Private Internet Access Review

Private Internet Access has announced plans to sell out to Kape Technologies. Kape was formerly named Crossrider and has a history or producing malware and adware. You can read more in my article on PIA, Kape, and Crossrider.

Private Internet Access (PIA) is one of the biggest VPN services on the market, with a long track record going back many years.

While it is affordable and has good performance, it also comes with some drawbacks that we’ll cover in detail below.

In this Private Internet Access review, we will go in-depth to examine all aspects of the service and test its performance and security.

Private Internet Access Overview

Here is a brief overview of the test results and research findings for this PIA review:

Pros of Private Internet Access:

1. Good speeds throughout server network
2. Secure apps (no leaks identified in testing)
3. Good privacy and security features, including ad blocking
4. Tested and proven no logs VPN provider
5. Updated, user-friendly apps
6. Great prices

Cons of Private Internet Access:

1. Based in the United States (bad privacy jurisdiction; five eyes)
2. The CTO of PIA is Mark Karpeles, a convicted criminal involved in the infamous Mt. Gox collapse and Bitcoin heist.

Additional research findings:

• PIA is owned by London Trust Media (Denver, Colorado)
• Smaller server network; no virtual server locations identified
• Does PIA work well for torrenting? (Yes)
• Does PIA work well with streaming Netflix? (No)
• PIA support tests

Private Internet Access Pros

1. Good speed test results

I ran Private Internet Access through dozens of speed tests for this review, and the results were pretty good. For all speed tests, I used the OpenVPN protocol with 256-bit AES encryption. My baseline connection speed was approximate 150 Mbps download (10 Mbps upload) and my physical testing location was Germany.

Nearby PIA servers (Europe)

First, I tested nearby PIA servers in Western Europe. Here I’m pulling about 85 Mbps with a PIA server in Austria.

Next up was Sweden at about 74 Mbps:

And finally I ran some tests with servers in the UK where I was getting about 65 Mbps.

These are pretty decent speeds for nearby servers, although not quite as fast as ExpressVPN, which gave me over 90 Mbps with all nearby servers.

Long distance servers (United States and Canada)

I also ran some speed tests for Private Internet Access servers in the United States and Canada. Once again, speeds were pretty good, although certainly not the fastest I’ve tested. Note that slower speeds are to be expected due to the longer distance and higher latency.

First up was a PIA server in Chicago, where my download speed was about 67 Mbps:

Next up was Denver where I was getting about 55 Mbps.

And finally, I also tested a Private Internet Access server in New York, which gave me about 63 Mbps:

Speed tests were similar for PIA servers in Montreal and Toronto.

Overall the speed tests were pretty good, although PIA does not offer the performance of some of the other VPNs I’ve tested, such as ExpressVPN.

2. PIA has secure VPN apps (no leaks identified)

Private Internet Access also performed well in all security and privacy tests. I ran both the Windows and Mac OS clients through VPN tests and checks to identify leaks or broken features.

Here I’m testing the PIA Windows client for leaks while connected to a server in Sweden. You can see that there were no leaks to be found, with my real IPv6 address being blocked (PIA does not support IPv6).

I also tested the PIA Mac OS client and found it to be secure and without leaks. Although I’m not sure I would consider PIA to be one of the best VPNs for Mac, it may still be a decent choice for Mac users.

PIA also implements a good kill switch with their VPN apps, which will block traffic if the VPN connection drops for any reason. This ensures all traffic remains encrypted and protected by the VPN tunnel.

The PIA kill switch has three levels:

1. Off: does not block any traffic
2. Auto: blocks outside traffic when the VPN is on
3. Always: Also blocks all traffic when the VPN is off

In testing out the kill switch with various interruptions, everything appeared to work well.

If you are using PIA, I’d recommend setting the VPN killswitch to “Always” mode. If you have the killswitch on Auto, and your Windows machine wakes up from sleep, traffic will not be blocked, even if the VPN client is running. With “Always” selected, however, all non-VPN traffic is effectively blocked.

Overall, PIA does very well in terms of security. Both the Windows and Mac OS VPN clients effectively block traffic, keep your data safe, and have leak protection features that work well.

3. Good privacy and security features, including ad blocking

Despite being a basic VPN service, Private Internet Access still offers some good privacy and security features.

In addition to the multi-level kill switch we discussed above, PIA also provides:

• Various data encryption options
• An ad blocking feature called PIA MACE

Being able to adjust your encryption settings is useful for optimizing performance and configuring the VPN to your unique privacy and security needs. As you can see with the PIA app I was testing below, you have the ability to modify:

1. Data Encryption (from AES-128 to AES-256)
2. Data Authentication (enabled if you are using the AES-CBC cipher)
3. Handshake (RSA and ECC)

PIA MAC ad blocker

Another good feature offered by PIA is the ad blocker, which they call PIA MACE.

PIA MACE blocks domains for advertisements, trackers, and malware. Unlike some other ad blocker options, PIA MACE does not have the ability to white list certain domains, or adjust the filter settings. It is simply On or Off.

While some ad blocker is better than no ad blocker, I would not recommend using PIA MAC as your primary ad blocker. When I tested different VPN ad blockers, I found that PIA’s ad blocker did not block as many domains as other options. Using a large list of advertising and malware domains (from various public sources), PIA MACE only blocked:

• 28% of advertising domains
• 37% of malware domains

In terms of VPN ad blockers, NordVPN and Perfect Privacy performed better than PIA, while PureVPN and CyberGhost performed the worst.

Overall, PIA does well in terms of security and privacy features, even if the ad blocker is not very robust.

4. PIA is a tested and proven “no logs” VPN provider

Many VPN services claim to be “no logs” – but few have actually been tested and/or verified.

Private Internet Access is one of the few verified no logs VPN services that has survived real-world tests. There were two separate court cases where Private Internet Access was subpoenaed for data logs, but they could not provide any information.

The first court case occurred in 2016 when the FBI demanded logs concerning a PIA user who had allegedly been making bomb threats. As discussed in official court records, the only information PIA was able to provide was a cluster of VPN IP addresses that were allegedly used for the crime:

A subpoena was sent to London Trust Media [Private Internet Access] and the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States.

The second court case occurred in June 2018, when US authorities again demanded data logs for a criminal investigation. Once again, however, PIA was not able to provide any data on the accused VPN user:

John Allan Arsenault, general counsel for London Trust Media, a VPN company, testified about how many VPN companies, including his, intentionally don’t retain logs of internet activity of their clients so that they cannot be produced in response to subpoenas from law enforcement or others. London Trust Media operates the brand Private Internet Access (PIA), which owns several IP addresses used to hack Embarcadero Media.

Private Internet Access does not log user activity, such as what files they accessed or changes they made to a website.

While PIA has not undergone an audit to verify their “no logs” policies, such as with NordVPN and VyprVPN, these two court cases certainly validate their claims.

Court cases are indeed a good test to verify logging claims. After all, a court case involving an alleged cyberstalker revealed that PureVPN had been logging customer data and handing it over to US authorities, despite claiming to be a “no logs” VPN service.

You can read their privacy policy for more info.

5. Updated and user-friendly VPN apps

The new PIA VPN apps that I tested for this review are a huge improvement over the old versions. In addition to looking good, the updated VPN apps I tested are user-friendly, customizable, and well designed.

Below you can see the PIA Windows client which expands or collapses to reveal more settings and options. Here is the collapsed version displaying basic connection info:

In addition to all the features we covered above, the new PIA VPN client also has:

• Light and dark modes (dark mode pictured above)
• Settings to launch VPN client on system startup
• Connect on launch settings
• Different language settings
• Customizable DNS options
• Port forwarding

I tested version 1.1.1 for this PIA review and consider this a large improvement over the previous design.

6. PIA has great prices (and an average refund policy)

Private Internet Access has always been among the the best cheap VPN services on the market, with very affordable prices.

PIA offers three basic pricing tiers on their website:

In March 2019, PIA updated their pricing and subscription plans, with the two-year rate going from $2.91 per month up to $3.49. They explained the reasoning for the price increase on their website as follows:

This price increase will allow us the ability to provide you with new features without sacrificing security or privacy.  Visible changes include the new look of our Desktop application as well as the increase of our device limit from 5 to 10.

The price increases are probably a good thing for the long-term sustainability of the VPN service. When a VPN’s prices get too cheap, the service usually suffers in terms of features, updates, support, and network (speed) issues.

Increasing the connections from 5 to 10 is also a good justification for increasing prices. Another VPN that offers 10 connections is IPVanish, but it’s still quite a bit more expensive than PIA.

Anonymous payment options

Another benefit of PIA is that they support many different anonymous payment options. These include various cryptocurrencies as well as gift cards, which can be purchased anonymously with cash.

PIA is one of the best options if you want to pay for your VPN anonymously. PIA is not a VPN with a free trial, but they do offer a refund window.

PIA refund policy

Private Internet Access describes their refund policy on their website as follows:

If you are less than 100% satisfied with the PrivateInternetAccess VPN service, we will gladly refund your payment if the refund is requested within seven (7) days from the date of the initial purchase (not including upgrades, manual or automatic renewals). Requests made later than the 7 day purchase date window will be denied.

A seven day refund policy is about average for the VPN industry. I have also seen complaints on the PIA reddit forum about users who were denied refunds on auto-renewal subscriptions they forgot about.

There are certainly better refund policies out there, such as with ExpressVPN, which offers a full 30 day money-back guarantee, no questions asked. NordVPN also offers a 30 day money-back guarantee, as well as a free trial (described on the NordVPN coupon page).

Private Internet Access Cons

Now that we’ve covered some of the pros of PIA, we’ll look at the cons.

1. Based in the United States (bad privacy jurisdiction)

While Private Internet Access does well in many areas, one major drawback is the jurisdiction.

PIA is based in the United States, which is a member of the five eyes surveillance alliance. Here are a few reasons why the US is not a very good jurisdiction:

1. The US government can legally force businesses to secretly log customer data and provide this to authorities. Additionally, authorities can also issue gag orders, thereby prohibiting the business from alerting its customers to privacy violations (see National Security Letters).
2. Various branches of the US government have broad authority to carry out mass surveillance on all internet communications.
3. Many tech companies are working with the US government for the collection and sharing of private data (see the PRISM program). (See the case of Lavabit, which was forced to shut down for not cooperating with the US government.)

These topics are also important when choosing a good VPN for USA to avoid risks.

How important is jurisdiction?

Ultimately, the answer is that it depends on your unique needs and threat model, which you should consider when selecting the best VPN service for your needs. Many people disagree about the importance of jurisdiction, and the answer is not entirely clear, simply because we cannot see what’s going on behind the scenes.

On a positive note, however, PIA is a verified no logs VPN provider, as we discussed above. Therefore they should not have any data which would be available to authorities anyway. Nonetheless, as a business operating in the United States, PIA is still obligated to comply with all US laws, regulations, and court orders – or shut down like Lavabit in 2013.

2. Mark Karpeles (of Mt. Gox fame) is the CTO of PIA

For reasons that are not entirely clear, some of the higher-ups at Private Internet Access decided to hire Mark Karpeles as the CTO (Chief Technology Officer) in April 2018.

To understand why this was upsetting to many PIA users, we’ll just take a quick look at Mark Karpeles.

Mark Karpeles was running Mt. Gox in 2014 when it suddenly collapsed, with millions of dollars in Bitcoins disappearing. Karpeles was subsequently arrested in Japan and charged with fraud and embezzlement. As to where all the Bitcoins that were stored at Mt. Gox ended up, nobody seems to know:

650,000 bitcoins remain unaccounted for as a result of the Mt. Gox hack. A number of online theories have been developed as to where the missing coins are. Some have suggested that Mt. Gox never had the amount of coins that it claimed, and that Karpelés had manipulated the numbers to make it appear that Mt. Gox held more bitcoin than it in fact held.

In March 2019, Karpeles was found guilty of tampering with financial records in a Japanese court:

Mark Karpeles, a central figure in the early days of Bitcoin who presided over the dramatic 2014 collapse of the world’s biggest cryptocurrency exchange, was found guilty of tampering with financial records but will likely avoid jail time after receiving a suspended sentence.

The former Mt. Gox chief executive officer sometimes mixed his personal finances with those of the exchange and fiddled with its accounts, apparently to hide the fact that the platform had lost money to hackers, the Tokyo District Court said on Friday. The court cleared Karpeles of embezzlement charges, concluding that the 33-year-old Frenchman had acted without ill intent.

Karpeles, who wore a dark suit in court and bowed to the judge before his sentence was handed down, wasn’t on trial for the mysterious disappearance of Bitcoins that led to Mt. Gox’s implosion. He was given a 2 1/2 year suspended sentence, which he won’t have to serve unless he commits another violation within four years.

“The charge of electronic record tampering is true and deserves punishment, but there’s no criminal evidence of embezzlement,” the court said in its verdict. It blamed Karpeles for “massive harm to the trust of his users,” saying “there is no excuse for the defendant, who is an engineer with expert knowledge, to abuse his status and authority to perform clever criminal acts.”

Due to the controversy that erupted in various forums after Karpeles joined PIA, Andrew Lee (co-founder of PIA) wrote a blog post where he explained his reasoning. The post discusses “Mistakes, Forgiveness and Human Progress” – but that may not be enough for PIA users who trust the company with securing their private data.

Choosing a VPN is all about trust. With this in mind, hiring Karpeles was probably not the best idea, especially now that he is a convicted criminal.

Additional research findings:

Below are additional findings from my research of PIA for this review.

PIA and London Trust Media (background info)

PIA is owned by a company called London Trust Media, Inc. Despite the name, it’s an American company that appears to be located in Denver, Colorado, based on public records:

The receipt for my subscription of PIA also confirmed the location of London Trust Media being in Denver.

In addition to Private Internet Access, London Trust Media also owns Linux Journal, IRC.com, freenode, and a variety of other brands.

Private Internet Access server network

Private Internet Access currently has about 3,300 servers in 32 countries.

This isn’t quite as large as some other VPN providers, but the speed test results were still pretty good.

I ran a few tests to look for virtual server locations, where the advertised location does not match up with the true physical location of the server. Everything checked out and it does not appear that PIA uses any virtual server locations.

The majority of PIA’s servers are in the United States, which likely reflects their user base. If you want a VPN with more server locations around the world, ExpressVPN or perhaps NordVPN may be worth considering.

Does PIA work well for torrenting? (Yes)

PIA may also be a good choice if you need a safe VPN for torrenting. Here are three reasons why:

1. No logs
2. Good speeds
3. Port forwarding option

As PIA describes on their website, the port forwarding feature may be beneficial if you are looking to optimize torrenting performance.

Port forwarding is available in the Windows, Mac OS, and Android VPN clients. To use port forwarding, you need to enable the option in the advanced settings area, and then connect to one of the PIA servers that support port forwarding.

One drawback for torrenting is (once again) the US jurisdiction. The US has very strict copyright violation laws (DMCA) and many large media companies that go after people for copyright infringement. Using a VPN in an offshore jurisdiction may be safer, as they would not need to comply with copyright infringement laws or deal with DMCA issues.

Does PIA work with Netflix? (Not for me)

Many people want to use a VPN with Netflix, especially those living abroad who want to stream American Netflix.

Unfortunately, it does not appear that Private Internet Access is a good VPN for Netflix. I tested a few different servers in the US and was blocked out:

Private Internet Access may get through with some servers, but certainly not the ones I tried to use. It is not the best VPN for Netflix by a long shot. Consider using alternatives.

It’s also important to note that the Netflix VPN issue is always a cat and mouse game that continues to evolve. Even though I could not access Netflix with Private Internet Access, there may be a few servers in the network that are getting through (but I gave up). Two of the best VPNs for Netflix are NordVPN and ExpressVPN.

PIA support tests

Private Internet Access offers email (ticket) support. Unfortunately, there is no option for live chat at this time.

I tested out PIA’s support department with a few random questions. My email inquiries were all handled on the same day. One was even sent on a Saturday, which I was expecting to be delayed due to the weekend, but I heard back within a few hours.

In past reviews, PIA did very poorly in the support category. My questions and refund request went many days without reply. Since that time, PIA has overhauled their support department and it shows with the improved response times.

UPDATE: One drawback was with the refund, which took about two weeks!

Private Internet Access review conclusion

Private Internet Access has made huge improvements since the last time I reviewed their service. In the last review, support was abysmal, speeds were very mediocre, and their reddit forum was flooded with angry customers demanding refunds. Since then, a lot has changed:

• PIA speeds are now better
• PIA’s updated apps are a big improvement over the old design
• The kill switch and leak protection features work very well
• Support is responsive and helpful (much better than last year)

If you are looking for a basic cheap VPN service that offers good performance and security, Private Internet Access may be a good fit. Although the jurisdiction in the United States is a drawback, PIA is a verified no logs VPN provider with a good track record.

To get the best deal on PIA, check out the 65% discount on two-year plans.

If you’re open to alternatives, I’ve reviewed many of the best VPN services available and there are many different options to consider.

If you have used Private Internet Access (PIA), feel free to share your review below.

---