Top VPN websites are tracking visitors with sometimes dangerous or privacy-unfriendly third-parties, as well as creepy session-recording scripts. These session-recording scripts, by the way, allow websites to record video of your movements around their websites, which also includes what you click on, what you search for, and much more. VPNpro’s research team analyzed 120 top VPN websites, and found that the situation is pretty bad when it comes to VPNs’ true commitment to privacy. Main takeaways you need to know Out of 120 VPN websites, 102 have at least 1 tracker, and 26 websites have at least 10 trackers From the analyzed websites, there are 32 total session replay scripts 45 websites have Facebook trackers, and 39 websites have more than 1 Facebook tracker 17 websites have trackers from risky third parties There are only 13 websites that have no trackers at all Why session-replay scripts are so dangerous Websites that use session-replay scripts are able to see what you’re doing on their websites. This is because they This is useful for websites to help understand what the users are doing on their sites, so that they can improve their marketing. actually record video of your actions. For anyone outside of marketing and sales, that’s a bit creepy – especially when it’s a VPN website that is supposed to put your privacy at the core of its business. Our researchers found that , and Avast SecureLine VPN even had 3 different scripts to record users better. 26 websites have session-replay scripts Even worse, found that these session-replay scripts can “expose users to identity theft, online scams, and other unwanted behavior.” Princeton researchers The riskiest trackers While trackers are generally not great for absolute privacy since they track and record your behavior, there are some that are very risky. These bad ones include trackers that with third parties. These avoid-at-all-costs trackers include Openx, BlueKai, and Taboola. share personally identifiable or pseudonymous data For example, allows it to It was even accused of bypassing regulations in order to share data with other companies. OpenX’s privacy policy collect your age, gender, marital status, your phone information, IP address, and even your exact GPS location. BlueKai, on the other hand, has been mentioned multiple times for . A [pdf] mentioned that BlueKai and other data brokers fail users in the security of their data storage, the fact that they sell data to other companies, and the fact that ad brokers can accidentally expose user data. violating user privacy research paper What can you do? use extensions and tools like , which can help block many of these trackers and session-replay scripts Ghostery use privacy-by-default browsers like Brave