In the back of my mind, I knew better. I knew the privacy promises were likely just good marketing. But convenience is a powerful drug.

Then, the odd patterns started. I’d be using an “anonymous” Browse session with the VPN active, researching a specific coding problem, only to see ads for hyper-specific developer tools pop up on a completely unrelated site minutes later. It was too coincidental to be an accident. It felt like I was being watched, my data patterns analyzed and monetized despite the very service I was paying to prevent that.

The nagging suspicion became a full-blown wake-up call today when I stumbled upon a powerful video by a creator named Addie LaMarr titled “EXPOSING The Billion Dollar SECRET VPN Companies Are Hiding.” The video meticulously dismantles the modern VPN industry, revealing it to be a racket built on a foundation of surveillance capitalism, deceptive marketing, and outright lies.

What I learned was that the tool I installed for privacy was, in many cases, quietly built to watch me. This isn’t about one bad company; it’s about how the entire industry got away with it.

The Surveillance Playbook They Copied from Facebook

The blueprint for the modern VPN racket was perfected by Facebook. In 2013, they bought a small Israeli app called Onavo, which was marketed as a data-saving tool. In reality, it was one of the most powerful surveillance tools ever deployed. From the moment it was installed, every piece of data on your phone—every app you opened, every tap—was routed through Facebook’s servers. They used this to spy on competitors like Snapchat, giving them a massive market advantage.

When Apple banned Onavo for these privacy violations, Facebook just rebranded it as “Facebook Research” and, as detailed by

TechCrunch, began paying teenagers $20 a month to install the app and hand over complete root access to their phones.

This proved a lucrative business model: use a tool under the label of privacy to collect user data. That opened the door for companies with histories in adware, spyware, and data harvesting to start buying up VPN services.

One of the biggest players is a company you’ve probably never heard of: Kape Technologies. Formerly known as Crossrider, this company used to create browser hijackers and ad-injection malware. After rebranding, they quietly bought up a huge portion of the VPN market, including:

• CyberGhost
• Zenmate
• Private Internet Access (PIA) – my former choice
• ExpressVPN, which they bought for nearly a billion dollars

To make matters worse, as a detailed investigation by

RestorePrivacy confirms, Kape also owns the “independent” review sites VPN Mentor and Safety Detectives, which consistently rank Kape’s own products at the top of every list. They built an entire surveillance ecosystem, monetized both ends, and slapped a privacy sticker on the front.

What a VPN Actually Does (and What it Absolutely Does NOT)

The marketing from these companies is dangerously misleading. Here’s the simple truth. A VPN is just a private tunnel that encrypts your traffic between your device and the VPN server, hiding your IP address from your ISP and local network.

What a VPN CAN do for you:

• Encrypt your traffic on sketchy public Wi-Fi.
• Hide your IP address from the websites you visit.
• Bypass geo-blocks for streaming or access censored news.

What a VPN CANNOT do:

• It does NOT make you anonymous. You are still wide open to browser fingerprinting and other tracking methods.
• It does NOT protect you from malware, phishing, or shady browser extensions.
• It does NOT stop apps on your phone from sending your data back to their servers.
• It does NOT stop DNS leaks unless you’ve specifically configured it to.

As an article from

WIRED explains, a VPN is just one layer, and for most people, it’s not even the most important one.

The Trustworthy Few: The Top 3 VPNs Recommended by Security Experts

So, who can you actually trust? The security community has a short list of providers that meet the rigorous standards of transparency and privacy.

1. ProtonVPN: Based in privacy-friendly Switzerland and run by the team behind Proton Mail, they have transparent ownership, are fully audited, and their apps are open-source. They are an excellent choice for beginners who want a trustworthy provider they can grow with. A review from Security.org further validates their strong security posture.
2. Mullvad: Based in Sweden, this provider is for the privacy-maxed user. They require no email to sign up and you can literally mail them cash to pay for your subscription. Their clients are open-source and they have been fully audited.
3. iVPN: Based in Gibraltar, they have transparent audits and team disclosures. They also block ads and trackers at the network level and allow for anonymous signup with cryptocurrency payments.

These providers pass the test because they offer transparent ownership, full third-party audits, open-source software, and anonymous payment options .

Beyond the VPN: The Real Layers of Privacy

If you truly want to reduce your exposure, you need to think beyond the VPN. Your biggest privacy leaks happen in the browser, not the network.

Top 3 Browsers for Privacy:

1. Hardened Firefox: This is the gold standard for customizable privacy. Start with Firefox, install uBlock Origin, disable WebRTC and telemetry, and use container tabs to isolate your digital identities from each other.
2. Brave: An excellent out-of-the-box choice that blocks trackers and ads by default and has many privacy features built-in.
3. Tor Browser: For high-risk situations where you need to reduce visibility, Tor reroutes your traffic through three relays so no single point can see both who you are and where you’re going. It is not for everyday use and requires a tight understanding of threat modeling to be used safely.

Hardening Your DNS:

By default, every time you visit a website, your computer sends a plain text request to a DNS server, allowing your ISP to see your entire Browse history.

DNS-over-HTTPS (DoH) encrypts these lookups. You can easily enable this in Firefox or Chrome by selecting a trusted resolver like

Cloudflare or NextDNS, which cleanly hides your Browse from your ISP.

Your 5-Step Anonymity Checklist

1. Choose a Trustworthy VPN: If you need a VPN, select one from the short list of audited, transparent providers like ProtonVPN.
2. Harden Your Browser: Use a privacy-focused browser like Hardened Firefox and install a quality ad-blocker like uBlock Origin.
3. Encrypt Your DNS: Enable DNS-over-HTTPS in your browser or at your router level to hide your Browse history from your ISP.
4. Isolate Your Identities: Use different browsers or browser containers for different activities (e.g., one for personal banking, one for work, one for general research) to prevent cross-site tracking.
5. Practice Good Data Hygiene: Be mindful of the apps you install and the permissions you grant them. A VPN does nothing to stop a leaky app on your phone.

The bottom line is that you can’t buy privacy. It’s a practice, not a product. This journey has taught me a valuable lesson: we have to stop blindly trusting the marketing and start understanding the technology. Only then can we make informed choices to truly protect ourselves.