In recent years, the use of Virtual Private Networks (VPNs) has increased considerably, primarily due to growing concerns about online privacy. However, a recent study conducted by the Tech Transparency Project (TTP) has revealed alarming concerns related to the ownership of several popular VPN applications.
The investigation discovered that up to one-fifth of the most widely used mobile VPNs on iOS are owned by Chinese companies, with some deliberately concealing this crucial information from users.
More concerning still, links have been established between these companies and Chinese military entities, raising major questions about data security and confidentiality.
Understanding Mobile VPNs
Mobile VPNs are applications designed to establish a secure connection between your smartphone and the internet through servers located worldwide. These services are commonly used to bypass censorship, access geo-restricted content, or protect users’ privacy. In essence, a VPN conceals the user’s IP address, making it more difficult to track their online activities.
This functionality raises a critical question: who can you trust? The VPN provider has the capability to view all of your online traffic, placing them in a position of significant responsibility and potential power over your digital footprint.
Connections to Chinese Military Enterprises
The TTP report reveals that some of the most popular VPN applications, such as Qihoo 360, are owned by companies identified as military actors by the United States Department of Defense. Qihoo 360 recently acquired Guangzhou Quanyong, an application development company that has launched several VPN applications, including Turbo VPN.
Turbo VPN has been specifically marketed to Spanish-speaking users in the United States, enabling them to circumvent restrictions imposed on accessing the Chinese social network TikTok. In June 2025, Qihoo 360 was added to the U.S. Entity List—a registry of entities suspected of posing a risk to national security.
Hidden Ownership and Shell Companies
The TTP report also highlighted other VPN applications such as X-VPN, VPNIFY, and VPN Proxy OvpnSpider, which appear to be registered under Hong Kong-based companies. This territory, recently subjected to stricter control by Chinese authorities, raises numerous concerns regarding transparency and security.
Some of these applications are registered in other countries but may actually be controlled by Chinese nationals through shell companies.
WireVPN, for example, is registered in the United Kingdom but is actually managed by a Chinese national through a shell company. Furthermore, this application shares a privacy policy that appears to be modeled after Chinese regulations.
Choosing a Trustworthy VPN
When considering using a VPN, it’s crucial to take certain precautions to ensure your online security. Here are important criteria to consider:
Jurisdiction Matters
The location of your VPN provider significantly impacts its ability to protect your data. It’s strongly advised to avoid VPNs based in countries known for sharing information with their government or those with questionable data privacy laws. Look for providers headquartered in countries with strong privacy protections.
Security Features Worth Examining
- Strong encryption protocols like 256-bit ChaCha20 are essential for protecting your data from interception
- Kill switch functionality to prevent data leaks if the VPN connection fails unexpectedly
- Secure protocols such as WireGuard that offer both speed and enhanced security
- DNS leak protection to ensure all your traffic remains within the encrypted tunnel
Privacy Policy Scrutiny
A no-logs policy is essential when selecting a VPN service. This means the provider should not track, store, or share your browsing history. It’s therefore crucial to carefully read the privacy policy to understand what data is collected and how it’s used.
Many VPN providers claim to maintain “no logs” policies, but the definitions can vary dramatically. The best providers undergo independent security audits to verify their privacy claims, offering users greater confidence in their service commitments.
Privacy VPN as an Alternative
With features such as 256-bit ChaCha20 encryption and a strict no-logs policy, Malwarebytes Privacy VPN emerges as a reliable option for those wishing to protect their online data. Unlike some questionable applications highlighted in the report, Malwarebytes operates with transparency regarding its ownership and security practices.
The service offers a balance between security features and user-friendly operation, making it accessible to both novice and experienced VPN users concerned about privacy protection.
NordVPN is another solid option for anyone serious about their online privacy!
Conclusion
At a time when data protection is more than ever at the heart of concerns, vigilance when choosing a VPN provider is essential. Although these services can offer a certain level of confidentiality, conducting thorough research is imperative. Not all VPNs are created equal, and their presence on Apple’s App Store does not guarantee their reliability.
The findings regarding Chinese ownership of popular VPN applications serve as a sobering reminder that the tools we use to protect our privacy may themselves represent privacy risks. By carefully weighing the pros and cons and investigating ownership structures, you can make an informed decision and better protect your online privacy in an increasingly complex digital landscape.
Remember that true digital privacy requires multiple layers of protection—a trustworthy VPN is just one component of a comprehensive security strategy that should include updated software, strong passwords, and careful consideration of what information you share online.
