If you’ve recently heard about the release of the VTI Principles, then you might be wondering what exactly they are. The i2Coalition announced the release of the VPN Trust Initiative (VTI) Principles on Sep 29, 2020, but much of the information already out there doesn’t give an explanation of what it all means at a consumer level.
In short, it’s been hard for VPN users to tell if a VPN is actually protecting them. The aim of establishing the VTI and its principles was to create a quality standard for the VPN industry that consumers understand. With it, users will know that they are in good hands if a VPN provider is a member of the VTI.
In this article, we’ll explain what the principles are and what it means for your security and privacy. We’ll also list the VPN providers that have agreed to follow the principles. At the end of it all, you should have a good, non-jargony understanding of what the VTI Principles are and what it all means for you.
What Are the VTI Principles?
The VTI Principles are a set of best practices for virtual private network providers. They set out clear and understandable standards that VPN services should implement.
Recent breaches, security incidents and privacy issues regarding some VPNs have broken people’s confidence in such services. One of the biggest problems has been the appearance of new VPN companies with scammy and unethical practices. Using one of the worst VPNs can ultimately give users the wrong impression of VPNs in general, which negatively impacts trust in the industry as a whole.
In the hope of gaining back trust and confidence in VPNs, five leading VPN providers — ExpressVPN, NordVPN, Golden Frog, Surfshark and NetProject — decided to come together to create a plan. Thus, in December 2019, the providers created the VPN Trust Initiative under the arm of the i2Coalition (Internet Infrastructure Coalition).
Understanding the Five VTI Principles
Since its launch, other VPN companies have become members, too, and the new VTI principles focus on five key areas for members to comply with. We’ll now break down those five key areas:
Members will ensure users are protected with strong encryption and authentication protocols. That includes encrypting usernames and passwords, and helping to prevent keys from being shared, too.
2. Advertising Practices
Members must not mislead users in advertisements. They must provide accurate information and claims in a clear and understandable manner, and also back up that information.
Members must ensure that they keep minimal user data and that, if they do practice data retention, it is because it’s necessary in providing the service. The VPNs must state what they log and why, as well as how long they keep the information.
They must also tell users if they disclose data to third parties, and promise to only hand over data to the authorities if legally required. They must also notify users in a timely manner of any potential security incident or data breach.
4. Disclosure and Transparency
Members must inform users and the public about their processes. For instance, VPNs must disclose how they use data, who has access to it and why. Members must publish annual transparency reports and, once again, they must only provide users’ data when requested for legitimate, legal reasons.
5. Social Responsibility
In the effort to provide greater privacy and security, members should support education about VPNs and provide truthful information in that effort. They should also contribute to and promote VPN technology that would support freedom of expression.
What Is the i2Coalition?
The i2Coalition — or Internet Infrastructure Coalition — was officially founded in 2012 and is the leading voice for internet technologies, such as managed service providers, data centers, web hosting companies, domain registrars and registries, and more.
The coalition ensures that the internet’s information and commerce flows freely, and it addresses laws and policies that could potentially affect it. It also protects innovation and growth with the internet’s infrastructure.
Which VPNs Follow the VTI Principles?
The VPN Trust Initiative was initially established by five companies and their respective brands:
- Golden Frog: VyprVPN
- NetProject: IPVanish, SaferVPN, StrongVPN, SugarSync, OverPlay, encrypt.me, WLVPN
Since then, other companies have joined, including Hide.me, Ivacy, WeVPN and the Mysterium Network (Mysterium VPN). Other companies will likely commit to meeting the VPN Industry Principles, too, but we have yet to see which ones.
What Does This Mean for VPN Users?
The VTI Principles aim to improve the VPN market as a whole, ensuring consumer confidence and provider accountability. They will ensure that users are protected as they should be and that their data is secure. It also means that VTI members have to be transparent about every aspect of their service, from the encryption it uses to how they use your data.
The guidelines should persuade VPNs to implement the best and latest encryption standards, too, as that will ensure your safety online. Plus, many privacy policies are full of jargon and users tend to get confused or bored after reading a couple of paragraphs. Such policies will now need to be much clearer and not misleading to users, perhaps summarizing the main aspects, too.
Not all VPN providers follow the best standards, and now it’s going to be easier for you to separate the good VPNs from the bad. VTI members won’t be able to entice you with misleading advertising candy, so you can simply choose which VPN best suits your needs.
By ensuring you sign up for a VTI member VPN, you’ll have the peace of mind that the VPN provider follows the industry best practices and has your security and privacy in mind.
Both the formation of the VTI and the VTI Principles brings a positive turn to the VPN market and may ultimately increase VPN use. It’s a chance for VPN companies to prove their trustworthiness, transparency and social responsibility, and for users to have confidence in the service they sign up for.
Many VPN providers have already committed to follow the standards, and we expect others to join them, too. For now, though, we can say that the current members include some of those that were already considered to be the best VPNs available.
What are your thoughts on the VTI Principles? Let us know in the comment section and, as always, thank you for reading.