I have seen the following argument (summarized here as I understand it):
Despite the promises that VPN providers make, it is known that they will often monitor your traffic, collect logs, might share your information, and will collaborate with law enforcement. Renting a VPS and running an OpenVPN server on it and using that as your VPN, is better - because you have full control over the logs. Let’s assume we trust the VPS provider to adhere to their TOS and privacy policy.
To talk about a concrete typical usecase, I am thinking about how this applies to downloading illegal torrents. In my current view, the only scenario in which the self-hosted option makes sense is if you pay for hosting using crypto and reveal no personal information during the process. Otherwise using a VPS would be virtually the same as downloading it through your ISP - and in some cases even worse - because the VPS provider might be more easily pushed to throwing you under the bus if abuse is reported since this might be a TOS violation. On the other hand, a VPN provider has a much larger motivation to protect users against this because the way that users perceive these protections is fundamental to their business model.
So, is there a reason to self-host a VPN instead of using a VPN provider? If so, should the VPS be acquired anonymously, or are there ways to protect yourself while using a provider that you gave your personal information to?
The only reason I can think of to use a VPN is to get access to content that’s location restricted. Setting up OpenVPN on a VPN is pretty straight forward, and VPS hosting is pretty cheap nowadays. I really don’t see a reason to use a provider if you have the technical skills to set up your own. Furthermore, if you control the VPN server then you can ensure that it’s not logging your activity.
There are many more uses for VPN’s, but most of them is for circumventing things. The most legitimate use for VPN’s I can think of is avoiding snooping by randomers on open WIFI’s.
I find the value of VPNs are often overstated when it comes to privacy. If you’re on a public WIFI and you’re going over HTTPS, which is pretty much all traffic nowadays, then all you’re leaking is the address you’re connecting to. And of course, if you are using a VPN provider then they have access to all the unencrypted information going through the VPN. This means the VPN provider will know what sites you go to, how often, etc. So I think if you do use a VPN for privacy then you definitely want to run your own.
I do find it convenient to have the ability to change my location quickly, but I am willing to give up on some of this flexibility. I am trying to understand the tradeoffs.
The main downside of having a private VPN is that the location is fixed to wherever the VPS is located. The downside of using a provider is that they can collect any unencrypted data going through the VPN, and you don’t know whom they share it with.
Given that most of my traffic goes through HTTPS, unencrypted traffic is not much of an issue. What they can do is keep a list of all of the websites a person has visited. VPN providers promise not to do this, but it is likely that they do.
So, what I am gathering is:
A VPN provider gives you more flexibility with geofencing and a faster network speed, but there is a chance that they are logging the websites that you visit. They are less likely to get you in trouble if you torrent because to forward an abuse claim they would need to admit that they log activity, and they will try to avoid that.
A VPS provider is unlikely to log your traffic because this information is less valuable to them. A VPS is more expensive than a VPN provider, but it is possible to use the server for other purposes, and it is possible to delete it when not in use. A VPS is not suitable for illegal network activity because the abuse reports get routed to you.
that about sums it up