- A consumer trust initiative has been formed by the i2Coalition, promoting standard practices in the VPN field.
- Already, the “VPN Trust Initiative” counts fifteen members, and more are expected to join soon.
- The set of principles goes wide and deep, which makes the VTI badge more important and valuable.
Fifteen VPN vendors who put privacy, security, and transparent user data handling policies above all else, have launched the “VPN Trust Initiative” (VTI), which is meant to help establish and promote a set of standard practices.
The initiative is supported by the i2Coalition, a non-profit organization that promotes consumer safety and privacy online. The launch announcement comes with a set of five key principle areas that concern security, privacy, disclosure and transparency, social responsibility, and advertising practices.
More specifically, the VTI members and everyone who aspires to become one must adopt the following practices:
- Suspend compromised authenticators in the event of a security incident
- Use token-based authentication when possible
- Never store usernames and passwords in plain text
- Help prevent keys from being shared between users
- Use clear and transparent language
- Never claim VPNs guarantee anonymity – VPNs provide privacy but cannot ensure complete anonymity because user behavior could hint at or reveal the user’s identity
- Say what they log, why they log it, and how long they keep the logs
- Notify users of a potential data breach or security incident within a reasonable timeframe
- Be transparent about any disclosure of data to third parties
- Disclose how data is used, and what other business units and/or third parties have access to data and why
- Publish annual transparency reports
- Provide user data only upon legitimate and valid court-ordered legal requests
support public education around VPNs and with truthful information
- Contribute to VPN technology, including open source initiatives
- Promote VPN technology to support freedom of expression
The 15 initial members of the VTI are the following:
- Golden Flog
- Hide me
- IP Vanish VPN
- Ivacy VPN
- Mysterium Network
- Net Protect
- Strong VPN
This is an effort to promote “good” practices in the industry, as well as a way for consumers to know what products they can trust. VPN tools that carry the VTI badge will have an advantage in the market, as this is a sign they can be trusted.
That said, we expect more VPN vendors to join the initiative as members soon, especially those who don’t have to change a lot in their operations to comply with the VTI principles.