Do you really know what they are?
VPNs had a bit of a moment recently. Usage went up, conversations got louder, and there were even the usual attempts to regulate or restrict them once it became clear people were using them to step outside the boundaries set for them. That’s usually where things get a bit confused, because “VPN” gets used like it’s one thing. It isn’t.
VPN is an overloaded term
Ask ten people what a VPN is and you’ll get ten slightly different answers, because it covers a few completely different use cases.
Corporate VPN is the normal one. You connect your device to your company network so you can access internal systems. It’s not about privacy, it’s about access. If you work remotely, this is probably running somewhere in the background already.
Mesh / overlay VPN is more interesting. It makes your devices behave like they’re all on the same network, even when they’re not, laptop, phone, home server, whatever you’ve got running. Tools like Tailscale sit here. Less “hide me”, more “connect everything cleanly”. If you’re running anything at home, this is usually the one that actually matters.
Consumer “privacy” VPN is the one you see advertised everywhere. Route your traffic through a provider so websites see their IP instead of yours. In simple terms: you put your internet traffic inside someone else’s envelope.
What a consumer VPN actually does
It creates an encrypted tunnel between you and the provider, so your ISP sees less of what you’re doing, and websites see the provider’s IP rather than yours. That’s the core behaviour.
What it doesn’t do
This is where the marketing gets a bit creative. A VPN does not make you anonymous, “stop hackers” in some general sense, protect your bank account by existing, or fix bad security habits. It’s a network tool, not a magic shield.
The trust shift
The important bit is this: you’re not removing trust, you’re moving it. Instead of trusting your ISP, you’re trusting the VPN provider, and that provider can see your traffic as it passes through their system. That’s not inherently bad, but it is a decision.
A lot of VPN marketing leans heavily on words like privacy, security, and protection. But if your privacy depends on someone choosing not to look, what you really have is a promise. And promises are hard to verify. “No logs” sounds reassuring, but from the outside, you’re mostly taking that on faith.
So what is a VPN, really?
It’s just a tunnel. A pipe. It moves traffic from one place to another in a controlled way. What matters isn’t the pipe, it’s who built it, who runs it, and what incentives they have.
Sometimes you genuinely need a VPN. Sometimes you’re just paying to hand your browsing to a different middleman. Those two things look the same on the surface. They are not the same decision.
If nothing else, it’s worth asking: who’s on the other end of the tunnel?