As a tech journalist, I’ve been looking into VPNs for a long time. When I joined Consumer Reports full-time in January, I was excited about digging in even deeper.
Consumer Reports partnered with Digital Lab fellow professor Roya Ensafi and her team from the University of Michigan, using the VPNalyzer test suite they developed to screen 51 VPNs running on Windows 10. We then conducted a comparative privacy and security evaluation of 16 VPNs, guided by the Digital Standard.
Our testing team, led by Steve Blair, looked for security misconfigurations and leaks, dug into whether strong controls are implemented by default, and scoured privacy policies and other documentation. And we looked for markers of quality: VPNs that are open source, public about their ownership, have public third-party security audits, support the modern WireGuard protocol, and accurately present their services and underlying technology.
Today, we’re releasing the full technical report of this comprehensive review.
We also have three companion stories about the poor privacy and security practices and hyperbolic claims that we found, the three VPNs that did best in our testing, and some guidance on whether you should use a VPN at all.
Please reach out to me if you have any feedback at firstname.lastname@example.org.