Private Internet Access VPN review: Both more and less than a budget VPN
I came into this review thinking of Private Internet Access (PIA) as one of the better VPNs. It's in the Kape Technologies portfolio, along with the top-tier ExpressVPN and the generally reliable CyberGhost. It's one of the cheapest VPNs out there, its interfaces hold together and it boasts plenty of server locations.
Sadly, I was either misremembering PIA, or it used to be better until someone at Kape fell asleep at the switch. The more I tested this VPN, the more I came to terms with the fact that it's much harder to recommend these days, especially compared to the entries in our best VPN guide. The biggest culprit is unmoored download speeds that swing wildly from acceptable to unusable, but I also encountered dropped connections, high latencies and dead ends in the UI.
I want to make it very clear that this PIA review is a snapshot of a moment in time. I don't think this is an inherently bad service, but it needs to do a lot of work to right the ship. As I go through my usual 11-point testing plan, I'll make a (hopefully) cogent case for why you should give PIA a miss as of now.
Editor's note (10/20/25): We've overhauled our VPN coverage to provide more detailed, actionable buying advice. Going forward, we'll continue to update both our best VPN list and individual reviews (like this one) as circumstances change. Most recently, we added official scores to all of our VPN reviews. Check out how we test VPNs to learn more about the new standards we're using.
Table of contents
Findings at a glance
Here's a quick overview of everything I learned from testing Private Internet Access. For details on the bullets, check out the relevant section.
Category |
Notes |
Installation and UI |
Desktop apps work well but are limited to mobile proportions Android app has some confusing design choices and often gets stuck on screens that prompt setting changes iOS app is the best, but lacks dark mode Browser extension has several unique features |
Speed |
Major swings in speed and latency, even on the same server minutes apart Average download speed drop of 34 percent conceals a lot of outliers in both directions Latency was the most inconsistent measure of all, swinging by over 1000 milliseconds |
Security |
OpenVPN and WireGuard, the two universally available protocols, are secure IKEv2/IPSec only available on iOS Passed all leak tests, including while switching locations Encrypts all data packets |
Pricing |
$11.95 per month Best plan costs $79 for 39 months, or $2.03 per month Unlimited connections on any plan |
Bundles |
Antivirus and dedicated IP addresses available at checkout for an extra fee |
Privacy policy |
Free of loopholes, with no basis for logging user identities or activities RAM-only servers make long-term logging impossible Parent company Kape Technologies is bound to the same rules Passed two audits by Deloitte, but reports are only available to subscribers |
Virtual location change |
Never blocked by Netflix Canada and UK servers failed to change content three times each Tests were successful in Australia, Japan and Italy, but speeds remained a problem |
Server network |
155 locations in 91 countries 59 percent of servers are virtual |
Features |
Two levels of kill switch — stronger setting prevents all internet access before you connect to the VPN PIA MACE is good at blocking banner ads Controlling maximum download unit size can improve speeds App and IP-based split tunneling with normal and inverse options Automation generally doesn't work Multi-hop uses ShadowSocks or SOCKS5 obfuscation Port forwarding supported |
Customer support |
Written knowledgebase is not easy to use Live chat is attentive but slow and not always expert Support team answers email tickets quickly |
Background check |
Owned by Kape Technologies No serious hacks or breaches Former CTO came with some controversy, but no longer works there Two court cases have confirmed PIA doesn't store logs |
Installing, configuring and using Private Internet Access
Private Internet Access downloads and installs with very little friction across all the platforms that support its apps. Since I have basically no complaints about the experience of setting it up, I'll spend this section focusing on how it feels to use PIA on each platform.
I have a number of issues with how PIA structures its apps on each OS, but I want to preface them by saying that this VPN generally works fine. It connects quickly, its settings are easy to toggle and it never puts active obstacles in the user's path. Each app except iOS has a soothingly dark aesthetic that's always readable. Keep that baseline in mind when I start describing what PIA could have done better.
Windows
There's no good way to describe PIA on Windows or Mac except as a mobile app dragged kicking and screaming onto desktop. This VPN app never misses an opportunity to remind you that it would rather be on your phone. By default, it's attached to your lower toolbar and cannot be moved or resized. You can change the settings to have it launch in a movable window instead, but you still can't change its size.
The main window is cluttered, but once you figure it out, there's a much higher degree of customization than most VPNs offer. Clicking the arrow at the bottom opens a long panel of additional widgets, including quick-connect links, usage stats, a snooze option and buttons for some of the settings you'll use most commonly. You can drag these elements around to reorder them, or click the ribbon icon to move each to the default launch display. It's quite cool — just not especially intuitive.
The server list is another example of PIA's mobile fixation. Despite having an entire screen to work with, PIA on Windows does not let you view the main display and the server list at the same time — you have to click the arrow by the name of the current server to swap in the list of locations. This list can be organized by country name or by live latency test, though the buttons to change this are not clearly marked as such.
Though the search bar works quickly, the streaming-optimized servers are not sorted out from the rest. You have to type "streaming optimized" into search to see if your chosen country has a streaming server.
You can click the three dots at top-right to go to the settings menu, which is a breath of fresh air after the clunky main UI. Settings are arranged in tabs, and each tab's design makes it easy to tell what its feature does and how to control it. PIA's launch window feels over-engineered to make a distinct first impression, but the settings menu is free from that hangup.
Mac
PIA's Mac app also feels like it was designed for mobile and then ported to desktop. Like the Windows app, it's attached to the toolbar until you change the settings to let it move independently. After that, it has the same problem of being crammed into a mobile-sized window, with the server list and the main UI not visible at the same time.
The Mac version also has the unique problem of not showing up in the system dock, instead working entirely from the toolbar. That said, right-clicking the toolbar does let you connect to the VPN and even choose a location, which is awesome and provides some justification for this design choice (though I'll point out that this could also be done from a dock icon).
The main window of the Mac app can be reordered or expanded through clicking and dragging just like the Windows UI. The settings panel is accessed the same way and is just as seamless to use. In fact, one big point in PIA's favor is that its two desktop apps are almost identical — water in the desert after the wild swings of Norton VPN.
Android
Having already complained twice about PIA's desktop interfaces feeling like mobile apps, I had high hopes for it on Android. While it functions just as smoothly here as everywhere else, it comes with a set of design decisions that are weird in a whole new way.
First of all, you can't sort the server list alphabetically anymore; it's arranged by current latency instead, which means the list is constantly shifting in real time. Customizing the main window is now done by clicking a button at the top-right of the screen. This flips the entire look in a way that's likely to startle first-time users. It's ultimately the same interface as on desktop — drag widgets around and toggle whether or not they're seen — but it could be handled better.
The preferences list is not nearly as user-friendly as on the two desktop apps. Most of the important features are buried two menus deep under the tab marked "Settings," except for split tunneling, which is called "Per App Settings" for some reason (and barely explained).
The larger issue, though, is that PIA on Android is extremely dependent on making you change system settings outside the app — which would be fine, except that it hasn't figured out a working interface for actually doing that. Almost every time I was prompted to change something in the settings, I got stuck on a prompt page with a useless button. Going into Settings and making the changes manually did nothing to unstick these pages.
iOS
Of all PIA's VPN apps, iOS is the closest to a home run, save for the inexplicable decision to lock the interface in light mode. I gather PIA was just trying to keep its iOS and Android apps visually distinct, but throwing out one of its best aesthetic choices isn't the way to do that.
That gripe aside, everything else is nearly ideal, pointing to iPhone and iPad as PIA's natural home. The option to toggle what appears on the main page is finally done right — you still have to tap a button that causes a bit of whiplash, but it's much clearer what you're meant to do in order to shift, add and remove widgets.
Browser extensions
PIA's browser extensions are available for Chrome and Firefox. They look fairly similar to the desktop app, but with some distinct features for the web. The best is the ability to instantly add the website you're currently on to the bypass list, which is incredibly handy if you're doing something non-sensitive and the VPN is actively slowing it down.
The extra features are organized into three categories: security, privacy and tracking. Security blocks WebRTC leaks and automatically connects unsecured websites through HTTPS. Privacy blocks websites from accessing your camera, microphone or real location and can prevent you from connecting to websites with known security concerns. Tracking, as you might guess, blocks various forms of activity trackers.
It's both very thorough and surprisingly different from any of PIA's other apps — there's reason to use this extension even if you're already using a PIA app on the same device. However, its explanations of each feature rely a bit too much on technical jargon, so casual users might not find many of them helpful.
Other platforms
Private Internet Access can also be installed on Linux and has native apps for Apple TV and Android TV. To protect any other internet-capable device, including game consoles, you can install PIA on your router, which automatically protects any device connecting through your home WiFi.
Private Internet Access speed test
I used Speedtest by Ookla to test how much Private Internet Access impacted my browsing speeds. Running a VPN inevitably reduces download speed (how fast web pages display), upload speed (for posting and torrenting) and latency (the gap in real-time communications, such as during games and live chats. The real question, then, is whether PIA can keep those reductions as minimal as possible — like my current speed champion, Surfshark.
Server location |
Ping (ms) |
Increase factor |
Download speed (Mbps) |
Percentage drop |
Upload speed (Mbps) |
Percentage drop |
Portland, USA (unprotected) |
13 |
— |
57.92 |
— |
5.64 |
— |
Las Vegas, USA |
105 |
8x |
40.33 |
30.4 |
4.55 |
19.3 |
Montreal, Canada |
512 |
39x |
48.14 |
16.9 |
5.61 |
0.5 |
Chile |
413 |
32x |
44.63 |
22.9 |
5.60 |
0.7 |
Milan, Italy |
672 |
52x |
41.55 |
28.3 |
3.69 |
34.6 |
South Africa |
1120 |
86x |
26.88 |
53.6 |
4.36 |
22.7 |
Sydney, Australia |
350 |
27x |
28.08 |
51.5 |
5.26 |
6.7 |
Average |
529 |
40.7x |
38.26 |
33.9 |
4.85 |
10.9 |
This speed test was a marked disappointment. PIA had some of the most inconsistent readings I've seen on a VPN in some time — so bad I initially assumed there was something wrong with the speed tester. I ran more speed tests on more days than I usually do, just to make sure a fluke outlier didn't permanently taint PIA's score. Speeds were often good, but occasional sharp drops suppressed them.
This problem was especially pronounced with latency. In practically every test, the three pings swung wildly, sometimes ending up above 2000 milliseconds (or, as we call it in the business, two seconds). I can't say what the problem is, but until PIA fixes it, I don't suggest using this VPN for any split-second gaming.
Additionally, on my first day of testing, the server location PIA chose as the fastest gave me four-digit pings, download speeds below 2 Mbps and no upload speeds at all. Other servers worked, so the problem wasn't on my end. This didn't happen in every location by any means, nor on every test — but it repeated in Montreal, implying an issue with more than one PIA server.
Due to several low outliers, PIA's worldwide averages don't look good at all compared to other VPNs. The best news in the table above is that upload speed only dropped by about 11 percent, and download speed by about 34 percent, retaining two-thirds of my unprotected speed. But the inconsistency is a serious problem; PIA might be quite fast at times, but it’s unpredictable. I've reached out to PIA for comment on its speeds and will update this when I receive a reply.
Private Internet Access security test
Since most websites today use HTTPS encryption, it's very difficult for third parties to see precisely what you do online — but motivated people can still see your real location and the sites you visit. The purpose of a VPN is not to keep you completely anonymous or safe online, but to prevent your IP address and DNS requests from being visible to your internet service provider or anyone else.
I looked from three different angles to see whether Private Internet Access is actually capable of doing what its name promises. First, I checked to make sure it uses VPN protocols considered to be secure. I next used an IP address checker to see if any locations leaked my IP address, and finally ran a WireShark test to ensure all protocols applied encryption evenly.
VPN protocols
PIA uses three VPN protocols to mediate between your device and its servers — OpenVPN (over TCP or UDP), WireGuard and IKEv2/IPSec. OpenVPN has provided reliable VPN security for many years now; it's open-source and constantly updated by volunteers to stay current. TCP is slower but more stable, while UDP is faster but more likely to drop connections. OpenVPN is available on all PIA apps.
WireGuard is a newer protocol that PIA contributed to the development of. It's leaner and often faster than OpenVPN, and uses a stream cipher that's harder to crack (though in practice, both WireGuard and OpenVPN use cryptography unbeatable by existing technology). WireGuard is available on all PIA apps.
WireGuard's one downside is that it stores user IP addresses to keep the tunnel open — but that's no issue if a VPN is following its no-logging policy, which I believe PIA is. See "Close-reading PIA's privacy policy" for more details.
IKEv2/IPSec is only present on PIA's iOS app. Its ability to stay connected through rapid network changes makes it great for mobile, so it's disappointing not to see it on Android as well. IKEv2 isn't open-source like OpenVPN and WireGuard, but when paired with the IPSec suite, it's just as secure.
Leak test
To run this test, I wrote down my IP address without VPN protection. Then I connected to several PIA servers and checked whether ipleak.net showed me a different IP address, ideally in a wholly different location. PIA passed the first round of tests easily, as you can see in the screenshot below — I never once saw my real location, which means neither DNS nor WebRTC was leaking it. PIA also blocks IPv6 on all apps to prevent it from leaking (this can't be disabled).
However, since reviewing Norton VPN, I've gotten paranoid about VPNs letting security drop during server switches. So I added another test in which I changed servers several times while watching the IP leak test. PIA passed this test as well, always jumping seamlessly from one VPN location to the next without ever revealing my real IP address.
Encryption test
The last step in testing VPN security is to use a packet sniffer like WireShark to make sure the traffic you send is actually getting encrypted. It's pretty rare for even the jankiest of VPNs to fail this part, but any VPN that does fail gets an automatic blanket no. Luckily, PIA passed on all three protocols, as WireShark showed data packets with clear encryption.
How much does Private Internet Access cost?
Cost is one of the biggest reasons to pick Private Internet Access as your main VPN. At the monthly level, it costs $11.95 — not that much cheaper than its competitors and more expensive than some of the best, including Proton VPN.
The long-term plans change all of that. One year of PIA costs just under $40, or $3.33 per month. The three-year plan is an even heavier discount, costing just $79 and including three bonus months in the first period. That works out to $2.03 per month for the first three years and $2.19 per month after that.
A single PIA subscription can be used on an unlimited number of devices. This could potentially stretch your money further still, covering an entire family, friend group or small business. Having said that, as with Surfshark, you can still be restricted for using an excessive number of devices. PIA's terms of service document states that it may contact users who appear to be abusing the privilege and can restrict access to the VPN if the abuse persists.
Private Internet Access side apps and bundles
Alongside the basic Private Internet Access VPN service, there are a couple of add-ons worth noting. You can select one or both of these on the checkout page after choosing your plan.
PIA Antivirus runs continuous malware scans and sends you alerts whenever any activity matches its database of known viruses. You can schedule system-wide scans to catch malware that might have made it through the net. There's also a quarantine box for storing malicious files. The main thing you won't get is the kind of actively learning antivirus system that can catch new threats based on their behavior — for that, I still recommend a dedicated AV app. Adding antivirus costs $4.50 per month, $24 for a year or $36 for three years.
A dedicated IP address ensures you'll have the same IP address every time you connect to the VPN. A constantly fluctuating IP can trigger CAPTCHAs on some pages, so if you're sick of having to identify crosswalks just to use Google, this extra fee might be worth it. You can also add your dedicated IP to allowlists for remote access services. A dedicated IP address through PIA costs $5 a month, $51 for a year or $90 for three years.
Close-reading Private Internet Access's privacy policy
A VPN's privacy policy is a legal document that lays out the terms of its relationship with its users. It's easy to assume it's all hollow words, but directly contradicting its own policy can get a provider in trouble. Looking closely at PIA's privacy policy can tell us what its priorities are, what your rights are as a user and how much you can trust it not to exploit its access to your secrets.
PIA is a Kape Technologies property, like ExpressVPN and CyberGhost. I'll get into that more in the background check, but for this section, my overriding question was whether any loopholes in the privacy policy might allow PIA to share user data with its parent company, and from there to its other properties.
Fortunately for me (and everyone who cares about this stuff and isn't a lawyer), PIA has a very succinct and transparent privacy policy, mostly made up of bullet points. At the top, the policy states that PIA always handles customer data in accordance with the General Data Protection Regulation (GDPR), even outside of the EU. Further down, we get this key statement:
That's pretty definitive, leaving very little wiggle room. It doesn't include device fingerprints, which can be used in place of IP addresses and activity logs, but lower down, the policy states that device identifiers can only be gathered from users who opt in — and thankfully, PIA's apps do not send that information by default.
The next section discusses what PIA can do with the information it does collect. It's permitted to share customer support data with Deskpro, which powers its live chat assistance. It also uses Stripe, PayPal, Amazon Pay and BitPay for payments, but sharing email addresses and payment methods with financial processors is standard even for the most private VPNs (Mullvad has this same carve-out, to name one).
PIA ends the privacy policy by addressing the question of its parent company, Kape Technologies, stating: "neither PIA nor anyone at Kape Technologies logs or stores any kind of substantiative [sic] Personal Data, user browsing data, or individual connection data other than what has been outlined here, nor do we share any personal or usage information with third parties for marketing purposes."
Misspelling aside, I'm perfectly satisfied with the policy. Combined with PIA's use of RAM-only servers without long-term information storage, this document all but eliminates the potential for abuse. A PIA representative confirmed for me that while some user data is handled by "cross-group employees," none of it is sensitive or identifiable.
Independent privacy audits
Third-party audits are one more critical piece of evidence we can use to decide whether a VPN is trustworthy. PIA passed an audit of its systems by Deloitte Romania in April 2024, which found that it was adhering to its no-logs policy.
The report itself is only available to subscribers, which is a bit annoying, but at least not unique. After downloading it through my account portal, I was able to confirm that Deloitte's investigation found nothing in PIA's systems that went against its privacy statements.
Can Private Internet Access change your virtual location?
Chances are good that you found this review because you need a VPN to mask your virtual location, whether that's to get around age verification or to see what's streaming on your favorite platforms in other countries. This section's test is designed to see if Private Internet Access is able to change your virtual location convincingly enough for Netflix.
I tried connecting three times in each in five different locations and recorded my results in the table. I used the streaming-optimized servers whenever possible, and the WireGuard protocol for the best speeds. "Unblocked Netflix" shows whether I got to Netflix without being caught using a VPN, and "Changed content" shows whether I actually saw a new library.
Server location |
Unblocked Netflix? |
Changed content? |
Canada |
3/3 |
0/3 |
United Kingdom |
3/3 |
0/3 |
Japan |
3/3 |
3/3 |
Australia |
3/3 |
3/3 |
Italy |
3/3 |
3/3 |
My findings continued the trend of PIA being just good enough that I'm frustrated by the ways it fails to be better. PIA never got caught, which indicates that it's taking care to not use IP addresses Netflix has blocked. Three of the five locations — in Japan, Australia and Italy — managed to change the contest I saw.
However, with all nine tests in each of those three virtual locations, PIA's speeds dragged so much that I waited several minutes to see if it had actually worked. The other two server locations, Canada and the UK, didn't change Netflix at all, no matter how many times I disconnected and reconnected.
The bigger problem, though, is that PIA's fluctuating speeds meant Netflix took ages to load and often froze until I refreshed it. Shows stuttered and lagged even when I could watch them. Until it fixes whatever is going on with its speeds, PIA won't be a good choice for streaming in any location.
Investigating Private Internet Access's server network
Private Internet Access has 155 server locations in 91 countries. Confusingly, I counted that it also has 91 virtual server locations, though it's not the same 91. Its network is heavily weighted toward Europe, which accounts for 44 countries, but there's also decent representation in Asia. Traditionally underserved South America and Africa get nine and four locations respectively, though they're all virtual.
Region |
Countries with servers |
Total server locations |
Virtual server locations |
North America |
8 |
64 |
45 |
South America |
9 |
9 |
9 |
Europe |
44 |
48 |
14 |
Africa |
4 |
4 |
4 |
Middle East |
6 |
6 |
3 |
Asia |
18 |
18 |
16 |
Oceania |
2 |
6 |
0 |
Total |
91 |
155 |
91 (59 percent) |
Virtual server locations aren't necessarily a bad thing, but when used to excess, they may indicate that a VPN is more concerned with making its server network look big than ensuring it works for every user. PIA's server network is more than half virtual worldwide. Recently, it's added locations in every US state — again, mostly virtual, which makes it come off as more of a stunt than a genuine improvement. Given the trouble I had using PIA for this review, I find that there's something to the claim that it's more interested in growing than in working.
PIA's website has a helpful page that shows where virtual servers are physically located, though it's out of date, having been updated last in July 2023. The list shows that PIA tries to put the real locations of virtual servers as close to their displayed locations as possible. There are a couple of weird choices, like the Buenos Aires server really being in Miami, but that's mostly kept to a minimum.
Extra features of Private Internet Access
Private Internet Access doesn't have the wealth of features you'll see on the likes of Surfshark or NordVPN, but it's not quite as bare-bones as ExpressVPN, either. Some of its most interesting extras are self-explanatory, while others are a little technical. I'll explain the most important features here.
Kill switch
A kill switch is a must-have for a safe VPN. While active, the kill switch makes it impossible to connect outside the VPN tunnel, which keeps you from accidentally connecting to malicious fake servers. This also means that if PIA drops your connection for any reason, you won't be able to get online at all — which can be annoying, but saves you from broadcasting any sensitive information without encryption.
PIA comes with two levels of kill switch. The basic version watches for traffic outside the tunnel when the VPN is active. The stronger "advanced kill switch" works even when you aren't connected to the VPN, so you cannot get online at all without being protected by PIA first.
PIA MACE
MACE is PIA's ad blocker. It keeps a list of domains known to display ads, malware, scams or invasive trackers, and blocks them all from loading. This won't stop all ads, since some of them come from domains considered legitimate — notably, MACE can't do anything about YouTube video ads — but it works on most banner ads and definitely lightened the load on my browser.
MACE is available on all PIA's apps except iOS. iPhone and iPad users instead get a content blocker that does much the same thing, but only on Safari. If you prefer to use Chrome or Firefox on your iOS device, you're out of luck (unless of course you get another ad blocker).
Maximum transfer unit (MTU)
MTU is a somewhat technical feature. You may not need it, unless your connection is extremely sluggish and the traditional fixes don't work. In short, MTU limits how much data can move through PIA's servers at a time. Large packets complete loading faster, but may struggle on shaky connections. Small packets make for slower but more stable downloads overall.
I say you probably won't need it because it's almost always best to leave it on the auto setting and let PIA pick MTU on its own. I ran some speed tests with both the large and small MTU options and didn't see a noticeable difference. That indicates that PIA is pretty good at picking the best MTU, so in most cases, just let it cook.
Automation
On the automation tab in PIA's settings, you can set up rules to save you some trouble with the VPN. On Mac and iOS, automation can respond to three types of network: protected Wi-Fi, open Wi-Fi and wired. On each of these, you can set PIA to automatically connect or disconnect. That's it — you can only have a maximum of three rules.
Android and Windows users get the option to make rules for specific networks, but only the network they're currently connected to. On every platform, there's no way to determine which server PIA auto-connects to. It always picks the fastest.
The inch-deep options on their own would make for a disappointing feature, but there's a bigger issue: it doesn't work half the time. I spent at least an hour on four different platforms trying to make automation happen. On iOS and macOS, I could make the rules, but they never triggered. With Android, I got stuck at a prompt telling me to enable location services, which I had already done.
Windows was the only version where PIA's automation worked the first time. On the plus side, it gave me the question I used to test PIA's customer support.
Split tunneling
Split tunneling — which lets you decide which apps or websites go through the VPN tunnel and which stay outside — is a common feature, but PIA surprisingly has one of the best implementations of it. To start with, it can split tunnel by app or by IP address, which lets you protect specific websites or leave them unencrypted.
In another layer of versatility, you can make your split tunnel rules in normal or inverse fashion. Either every app and website uses the VPN except the ones you designate, or only the ones you designate use the VPN. All these options give you a much finer level of control that you get over the automation feature.
Multi-Hop via Shadowsocks and SOCKS5
Double-hop or multi-hop is when a VPN runs your requests through two servers instead of one. PIA handles multi-hop a little differently than other VPNs, as the second server will always be a Shadowsocks or SOCKS5 proxy. These two protocols are designed to obfuscate VPN traffic so it looks like a regular connection, which gets you around certain firewalls.
If you choose a SOCKS5 proxy, you'll need to get a server address from an outside service and set it up yourself. If you pick Shadowsocks, which is the more secure option anyway, you can choose from a list of locations to use as the first node. It's nice to have so many choices, but still a bit frustrating that you can't get obfuscation without also using double VPN (which only works on the OpenVPN protocol).
Port forwarding
The final PIA feature worth noting is port forwarding, which keeps the VPN from getting in the way of any outward-facing services you might be using. This gives you a more stable connection on remote desktop protocols or torrenting clients — especially the latter, as that's the sort of traffic you really want to keep encrypted.
Private Internet Access customer support options
When I set out to test the automation features of Private Internet Access, I found myself blocked on the Android app. A notification popped up telling me to enable background access to location services, but the button labeled "go to permissions settings" didn't do anything. I took the long way around and made the changes myself, but the pop-up remained stubborn.
This gave me a perfect opportunity to see how PIA helps users caught in predicaments like this one. First, I went to the website and clicked "support" in the top banner to reach the PIA helpdesk. Then the trouble started. I opened up the Android guide on my Mac laptop and waited several minutes for the file to load. When it didn't, I tried my Android phone, which also didn't work. I checked back on the laptop, where I finally saw the guide after reloading the page.
After all that, the guide said nothing about my problem. Nor could I find it anywhere in the general FAQs, which kept splitting into smaller and smaller categories which never really explained what I'd find. However, after a few minutes of searching, I found the problem had resolved itself with no explanation.
Live support experience
I still had to test live chat, though, so I pivoted to a new problem: how to get the Android automation feature to recognize my home Wi-Fi network instead of calling it "unknown SSID." I couldn't be sure it was my own network and not a malicious duplicate. This may sound like paranoid nitpicking, but paranoid nitpicking is the bread and butter of cybersecurity.
I first had to find live chat, which confusingly can't be accessed through the helpdesk — you have to go back to the main website. I managed to get past the AI gatekeeper fairly quickly, and sat to wait for a human agent.
In less than a minute, I was chatting with Carl, who requested screenshots and ran me through some tests. Carl was able to explain that the pop-up problem had resolved because I'd given PIA full access to location services (which is not something the window itself specified I would need to do), but the unknown SSID issue persisted.
Carl was diligent, but slow. After well over 30 minutes of back-and-forth, during which I sent over two screenshots and a debug log, he told me we'd have to escalate the problem. I got an email from the support team about a day later that suggested I try connecting to other Wi-Fi networks and see if the problem persisted; this eventually led me to discover the culprit in my router settings, so I can't blame PIA for this one.
Private Internet Access background check
The final step, as always, is to look into the history of Private Internet Access as a corporation and look for any red flags I may have missed. A VPN's biography can reveal its attitudes about critical aspects of its job and show how it might behave in the future.
PIA was launched in 2010 by Andrew Lee in Denver, Colorado, where it's still based today. In 2019, the brand was acquired by Kape Technologies, owners of ExpressVPN, CyberGhost and the now-defunct ZenMate. I won't relitigate the full Kape controversy here; you can find a longer summary in my ExpressVPN review. Suffice to say that while it's come under scrutiny in the past for tacitly allowing its products to become malware vectors, there's no evidence the acquisition changed anything substantial about how PIA operated.
Most of the usual red flags aren't factors here. PIA has never suffered a serious hack or breach. In its 15-year record, I only found two things worth pointing out: a controversial executive and its United States headquarters.
Former CTO Mark Karpeles
Mark Karpeles was the CEO of Mt. Gox, the market for Magic: The Gathering trading cards that became the world's largest crypto exchange, only to lose it all in a massive hack that's never been fully explained. Karpeles was arrested in Japan after the heist and found guilty of falsifying records, but was sentenced to time served and released in 2019.
While the Japan trial was ongoing, Karpeles joined PIA parent company London Trust Media as its chief technical officer. PIA founder Andrew Lee defended the hiring in a statement on the PIA blog, writing that "If we, as a society, do not give second chances to those who fall, then we as a society will cease to progress," and comparing Karpeles's arrest to Steve Jobs being forced out of Apple.
Neither man works at PIA anymore. According to his LinkedIn, Karpeles left London Trust Media after the Kape Acquisition in 2019. Lee left at the same time, and these days seems less interested in cybersecurity than in trying to become the Prince of Korea.
Bottom line: Although hiring an executive in the middle of his malfeasance trial may be terrible optics, the whole controversy isn't relevant to the VPN's operations today.
US headquarters and Five Eyes
The other potential sticking point with PIA is that it's headquartered in the United States, which is a member of the Five Eyes intelligence sharing agreement. Now, I'm on the record as not thinking Five Eyes is a big deal for a VPN — either the VPN is following its privacy policy, in which case it'll have nothing to share with intelligence agents, or it's not, in which case its location is the least of its problems.
As I concluded in the Privacy section, whatever PIA's flaws, it's not mishandling user data or violating its own privacy policy. That's not only confirmed by two audits, but also by two separate court cases in which PIA was unable to comply with requests for logs on its customers. If the VPN doesn't save information, there's nothing for Five Eyes to access.
Final verdict
There's plenty that does work about PIA. Its privacy and security are unimpeachable — it uses vetted protocols with strong encryption and doesn't leak. Its iOS app is a nearly perfect mobile VPN, and the ability to customize the home screen on every app is a great touch. Split tunneling is outstanding, MACE blocks ads efficiently and I even like the automation (though I wish it was deeper).
But PIA is aggravating to use in too many ways. While its servers are frequently fast, you can't trust that download speeds will hold from one moment to the next. Basic quality assurance, like assuring pop-up buttons always do something when pressed, seems to have gone by the wayside in its Android app.
In spite of it all, I still recommend Private Internet Access as a budget VPN. Its three-year plan is the cheapest subscription on the market right now. At $2.00 per month, I'm prepared to forgive a lot, especially at a time when all our wallets are squeezed.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/private-internet-access-vpn-review-both-more-and-less-than-a-budget-vpn-120033882.html?src=rss
