Hotspot Shield accused of snooping on VPN users and selling data to advertisers

Share

Written by

An internationally popular free VPN service, Hotspot Shield, intercepts user traffic and collects substantial data on users that contradict’s the company’s promise to offer complete anonymity, according to a 14-page complaint filed Monday by the Center for Democracy and Technology.

The accusations filed with the Federal Trade Commission says Hotspot Shield has “undisclosed data sharing and traffic redirection practices” that violate its promise to users. Privacy is an issue across the entire VPN landscape: The small but profitable software projects hold immense power over millions of users, many of whom do not know important details about the products.

Researchers from CDT and Carnegie Mellon say that, in contrast to the product’s public promises, Hotspot Shield’s privacy policy outlines data logging that may include user location, IP address, unique device identifiers and browsing information in order to work with advertisers. Furthermore, the company is accused of redirecting traffic to domains from advertising partners. Finally, some sensitive data is transmitted unencrypted by Hotspot Shield, risking leaks and attacks.

“People often use VPNs because they do not trust the network they’re connected to, but they think less about whether they can trust the VPN service itself,” Michelle De Mooy, Director of CDT’s Privacy & Data Project, said in a statement. “For many internet users, it’s difficult to fully understand what VPNs are doing with their browsing data. That makes clear and accurate disclosures and practices essential.”

Hotspot Shield’s parent company, the Swiss-American tech firm AnchorFree, did not respond to a request for comment or questions about whether it has ever undergone an independent security audit. As with most VPNs, the answer appears to be a resounding no.

Hotspot Shield is on of the many free VPNs that dot the top of mobile app stores. Popular in large part due to the price point, free VPNs are often looked at suspiciously by security experts because the underlying finances suggest that many free VPNs are snooping on and selling data, often without permission, in order to reach profitability. Put more simply: How do you pay for servers if the product is free?

VPN usage notably rose following the latest U.S. presidential election. Within the last month, Russia and China took steps to ban VPN usage in their own countries as a way to more thoroughly control the internet within their own borders.

-In this Story-

Hotspot Shield, VPN
Continue to CyberScoop.com