I’m looking for any updates from this 2017 story: There was an official complaint from CDT to the Federal Trade Commission on HotSpot Shield “having undisclosed data sharing and traffic redirection practices” (CDT Files Complaint with the FTC on Hotspot Shield VPN - Center for Democracy and Technology).
Did HotSpot ever respond to this? Did the FTC make any investigation on that front? Seems like this story just got forgotten.
I’m not expecting HotSpot to have any kind of redemption after this story and regain the full trust of the community, but it’s still a very popular (free) VPN. Are there any proof or at least show of good faith that they changed their practices since then? Or is it just that people are willing to share their data for a free VPN ?
Wasn’t HotSpot using clients as exit nodes of the network or something?
I genuinely tried searching for this, but DDG and StartPage are just returning “reviews”.
edit: That was Hola VPN by Luminati. Pango is suspicious but I don’t think any of their brands have done that.
Haven’t seen anything like this in my research. Hotspot Shield is a real pain to look up though since it’s so generically named 
Yes sorry, I confused them with Hola. I edited my above message.
Yeah, Pango also owns Kaspersky it seems, which had its boatload of bad press as well and is currently banned in the US (the antivrus, not the VPN).
I’m currently doing some research that includes Hotspot Shield VPN.
I couldn’t find much follow up from the FTC regarding the 2017 CDT accusations so far, but I did find that the parent company (AnchorFree) denied it, and an article about a vulnerability reported in 2018 that could expose users’ locations and WiFi network names.
In case this helps:
-
CEO denied accusations from ZDNet: Privacy group accuses Hotspot Shield of snooping on web traffic
-
Spokesperson replied to Ars Technica: FTC must scrutinize Hotspot Shield over alleged traffic interception, group says
-
Vulnerability reported in 2018 from ZDNet: A flaw in Hotspot Shield can expose VPN users, locations
-
Interesting reporting about it from IAPP in 2018: Privacy Violations by free VPN service providers
-
A more recent reference to it from Engadget in 2025: VPNs are booming in the UK after age restriction laws, but free options carry big risks
-
The full CDT-submitted complain downloadable here: CDT’s Complaint to the FTC on Hotspot Shield VPN
Hey! Thanks for the added info!
- My biggest issue with HotSpot/AnchorFree is they only answered to the official CDT complaint with blanket statement to journalists who directly asked them to comment. Why not have a proper public statement on their website saying they don’t agree with the CDT complaint if that is their position. They have a slightly more direct answer to the 2018 bug, fine, but again, not on their website. For me, this is in the intent of trying to not bring additional attention to that matter and hope it gets forgotten (I’m glad it still resurfaces in 2025 hehe!).
- The second biggest issue is their website statement ( Free VPN Download - #1 Truly Free VPN | Hotspot Shield. ) VS their privacy policy ( Hotspot Shield and Privacy Policy ). I’m not law expert, but these two statements seem pretty contradictory.
I’d love to hear more about any of your findings!
Indeed, I completely agree.