Is Your "Free" VPN Actually Sending Data to China?
Discovering hidden Chinese ties in U.S. VPN services
Why It's Important
The recent Tech Transparency Project report found dozens of free VPN apps in U.S. app stores covertly owned by Chinese companies-some even sanctioned for military ties. This matters because these VPNs are legally required under Chinese law to share user data with authorities, threatening your online privacy.
What Is Happening / How It Works
A deep investigation by TTP uncovered that 1 in 5 of the top 100 free iOS VPNs in the U.S. are linked to Chinese firms, hidden behind shell companies in places like Hong Kong, Singapore, and offshore havens.
Five popular apps-Turbo VPN, VPN Proxy Master, Thunder VPN, Snap VPN, and Signal Secure VPN-are tied to Qihoo 360, designated a "Chinese military company" and sanctioned by the U.S.
Once installed, all user internet traffic is routed through VPN servers-meaning whoever runs the VPN can see everything: sites visited, IP info, streaming habits, and more. With Chinese companies behind them, that data could be legally handed to Beijing .
👉 Want to support my work consider buying me a coffee
How to Mitigate It
Delete suspicious VPNs-especially the five linked to Qihoo 360.
Choose vetted VPNs that are transparent, independently audited, and headquartered outside high-surveillance countries.
Look for no‑log policies and audit certifications (e.g., RAM-only servers).
Educate your network-tell friends and family that "free" isn't always free when privacy is at stake.
How to Choose & Use a Safe VPN
Check ownership via company records, not just app descriptions.
Review privacy policies-must include third-party disclosures and log retention details.
Prioritize transparency-opt for providers that reveal ownership, jurisdiction, and audit results.
Stay informed-Apple and Google sometimes remove risky apps, but many still slip through.
One reliable option to consider is NordVPN. It's based in Panama-outside major surveillance alliances-and operates under a strict no-logs policy, independently audited multiple times. NordVPN uses RAM-only servers, supports multi-hop routing for advanced anonymity, and includes built-in threat protection to block malware and trackers.
A standout safeguard feature
One feature I appreciate is RAM‑only server use because it automatically wipes data on reboot-meaning even if the VPN is compromised, no long-term logs remain. This is something I'll edit to reflect my preferences.
Take Charge of Your Privacy
If privacy matters to you, don't settle for convenience. Look into reputable VPNs with audited, transparent practices-and consider scheduling a personal privacy assessment to reveal hidden vulnerabilities and strengthen your defenses.
Ready to assess your online privacy? Schedule a free consultation for a personalized risk evaluation.
Disclosure: Some links in this article are affiliate links. That means I may earn a small commission (at no cost to you) if you choose to purchase. I only recommend tools I trust and use myself.