Internet service providers (ISPs) in the United States will soon be able to track and sell records of your internet activity, including what websites you visit, messages, emails, searches, and more. Senate Joint Resolution 34 (S.J. Res 34) will repeal an Obama-era FCC privacy rule that barred corporations like Comcast and Time Warner Cable from selling customer’s browsing data without permission.
The bill has already passed both houses of Congress and as of the time of writing only needs President Donald Trump’s signature to become law. No one is exactly sure how far ISPs will be willing to go when selling your info, but as it stands there’s very little regulation preventing them from selling personally-identifiable information (PII) along with private details ranging from sexual orientation to medical records.
Once the bill becomes law as expected, there are only two surefire ways to prevent your ISP monitoring web activity: a VPN or Tor. We prefer VPNs because they are faster and don’t draw undue attention from ISPs or authorities. A VPN encrypts all of a device’s internet traffic and routes it through an intermediary server in a location of the user’s choosing. While the VPN is connected, your ISP cannot see what websites you visit, what apps you use, or the contents of anything you send or receive over the web. Nor can the ISP inject advertisements or other content into your browser.
Below, we get into detail on each of the VPN providers that make up this list, but if you only have time for a quick review, here are our top choices:
- ExpressVPN Leads the pack with strong encryption, security, and privacy features. Keeps no logs and offers multiple options and apps for protecting all your devices and traffic. 30-day money back guarantee has you covered.
- NordVPN Budget provider that built their reputation on security and privacy. Strict zero logs policy and no logs kept of your internet activity.
- IPVanish Owns and operates all the servers on their network. Hold no logs or metadata on any of their users. DNS leak protection.
- StrongVPN Strong security and privacy features along with a no logs policy, but not the easiest apps to use.
- Private Internet Access Solid security credentials. Strict with keeping no logs on user activity. Well priced but displayed inconsistent download speeds in testing.
The best VPNs to prevent ISP tracking
To that end, we’ve compiled a list of the best VPNs to prevent your ISP from tracking what you do online based on the following criteria:
- No traffic or IP address logs
- Strong, up-to-date encryption
- DNS leak protection
- Dynamic, shared IPs
- Bonus: not based in the US
ExpressVPN is incorporated in the British Virgin Islands. It boasts a best-in-class encryption suite, combining the OpenVPN protocol with 256-bit channel encryption, SHA512 authentication, and 4,096 RSA keys that use perfect forward secrecy.
The company uses its own DNS servers and routes all DNS requests through the VPN, so nothing leaks out to your ISP. Hundreds of users can share a single IP address, so it’s nearly impossible to track any activity back to you.
The ExpressVPN app includes a “network lock” that halts internet traffic should your connection drop at any point until it is re-established. Apps are available for Windows, Mac, iOS, Android, Linux (command-line), and certain wifi routers.
ExpressVPN is also great for unblocking geolocked content like Netflix and Hulu when traveling abroad.
- Based in the BVI and isn’t required to log any user data
- Best-in-class encryption makes for solid security and privacy
- DNS leak protection, shared IP addresses and keeps no traffic logs
- Superfast servers are great for streaming HD content
- Offers 24/7 live chat
- Slightly higher cost than others
BEST VPN FOR PREVENTING ISP TRACKING:ExpressVPN is our first choice It offers military-grade encryption protocols coupled with a neat design and fast speeds. It works instantly and reliably and is suitable for beginners and advanced users alike. Leads the way in unblocking geo-resricted sites and services. Plans include a 30-day no-quibbles money-back guarantee so you can try it risk-free.
Read our full review of ExpressVPN.
Special Offer - get 3 months extra FREEGET DEAL
Panama-based NordVPN offers excellent bang for your buck–up to six simultaneous connections on a standard subscription. But the real value is in the company’s strict zero logs policy and its strong encryption suite: 256-bit encryption on OpenVPN and 2,048-bit Diffie Hellman keys.
The NordVPN app includes a process-specific kill switch, so you can specify which programs get blocked from sending un-encrypted traffic over your ISP network should the connection drop. A huge range of servers are available including some optimized for extra privacy, including Tor over VPN and double VPN.
Apps are available for Windows, MacOS, iOS, and Android. NordVPN can also unblock geographically-restricted content like Netflix and Hulu if you travel abroad.
- Zero-logs policy
- Offers secure, encrypted connections at all times
- IPs never leaked thanks to kill switch on DNS protection
- Most apps feature a process-specific kill switch
- Can connect 6 devices at once with the basic package
- Connections through the desktop app can be fiddly
BUDGET-FRIENDLY:NordVPN offers great value for money, with a large server network, fast speeds, and great unblocking capabilities. This provider offers a 30-day money-back guarantee.
Read our full review of NordVPN.
Save 75% with this limited deal on 3 year plansGET DEAL
IPVanish is one of the few VPN providers to actually own, rather than rent, its servers. That means it has greater control over who can access those servers. By default, users connect using OpenVPN with 256-bit AES encryption, SHA512 authentication, and ephemeral 2,048-bit RSA keys with perfect forward secrecy.
The company keeps no records of traffic nor metadata on its users, so despite being based in the US, it couldn’t produce any information on users even if it wanted to. DNS leak protection is built in and a kill switch can be enabled in the settings.
Apps are available for Windows, MacOS, iOS, and Android.
- Connections, communications and traffic remain encrypted and private at all times
- DNS leak protection and kill switch enabled by default
- Servers are fast for streaming and downloading
- No-logs policy
- Doesn’t reliably unblock Netflix, Hulu
FAST AND RELIABLE:IPVanish has a large network of servers. Uncongested network achieves good speeds. Strong security and privacy features. Could do with having live customer support. 7-day money back guarantee.
Read our full IPVanish review.
Comparitech Exclusive - save 60% on the 1 year planGET DEAL
StrongVPN is based in the US but keeps zero logs of any kind on user activity. We recommend users opt for the secure L2TP, SSTP, or OpenVPN protocols and avoid the obsolete option to use PPTP. Although we’re not a fan of the Windows app, StrongVPN does use 256-bit encryption and SHA512 authentication.
It owns its physical servers rather than renting them. DNS leak protection and a kill switch can be enabled in the settings.
Apps are available for Windows, MacOS, iOS, and Android.
- High-grade encryption and authentication settings
- Kill switch and DNS leak protections in place and keeps no logs
- Torrent-friendly and works in China
- Own and operate all servers
- Some users might find minimalist design limiting
- Speeds were reasonable during testing but not great on the whole
MOST RELIABLE:StrongVPN confidently overcomes geo-blocking. Reliable network of servers. Good on privacy and they retain no internet browsing logs. Ample security. Manual configuration may challenge some users. 45-day money back guarantee.
Read our full review of StrongVPN.
Save an additional 20% on any planGET DEAL
US-based Private Internet Access, or PIA for short, doesn’t keep any logs and it has even published court documents to prove it. Users can set which VPN protocol they use along with the level of encryption.
The most secure configuration is OpenVPN combined with 256-bit AES encryption, SHA256 authentication, and 4,096-bit RSA keys with perfect forward secrecy. PIA operates its own servers and its app includes DNS leak protection and a kill switch to prevent any traffic from leaking onto the unencrypted ISP network.
Apps are available for Windows, MacOS, iOS, Android, and Linux.
- Keep no logs, DNS leak protection and kill switch are activated
- Strong encryption for secure and private connections
- Operates over 3,200 servers
- Streaming speeds can be inconsistent
- Be prepared for troubleshooting in community forums
- Other providers in this list are more capable at unblocking popular streaming sites
STRICT NO LOGS POLICY:Private Internet Access has top security, low price, rich security features, and great customer service. Speeds can be inconsistent. 7-day money back guarantee.
Read our full PIA review.
Save 58% on the 2 year planGET DEAL
Be wary of free VPNs
There are hundreds of so-called “free” VPN services floating around app stores and Google search results. But as we always say, if you’re not buying the product, you probably are the product. Free VPNs still have to make money, and they often do so by mining users’ data, injecting advertisments, and even installing malware on users’ devices. This makes them just as bad or worse than your ISP.
Not all free VPNs are bad, but even the more trustworthy ones will implement bandwidth limits or data caps. They have a very limited selection of congested servers and might force you to wait in a queue before connecting.
Can my ISP see my VPN?
While using a VPN, your ISP cannot decipher the contents of your internet traffic nor can it figure out where your traffic is traveling to or from. That means your ISP cannot see what sites you visit or anything you do while connected. It can only see that encrypted data is traveling to a server.
It’s possible that your ISP will know that said server belongs to a VPN. VPNs are 100 percent legal in the United States, however, and no American ISPs that we know of block or throttle traffic to VPN servers.
So don’t worry about it. Your ISP isn’t going to punish you for using a VPN. If they do, they’ll be breaking the FCC net neutrality order, and you should give the Electronic Frontier Foundation a call to get them off your back.
That being said, we’re not sure how much longer the net neutrality order will stand under the Trump administration. After removing broadband privacy rules, the Obama-era rule that says all internet traffic should be treated equally could be next on the chopping block.
If that happens, the VPNs we list here can use so-called “obfuscation” techniques and other methods to hide the fact that you’re using a VPN. Hopefully it won’t come to that, though.
Why are no-logging policies important?
If a VPN logs your activity, it’s no better than an ISP that does the same. It could just as easily mine your web traffic for data and sell it to third parties without restriction.
This is why we strongly prefer VPNs that don’t log. We’re primarily concerned with traffic logs, which include the contents of web pages you visit and any unencrypted emails or messages.
Metadata logging is less of a concern and includes things like when you connected to the VPN, for how long, and how much data you used. What’s less acceptable is if those metadata logs include the user’s real IP address, which means their activity can be traced back to them.