The story of how a certain VPN company tried bribing me

Note: This was originally posted last week, but contained some personal information which violated Reddit rules. That information has since been removed and is now being reposted.

Early on, my VPN Comparison project had evoked reactions of admiration from some, and anywhere between annoyance and vitriol from others. The latter usually took the form of companies on the list who didn’t like that I made evident certain policies or who noticed that they don’t compare favorably. For the last couple of months, every now and again, I’ll get messaged by some throwaway account with vague threats or angry rambling trying to discredit me. This has made me extra cautious as I check messages - anyone could be sending anything and (as you are probably already aware people are often not who they claim to be online).

So, onto the story:

Last week, I received some reddit mail from an individual claiming to be from a certain VPN company. The individual then proceeded to offer me a bribe - a lifetime subscription to their service (which they told me was up for negotiation), in exchange for my cooperation in recommending their service and bringing them up casually in conversation.

The original reddit mail:

Dear That One Privacy Guy

My name is [redacted] and I am the PR Manager Digital and Partnerships at Ivacy VPN. I really appreciate your hard work that goes into making a comparison sheet of VPNs. I really admire it and at times have taken references comparing VPNs.

Right now, I have something great to offer you. As a PR Manager of Ivacy, I can offer you a lifetime account of Ivacy VPN, but, I would really appreciate if in return you can create a post or mention us on your forums or threads that you create.

See, people look up to you as an authority- as an influencer, and if you mention us in any relevant discussion, that’ll be a very beneficial thing.

So, I will really appreciate your positive response in this regard, or any terms that you want to put forward. We are open for negotiations.

Regards, [redacted]

My first reaction was “check the account” which confirmed the throwaway with this as its first post. Given the attention the project had recently gotten on several big tech blogs and other places, I almost dismissed is as just some troll. But then I stopped to think about it. Half of the reason I started my project was because of affiliate corruption, and sadly, it wouldn’t be beyond the realm of possibility for this be legitimate. I owed it to the community to investigate further.

I replied to “[redacted]” that we should take the conversation to email, which I created a throwaway email account for. “[redacted]” sent me an email shortly after confirming that he indeed wanted to discuss further his proposed arrangement.

Dear, That One Privacy Guy,

So, I have emailed you on reddit regarding the deal. What would you like to know more. I would really appreciate your feedback.

As I’d hoped, he took the bait and I got what I wanted for confirmation - the email headers. They revealed that the email had indeed come from someone at @ivacy.com, but not from “[redacted]”. the email address came from one “[redacted]” instead.

The relevant bit from all the way at the bottom:

Received: by [redacted] (Authenticated sender: [redacted]@ivacy.com, from: [redacted]@ivacy.com)

So, I started googling and looking for connections between [redacted] and Ivacy - and I found exactly what I was looking for.

Post after post by [redacted] with more of the same astroturfing spam I had seen on reddit earlier. This also included, (but I can’t post here as to not break reddit rules) a link tying this individual directly to the company.

I just want to leave you with some thoughts about privacy. We live in a society where privacy is undervalued and under assault daily. Some people eventually notice this and discover that they do value their own. They set out on a pilgrimage of sorts to educate themselves and learn about tools to help them protect it (as I did when I started my project). Because we depend on each other for direction and others to write software and run services to help keep us secure - TRUST AND TRANSPARENCY - are paramount.

However, transparency comes before trust. Encourage transparency in the tools and companies we rely on.

Our privacy is hard enough to protect without these kinds of deceptive practices making us second guess our options.

It’s hard to put into words how much work /u/thatoneprivacyguy has put into his excellent resource, VPN Comparison Project. VPNs, honestly, were too much for me to sort through myself.

He even licenses it under Creative Commons, NC w/ Attribution.

It would have been easier – so much easier – to let what appears to me to be a blatant bribery attempt go ignored or make a half-cocked accusation. He didn’t.

Simply awesome.

I’m also struck by the fact that if you can’t trust a VPN to not try bribing their way into a desirable list, how can you ever trust them to do the right thing when a third party hits them up to find out what users are doing using their service? In my eye, you can’t.

TL;DR: there’s a lot of snake oil privacy being peddled out there – /u/thatoneprivacyguy is fighting the good fight to separate those scammers from the genuine article.

PS: There’s a FAQ tab in the Google spreadsheet. Post any questions/comments you like, but you can also check there.

You are the hero this sub needs my friend.

I think is very funny company get angry from this, very unprofessional and much like only internet company do.

Welcome back and thanks again for all your work.

“TRUST AND TRANSPARENCY - are paramount.”

Since VPN service providers are all about selling you something, and all you ever get to see is a website, how can you believe any of them when they say they don’t keep logs or whatever? I suppose they will say they are not in league with the NSA too, but that doesn’t make it true. Trust = 0 on the internet.

Hey OP, my tinfoil friend uses Tiger and says what you wrote goes against his research.

Yeah, I really appreciate all of the hard work he has put into these posts. Alot of people I know really want to start using VPN’s for privacy reasons after hearing about various recent leaks and all that, but don’t have the knowledge or time to research on what VPN to choose and why. Ever since u/thatoneprivacyguy posted his VPN Comparison chart I have been recommending everyone, whether they currently use a VPN or not, to check it out to see how they all stack up next to eachother.

And another thing, the transparency of this post is amazing. Not necessarily because some VPN company tried bribing someone, that’s a given and is pretty frequent in the business world. But like you said, OP could have just shrugged it off, and moved on. Instead, they decided to bring light to it, share the information (again) with the community so that we can make better decisions on who we trust with our information. And that point right there is why I love this community.

Or he could be lying.

That’s something I’m aiming to help change.

At this point at least, you can start to get a clear picture by looking at all of the available data for a given company. At least you can whittle down your list of possibilities based on who you know is NOT worthy of your trust.

or worse, he could have taken the bribe and done as requested…

Now that the shady VPN companies know he’s incorruptible they’re desperately trying to discredit him by using throwaway accounts to spread lies about him.

They will try to defame him. Because he’s the hero we deserve, and the one we need right now. They will argue ad hominem, but he can take it. He’s a not-so-silent guardian, a watchful protector of our privacy.

ThatOnePrivacyGuy.