Lawmakers push FTC to clean up the VPN industry

Last week, Congresswoman Anna Eshoo (D-CA) and Senator Ron Wyden (D-OR) wrote a letter urging the Federal Trade Commission (FTC) to address deceptive practices in the Virtual Private Network (VPN) industry. Eshoo and Wyden’s letter comes as people look to hide their digital footprint following the Supreme Court’s decision to overturn Roe v. Wade.

A VPN allows a user to establish an encrypted connection between their device and a private server, making it harder for third parties to access their online activity. With abortion becoming illegal or restricted in several states, more people are looking to conceal their messages and search history, as police can use this information to prosecute someone seeking the procedure.

In their letter, Eshoo and Wyden ask the FTC to clamp down on VPN providers that engage in deceptive advertising, or make false assertions about the range of their service’s privacy. The lawmakers cite research from Consumer Reports that indicate 75 percent of the most popular VPNs “misrepresented their products” or made misleading claims that could give “abortion-seekers a false sense of security.” Eshoo and Wyden also call attention to reports accusing various VPN services of misusing user data, as well as “a lack of practical tools or independent research to audit VPN providers’ security claims.”

“With abortion illegal or soon to be illegal in 13 states and severely restricted in many more, these abusive and exploitative data practices are simply unacceptable,” the letter reads. “We urge the Federal Trade Commission (FTC) to take immediate action… to curtail abusive and deceptive data practices in companies providing VPN services to protect internet users seeking abortions.” Eshoo and Wyden also ask that the FTC develop a brochure that informs anyone seeking an abortion about online privacy, as well as outlines the risks and benefits of using a VPN.

Earlier this month, the FTC reaffirmed that it will take action against companies that illegally share health, location, and other sensitive data, while President Joe Biden signed an executive order to protect patient privacy. Other entities have also taken action in light of the Supreme Court’s ruling, with Google promising to auto-delete location data associated with visits to abortion clinics.