Let’s get one thing out of the way - nobody likes reading walls of text. So, is it any wonder that legal texts such as Privacy Policies and the dreaded Terms of Service (ToS) go unread? After all, "I agree to the Terms and Conditions" isn’t named "the biggest lie on the Internet" for no reason.
We’re not going to pester you about reading all of those because that would be physically and mentally exhausting. In fact, a 2008 study estimated that the time it would take the average person to read a year’s worth of Privacy Policies was about 76 workdays. We're sure that this number has only grown since then, especially with every website nagging you with their cookie and data collection policies nowadays.
But if there’s just one set of ToS you should read in your lifetime, it would be the one for your Virtual Private Network (VPN). Here’s why – starting with something that directly concerns your data.
1. Your Online Data Is at Stake
If you use a VPN, it’s safe to say you care about your online privacy a bit more than the average person. You know; the "I have nothing to hide" crowd, whose argument was destroyed a few years ago by Edward Snowden:
"Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say."
In any case, the VPN Terms and Conditions should contain their data-logging policy. Ideally, you’d choose a "no-logs" VPN – meaning the provider doesn’t keep any data about you as your Internet Service Provider would.
Why is this such an important issue? Well, large telecoms were recently investigated by the FTC for selling their users’ browsing and location data to advertisers. Choosing a "no logs" VPN provider simply ensures they don’t do the same to you without risking a class action lawsuit and bankruptcy.
Obviously, there is still some basic information they require from you. This information allows you to:
- Access and pay for the service
- Use features such as customer support
- Request a refund
- Reset your password
Their ToS also makes it clear how they and their partners (e.g., payment processors) handle that information. It’s a complex subject, but you can learn more about it here.
Of course, just because these providers don’t log anything about you doesn’t give you free rein for illegal activities using their platform.
2. VPN Providers Won't Protect You from the Law
For the record, we don’t condone illegal torrenting (i.e., piracy), but we do understand why it tends to happen in less affluent countries. Sometimes it’s the only way people in those areas can gain access to educational materials (like college e-books), software, and other media.
That said, there are VPN providers out there who have dedicated torrenting servers. Obviously, their ToS mentions that they don’t approve anything illegal, meaning you should stick to legal torrenting. If you want to have a good relationship with your provider, it’s best to heed the VPN's Terms and Conditions.
After all, no company would go against the authorities and risk their business going under just to protect a few of their users. They usually specify that users take full responsibility for utilizing their service for copyright infringement and other illegal activities, or if anything else goes wrong while you use their service. You can find these clauses under “Indemnification” or similar-sounding sections in the ToS.
Now, VPNs are still necessary for torrenting even if what you’re downloading is perfectly legal. For example, hotels and other public Wi-Fi providers might not allow torrenting and they kick you off their network if you try to do that. No refunds.
3. You Could Lose Money
Many providers want you to have the best experience while using their products. On the other hand, you can’t exactly please everybody, so most will offer money-back guarantees for first-time users and conditions to get a refund if the service is not to their liking.
All these are detailed in the VPN Terms and Conditions, so it’s a good idea to know what you can and can’t do to be eligible for your refund. Sure, there are some providers who will give you your money back, no questions asked (usually within 30 days).
For others, there might be some limitations in place to prevent abuse of their service:
- A data cap – say, you can use up to 50 GB of data, after which you will be ineligible for your refund.
- Hours of usage – same situation, but after a set amount of time (e.g., 100 hours).
Other details that might be covered include:
- Whether you can receive a refund if you purchased a subscription from a reseller (e.g., Amazon, BestBuy, etc.). In this case, the provider will refer you to the reseller’s ToS and their own refund policy.
- Whether you can be refunded if you subscribed using gift cards or prepaid cards. Usually, this is not possible - but just in case it is, reading the ToS is to your benefit!
4. You Might Not Be Allowed to Use Their Service
It may be worth noting that some providers have limits regarding who can use their VPN, and they make this clear in the ToS. For instance, ExpressVPN and NordVPN disallow the use of their service by people under eighteen. ProtonVPN can be used by people over thirteen, with younger children needing parental consent to open an account. NordVPN also prohibits usage by business competitors.
While the NordVPN competitor situation makes sense from a business standpoint, not allowing minors to use a VPN can seem a tad strange. Don’t they deserve the right to data privacy just as much as anyone else? This is pure speculation, but there are a couple of possible reasons:
- It might interfere with parental control software and government legislation regarding adult-oriented content on the Internet (such as gambling sites). Children may use a VPN to bypass certain website blocking techniques, so the company would rather not risk a lawsuit in that respect.
- In the US, the CARD act prevents people under the age of 21 from signing up for a credit card. Those over eighteen need to prove they can pay for it, or have a legal co-signer to obtain one. Other countries may have similar legislation in place. Adding a clause against minors using their service may protect the VPN company from lawsuit-happy parents if their child uses their credit card to pay for the service.
Whatever the explanation is, going against such rules may lead to your account being suspended. Yes, even if you were a shining example of a "good user."
5. Your Account Could Be Terminated for Sharing
To expand on the previous point, the VPN Terms and Conditions also mention whether you can share your account with somebody else.
Sure, the marketing text on a provider’s website might say you can use it on up to X different devices at the same time. This is useful if you need to switch between a PC and a mobile device and still need to access some geo-blocked content. Or if you simply want to maintain your privacy and online security no matter the device you use.
Just note that this may only apply to devices in your own household. That means uncle Joe from upstate might not be able to hitch your account to watch Netflix. Make sure to read any such clauses carefully, or you could lose access to your VPN account.
6. Your Provider's Jurisdiction Could Hurt Your Privacy
As much as VPN providers want to put their customers first, they still have to follow the laws of their home country. That’s why their ToS usually includes details about their jurisdiction. It may be a good idea to research their privacy laws beforehand - unless the provider already offers some key information about it.
One example of things to look for is data retention laws (if any). Countries with data retention laws make it difficult for VPNs to operate on a no-logs policy. Though, to be fair, that’s not entirely impossible.
Similarly, you should be wary of jurisdictions that are involved with global surveillance programs like the infamous “Five Eyes” countries, for instance, and especially the US, among those. Research these countries’ privacy laws well to make sure your provider’s no-logs policies are legitimate.
If the VPNs are based in one of the 5/9/14 eyes countries, it's a good idea to check if an independent cybersecurity firm has audited them. It’s just an extra layer of trust between you and your VPN provider, and it is a definite plus even if they’re in a less privacy-invasive jurisdiction.
Of course, that’s not the only way a VPN can prove to be trustworthy. Take the example of the US-based provider Private Internet Access, who has received subpoenas from the FBI for information on their users on two separate occasions. Naturally, their no-log policy meant they couldn’t provide anything in either case.
VPN Terms and Conditions - Takeaways
As you can see, you stand only to benefit from reading the Terms and Conditions of your VPN:
- You’re not caught off-guard by data logging.
- You’re fully aware of the consequences of torrenting while using their platform.
- You don’t lose money because you haven’t taken a refund policy into account.
- You know whether you can share your account with friends and family without it being suspended.
- You’re aware of whether the actions or laws of the VPN’s home country are detrimental to your privacy.
And since friendship is based on mutual trust, check out these VPN scams that are going around during the ongoing Coronavirus pandemic.