Introduction
In 2025, Proton VPN recorded signup spikes in 62 countries, a pattern the company ties directly to escalating censorship and government repression. That number tells you something the marketing copy doesn’t: this is a service people reach for when the stakes are real, not just when they want to unblock a streaming library on a Tuesday night.
Proton VPN launched in 2017 out of Proton AG, the Geneva outfit already known for Proton Mail. The founders met at CERN. The company sits under Swiss jurisdiction, runs 100% open-source client apps, and has had its no-logs policy verified by an external auditor. If you already know what a VPN does and you’re trying to figure out whether this one earns a spot in your stack, this walks through the whole thing in the order that actually matters: who runs it, how the crypto works, what the free tier really gives you, and where it slows down.
Short version up front: for privacy-focused users, Proton VPN is the one I’d recommend without hedging. The rest of this explains why, including the parts that are less flattering.
Who Runs It, and Why Jurisdiction Comes First
Before you evaluate a single protocol or server count, you evaluate who holds the keys and which legal system can compel them. That’s where Proton VPN starts to separate from the pack.
Proton AG is headquartered in Plan-les-Ouates, Geneva. Switzerland is not part of the EU and not a member of the Fourteen Eyes intelligence-sharing arrangement. Swiss law has no data-retention mandate for VPN providers, which means there’s no legal machinery forcing Proton to keep the connection logs that could later be handed over.
Then there’s the ownership structure, which changed in a way that matters. In June 2024, Proton AG’s primary shareholder became the non-profit Proton Foundation. Read that carefully. The controlling stake in the company sits with a non-profit whose charter is advancing privacy, security, and online freedom. There are no venture capital investors demanding a return, no advertising business quietly monetizing traffic patterns.
Compare that against the field. Kape Technologies, a UK-based company, owns ExpressVPN, CyberGhost, and Private Internet Access. NordVPN and Surfshark both sit under Nord Security, whose ultimate ownership structure is genuinely hard to pin down. None of those are automatically disqualifying. But if your threat model includes a hostile government subpoena or a corporate parent with commercial incentives that don’t align with yours, the Swiss non-profit setup is the cleanest option on the table.
The no-logs claim, and whether it holds up
Every VPN says it keeps no logs. The word “audited” is doing all the work here. Proton VPN’s no-logs policy has been confirmed by an external audit, and the report is publicly available rather than locked behind a login or a non-disclosure agreement.
That last detail is the tell. ExpressVPN’s compliance audits require you to accept an NDA before you can download them. CyberGhost had Deloitte audit its policy, but you have to request the report from Deloitte directly. NordVPN and Surfshark both make you sign up and log in to view theirs. Proton publishes. When a company is willing to put the auditor’s findings in front of anyone, unauthenticated, that’s a stronger signal than the audit itself.
The Encryption Stack and How Traffic Actually Moves
Once you trust the operator, the next question is what happens to your packets. Proton VPN encrypts all network traffic with either AES-256 or ChaCha20, depending on the platform and protocol negotiated. ChaCha20 tends to win on mobile hardware without AES acceleration; AES-256 is the default where the CPU handles it efficiently.
For transport, it runs WireGuard and OpenVPN, plus IKEv2 on some platforms. WireGuard is the one you’ll want for most sessions. It’s leaner, faster, and has a smaller codebase to audit. OpenVPN is the fallback when you need TCP behavior to punch through restrictive networks.
Two features matter for the technically minded:
- Secure Core — This routes your traffic through a hardened server in a privacy-friendly country (Switzerland, Iceland, or Sweden) before it exits to the wider network. The point is defense against network-based attacks: an adversary who compromises an exit server still can’t see your real IP, because the entry hop is physically located in a jurisdiction with strong legal protections and the servers run in secured facilities. It’s multi-hop done deliberately, not as a checkbox.
- Full-disk encryption on all servers — Proton runs its server infrastructure with full-disk encryption, so a physically seized server yields nothing usable without the keys.
There’s also a kill switch and an always-on VPN option, both available on the free plan. If the tunnel drops, the kill switch blocks traffic rather than letting it fall back to your naked connection. This is table stakes, but Proton doesn’t paywall it, which some competitors do.
NetShield and the Stealth protocol
NetShield is Proton’s DNS-based filter. It blocks ads, trackers, and known malware domains at the resolver level, which means the filtering happens before your device ever makes the request. DNS filtering is lighter than an in-app content blocker and harder for a page to detect. On NordVPN, by contrast, the equivalent ad and malware blocker isn’t in the Basic plan at all; you have to move up to Plus.
Stealth is the custom protocol built to survive deep packet inspection. In networks that actively fingerprint and block VPN traffic (think national firewalls or aggressive corporate filters), Stealth obfuscates the connection so it reads as ordinary encrypted traffic. This is the feature doing the heavy lifting behind those signup spikes in censored regions.
The Free Plan, and Where It Draws the Line
Here’s where Proton VPN does something almost nobody else does honestly. Its free plan runs on unlimited bandwidth. No data cap. No ads. And the same no-logs policy applies.
Sit with that for a second, because the free VPN market is a swamp. Most “free” VPNs monetize by selling your traffic data or injecting ads, which is the exact opposite of what you’d want from a privacy tool. Proton’s free tier is subsidized by paying subscribers, and the company is explicit that it exists to make privacy accessible rather than to funnel you into a paywall through artificial pain.
What you give up on free is specific and worth knowing:
- One device connected at a time (paid plans allow up to 10).
- Servers in a smaller set of countries, assigned automatically rather than hand-picked.
- Medium speed tier rather than the fastest servers.
- No Secure Core, no NetShield, no port forwarding, no reliable streaming access.
So the free plan is a genuinely usable daily-driver for basic privacy: encrypting traffic on public Wi-Fi, hiding your IP from your ISP, keeping trackers guessing. It is not built for torrenting, streaming Netflix libraries, or high-risk use. For that you cross into VPN Plus or the Proton Unlimited bundle, which also throws in the encrypted email, the password manager, and cloud storage from the wider Proton ecosystem.
My honest read: the free tier is the best in the category, full stop, and it’s the reason I point non-technical friends here first. But if privacy is your actual reason for showing up, the paid plan’s Secure Core and Stealth are what you came for.
Speed, Servers, and Streaming Under Real Conditions
A VPN you refuse to leave on because it kills your throughput isn’t protecting you. So the performance numbers matter as much as the crypto.
In Security.org’s 2026 review, Proton VPN reduced download speeds by 8% or less on average. That’s a small enough hit that most people won’t notice it on a fast home connection. Proton pushes this with 10 Gbps server hardware and something it calls VPN Accelerator, a set of optimizations the company says can lift VPN speeds by up to 400% on high-latency routes. The 400% figure is best case, not typical, but the underlying point stands: this is not a slow VPN.
On server scale, the sources don’t agree, and it’s worth being straight about that. Security.org’s 2026 review counts 16,000+ servers across 129 countries. Wikipedia cites 20,332 servers in 148 nations. The gap reflects ongoing expansion and different snapshot dates. Either way you’re looking at a network large enough that server congestion is rarely your bottleneck, with coverage well past 100 countries.
Streaming and torrenting specifics
On paid plans, Proton VPN works with 90+ streaming services and unlocks more than a dozen regional Netflix libraries, along with Hulu, Disney+, and Amazon Prime Video. Streaming access is a documented paid feature; the free tier will fight you here, and that’s by design.
For P2P, torrenting is unlimited on most servers, and port forwarding is built in. Port forwarding is the detail that separates a VPN that tolerates torrenting from one that’s actually good at it. It lets your client accept incoming connections, which improves peer connectivity and seeding. Just confirm you’re on a server that permits P2P before you start.
One platform note power users will care about: Proton ships a real Linux GUI app, not just a command-line client. CNET’s 2025 review specifically flagged this as rare and a reason it likes the service for people who live outside Windows and macOS. Apps also cover iOS, Android, Chromebook, Android TV, Apple TV, Fire TV, plus Chrome and Firefox extensions.
A quick side-by-side of where Proton sits against the mainstream competition:
- Open-source apps — Proton, yes. Most rivals, no.
- Publicly downloadable no-logs audit — Proton, yes. Others require an NDA, a support request, or an account login.
- Ad and malware blocker included on entry plan: Proton, yes. At least one major competitor gates it behind an upgrade.
- Jurisdiction — Proton, Switzerland. Rivals span the British Virgin Islands, Romania, Panama, and the Netherlands.
The Honest Case, and What to Do Next
The most common knock on Proton VPN is price. It runs higher than the aggressive budget players, and if your only goal is unblocking a streaming catalog as cheaply as possible, a cheaper service will technically do that. That’s a fair critique on its own terms.
But it’s the wrong frame for what Proton is. You’re paying for the audited-and-published logs policy, Swiss non-profit governance, open-source clients anyone can inspect, Secure Core multi-hop, and Stealth for hostile networks. That’s a privacy architecture, not a discount coupon for foreign Netflix. Judged on the thing it’s actually built for, the value is strong. Security and privacy reviewers in 2026 rank it at or near the top of the category, and roughly 100 million people have accounts.
Where I’d steer you:
- If you want to test the waters, install the free plan. Unlimited bandwidth, no ads, no card required, and it uses the same no-logs backbone as the paid tier. It’s the lowest-risk way to see how the apps feel.
- If your reason for using a VPN is genuine privacy, threat avoidance, or working around censorship, go straight to VPN Plus for Secure Core, NetShield, and Stealth. The 30-day money-back guarantee means you can pressure-test it on your own connection first.
- If you already use or are curious about encrypted email and a password manager, the Proton Unlimited bundle is the better math, since it folds the whole ecosystem into one subscription.
Practical first step regardless of plan: download the app for your platform, connect using WireGuard, and run a quick speed test on a nearby server, then a distant one. If the numbers hold up on your line the way the 8% average suggests they should, keep the always-on VPN and kill switch enabled and leave it running. A VPN only protects the sessions it’s actually on.