At the time, we wrote speculating about whether this would mean changes were afoot for Private Internet Access or whether it was just going to trundle along as it is under the Kape umbrella.
It seems that the answer is the former. In a rather bizarrely worded blog post published yesterday, Private Internet Access has announced a number of steps to allow their users to be sure of the companies online security and privacy claims.
What is Private Internet Access doing?
The blog post was entitled ‘Don’t Trust. Verify.’ and it opens with a rather strange picture of Aladdin’s lamp and references to religion.
The point Private Internet Access is rather clumsily trying to make is that often VPN customers have to go on blind trust when choosing a provider.
This isn’t completely true of course. Independent comparison sites like VPNCompare.co.uk review top VPNs like Private Internet Access and offer detailed reviews of their service and the security and privacy protections they offer.
But that omission aside, the notion of VPNs becoming more open and transparent in their practices is certainly one we would approve of and this is the gist of Private Internet Access’s announcement.
The blog post confirms three steps that Private Internet Access is taking to allow its users a better understanding of how its service works. As they put it, “we are embarking on a journey which will lead us to a fully verifiable infrastructure.”
If this sounds like good news then it is. But the announcement is a little premature because details of the three steps they are taking remain hazy.
Private Internet Access’ three steps to a verifiable infrastructure
The first step Private Internet Access is taking is to make all its clients open source.
It has already released the coding for its desktop client for Windows, macOS and Linux devices onto GitHub with the promise that mobile apps and other clients will follow. There is, however, no confirmed timeframe for this at present.
Why does open sourcing matter? As Private Internet Access itself explains, it is important that people know what they are installing on their devices. You might not have the knowledge of interest to examine this coding yourself, but you can be sure plenty of others will and if it is hiding any nasty bugs, these will quickly be outed.
Vulnerabilities and malicious software being bundled together with VPN clients is an issue for the industry, albeit primarily with so-called free VPNs. But open-sourcing these clients is a great step to convince users about their safety.
Secondly, they are taking steps to convince users that it is impossible for anyone, even Private Internet Access staff, to access their VPN servers.
To do this they are creating an internal roadmap to create a transparent and verifiable infrastructure. This is known as Verifiable Zero Access and is essentially another way of confirming that Private Internet Access cannot log your online activity.
Again, there is no timeframe for this and Private Internet Access themselves admit in their blog post that this is just the start of what is undoubtedly a big project. But it is definitely a step in the right direction.
Lastly, Private Internet Access is committed to becoming the latest in a long line of VPNs to submit itself to an independent audit.
While a number of other VPNs such as ExpressVPN and NordVPN have already completed this process, Private Internet Access still has some way to go. They are still approaching auditors which means the results are again some way off. But the move is definitely a positive one.
What this announcement means
If the Private Internet Access blog post is to be believed, these three steps will make it “the only verified and verifiable VPN service in the world”.
We’re not quite sure we would go this far. None of these announcements are unique and innovative and in many ways, Private Internet Access is playing catch-up with a number of their competitors.
But that is not to take anything away from what they are announcing. Transparency and accountability are vital for any online service to provide and until recently, it was something that was rather lacking in the VPN sector.
That has now changed and if Private Internet Access wants to keep up with its rivals, these are steps it needs to be making.
How much of an influence the new owners Kape Technologies have had on this announcement is unclear. It is certainly true that their other VPNs have moved in this direction and the early stage this process is at makes it realistic that it only began after last month’s takeover.
For users, this won’t matter too much. What does matter is that another VPN is going out of its way to be transparent and open about how it works. And that is good news for its users and the whole VPN sector.