AnchorFree’s Hotspot Shield is one of the most widely used Virtual Private Networks (VPNs) around.
When the Arab Spring uprisings happened in 2010-2011, Hotspot Shield was celebrated as a weapon for democracy, allowing protesters to bypass government censorship and organize resistance.
Now, the VPN has more than 650 million users across the world. Yet despite this popularity, there are questions about how safe Hotspot Shield is for everyday users. Because of this, we’ve put together a survey of exactly how secure Hotspot Shield really is.
What security features does Hotspot Shield offer?
When answering the question of whether Hotspot Shield is safe, the first place to look is in the VPN’s list of specifications. We won’t stop there, of course, but it provides a good base for understanding HotSpot Shield’s security and privacy features. So here’s a quick summary.
Hotspot Shield’s marketing information unambiguously states that the VPN has a no logging policy, keeping no record of the sites you visit.
The Hotspot Shield kill switch is an essential tool that shuts your internet connection off if you are disconnected from the VPN server. That way, you can minimize the risk of IP address leakage and retain your anonymity.
Hotspot Shield isn’t open about exactly what style of encryption it uses, but this probably refers to 256-bit AES encryption – the gold standard for everyday VPNs.
Enhanced leak protection
Hotspot Shield doesn’t just encrypt data, it also actively prevents IP address leaks via the browser’s Web Real-Time Communication (WebRTC) functionality.
Those are all handy security features, but they don’t mark Hotspot Shield as exceptionally secure. And they may well be counterbalanced by some worrying aspects.
Potential problems associated with Hotspot Shield
Hotspot Shield is a US-based VPN
The United States has stringent copyright laws, which may make torrenters think twice before giving this VPN a try. And knowledge of the NSA’s surveillance capabilities may put off those who are hunting the highest privacy standards.
Hotspot Shield doesn’t offer anonymous payments
These transactions are becoming increasingly popular among VPN fans, as they are almost completely anonymous. With HotSpot Shield, your options are limited to PayPal and mainstream credit cards.
It is important to note that Hotspot Shield has denied any wrong-doing. Also, the shady practices were reportedly limited to the free Android VPN, which is funded by advertising.
HotSpot Shield is very clear here, stating that any IP data is erased immediately after VPN sessions, and it keeps zero logs of online activity.
The provider admits it must collect some personal information when computers or mobile phones connect to the VPN, but this is limited to information such as the type of device and OS being used or the unique Mobile ID. So that’s nothing too serious. Moreover, the VPN also admits that personal data is shared routinely with advertisers (although this doesn’t apply to Premium users).
All this information isn’t exactly evidence that Hotspot Shield is unsafe. But it’s slightly concerning nonetheless, and it’s definitely worth bearing in mind when comparing the VPN to competitors.
Has Hotspot Shield been implicated in government surveillance?
We know that Hotspot Shield has been accused of shady information sharing practices, but has it been linked to governments around the world? That would be ironic given the VPN’s admirable record during the Arab Spring. And there isn’t much evidence that the VPN shares information with governments.
To reiterate: accusations against Hotspot Shield leveled by CSIRO and the US-based Center for Democracy & Technology deal with systems that collect information which is then sold to advertisers.
However, this doesn’t put the VPN in the clear where governments are concerned. As the CDT’s Michelle de Mooy said in 2017, “They are sharing sensitive information with third-party advertisers and exposing users’ data to leaks or outside attacks.”
And that’s surely the bottom line when asking is Hotspot Shield safe? As the CDT complains, the free version of Hotspot Shield featured five separate third-party tracking libraries while disclosing information such as IMEI numbers, MAC addresses, and SSID/BSSID network identities.
If a government wanted to harvest this information, which was being provided to all sorts of third-party advertisers, it wouldn’t be that hard.
Conclusion: is Hotspot Shield VPN safe, or should you look elsewhere?
Hotspot Shield remains a very successful VPN provider, but since the Arab Spring protests, its reputation has suffered. Few people now see it as a beacon of progress and openness. In fact, many experts argue that the free version does more harm than good.
That doesn’t apply to the Premium packages, as far as we know. As with many VPNs, the answer to “is Hotspot Shield VPN safe?” varies depending on what tier you use. But when one version is compromised deceptively, it tends to taint the rest of a company’s products.