I missed this.
In my previous reply, I point out that PG says VPNs can protect one from “anti-piracy orgs” and “oppressive regimes”. This is misleading:
- Anti-piracy orgs, such as the MPAA, rely on govt legislatures & law enforcement? How can a VPN, under govt mandates, in a jurisdiction that cooperates with other govts, protect anyone?
- Oppressive regimes sounds like a clever way to avoid mentioning there’s no such legal framework where PG recommend VPNs operate?
Both those points are misleading. Also, as @anon6848291 says, why do folks want to hide traffic from their ISP in the first place (torrenting for example)? In most, if not all regions, the govt mandates ISPs report illicit activity. If VPNs (or their partners worldwide) now are mandated to do the same thing … what’s the point of PG only going on and on about “protects you from ISPs”? I find it misleading.
If jurisdiction isn’t important, why mention “Proton is based in Switzerland” / “Mullvad is Swedish” / “iVPN is registered in Gibraltar”…? The fact that these providers have network partners worldwide subject to respective local laws, and the fact that there’s not much visibility into the agreements between them.
Also, the min criteria for VPNs explicitly calls out “secret logging”, as mentioned before.
Edit: Are e2ee messengers, storage services, and email providers required to meet the “no secret backdoor” criteria? I don’t see such a requirement, presently. Better yet, as @anon6848291 says in this thread, reproducibility & attestation should be table stakes if govt mandates are already in place (like in the UK).