A Virtual Private Network (VPN) encrypts your internet traffic and routes it through a server in another location, hiding your IP address from the sites you visit and preventing your internet provider from seeing which sites you access. VPNs are most valuable on untrusted networks (public WiFi), for bypassing geographic content restrictions, and for protecting privacy from network-level surveillance. However, a VPN does not make you anonymous — the VPN provider itself can see your traffic, so its trustworthiness is the critical factor.
Use a reputable VPN service on public WiFi and verify that your visible IP address has changed (search "what is my IP" before and after connecting). Test the speed difference to understand the tradeoff. Read the VPN provider's privacy policy to see what data they log.
From your work on digital privacy fundamentals, you understand that your online activity generates a visible trail: your IP address, browsing history, and connection metadata are visible to your internet service provider, and your IP address is visible to every website you visit. A VPN (Virtual Private Network) addresses the network-level portion of this exposure — but understanding exactly what it does and doesn't do requires thinking carefully about where the privacy gap opens and where it simply moves.
The mechanism works in two steps. First, your device establishes an encrypted tunnel to a VPN server. Second, all your internet traffic travels through that tunnel, exits from the VPN server's IP address, and reaches its destination from there. The result is that your ISP sees only encrypted traffic going to the VPN server — it cannot read the content or see which sites you're visiting. The destination websites see the VPN server's IP address, not yours. This is the core value proposition: you shift trust from your ISP to your VPN provider, and you replace your home IP address with one from wherever the VPN server is located.
This trust-shift is the crucial concept. A VPN does not eliminate surveillance — it relocates who can surveil you. A shady free VPN provider can log everything you do through their server, selling that data to advertisers or handing it to governments. The VPN provider becomes the new potential adversary. This is why provider selection and privacy policy scrutiny matter far more than which VPN protocol is used or how many "military-grade encryption" claims appear on the marketing page. A technically excellent VPN operated by an untrustworthy company provides less privacy than your ISP.
The practical use cases follow directly from the mechanism. On public WiFi — coffee shops, hotels, airports — your traffic travels across a network you don't control, where other users could potentially intercept unencrypted communications. A VPN encrypts the entire stream before it leaves your device, preventing local interception. For geographic restrictions (streaming services licensed by region, censored content), the VPN server's location determines what you appear to access from — connecting to a UK server makes you appear to be a UK user. For privacy from your ISP — which in many countries can sell your browsing data — a VPN moves that visibility to the VPN provider. In each case, the protection is real but bounded: a VPN secures the network layer, not the application layer. Tracking cookies, browser fingerprinting, and logged-in accounts continue to identify you regardless of what IP address you're connecting from.
No topics depend on this one yet.