The global VPN market reached $50 billion in 2025, driven by a simple and compelling premise: encrypt your internet connection, hide your IP address, and your online activity becomes private. NordVPN, ExpressVPN, Surfshark, and dozens of competitors have built substantial businesses on this promise. Hundreds of millions of people use VPNs daily, and many believe that an active VPN connection means their digital life is private.
This belief is wrong. Not because VPNs fail at what they do, but because what they do is insufficient for what most users actually need. A VPN protects network transit. It does not protect the data you send through that encrypted tunnel. It does not prevent the application on the other end from logging your queries, training on your inputs, or building a profile from your behavior. It does not strip metadata from your requests. It does not make your data ephemeral.
The distinction between network-level privacy (what VPNs provide) and application-level plus data-level privacy (what Stealth Cloud provides) is not a matter of degree. It is a categorical difference in what is being protected and against whom.
Feature Comparison
| Criteria | VPN (Network-Level Privacy) | Stealth Cloud (Application + Data-Level Privacy) |
|---|---|---|
| IP Address Protection | Yes – masks IP from destination servers | Yes – edge proxying strips IP before processing |
| ISP Visibility | Encrypted tunnel; ISP sees VPN connection but not content | Edge-native TLS; ISP sees CDN connection but not content |
| DNS Leak Protection | Provider-dependent; many VPNs leak DNS queries | Architecture-level; DNS resolution at edge, no client leakage |
| Application-Level Data Protection | None – data arrives in plaintext at the destination | Full – client-side encryption before data leaves device |
| Metadata Stripping | None – user agent, headers, cookies pass through | Full – all identifying metadata removed at edge |
| Content Encryption | Transit only (TLS to VPN server) | End-to-end (client encrypts, server never sees plaintext) |
| Logging Policy | Trust-based (“no-log” claims, rarely audited) | Architecture-based – ephemeral infrastructure retains nothing |
| Authentication Model | Email + password (identity-linked) | Wallet signature (SIWE) – pseudonymous |
| Jurisdiction Risk | High – VPN provider subject to national law | Minimized – nothing to compel; cryptographic shredding ensures no data persists |
| Threat Model Coverage | ISP surveillance, geo-restriction bypass, public Wi-Fi | ISP surveillance, application data collection, AI training, metadata analysis, subpoena |
| AI/LLM Privacy | None – prompts arrive in plaintext at AI provider | Full – PII stripped, metadata removed, sessions ephemeral |
| Performance Impact | 10-30% speed reduction (encryption overhead + routing) | Minimal – edge compute adds <50ms; no routing detour |
Deep Analysis
What VPNs Actually Protect
A VPN creates an encrypted tunnel between your device and a VPN server. All traffic between your device and the VPN server is encrypted, preventing your Internet Service Provider (ISP), network administrator, or anyone monitoring your local network from reading your traffic content or seeing which specific websites you visit.
This is genuinely valuable in specific scenarios:
Public Wi-Fi protection. On an unencrypted coffee shop network, a VPN prevents trivial traffic interception. Without a VPN, an attacker on the same network could potentially observe unencrypted HTTP traffic (though HTTPS adoption has reduced this vector substantially – over 95% of web traffic is now encrypted via TLS).
ISP surveillance prevention. ISPs in many jurisdictions can legally log browsing history and sell aggregated data to advertisers. In the United States, the FCC’s 2017 repeal of broadband privacy rules explicitly permitted this. A VPN prevents your ISP from seeing which domains you visit (they see only the VPN server’s IP address).
Geo-restriction bypass. By routing traffic through servers in different countries, VPNs enable access to content restricted by geography. This is a convenience feature, not a privacy feature, but it drives a substantial portion of consumer VPN adoption.
Censorship circumvention. In countries with state-controlled internet filtering (China’s Great Firewall, Iran’s National Information Network, Russia’s TSPU system), VPNs provide access to blocked services and information. This is arguably the most consequential use case for VPNs, with direct implications for press freedom and political expression.
What VPNs Do Not Protect
The marketing language of VPN companies – “complete online privacy,” “anonymous browsing,” “total internet security” – implies a scope of protection that the technology does not deliver. The gaps are structural, not incidental.
Application-layer data collection is unaffected. When you use a VPN and then log into Gmail, Google collects exactly the same data about your email activity as it would without the VPN. Your IP address is different (it shows the VPN server’s IP rather than your home IP), but Google identifies you through your account credentials, cookies, browser fingerprint, and behavioral patterns. The VPN changes one data point in a profile built from thousands.
When you use a VPN and send a prompt to ChatGPT, OpenAI receives the prompt in plaintext. OpenAI logs it according to their retention policy. The prompt may be reviewed by human safety raters. It may contribute to training data (for non-API, consumer-tier usage). The VPN hid your IP address from OpenAI, but it did not hide your prompt, your usage pattern, your session duration, or your conversation history. The data that matters most – the content of what you said – traverses the VPN tunnel unchanged and arrives at OpenAI’s servers in the clear.
Metadata passes through VPNs unmodified. HTTP headers, user agent strings, browser fingerprints, cookie identifiers, referer headers, and client-side JavaScript telemetry all pass through the VPN tunnel as-is. These metadata vectors enable cross-site tracking, session correlation, and device fingerprinting regardless of IP address masking.
Research from Princeton’s Web Transparency and Accountability Project has documented that browser fingerprinting – using the unique combination of installed fonts, screen resolution, timezone, WebGL renderer, Canvas hash, and dozens of other browser properties – can uniquely identify over 94% of browsers even when the IP address changes between sessions. A VPN changes your IP. It does not change your fingerprint.
DNS leaks remain endemic. A properly configured VPN should route DNS queries through the VPN tunnel. In practice, DNS leaks – where DNS queries escape the tunnel and are sent to the ISP’s DNS resolver in plaintext – are a persistent problem. A 2024 study testing 62 commercial VPN applications found that 18% leaked DNS queries under at least one configuration, and an additional 12% leaked IPv6 traffic when dual-stack networking was enabled. These leaks expose the domains you visit to your ISP, defeating the VPN’s primary privacy function.
The VPN provider becomes the single point of trust. A VPN does not eliminate the trusted third party; it substitutes one trusted party (your ISP) for another (your VPN provider). Your VPN provider can see all your traffic in the same way your ISP could without a VPN. The privacy improvement depends entirely on whether you trust your VPN provider more than you trust your ISP.
VPN providers universally claim “no-log” policies. The veracity of these claims varies. Some providers have been independently audited (NordVPN by PricewaterhouseCoopers, ExpressVPN by Cure53, Mullvad by Assured AB). Others have been caught logging despite no-log claims – PureVPN provided connection logs to the FBI in a 2017 cyberstalking case, contradicting their stated policy. The fundamental problem is that “no logs” is a policy claim, not an architectural guarantee. A VPN server is technically capable of logging everything; whether it does depends on the operator’s honesty and the legal environment they operate in.
The Jurisdiction Problem
VPN providers are subject to the laws of their incorporation jurisdiction, their server locations, and often the jurisdictions of their parent companies or investors.
NordVPN (Tefincom, Panama) routes traffic through servers in 60+ countries, each subject to local lawful intercept requirements. ExpressVPN (BVI) was acquired by Kape Technologies (formerly Crossrider, UK/Israel), raising questions about jurisdictional exposure. Surfshark merged with Nord Security, consolidating under a Dutch holding company.
The Five Eyes (US, UK, Canada, Australia, New Zealand), Nine Eyes (+ Denmark, France, Netherlands, Norway), and Fourteen Eyes (+ Belgium, Germany, Italy, Spain, Sweden) intelligence-sharing alliances create a web of mutual data exchange agreements. A VPN server in the Netherlands may be subject to Dutch lawful intercept orders, the results of which are shared with US intelligence agencies under Nine Eyes arrangements.
Even “privacy-friendly” jurisdictions are not immune. Switzerland, often cited as a privacy haven, participates in MLATs and complied with requests that led to the ProtonMail IP logging incident discussed in our ProtonMail vs. Gmail comparison. Panama, NordVPN’s jurisdiction, has no data protection law and limited judicial oversight of government surveillance.
The jurisdictional defense is only as strong as the weakest link in the chain: the VPN provider’s incorporation, the physical server location, the data center operator, and the upstream network provider all represent potential compulsion points.
Stealth Cloud’s Architectural Approach
Stealth Cloud addresses privacy at a different layer of the stack. Rather than encrypting the network tunnel and hoping the destination treats your data well, Stealth Cloud encrypts the data itself and strips the metadata before it reaches any destination.
Client-side encryption. In Ghost Chat, your prompt is encrypted on your device using AES-256-GCM with keys generated and held exclusively by the client. The encrypted payload is transmitted to the edge. The edge worker decrypts in an ephemeral V8 isolate (RAM only, no disk I/O), processes the request, and re-encrypts the response. At no point does unencrypted content exist on persistent storage. This is not transit encryption (which VPNs provide) – it is content encryption with client-held keys.
Metadata stripping. Before any request is forwarded to an LLM provider or other backend service, the edge worker removes all identifying metadata: IP address, user agent, request headers, timing information, session identifiers. The request that arrives at OpenAI or Anthropic carries no information that could link it to a specific user. The VPN approach masks your IP but passes all other metadata through. The Stealth Cloud approach removes the metadata entirely.
PII tokenization. The client-side PII engine (a WebAssembly NER module) scans outbound prompts for personally identifiable information – names, email addresses, phone numbers, physical addresses, government IDs, medical identifiers – and replaces them with semantically neutral tokens before encryption. The LLM receives a prompt with the same semantic structure but no actual PII. The response returns with tokens intact, and the client re-injects the real values locally. Even if every other privacy layer failed, the LLM never processes your real personal information.
Ephemeral sessions. VPN sessions leave no trace on the VPN server (assuming honest no-log policies). Stealth Cloud sessions leave no trace anywhere by architectural necessity. Cryptographic shredding destroys the session encryption key, rendering any hypothetically retained ciphertext permanently unreadable. There is no “honest policy” to trust – there is mathematical certainty that destroyed keys cannot be reconstructed.
Pseudonymous authentication. VPN accounts require an email address (and often payment information) to create. Even “anonymous” VPN sign-ups leave email and payment traces. Sign-In with Ethereum requires only a wallet signature – no email, no name, no payment card linked to identity. The wallet address is a pseudonymous identifier; the authentication server stores only a hash of it, and wallets are free to create in unlimited quantities.
Threat Model Comparison
The fundamental difference between VPN and Stealth Cloud is the threat model each addresses.
VPN threat model: An adversary who can observe your network traffic (ISP, network administrator, state surveillance at the network level). The VPN prevents this adversary from seeing your traffic content and destination.
Stealth Cloud threat model: All of the above, plus: an adversary who operates the destination service (cloud AI provider, SaaS application), an adversary who can compel the destination service to produce records (government subpoena, court order), an adversary who can breach the destination service (data breach, insider threat), and an adversary who can analyze metadata patterns (intelligence agencies, data brokers).
A VPN protects the pipe. Stealth Cloud protects the data in the pipe, the metadata around the pipe, and ensures nothing persists after the pipe closes.
Consider a concrete scenario: using an AI assistant to draft a confidential legal document.
With a VPN: Your ISP does not see that you are using ChatGPT. OpenAI sees your full prompt (including confidential legal content), logs it for up to 30 days, processes it on their servers, and can be compelled by court order to produce it. Your IP address at OpenAI shows the VPN server rather than your home address – one data point changed out of dozens collected.
With Stealth Cloud: Your ISP sees a connection to a Cloudflare edge node (indistinguishable from any other Cloudflare-hosted website). The edge node strips your IP and all metadata. The PII engine has already tokenized client names, case numbers, and other identifiers. The sanitized, de-identified prompt reaches OpenAI’s API from a Stealth Cloud relay IP, with no metadata linking it to you. OpenAI’s 30-day retention window contains a prompt with no PII and no user identity. After your session ends, cryptographic shredding ensures nothing persists on the Stealth Cloud side either.
The difference is not marginal. It is architectural.
Verdict
VPNs remain useful for their designed purpose: protecting network-level traffic from local observation. If your threat model is “prevent my ISP from logging my browsing” or “access geo-restricted content” or “protect against public Wi-Fi eavesdropping,” a reputable VPN is a proportionate and effective tool. Mullvad ($5/month, no email required for signup, accepts cash payment) and IVPN are consistently the most privacy-respecting options in the commercial VPN market.
VPNs are insufficient for users whose threat model extends beyond network-level surveillance to include application-level data collection, AI training on user inputs, metadata analysis, or legal compulsion of service providers. A VPN does not protect the content of your AI conversations, the substance of your cloud-stored documents, or the patterns of your application usage. It protects only the network path between your device and the VPN server.
Stealth Cloud addresses a fundamentally different problem. It is not a better VPN. It is not a VPN replacement. It operates at a layer that VPNs do not touch: the application and data layer. The two technologies are complementary rather than competitive – a user could run a VPN for network-level protection simultaneously with Stealth Cloud for application-level protection. But users who believe a VPN provides “complete privacy” are operating under a dangerous misconception that leaves most of their actual data exposure unaddressed.
The Stealth Cloud Perspective
The VPN industry’s $50 billion valuation is built on a half-truth: that encrypting the network connection provides privacy. It does – at the network layer. The network layer is one of seven layers in the OSI model, and it is not the layer where most privacy violations occur.
Your data is most vulnerable not while in transit between your device and a server, but while being processed by the server itself. OpenAI processes your prompts. Google reads your emails. Meta analyzes your messages’ metadata. SaaS applications log your every interaction. These are application-layer privacy violations, and no amount of network encryption addresses them.
The Stealth Cloud Manifesto frames this as a first principle: privacy must be enforced at every layer of the stack, or it is enforced at none. Network encryption without application-layer protection is a locked front door with open windows. It satisfies a security checklist. It does not protect you.
The architectural answer is defense in depth: client-side encryption with user-held keys, PII stripping before data leaves the device, metadata removal at the edge, ephemeral processing that retains nothing, and cryptographic shredding that makes data destruction provable. Each layer addresses a threat that the other layers do not. Together, they achieve what no VPN can: privacy that is a property of the system’s architecture rather than a promise in a provider’s marketing materials.
The question is not “which VPN should I use?” The question is: after the VPN encrypts your connection, what happens to your data when it arrives?
Read more: What is Stealth Cloud? | The Three Paradigms of Cloud Computing