The primary role of any VPN is to keep your private data safe. This technology has the power to make you genuinely anonymous online, but only if used right. With this said, there’s always the question of whether you can trust any Web service not to store your personal data.
Many VPNs out there claim not to collect any of your data. You’ll see alluring marketing messages that you’ll be safe online, with no records of your online actives. However, this isn’t always true, and in many times there’s a catch that you must be incredibly persistent in finding.
In this article, we’re going to inspect a hugely popular VPN named Hotspot Shield. This VPN heavily promotes its no-logs policy and claims that no one will be able to trace your online whereabouts. And since it’s used by 650 million users, these claims must be true, right? Well, let’s find out!
Jurisdiction and applicable laws
Let’s start with the basics. When choosing a VPN service, it’s imperative to know where it comes from. This has further implications, as VPNs must respect the laws of their home countries. This also includes laws related to data logging and data retention.
Hotspot Shield is based in Redwood City, California. You probably already know about the USA and this country’s mass surveillance. As revealed by Edward Snowden, this country has been incredibly intrusive in the past, collecting data far and wide. These days, Internet Service Providers and telecom operators are more than willing to share their data with the US government.
In terms of VPNs, the US has strict data retention laws. In case of a criminal investigation, business entities are obliged and often forced to hand over data. This doesn’t put Hotspot Shield in a good position, and it’s natural to wonder if it keeps logs.
In terms of VPNs, three types of data can be stored. This applies to specific actions you take while buying a subscription, using the chosen VPN, and visiting its website for customer support purposes. With this said, we’ll go over all three of these data types.
Information collected via sign-up
While signing up for Hotspot Shield, you’ll be asked for your payment information. This includes your first and last name, payment card number, email address, and more. There are different payment methods available. You can choose from credit cards or PayPal, and you can pay via Apple App Store or Google Play Store which already have your data.
Hotspot Shield doesn’t force you to register your account. And when it comes to making payments, they are processed by third-parties and not by Hotspot Shield itself.
Here, the question is this – can someone know that you’re paying for a VPN subscription? Yes, someone can find that information, but that’s not something VPNs can hide (unless you pay via Bitcoin, cash, or gift cards). We can conclude that Hotspot Shield isn’t doing anything suspicious in this aspect.
Information collected via usage
Each time you launch Hotspot Shield (even before you connect to a server), plenty of information is collected. This includes hardware-specific information, like the unique ID, OS version, language, network information, your location, and more.
When you connect to a VPN server, your IP address is collected. However, Hotspot Shield claims that this information is encrypted and deleted after you disconnect. It is unusual for a VPN to log your ‘true’ IP address, which is certainly suspicious.
Hotspot Shield can also be used free of charge. This version of the VPN is supported by ads, which means you’ll see advertisements provided by this VPN’s sponsors. For this to happen, your IP address is collected, along with your device’s advertising ID, IMEI, MAC address, wireless carrier, location, and more. What’s alarming is that advertisers can read your IP address even if you’re not connected to one of Hotspot Shield’s servers.
Information collected via website
Each time you visit Hotspot Shield’s website, this VPN service will collect a wide range of information. This is done by placing cookies, beacons, and similar technologies. Your IP address is logged, along with your device-specific information, location, OS version, Web browser type, language, ISP name, and mobile network names.
Hotspot Shield claims that any information collected is never associated with your account or online usage, no matter if you have a VPN connection enabled or not.
In 2017, the Center for Democracy & Technology filed a report which led to an investigation by the Federal Trade Commission. The announcement brought numerous accusations against Hotspot Shield, aimed at the VPN’s claims not to collect your data.
As per the report, Hotspot Shield is actively monitoring users’ browsing habits. Furthermore, this VPN has been accused of supplying (and probably selling) their users’ data to advertisers, promising to point to users who frequently visit “travel, retail, business, and finance websites.”
In the end, it’s your call if you’ll trust Hotspot Shield’s claims or not. However, our strong advice would be to take a look at more privacy-friendly alternatives. You already know that your private data is of the highest value in today’s digital world, so don’t take it for granted.