In order to figure out the best VPN for torrenting, we need to decide which criteria by which to judge them. Torrent and P2P file sharers want privacy, no data caps, and fast download speeds above all else. Based on that, we’re going to use the following factors:
- Logging policy
- Bandwidth limit
- Speed testing performance
Encryption ensures third parties cannot snoop on the activity of the VPN user. Strong encryption paired with an airtight protocol is ideal, so we’re mainly looking for OpenVPN that uses the AES 256-bit algorithm. In particular, encryption helps keep internet service providers off your back. A VPN kill switch and DNS leak protection are security bonuses.
The VPN must be logless, meaning it does not record and save information about your activity. This can mean performance stats used to improve the product or data about what you’re looking at and downloading, which is used to build better features. Ideally, the provider collects no information and therefore cannot be hacked or coerced into giving up information about customers.
Some VPNs have data caps or bandwidth limits that throttle or halt downloads up to a certain limit. We want to avoid these as torrents often require a lot of data.
Once we know that the data won’t be capped, we can test how fast downloads actually happen. At Comparitech, we do this by downloading the same file, three times a day, from three different server locations for each VPN. We haven’t tested every VPN under the sun yet, but we’ve included a few of the faster ones.
Finally, we prefer VPNs with shared IP addresses for torrenting. This means you share an IP address with dozens, perhaps even hundreds of other people. Shared IPs add a significant layer of anonymity, which makes it more difficult to trace activity back to you.
Without further ado, here are our top picks:
ExpressVPN offers fast download speeds with 256-bit AES encryption and perfect forward secrecy across 78 different countries. It’s a great plug-and-play option for those who don’t want to fuss with different configurations and just want something that will guarantee security and anonymity when torrenting. ExpressVPN doesn’t keep traffic logs and is based in the British Virgin Islands, which has no data retention laws. A kill switch is built in to prevent traffic from leaking onto the unencrypted network should your connection drop. P2P filesharing is supported on all servers.
Other than torrenting, ExpressVPN is also a very capable unblocker of geo-locked streaming services including Netflix, BBC iPlayer, Hulu, Amazon Prime Video, and HBO Go/Now.
Apps are available for Windows, MacOS, Android, iOS, some wifi routers, and Linux.
BEST DEAL: Save 49% on the ExpressVPN annual plan here. This includes 30 day money back guarantee so you can try it risk free.
Read our full review of ExpressVPN.
Panama-based NordVPN keeps neither connection nor traffic logs. 256-bit AES encryption over OpenVPN is the default, along with optional double-hop encryption and Tor over VPN features. Speeds are great, but can be a bit volatile. DNS leak protection and a kill switch can both be toggled on in the settings. The traditional all-or-nothing kill switch is one option, or you can specify which programs get cut off from the internet if the VPN connection drops, such as a BitTorrent client.
NordVPN uses shared IP addresses, and bandwidth is unlimited. Torrenting is explicitly permitted. A proxy, encrypted chat, and self-destructing encrypted notes are extra features included in each subscription. It can also unblock a range of geo-locked streaming services including Netflix US, Hulu, BBC iPlayer, and Amazon Prime Video. A 30 day money-back guarantee means you can try the service and receive a full refund if not entirely happy.
Apps are available for Windows, MacOS, iOS, and Android.
Read our full review of NordVPN here.
When it comes to the sheer number of servers to choose from, it’s tough to beat IPVanish. One of the most popular VPNs worldwide, IPVanish takes privacy very seriously and has been built with torrenting in mind. It creates no logs, not even the connection logs used for troubleshooting like ExpressVPN. L2TP and OpenVPN protocols both use 256-bit encryption. IPVanish uses shared IP addresses, and even has a built-in feature that lets users switch IPs periodically, such as every 60 minutes.
Speeds are good, and bandwidth is unlimited. IPVanish specifically designates certain countries as P2P-friendly, such as the Netherlands (more on this below). A kill switch can be enabled in the settings. IPVanish is particularly popular with Kodi users thanks to its lightweight Android app and compatibility with all the Kodi addons we’ve tested.
Apps are available for Windows, MacOS, iOS, and Android.
DEAL ALERT: Save 60% on the annual plan here or 25% on the monthly subscription.
Read our full review of IPVanish.
US-based Private Internet Access is the polar opposite of ExpressVPN and IPVanish design-wise, but it still offers good security and, while speeds are slower, they are still respectable. PIA isn’t the most user friendly but it does come with a ton of possible configurations and settings, among which include 256-bit encryption and other security tweaks.
PIA has a VPN kill switch, which will halt all internet traffic in case the connection to the VPN is lost. This assures your IP and other identifying information is never leaked. It doesn’t keep logs, and there’s no bandwidth limit.
Apps are available for Windows, MacOS, iOS, Android, and Linux.
DISCOUNTED DEAL: PIA is running a discounted deal on their annual plan here which brings the cost down to $3.33 per month with a 1-year plan.
Read our full review of PIA.
Romania-based CyberGhost allows P2P filesharing on any server that isn’t located in the US or Russia. Due to legal pressure, CyberGhost actively blocks BitTorrent traffic in those two countries (presumably by blocking popular ports used by BitTorrent clients, but we haven’t tested this). CyberGhost isn’t wholly adverse to torrenting, though, and even has a “Torrent Anonymously” profile that will connect you to the best P2P-optimized server available.
CyberGhost adheres to a no-logs policy, uses 256-bit AES encryption with perfect forward secrecy, and has a kill switch on its desktop clients. An app-specific kill switch is buried in the settings, dubbed “app protection,” which will only cut off internet to specified programs, e.g. a torrent client. CyberGhost Pro scored well in our speed tests and can even unblock US Netflix, BBC iPlayer, and Amazon Prime Video.
Apps are available for Windows, MacOS, iOS, and Android.
Read our full CyberGhost Pro review.
PrivateVPN is a relatively young VPN provider with a smaller network than the others on this list, but you’ll still get blazing fast download speeds and rock solid security. It uses 256-bit encryption with perfect forward secrecy on the OpenVPN protocol. No traffic or connection logs are recorded. An optional kill switch is built in.
Besides torrenting, PrivateVPN is also great for unblocking geo-locked content like US Netflix, BBC iPlayer, Hulu, and Amazon Prime Video. You can connect up to six devices at a time on a single account.
Apps are available for Windows, MacOS, iOS, and Android.
DOUBLE DEAL: PrivateVPN is offering Comparitech readers a 67% discount on its annual plan, plus 5 months added at no extra cost.
Read our full PrivateVPN review.
VPNs to avoid
Free VPNs are generally a no-no when it comes to torrenting. Due to the large amount of bandwidth required, many free VPNs prohibit P2P activity. Others aren’t secure, and many have data caps. The common adage that comes with free services is that if you don’t buy the product, then you are the product. This is especially true because a VPN isn’t just a piece of software, it’s an ongoing service that requires continuous resources and maintenance.
TotalVPN, TunnelBear, and Hide.Me are all a bit more reputable, but they have speed or data caps that aren’t ideal for torrenting. TunnelBear and VPNGate, a community-run VPN project, explicitly prohibit P2P filesharing.
We passed on several paid VPN providers as well. PureVPN, VyprVPN, HideMyAss, Overplay, and SaferVPN all failed to make the cut due to their logging policies. IronSocket and BolehVPN were left out due to performance concerns.
Some unscrupulous free VPN providers could well be scraping users’ personal data and selling it to third parties. One such high-profile case was Hola, a free VPN provider based in Israel. Hola was caught selling users’ bandwidth, and it was criticized for being opaque about how each Hola user became a node on the network rather than hosting its own dedicated VPN servers.
VPNGate is a fantastic academic initiative out of Japan that aims to uncensor the web for people living under oppressive anti-free speech regimes. It uses a network of volunteer nodes around the world as relays. It discourages P2P filesharing activities that would hog the network, however, and it keeps logs for up to three months to help weed out abuse and criminal wrongdoing.
IronSocket doesn’t keep logs, but the majority of its servers expressly prohibit P2P activity. Those non-P2P servers block all P2P connections. Even if it doesn’t keep logs, that means it is monitoring your activity at some level.
Read our full review of IronSocket.
Legal issues with torrenting
Torrents have become synonymous with copyright abuse and piracy, but the underlying technology is not in itself illegal. Perfectly legal torrents do exist and are used on a regular basis, such as SXSW and media that falls under the public domain.
If you frequent ThePirateBay, uTorrent, or KickassTorrents, however, chances are what you download is not legal. Government authorities can fine you for committing a civil offense, while ISPs and copyright holders will threaten and in some cases follow through on legal action. While it’s unlikely that a record company will take someone to court, they might seek damages through settlements.
Here’s a quick breakdown on torrenting laws in several countries:
Downloading copyrighted material is illegal in the United States. ISPs often have a three-strike rule if they catch users torrenting illegally. Non-copyrighted material is completely legal to download.
Copyright holders often act through copyright trolls, which record IP addresses of torrenters and send settlement letters requesting remuneration. These entities have the right to sue on behalf of the copyright holder, but because an IP address does not legally constitute an identity in the US, the best option for recipients is to ignore them.
The Copyright Modernization Act passed in January 2014 requires ISPs send notices to copyright violators on their networks. The recipients’ identities are stored on ISP servers for six months. Copyright holders cannot sue for damages of more than $5,000, which in most cases simply isn’t worth the time or effort.
The notification system is more educational than legal, but ISPs can still penalize torrenters by choking bandwidth.
Larger ISPs are required by law to notify subscribers when the British Phonographic Industry catches them torrenting in the form of a cease and desist order. ISPs reserve the right to throttle bandwidth and disconnect users. ISPs with fewer than 400,000 subscribers are not subject to this law, however.
Copyright holders have the right to sue uploaders and downloaders for damages even if no monetary gain was involved.
Popular torrent trackers such as ThePirateBay are blocked by major ISPs in the UK, but these can still be accessed with a VPN.
Piracy is a crime in Australia, but there’s little enforcement. It’s not completely unheard of for a copyright holder to successfully sue ISPs for torrenters’ identities, whom they can then request remuneration from using a practice called speculative invoicing, but it’s rare.
A “three-strikes” rule in which ISPs would notify torrenters on behalf of copyright holders was canned earlier this year due to disputes over implementation costs.
Some torrent trackers and other sites containing infringing content have been blocked by ISPs under a court order. Update December 2016: A federal court in Australia has ordered ISPs to block BitTorrent tracker sites including ThePirateBay, Torrentz, TorrentHound, IsoHunt and SolarMovie. These can still be accessed with any of the VPNs we listed above.
We’re adding a section about the Netherlands because there’s a huge misconception that pirating copyrighted materials is legal there. As of 2014, it is not. Doing so is considered a civil offense on not a criminal one, so you will not be sought out by law enforcement for doing so, but you can be fined.
However, the law states that fines cannot be artificially high, so damages that copyright holders can exact are capped. This will likely deter legal action for the most part except for exceptionally active torrenters.
Downloading copyrighted material without permission is illegal in Germany. Enforcement is usually handled by law firms that act on behalf of copyright holders (see: copyright trolls). Fines typically range up to 1,000 Euros.
Similar to the US, copyright trolls send threatening letters to torrenters after identifying their IP address. While we’re not legal experts in German law, the consensus of what to do if you receive a letter is also similar to the US: if it doesn’t identify you by name and doesn’t come directly from the police, ignore it and just let the statute of limitations period expire.
Note that if someone pirates content on an unsecured wifi network, the owner of the wifi network can be held liable for damages, even if they were not aware of the illegal activity taking place. This fine is usually around 100 Euros.
Related: Best VPNs for Germany
Online piracy laws are a little fuzzy in India. A slew of news reports from 2016 suggested that even viewing certain web pages or torrent files (not the copyrighted content itself) was enough to penalize netizens with heavy fines and jail time. This is not true, however; the rumor arose from a poorly-worded warning from Indian ISPs that appeared when users tried to access blocked sites.
Piracy in India is illegal like anywhere else and could conceivably result in fines or jail time, but the emphasis of enforcement seems to be on redistribution, e.g. bootlegging and selling pirated content, rather than personal consumption.
Related: Best VPN for India
Comparitech does not condone or encourage piracy. Please stick to legal torrents.
Kodi and Popcorn Time
Streaming video from Popcorn Time relies on torrents as a source. While you might not be downloading files you found on ThePirateBay directly to your hard drive, make no mistake that using these tools makes you no less liable in the eyes of the law. When you use Popcorn Time, you simultaneously download and upload content.
Certain Kodi add-ons also source video streams from torrents. Keep an eye out in particular for a newer platform called Acestreams. Acestreams use peer-to-peer bittorrent connections so concurrent users can share the load of a stream. That means your connection is shared with others, causing potential security and privacy issues that can usually be averted with a VPN. Acestreams are increasingly popular for both live and on-demand content.
Many VPNs come with NAT Firewalls built in, which block connections from peers on P2P networks, as well as other unsolicited connections. This can prevent torrents, which rely on P2P networks, from functioning properly.
Depending on the VPN, you may be able to disable the NAT firewall somewhere in the settings. If not, you will need to use port forwarding. This is usually a manual procedure where the VPN provider designates a specific port to be used for P2P traffic. Users must configure their bittorrent client to use this port. If the port is not listed on the VPN provider’s website, the user will need to contact customer support and ask for it.
How a VPN protects your privacy when torrenting
A VPN protects your privacy when torrenting in two key ways.
First, it prevents your ISP and anyone else on your local and ISP network from seeing that you are torrenting. Because all of the files you download and upload via BitTorrent are encrypted when they pass through your ISP’s servers, their contents cannot be identified. It would take a monumental time- and resource-consuming effort for an ISP to even attempt to crack the encryption put in place by your VPN.
Secondly, a VPN prevents other users downloading and/or uploading the same files as you from seeing your IP address. BitTorrent is a P2P, or peer-to-peer, protocol. That means everyone who uses the same torrent file is connected in what’s known as a “swarm”. Each device connected to the swarm can see all of the other IP addresses of all the other devices in the swarm. Many BitTorrent clients even allow you to view a list of other devices you’re connected to when leeching or seeding files on the network.
Without a VPN, your real IP address can be used to identify your approximate location and internet service provider. This is how copyright trolls are able to find torrenters and send them threatening settlement letters (read about how to respond to these in our torrenting safety and legal guide).
A VPN masks your IP address so that other devices in the swarm only see the IP address of the VPN server. VPN providers typically use shared IP addresses, meaning dozens and even hundreds of users are assigned the same IP address. This large pool of users makes it next to impossible to trace torrenting activity back to a single person. Furthermore, if you use one of the logless VPNs on this list, the VPN won’t have any user information to hand over when hit with a DMCA notice or settlement letter.
Masking your IP address also protects you from hackers that would use it as a backdoor into your system, find out personal information about you, or even harass you at your home. Your IP address is like your home address, but for your computer. Someone who knows it can find out where you are.
The importance of kill switches
A VPN kill switch halts all internet traffic in the event that the VPN unexpectedly drops the connection for any reason. This prevents your real IP address and torrent traffic from leaking onto your ISP’s unencrypted network, which could otherwise expose your activity to your ISP, copyright trolls, and hackers. This is why it’s very important to either bind your IP (see below) and/or use a kill switch.
All of the VPN apps we recommend come equipped with a kill switch on their desktop versions, but they might not be enabled by default. Be sure to enable it in the settings. Mobile VPN apps for Android and iOS are much less likely to incorporate kill switches.
Know that not all kill switches are created equal. A simple dropped connection is fairly easy to plan for, but the kill switch might not be equipped to handle other types of network disruptions, crashes, and configuration changes. You can read more about leaks that occur in these scenarios in our VPN leak testing analysis, which we will extend to more VPNs as time goes on. The two types of leaks most pertinent to torrenters are IP address and IP traffic leaks.
Bind your IP
IP binding is a valuable precaution to take if you want to ensure that all torrent downloads take place over the VPN. Binding your torrent client to an IP address limits downloads to a specific IP address. This means you can set the client to only download torrents while connected to a certain VPN server. If the connection to the VPN drops or you disconnect, the downloads stop, adding a kill switch to your VPN without affecting other apps and services. This prevents any torrent traffic from leaking onto your real IP address.
Check your torrent manager software settings to see if it supports IP binding. uTorrent has this capability on Windows, and Azureus Vuze can do it on Mac.
Torrent websites and torrents themselves are havens for malware. Because torrents are uploaded by the community, they often go unchecked for viruses and malware. Every time you download a torrent, it’s a good idea to scan it with good, up-to-date antivirus software. If the website you downloaded from has a comments section, other users might have already posted about potential threats. This is especially true for software and video games that contain a lot of files, making it easier to hide malicious files.
Check out our reviews to find the antivirus that best suits you.
Port forwarding is a contentious topic among torrenters. Some say it improves their download speeds by allowing their torrent client to connect to more peers. Others argue it is unnecessary and, when using a VPN, only serves to make torrenting more difficult and can even degrade user privacy.
This is because other users sharing the same VPN IP address will all be limited to the same ports except for the one who chooses to port forward. That can make P2P activity more easy to trace back to a single user.
Most commercial VPN clients don’t support port forwarding and work fine without it. For those that do, enter the forwarded port into your torrent client’s settings. Port forwarding in a VPN does not require forwarding ports in your router. You may need to disable disable NAT-PMP and/or uPNP mapping in the torrent client.