started out as a reputable browser built in Norway, it was sold to a giant Chinese consortium in 2016 for $600 million. Since then, Opera has been claiming to have a “free VPN” available through the browser. Problem is, this is technically not true: the “free VPN” is actually just a proxy server, which many people consider to be insecure.
As I covered in my discussion of free VPN services, Opera’s privacy policy explicitly states how they are collecting and sharing user data through their various products, including the browser and “free VPN”. As the saying goes, when something is free, you are the product. (Fortunately, there are many other secure browser alternatives to Opera.)
https://www.opera.com/computer/features/free-vpn
9. Private Internet Access – A verified “no logs” VPN based in the US, good performance
Private Internet Access is a decent VPN provider that I’ve found to have good speeds and security in recent testing. The big drawback with PIA, however, is that it’s based in the United States – a bad privacy jurisdiction. That being said, it is also a verified no logs VPN provider, with two separate legal cases confirming that PIA does not keep logs.
https://www.privateinternetaccess.com/
10. ProtonVPN – A VPN from ProtonMail
ProtonVPN is an interesting project from the people behind ProtonMail. Overall, it’s not a bad VPN, although it does have some shortcomings that I found in the ProtonVPN review: slow speeds, higher price, invasive signup process (with phone verification!), and limited support for cryptocurrency payments. While ProtonVPN regularly touts its Swiss credentials, ProtonMail itself has some interesting connections to the United States, as discussed in my review of ProtonVPN.
https://protonvpn.com/
11. PureVPN – A leaky and slow VPN, with a troubling history
In my review of PureVPN, I found lots of troubling issues, including DNS leaks, connection problems, faulty features, and slow speeds. PureVPN is also no stranger to controversy. As I explained in the PureVPN logs article, they were found to be logging customer data and providing it to US authorities, all while claiming to a be “zero log” VPN. There are also reports of PureVPN running various VPN review websites.
https://www.purevpn.com/
12. Surfshark – A newer VPN service based in the British Virgin Islands
Surfshark is a newer VPN service that seems to be getting lots of attention on various sites. It is a very cheap VPN service and is based in the British Virgin Islands, which is a good jurisdiction for privacy.
There have been many VPNs flooding onto the market in the past few years and I’m hesitant to recommend providers without an established track record and good history. Nonetheless, Surfshark does offer some interesting features, which I intend to test out more for an upcoming review.
13. TorGuard – A VPN in the US
TorGuard is a decent VPN service with good speeds and no logs, although it is based in the United States. If you need a VPN for torrenting, it might not be a bad option. TorGuard also offers dedicated IP addresses and is supposed to work with Netflix. The main drawback, of course, is the US jurisdiction.
Interestingly, in 2013, TorGuard underwent a corporate restructuring. They moved the parent company to Nevis, West Indies, effectively getting out of the US jurisdiction. However, today their Terms of Service states they again operate under US jurisdiction in the state of Florida.
14. TunnelBear – A limited free VPN, based in Canada, owned by McAfee
TunnelBear is basically a free trial VPN that gives you a 500 MB trial to test the service for free. Although TunnelBear is based in Canada (Five Eyes), it is now owned by McAfee, a large cybersecurity firm in the United States. This is yet another example of small VPNs getting purchased by large American companies. When I tested out TunnelBear for a review, I found it to have mediocre performance, and it is also pretty limited on features.
https://www.tunnelbear.com/
15. VPN Unlimited – A US-based VPN with some issues
VPN Unlimited is another US-based VPN service with some issues. While it has improved over the past few years, my latest tests identified IPv6 leaks with VPN Unlimited’s Mac OS app. Reading through the privacy policy, I also discovered the VPN Unlimited is collecting quite a bit of data. VPN Unlimited’s apps automatically log IP addresses, browser type, device type, time zone, and more. I also found the speeds to be fairly slow.
https://www.vpnunlimitedapp.com/
The importance of trust when choosing a VPN
When choosing the best VPN for your needs, one of the biggest factors to consider is trust. Trust is difficult to quantify or measure, but it’s very important. After all, a VPN can offer excellent privacy and security, but it could also be a data collection tool for rogue third parties (as is often the case with free VPN services).
Are US VPNs trustworthy?
VPN services based in the United States are generally not recommended for three main reasons:
- The United States has extensive (and powerful) surveillance programs allowing authorities to tap internet infrastructure for bulk data collection. These laws give the NSA tremendous power to snoop and record everything.
- The US government has a long history of working with (and forcing) private tech companies to facilitate mass surveillance and bulk data collection efforts – see the PRISM program.
- US VPN services could be served National Security Letters or other lawful data collection demands, while also being prohibited from disclosing anything to their customers through gag orders.
These laws and capabilities essentially give the US government the authority to compel a legitimate privacy-focused company to become a data collection tool for state agencies. If a VPN were to be compromised, it would likely happen behind closed doors, without a word (or warning) to the users. This was the case with Lavabit, and rather than comply with the data requests, the founder was basically forced to shut down the business.
These same practices are also unfolding in other countries, particularly the UK and Australia. There are also surveillance alliances between various governments for bulk data collection and sharing (see the 5/9/14 Eyes alliances).
What is the best VPN for privacy and security?
Any of the five VPNs recommended would be good choices for privacy and security because they have all been thoroughly tested and found to be secure (no leaks), while also offering strong encryption. Furthermore, the recommended VPNs in this guide are all located in safe privacy jurisdictions.
With that being said, there is one VPN service that stands out in terms of advanced privacy and security features, and that is Perfect Privacy.
Here are a few ways Perfect Privacy stands out from the crowd:
- Multi-hop cascades + NeuroRouting – Perfect Privacy gives you the ability to create multi-hop VPN cascades across up to four different servers in the network. This protects you against the possibility of a rogue data center logging traffic, targeted monitoring, and other threat scenarios. Additionally, the server-side NeuroRouting feature dynamically routes all traffic through multiple hops in the server network, and can be used with any device.
- TrackStop – TrackStop is another server-side feature that works with any device (no apps needed). It blocks 30,000+ tracking and advertisement domains, 45,000+ malware domains, 20,000+ phishing domains.
- Powerful leak protection – Perfect Privacy’s Windows and Mac OS apps offer three different levels for the kill switch, which I tested for the Perfect Privacy review.
While perfect privacy does very well with security and advanced privacy features, it’s not the best all-around VPN because it is rather expensive, somewhat complex, and does not work well with streaming sites, such as Netflix.
What is the best VPN for streaming?
Many people are turning to VPNs to access streaming content that is blocked or geo-restricted to certain areas. The best VPN for streaming is currently ExpressVPN. (See the ExpressVPN Netflix page for details.)
ExpressVPN works with a wide range of streaming services, including Netflix, BBC iPlayer, Hulu, and more. It has excellent performance and offers the best lineup of apps for all types of devices – from Android TV boxes to tablets, computers, routers, and phones. With ExpressVPN’s 24/7 live chat support, they can help you get everything setup correctly.
Below I’m streaming American Netflix from my location in Europe while connected to an ExpressVPN server in the United States:
In addition to Netflix, ExpressVPN is also an excellent VPN for Kodi streaming, wherever you are located.
Aside from unblocking content around the world, VPNs are also crucial for protecting yourself against ISP snooping and potential copyright issues when streaming from third party sites or when torrenting. (See also the best VPN for torrenting guide.)
How to optimize VPN speed and performance
How can you achieve the best VPN speed and performance?
If you are using a good VPN service, you shouldn’t notice a huge reduction in speed. Of course, the extra work that goes into encrypting your traffic across VPN servers will affect speed, but usually it’s not noticeable for regular browsing, especially if you’re using a nearby server.
Here are some tips for getting the best VPN performance:
- Use the closest server possible to your physical location. This generally reduces latency and improves performance.
- Choose the least crowded server or “recommended” server. Some VPNs help you select the best VPN server by showing server bandwidth loads or having “recommended” servers based on distance and loading, such as with ExpressVPN.
- Experiment with different VPN protocols. OpenVPN UDP offers the best mix of security and speed. Trying different VPN protocols and encryption options may help to find the best fit for your network.
- Consider antivirus and WiFi interference. Sometimes antivirus software or other WiFi networks may interfere with VPN speeds.
- Use a wired (ethernet) connection. Wired connections (with high-quality ethernet cables) generally provide faster and more consistent speeds than WiFi, and are also more secure than WiFi.
- Consider processing power. Processing power on your device may also be limiting speeds, especially if you are using a VPN router.
- Consider your operating system. I’ve found VPN speeds on Linux and Mac OS to generally be better than Windows. When using a VPN on Windows, sometimes the TAP adapter will interfere with speeds, as well as background processes/updates that take up bandwidth and processing power.
- Upgrade your internet connection. Your VPN will not be able to exceed the connection speed of your internet provider.
As you can see, there are many different factors affecting speed. Experimenting with these different variables will help you achieve the best VPN speeds possible.
Are VPNs safe and legal?
First we will address the issue of safety.
If you are using a good, reputable VPN service that effectively secures your traffic (no leaks), then yes, a VPN is safe to use. But therein lies the catch because there are many unsafe VPNs on the market, especially when it comes to free VPN services, which we will explain further below.
The next question: Are VPNs legal?
In general, the answer is yes, it is perfectly legal (and normal!) to use VPNs, even if you are in places like China where VPNs are restricted. VPNs are used every day by businesses and individuals throughout the world for basic privacy and security purposes. Businesses rely on VPN technology and encryption for security reasons and it would not make sense for this to ever become illegal.
That being said, China currently has a “ban” on non-approved VPN services that do not go along with state censorship requirements, as explained in the China VPN guide. The United Arab Emirates also has laws against people using VPNs to evade state censorship, but again, VPNs themselves are not illegal. (But of course, none of this is legal advice!)
What about FREE VPN services?
“When something is free, you are the product.”
This famous quote certainly holds true for “free” VPNs because you are likely paying for the service with your private data, which is sold to third parties.
Free VPN services will offer a free product that collects your data for profit. Here are five well-documented reasons showing why free VPN services are risky:
- Malware – Malware is often hidden in free VPN services to collect your data. One study found malware in 38% of free VPN apps for Android devices.
- Tracking – Tracking libraries hidden in free VPNs are also used for data collection. The popular Betternet free VPN app was found to contain 14 different tracking libraries.
- Third party access to your data – Everything you do through a free VPN could be provided to third parties – and many VPNs explicitly state this in their privacy policies. Hotspot Shield was publicly called out for doing this by the Center for Democracy and Technology.
- Browser hijacking – Some free VPNs have been found to hijack and redirect browsers to e-commerce sites, such as Alibaba and eBay, through partner networks.
- Traffic leaks – This is perhaps the greatest risk for people using a free VPN because it exposes your identity. One study found that 84% of free Android VPN apps leaked user data, thereby rendering the VPN useless.
As a safer alternative to free VPNs, there are also a few free trial VPN services that may be worth considering.
Is your internet provider spying on you?
Most likely, the answer is yes.
Your internet service provider is probably snooping the websites you visit, and also handing this information over to third parties and government agencies. This is perfectly legal in the United States, and in many countries, such as the UK and Australia, it is obligatory.
How is this being done?
It’s incredibly simple: through DNS requests. Whenever you visit a website, there is always a request to translate the URL into a specific IP address, which allows you to connect to the website. These translations are called DNS requests and they are normally sent unencrypted to your internet provider and can easily be logged, recorded, and passed off to anyone. (See DNS: Broken by Design.)
Solution: With a VPN, all of your DNS requests will be handled by the VPN server (not your internet provider) and they will be sent fully encrypted (rather than in clear text).
Even in countries where ISP spying is not “officially” being carried out, you can be sure that internet providers are snooping your activity to monitor for anything “suspicious” or potential violations of their Terms of Service.
Trends in privacy propel VPN usage worldwide
In just the last few years we’ve seen many unprecedented developments in the areas of corporate and government surveillance, which has fueled the use of VPNs throughout the world:
- USA – With legislation passed in March 2017, internet service providers in the United States can now legally record online browsing history and sell this data to third parties and advertisers. Government mass surveillance also continues unabated, regardless of which political party is in office. And with the abolishment of net neutrality, internet providers can now charge premiums based on what you’re up to online (unless a VPN is encrypting and anonymizing all your traffic).
- UK – Residents of the United Kingdom are having their online browsing history, calls, and text messages recorded for up to two years thanks to the Investigatory Powers Act. This private information is freely available to various government agencies and their global surveillance partners without a warrant.
- Australia – Australia has also recently implemented mandatory data retention laws, which require the collection of text messages, calls, and internet connection data. Australia is also working hard to force companies to provide backdoors to encryption, thereby giving government agencies the ability to hack devices and spy on their own residents. Online censorship is also a problem in Australia, just like in the UK.
Public-Private surveillance cooperation – Many large tech companies collect vast amounts of data through their products and services. While the data is often used for advertising, it can also be provided to government agencies (see the PRISM surveillance program).
The good news is that there are very effective solutions to these problems. You can protect yourself right now with a good VPN service and the other privacy tools, which will put you back in control of your data.
VPN Comparison Table
As a brief recap, the table below highlights the best VPN services for 2019 that meet the following criteria:
- Located in a good privacy jurisdiction (outside of 5/9/14 Eyes countries) to keep your data safe
- Passed all tests with no leaks found whatsoever (no IP address leaks or DNS leaks)
- Good performance throughout the server network (speed and reliability)
- High-quality VPN apps with all features working correctly
- Supports the OpenVPN protocol and strong encryption standards
- Offers a money-back guarantee (between 7 and 30 days)
- Trustworthy and well-established VPN provider with a good track record
Stay safe and secure online!
$6.67
(49% discount)
(30 day refund)
Review
(ExpressVPN)
$8.95
(7 day refund)
Review
(Perfect Privacy)
$3.49
(70% discount)
(30 day refund)
Review
(NordVPN)
$2.99
(30 day refund)
Review
(VPNArea)
$3.75
(7 day refund)
Review
(VPN.ac)
$3.75
(30 day refund)
Review
(VyprVPN)
$10.00
(7 day refund)
Review
(ZorroVPN)
Last updated and revised on August 23, 2019.
Comments are open. Please keep comments constructive and on topic to help other readers.
I just stopped using Perfect Privacy. Too often recently the connection would cut out or I would not be able to connect to a particular server(s) on the server list (I’m in Germany and could never connect with Frankfurt and only rarely with Erfurt). Also, not being able to access Netflix and other IP dependent streaming services – such as ITV – was a bummer.
Gonna try ExpressVPN for a few months to see what they’re like.
Would like to see this ranking for business VPNs. I myself have tried a few in the office and can say that nord with NordVPN Teams stands as a strong competitor, also with Perimeter 81. It’s an interesting topic so would love you hear what you have to say.
Hi Sven.
First thank you for your website, it has helped me a lot and I have learned many things with it. And I keep learning.
I am currently a VPN.AC user. What it has caught my attention are their policies, they are very clear and technically give concrete explanations. I think they provide solutions that I don’t know if they have any other VPN service.
In general, it is a good VPN service. Good speeds even with the double server jump. I have implemented the VPN on the router and through the computer I use the double jump, which makes it triple and the speeds are still good. The kill switch works perfectly and also allows you to stop the VPN service and not have an Internet connection. The kill switch works both when changing servers and if you stop your VPN service directly. I have not had service interruptions for months.
As for the daily connection log policies, I don’t think it’s a problem.
The company indicates that it is for safety reasons and work procedures and for the own VPN infrastructure. As they own everything (including servers in countries) I understand that they need some control over the system. Besides, I think it’s even good. It is true that there are companies that work with “marketing” to reassure a client by offering many things that personally make me doubt. There are many users who use paid VPN, and they don’t know what is behind them with respect to the loggs, and although they promise that they do not exist, putting reasons of speed, location of servers, I have reason to doubt … I think all VPN companies have some type of log (except Perfect privacy), such as determining the number of simultaneous connections.
Besides, they don’t have a tracking connection to Google or Facebook (indicated in their policies).
I also consider it important to be the owner of the entire infrastructure, including own servers. This makes exclusively they are those who handle the entire system, without third parties.
My attention is largely the work with own DNS servers. As they say, the privacy with a VPN depends of many things, and DNS requests are something that many people forget and it is no less important.
I have used several VPNs for several years: VYPRVPN, EXPRESS VPN, PERFECT PRIVACY and VPN.AC. Everyone has their good and less good things and there is no perfect VPN. There are very good things about some that do not have others, but I prefer to use PERFECT PRIVACY or VPN.AC.
I apologize if there is a mistake in making the comments, I would like to be told it.
Thank you.
Hi Taylor. Thank you very much for excellent job and tremendously useful article!
Eduardas
Hi Sven,
Love your website and your work. I am seriously going to buy some Bitcoin so I can donate to you.
I’d like your comments on the newest VPN and Email service: Unspyable.com
The things that they write about seem great but are they a NSA front? I guess you wouldn’t know. Any comments on have on Unspyable would be greatly appreciated.
Thx
Hi, I have never heard of it before, but I’d generally separate email from VPN for compartmentalization reasons. Under that site’s news/updates section, there hasn’t been anything posted since 2017.
Hello Steve, I have been using Surf Shark for several days. Supposedly does a lot for security and privacy and the servers are very fast in my opinion. So far, I am thrilled. Although I’m skeptical about new VPN, but it is recommended everywhere, even by independent, on Reedit there is a discussion and they are also excited. However, the app makes some problems with Windows 10 Spring Update. Sometimes it just hangs, does not react at all, and then it’s back after 2 minutes. Although I had to shoot it completely once, because it completely hung up. In my eyes Promising VPN. Let’s see what else they can think of.
Do you think chaning VPN across different countries is BETTER done in VM or better done on VPN routers made by different companies?
also, with TOR as the endpoint and multi chained VPN behind it, if TOR is compramised, they would just see your last VPN, and then need to go to your next vpn etc this seems like the best approach as far as I can tell.
I would still like to hear your thoughts on Qubes OS with Whoonix and TOR as a less exploitable surface than VPN chain due to virtualization compartmentalization
1. Do you think no log vpn’s are being targeted by the NSA or other groups? is not that a major liablity for a spying agency? aka going after large hardware purchases and inserting code or bad hardware?
2. Can a no log VPN have an upstream provider that has different policies? Can a no log VPN lie about where the server actually is and have your info pass through a 5 eyes country first before routed to your “safe” swiss location ?
3. Does the diversity of TOR nodes and guards dwarf the security of the few no log VPN that accept bitcoin?
I really can’t say for certain with any of these questions.
1. Not sure, we can only guess.
2. I can’t say for certain on this either. Perhaps certain data centers in specific jurisdictions have issues, but if this is really a concern, you could utilize a multi-hop VPN and/or chain different VPN services. But for the vast majority of people, a standard (single hop) VPN will offer more than enough protection (but this depends on your threat model).
3. There have been numerous issues that have come up over the years raising questions about just how much anonymity Tor offers. Read this. For the truly paranoid, I still recommend chaining different VPN services across different jurisdictions using Linux VMs.
I would like to ask a meta-question about VPNs
I like and use a few of your top picks.
I recently argued with a secuirty professional about the security of VPNs, he argued that something like Qubes OS with whoonix/tor, is far more secure way to protect your real ip than a VPN. His claim was that virtualization of Qubes os and the non-business model of TOR is more secure than a VPN business that could give up your information if pressured or hacked. What are your thoughts?
Do we have a lot of cases of the best VPN’s in the best countires giving up customer information by court order, or are there enough cases of VPN companies not having any data to actually give (no log etc) ?
It is hard to argue with the idea that a VPN can see everything you are doing online and you are basically trusting them in a way Qubes/whoonix/tor would not require.
After thoroughly researching Tor, I have my doubts, many red flags:
https://restoreprivacy.com/tor/
Recent news, also illustrating Tor de-anonymization work going all the way back to 2012:
https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/
With VPNs, yes, there are also risks and examples of VPNs giving up logs. But there are also examples of verified no logs VPN providers that have passed real-world tests:
https://restoreprivacy.com/no-logs-vpn/
Add CryptoSTorm!!!
CryptoStorm is run (or was founded?) by Douglas Spink:
1) Spink was accused of running an illegal “farm” where people engaged in “animal cruelty” acts (sources here, here, and here).
2) Spink was busted for smuggling millions of dollars worth of cocaine. While others in the ring received 17-year sentences, Spink got off with a “lenient, three-year sentence because of his extensive cooperation with investigators.” Key words here: extensive cooperation.
For years there have been rumors this “cooperation” entailed giving authorities backdoor access to CryptoStorm, but again, who knows for sure.
hello sven
I never recommend surfshark.
surfshark collects ip addresses from your computer and other devices from websites.
And collect various error reports. (Metadata Risks)
When you use our app, we may collect advertising identifiers – unique, user-resettable IDs for advertising, – surfshark privacy policy
And they also collect cookies.
This policy is dangerous.
Hi,
You can use OpenVpn client in that case
Sven,
I don’t know if you want to hear this, but you should be made aware.
Using the privacy extensions you recommend, I visited the home pages of the VPNs you recommend and found that all except VPN.ac and ZorroVPN have at least one tracking connection to Google. Some have other connections also. ExpressVPN also has a connection to Facebook. If these companies are serious about privacy, they should not have tracking connections. Is there an explanation for why they would do this?
Hi Anonymous, yeah this is a fine line to walk, and I personally understand both sides. There are a few sides to this issue:
VPNs need to acquire customers, sell subscriptions, and pay the bills. To do that effectively with a website, you need to see how people are interacting with the site, how people are getting to the site, etc. While we all dislike Google and it’s anti-privacy practices, 95% of the world still uses Google search, which makes Google Ads very important for acquiring customers (for many VPNs). Without Google Analytics, one cannot see if money spent on Google Ads is working. It’s a complete shot in the dark – hope it works out kind of a situation. Of course, it’d be great for sites companies to quit using Google Ads, and also drop Google Analytics, but we’re not there yet…
On the topic of analytics: a site that has broken pages, errors, or is not written well will have a high bounce rate. If you don’t have analytics, it makes improving a site nearly impossible. You have no idea what articles are getting the most traffic (and are the most important to your readers) and what you should ignore.
On the other hand, you could be like ZorroVPN or VPN.ac and build a simple, basic website that looks the exact same for years and never changes, updates, or improves. This makes it much more challenging to understand how people are interacting with your content and what’s important to them (which should be updated and accurate).
I’m not taking sides here, but it’s a fine line to walk.
Simple solution: Use a script blocker, and/or ad blocker that also blocks trackers, and you won’t have anything to worry about.
just trying Protonvpn trial, and for the record, they got great speeds, same datacenter as airvpn, again around 100Mbps, fast also with double hop. The windows and android clients are very very nice, fast to log in and don’t drop connections, don’t leak that much:
– leaks during user’s configuration change, you need to stop connection to make some changes, weird but it’s one time and can be controlled
– leaks during VPN server change (which is quite fast, but even 100ms is enough for GMS to connect to Google and add your real IP to their unique_ip list)
– no leaks on connection change
– routing messup, packets not coming back will make app stuck & “connected” while there’s no connectivity.. -> restart wifi router to spice it up and it won’t switch to mobile while wifi is already off, -> set wifi back and it will leak via wifi while still stuck
Isn’t it funny that only “Block connections without VPN” works these days…
Still this as a reminder where airvpn needs to improve because it’s even worse on Android: opensource Openvpn client is slow and leaks in every possible situation (at boot, during connection change, during VPN server change or simply by system apps like Download manager), while eddie for android is, while new, a total mess (chaotic UI, long boot leak, boot connect not possible via login, nonstop connection drops, with no other leaks at least). PC and router clients perfect with no leaks there.
I consider using protonmail on mobile device due to 2 less leaks. I’m not having big expectation on android devs grasping the programming logic, but If there’s really leakproof android VPN client/service, i’m interested.
airvpn = many configurations for 8 platforms, port forwarding with custom dns, many target ports, via ssl/tor, privacy focus and fantastic speeds (always maxing out 100Mbps possible by WRT3200ACM router, even more when turn on local PC Eddie and forward traffic via WAN).
but still underrated by all comparisons.
Dear Sir,
How would you rate Mullvad please?
Thanks,
Koen
I added a section on other VPN providers above.
Hi, Sven. I’ve found this VPN service: [https://thesafety.us/vpn]
For some reason, it’s super expensive! Although I couldn’t find where are they from. Also, wheather it’s justifiably expensive from what they offer, I don’t know. What do you think?
What do you think about RiseUp VPN?
It’s based in the US, so it doesn’t meet the criteria. See also here and here.
Hi all, I’m considering to get a VPN to torrent some obscure film that is generally unavailable to the public and/or unavailable to purchase. However my upload and download speed is mediocre, sitting at just 2Mb and 15Mb (may dip to below 10Mb) respectively. I live in SEA, if that helps.
Should get NordVPN, VPNac, or Zorro?
VPN.ac might be a good option: fast speeds, servers in Seattle, torrenting friendly…
Sven, You’re the best. Thanks for all this. I’d welcome your thoughts though on VPN and email. I recently signed up for Nord, using Firefox and that worked fine. On my iPhone as well. BUT… it totally screwed up my email (Thunderbird sending gmail). They kept telling me to change my outgoing smtp port from 25 to 465, except it always was 465. I also tried others. Nothing seemed to work and no one at Nord seemed to care enough to help me find a solution. Any ideas? Or, do you know of a service that doesn’t screw up emails and/or has customer service help that really helps? Many thanks/ LN
Yes this can be an issue sometimes with VPNs putting in measures to prevent bulk spam email campaigns, which blacklists the VPN’s IP addresses. So you might want to research this with the different providers and the email client you’re using. I know this is an issue with many VPNs and some address it differently than others.
I saw a nortonvpn card in some random store, do you think this vpn service is trustable?
Not sure, but in general cybersecurity companies do not have the best track records with privacy, see here.
Hi Sven, I read your thoughts and I am now trying to choose between ExpressVPN and vpn.ac. I had a IVPN account for about one year, they were ok, but I want to move on as they are too expensive and also as you mention just „ok“ – no netflix, no browser add-on and ok speeds for Germany. On the positive side I can say there were flawless with a lot of updates among this year. However, everywhere you look for a vpn review you can find ExpressVPN as the total leader and I am not sure if they pay their way in to be on the top or are they that good. Does it worth the price difference (ExprssVPN vs. vpn.ac)? You tested both, so I would relate my question in terms of speed and „feeling of anonymity“. Because vpn.ac logs, but they say they keep only check in and out times and data volume – and only for one day.
Would you consider moving from IVPN to one of your recomended VPNs an improvement (you mentioned you have also tested IVPN)? Thank you
Yes, ExpressVPN is the best all-around VPN in my opinion: excellent speeds (verified with the recent review update), 24/7 Netflix access, very secure apps, support for all devices and operating systems, verified no logs provider, and quite reliable. VPN.ac is also a great option, and even though they don’t advertise it, they do support American Netflix. VPN.ac is also a good value at only $3.75 with the two-year plan. IVPN is also a good provider from everything I’ve seen, although lacking a bit in some areas as you pointed out.
If you’re on the fence about switching, you can get a cheap one-week trial for $2 on the VPN.ac website (see FAQ page). ExpressVPN also offers a 30-day refund window, no questions asked.
Sebastian,
You should read the VPN.ac legal stuff. I like the site and what they seem to provide, but the TOS is a bit hard to digest.
Policy is very broad and basically renders VPN.ac service useless by prohibiting legit VPN use cases.
EG: (couple tos violations)
–
* Transmit any copyrighted, trademark, or patented content
–
service is unusable as worded, too many legit and legal reasons to mention which would fall under this violation
–
* Use P2P programs on other VPN Nodes than those where we allow it
–
peer-to-peer is attractive for many uses other than BitTorrent and many emerging software and services could be considered P2P
–
Regards,
JN
Johnny, nearly every VPN has a clause in their TOS saying “don’t torrent copyrighted material on our servers.”
Why? Because when they inevitably get DMCA takedown notices and threats from data centers, they can say “Well, we don’t allow copyright infringement, it’s right here in our Terms.” Meanwhile, I know for a fact that VPN.ac does not close accounts for torrenting copyrighted material.
Thank you both for the reply. I think when it comes to sharing copyright material and torrenting illegal stuff nobody will encourage the use of their service :-). I was interested in speeds and non leaking apps on the long run. Sometimes they put you on the right server with very good speeds during the test phase and then, after signing up it all goes down (it happened to me with some providers). I was happy with IVPN, but now I‘m also thinking about trying US-Netflix. And also using just a browser extension which will for sure use less memory on the computer. I’ve asked about vpn.ac because not long ago I saw a strange review about them. Somebody wrote on his site he used some servers in Asia, checked the IP and got IPs from Europe or something like that. I am just speculating, maybe it was just intended to discourage the use of the service. BTW Sven, please take a look at Surfshark if you have the time. It‘s the new kid in town and I think many of us would like to hear some unbiased opinions about it (I am sure your readers have a lot of questions and doubts). Once again thank you very much for your answers and your privacy blog
VPN.ac does not use any virtual locations, so the servers are located where they are advertised, you can test this.
Just an afterthought…. I noticed the “Simple Privacy Setup’ recommendation at the bottom of this site.
Banner in itself, but could you – when time allows – give a stepped up version of this?
Something like a 2nd tier and 3rd tier? What I mean is a bumped up security/privacy version, and then as the 3rd tier (what you would consider) an ultra security/privacy version? Hope that makes sense.
Would come in handy and informative to those folks who are non-Geek like me! 🙂
Cheers again from Canada
Thanks George, I’ll keep that in mind.
Hmmmm…. Days have gone by without anyone having “an opinion” about what you wrote? Hmmmm.
(Sven, I think this a good sign. Looks like you nailed the facts and were right on the money.)
Personally, I’ll be giving VPN.ac a go. Though 5th on your rating, I like the tone & timber on how you have reviewed them. No big marketing splash, dedicated techies, Mac compliant, a solid jurisdiction… how can one resist!!! 🙂 Just my humble feedback.
Cheers, George from Canada
Hey George, two things regarding comments. When I closed comments a month or so ago (due to comment spam) it erased all old comments, but now comments are open again. Second is that Google seems to have updated an algorithm recently (June 2019 core update) and the site traffic has gone down quite a bit, and most visitors arrive here through search traffic. Oh well, I’m sure it will pick back up over time.
LOL There’s true irony in that, IMO! Your site is the BEST I’ve come across re Google alternatives……….. yet……….. you depend on the bulk of your traffic/searches thereon? Ironic in the extreme!!! 😉 Hope the traffic picks up soonest!!! Cheers, eh!