Hacker News new | comments | show | ask | jobs | submit login
What country has the best privacy laws to connect to a VPN in?
11 points by gtf21 on Nov 30, 2016 | hide | past | web | favorite | 7 comments
The Snoopers' Charter passed into law here in the UK, and now ISPs will be compelled to keep internet connection records, which will be made available to a shocking number of agencies.

For some time, I've been meaning to route my traffic via a VPN to a different European country, but with Switzerland voting to weaken its privacy laws, I'm unsure to which country I should route my traffic.

So my question is: which countries make the most sense to have a VPN in from a privacy perspective (also taking into account the available VPN services there - I'm not hosting my own)?

You may be surprised, but the United States may be one of your contenders.

I recommend Private Internet Access [0], which what I use as my VPN service.

Ultimately, it's about trust, and it is very difficult to determine which services ensure your privacy and which ones might sell your history or cooperate with prying governments.

[0]: https://privateinternetaccess.com

US is a contender as long as you're willing to fight the US government in court, and you'd likely have to. The law may ultimately be on your side, but that doesn't mean the US government won't try to drop the hammer hard on you if they really want your data. They know most of the small companies and even some of the big ones scare easily, so the aggressive attitude is well worth it for them, even if they know they're doing unconstitutional data requests.

Switzerland and Germany are probably the best right now, although Switzerland recently passed a surveillance law, too, but I'm not sure how it affects VPNs. Germany has a privacy-friendly Constitution and resides within the EU, which also has strong privacy laws. However, Germany is also trying to limit privacy rights, so this may be a little unpredictable right now. Germans usually tend to care more about privacy so they may fight this, though.



More than anything I would recommend a "zero-knowledge" approach, so use the strongest and most ephemeral VPN encryption and generally try to discard user-related data as soon as you get it. And put it all in your ToS/Privacy Policy so that it's legally harder to lie to your customers when you're forced to not do that anymore.

Go with the Eastern Europe, language barriers will keep international cooperation between agencies to a minimum, no matter what kind of local privacy laws they have. And they only 50 ms away from the UK.

Language barriers are hardly a problem with things like Interpol or the EU itself. Maybe you want to keep going East... or not.

My VPN gateway of choice is currently in Dublin. It's close, with good infrastructure, and not in 5 Eyes. Don't know about legislation but I don't do anything nefarious, just making a point against Snooper's Charter.

Nefarious or not, given the UK police's propensity to attack any and all critics (e.g. the Lawrence family, Baroness Jones), I'd rather have some legislative protection from state overreach.

The Scandinavian countries have a good reputation for legal protections on privacy. I can't comment on whether they actually live up to that reputation.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact