The UK’s Investigatory Powers Bill, colloquially known as the “Snooper’s Charter”, has completed its parliamentary procedure and is set to become law before the end of this year.
It’s up to Brits to take their privacy into their own hands, now. The best means of fighting against the Snooper’s Charter is to employ a VPN. Short for virtual private network, a VPN encrypts the internet traffic traveling to and from a device and then routes it through an intermediary server in a location of the user’s choosing.
ISPs and the government cannot see the final destination of a VPN user’s web traffic–only that their data is being sent to a remote server. The contents are hidden as well thanks to encryption.
But even that might not be enough to prevent British authorities from monitoring your online activity. The VPN should also be logless, meaning it stores no record of user activity, their IP address, or any other identifying information. British users should also avoid VPNs based in the UK, as they will be susceptible to government demands for information.
Finally, even though the traffic is encrypted and its destination is hidden, an ISP could still detect whether a VPN is being used. This might not be an issue, but if it is, then a VPN with some sort of obfuscation feature is necessary. Obfuscation, in regards to VPNs, means the encrypted traffic is “obscured” to look like normal, un-encrypted traffic.
After some thorough testing, we settled on the best-performing VPNs and feature them below. We get into lots of details, but in case you only have time for a summary, here is our list of the best VPNs that protect you from the Snooper’s Charter:
-
- ExpressVPN Our top choice. Operates out of the British Virgin Islands and doesn’t log any identifying information. Fast servers with strong security and privacy protections built into the apps. Includes 30-day money back guarantee.
- NordVPN Veteran budget provider with thousands of servers located around the world. Double-hop VPN routing through Tor available.
- AirVPN Some of the strongest protections and security achievable, but be prepared for manual configuration.
- IPVanish Strong security and reliable performance. Bypasses Snooper’s Charter but subject to US laws.
- LiquidVPN Also based in the US. Strong protections include a canary warrant on their website.
- StrongVPN Offers a lot of port and encryption customization to achieve the desired levels of protection. Servers and connections are reliable.
The best VPNs that thwart the snooper’s charter
To make the search for a suitable VPN easier, we’ve compiled a list of the best VPNs to thwart the snooper’s charter. It’s based on the following criteria:
- No logs containing identifying information are stored on company servers
- Strong encryption
- Not based in the UK (and preferably not the US)
- DNS leak protection
- Dynamic, shared IPs
- Bonus points for obfuscation features
1. ExpressVPN
Apps Available:
- PC
- Mac
- IOS
- Android
- Linux
Website: www.ExpressVPN.com
Money-back guarantee: 30 DAYS
ExpressVPN is based in the British Virgin Islands, outside the jurisdiction of UK law. By default, all connections are established using a 256-bit encrypted OpenVPN protocol, which is as strong as it gets. ExpressVPN logs some diagnostic information, but not any activity or identifying information. That includes dates (not times), choice of server location, and the total amount of data transferred per day. It does not log the contents of internet traffic or users’ IP addresses. DNS leak protection can be toggled on in the settings. ExpressVPN is also great for unblocking US Netflix and Hulu, and it allows torrenting. No obfuscation features are included.
Pros:
- Best-in-class encryption makes for solid security and privacy
- Complete privacy – no logs of personal data kept
- Both split-include and split-exclude possible with the desktop apps
- Very good speeds
- Easy to use and set up with apps for a multitude of platforms
- Live chat customer support – 24/7
Cons:
- Only permits 3 simultaneous connections
BEST VPN FOR THE SNOOPER'S CHARTER:ExpressVPN is our #1 Choice. It has a vast server network that is optimized for high-speed connections. User-friendly apps for all operating systems. Hard to beat on privacy and security. There is a 30-day no-quibbles money-back guarantee so you can try it risk-free.
Read our full review of ExpressVPN.
2. NordVPN
Apps Available:
- PC
- Mac
- IOS
- Android
- Linux
- FireTV
Website: www.NordVPN.com
Money-back guarantee: 30 DAYS
NordVPN offers some powerful security and anonymity features for those who feel a normal VPN just isn’t good enough. That includes a “double hop” VPN, which feeds traffic through two VPN servers, and Tor over VPN, which directs traffic through the Tor Network after exiting the VPN server. OpenVPN encrypted with a 256-bit algorithm uses 2,048-bit SSL keys. NordVPN boasts a true zero-logs policy, meaning it stores absolutely no information about individual connections. The provider is based in Panama, beyond the scope of UK laws. NordVPN supports an obfuscation tool called Obfsproxy, but it must be set up manually with a third-party app.
Pros:
- Offers secure, encrypted connections at all times
- Major emphasis on security and privacy
- Enjoy complete anonymity with no logs and cryptocurrency payments
- Fast and reliable downloading and streaming speeds
- Connect 6 devices concurrently
Cons:
- Unable to select which server you want to connect to
BEST BUDGET VPN:NordVPN is great value. A real contender in all categories, has strong security features and allows up to 6 devices to be used simultaneously from one account. Includes a 30-day money back guarantee.
Read our full review of NordVPN.
3. AirVPN
Apps Available:
- PC
- Mac
- IOS
- Android
- Linux
Website: www.airvpn.com
Money-back guarantee: 30 days
Despite being far from intuitive to use and offering a poor user experience AirVPN is the cream of the crop when it comes to security features on a VPN app. OpenVPN over SSH and SSL are both supported. A kill switch, DNS leak protection, DNS routing, and port forwarding are built-in options. AirVPN only uses the OpenVPN protocol, which is 256-bit encrypted. No traffic or connection logs are recorded. AirVPN is based in Italy, so while subject to some EU regulations, it is not in the jurisdiction of the Snooper’s Charter.
Pros:
- Highly configurable, works well with Tor and even has a Linux app
- Has no monitoring nor logging of your online activities
- Accepts Bitcoin
- Based in Italy, outside of the 5-eye jurisdictions
Cons:
- Support mainly comprises of community-based forums
SOLID PRIVACY:AirVPN is for the security conscious. A community run VPN network that places security and privacy concerns over ease of use. Works well with Tor but be prepared for manually tweaking parameters to get it working right.
Stay tuned for our full review of AirVPN.
4. IPVanish
Apps Available:
- PC
- Mac
- IOS
- Android
- Linux
Website: www.IPVanish.com
Money-back guarantee: 30 DAYS
IPVanish leverages 256-bit AES encryption, and most servers support our preferred OpenVPN protocol. The company does not log any personally identifiable information. The Windows and Mac apps allow users to specify how often their IP address changes for greater anonymity. A “scramble” disguises packets to make them look normal and un-encrypted so ISPs will have a hard time detecting that the VPN is being used. The company is based in the United States, which might put off some users wary of the NSA and FBI. The Snooper’s Charter does not put US companies under any obligation to divulge information, though.
Pros:
- AES-256 encryption, kill switch and no logging policy
- Scramble obfuscation toggle helps get around bandwidth throttling
- Easy to use apps for Windows MacOS, iOS, and Android
- DNS leak protection and IPv6 leak protection built in
Cons:
- No live customer support, email and ticket support only
FAST AND RELIABLE:IPVanish has a large network of servers. Uncongested network achieves good speeds. Strong security and privacy features. Could do with having live customer support. 7-day money back guarantee.
Read our full review of IPVanish.
5. LiquidVPN
Apps Available:
- PC
- Mac
- IOS
- Android
- Linux
Money-back guarantee: 7 Day
LiquidVPN allows users to choose from three “topologies”, or types of IP addresses: private static IP, shared dynamic IP, or modulating IP. The modulating option changes your IP address every time you connect to a different web server, making it extremely difficult to trace. Connections use 256-bit encryption and the OpenVPN protocol. The Liquid Lock feature functions as a kill switch while also preventing DNS and WebRTC leaks. Users can select from 10 different ports to use, and LiquidVPN is one of the few providers to use perfect forward secrecy. Like IPVanish, the company is based in the United States, but LiquidVPN maintains a warrant canary on its website. LiquidVPN doesn’t store any identifying info, but it does record your last VPN logged into, the total number of logins, and bandwidth used.
Pros:
- Has top-notch security features, including a modulating IP address option
- The apps are intuitive and easy to use
- Fast download speeds
Cons:
- Based in the US and is subject to their data laws
- No live support
GREAT SPEEDS:US-based LiquidVPN offers robust security features. Easy-to-use apps. Could do with having more servers and lacks live support. 7-day money back guarantee.
Read our full review of LiquidVPN.
6. StrongVPN
Apps Available:
- PC
- Mac
- IOS
- Android
- Linux
Website: www.StrongVPN.com
Money-back guarantee: 30 DAYS
StrongVPN doesn’t support OpenVPN on all servers, but it supports 256-bit encryption on those that do. A kill switch prevents unencrypted traffic from leaking to your ISP should the connection drop. The scramble feature obfuscates traffic to avoid detection as a VPN. The port list can be edited to allow or disallow traffic to and from specific apps. The service is completely logless. All IP addresses are dynamic and shared, making it difficult to trace any activity to an individual user.
Pros:
- No logs policy protects your privacy
- Reputable for bypassing censorship restrictions
- High-grade encryption and authentication settings
Cons:
- Some users might find minimalist design limiting
- We found customer support to be somewhat lacking
- Few server locations available
MOST RELIABLE:StrongVPN confidently overcomes geo-blocking. Reliable network of servers in APAC. Good on privacy and they retain no internet browsing logs. Ample security. Manual configuration can challenge some users. 45-day money back guarantee.
Read our full StrongVPN review.
VPNs to avoid
HideMyAss
HMA, a VPN provider based in the UK, has gotten into hot water in the past for divulging customer information that led to the arrest of one its users, a member of hacking collective LulzSec.
Free VPNs
In general, don’t use free VPNs. They often mine your data, sell that data to advertisers, and then inject ads into your browser. Furthermore, most cap data and bandwidth. If you must use a free VPN, check out our list of the more reputable options.
What is the Investigatory Powers Bill?
The bill, criticized by both privacy and human rights advocates, imposes new regulations on British internet service providers and expands the authority of British intelligence agencies. Advocates argue the bill is necessary to fight terrorism.
The Snooper’s Charter consists of five key components:
- ISPs must keep a record of every subscriber’s web history for up to 12 months, data that is accessible to several government agencies
- The GCQH can utilize bulk data collection on the personal assets of of people not accused of wrongdoing, but whose data was gathered from the large number of devices in a targeted area
- Companies must decrypt data on demand
- Companies must notify the government before new security features are launched
- Intelligence agencies like the GCQH may hack into the devices of citizens
No matter how the bill is justified, it will undermine the right to privacy for British citizens. Even if the new regulations have good intentions, no one can guarantee a hacker won’t gain access to ISP records or the collected bulk data. Just a single person with access to that data could steal and/or abuse it on a whim.
Do UK citizens support the Snooper’s Charter?
In a survey of 1,000 Brits commissioned by Comparitech in August, 60 percent of respondents said the government should be able to monitor mass communications. Nearly half agreed that national security is more important than individual rights. Only one in five completely disagreed with the practice.
Terrorism and criminal activity were the two most oft-cited scenarios in which the government should be allowed to exercise such powers, the survey takers said. Nearly half of respondents said they think the government snoops on their data, while nearly 40 percent said they don’t know.
Two months after that survey was conducted, Comparitech commissioned a second survey. This one came just after the Investigatory Powers Tribunal ruled bulk data collection by UK Government agencies GCHQ and MI5 over a 17-year period to be illegal. Survey takers were asked similar questions
Now knowing that the government collected their data illegally, the disposition of respondents dramatically shifted. 70 percent thought the UK government should delete all personal data it has acquired through illegal means. Only 23 percent were in favor supported bulk data collection, down from 60 percent in the previous survey.
Now that the Investigatory Powers Bill legalizes the same sorts of data collection, will the tide turn yet again in its favor?
Why not just use Tor?
You can absolutely use Tor in lieu of a VPN to encrypt and anonymize your online activity. Tor is a free an excellent resource.
But Tor has some limitations. Using Tor, even for innocuous purposes, is enough to draw attention from ISPs and law enforcement. Tor is often used to engage in criminal activity, so even connecting to the Tor network can draw attention.
Tor is also slow. It’s run by a network of volunteer nodes around the world. Streaming video or downloading torrents will be a tedious endeavor and puts undue strain on the Tor network.
Finally, Tor doesn’t work with all web pages and apps. Some sites might block connections from Tor exit nodes.
Tor might be sufficient for some people, but a VPN overcomes all of these problems. You can always combine the two as well: connect to a VPN and use the Tor browser to access the web.
Is the VPN of Avast any good?
Which of these features are missing:
No logs containing identifying information are stored on company servers
Strong encryption
Not based in the UK (and preferably not the US)
DNS leak protection
Dynamic, shared IPs
Bonus points for obfuscation features
If you are technically inclined you can roll-your-own excellent VPN using a cheap DigitalOcean or AWS instance and the open-source VPN service Streisand. It’s a really excellent service.
A Fascist Regime
That is quite a good idea, though AWS and DO will both ban you for torrenting, and respond to requests for data. If the governent continues down this path, VPNs that respect your privacy will be illegal in 10 years or so and will start getting blocked. The only long term way of restoring our internet freedom is through political action. A couple of redditors https://gitter.im/Digital-Rights-Trust/Lobby
… have started a group with the express purpose of getting RIPA repealed. Also, these guys: https://www.reddit.com/r/pushback/ , these guys: https://www.reddit.com/r/SurveillanceUK/ and of course the Open Rights Group: https://www.openrightsgroup.org/ .If we don’t stop the Snoopers Charter then
There Is No Future
Just goes to show you need to do your research and not blindly believe a VPN will guarantee your privacy.
Pretty much no commercial VPN provider supports IPv6 DNS servers. Most of them just block IPv6 altogether and route all requests through IPv4. If you’re worried about IPv6 leaks then just disable IPv6 on your device.