DigitalOcean

Question

DigitalOcean VPN Privacy, in light of recent political news.

This is sort of a general question to the DigitalOcean staff at large:

Given this piece of recent news:

Republican senators yesterday introduced legislation that would overturn new privacy rules for Internet service providers. If the Federal Communications Commission rules are eliminated, ISPs would not have to get consumers’ explicit consent before selling or sharing Web browsing data and other private information with advertisers and other third parties.

and following it up by saying “It is time for permanent VPN’s” .

Can anyone comment as to how DigitalOcean treats user-data from droplets that are being used as a VPN? If DO is my endpoint, then is/will my data be collected? Does DO still have a commitment to privacy in this case?

If so, then I think DO should have that clearly stated as a selling point. I have a hunch that VPN’s are about to become very popular.

Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Adam RobertsonMarch 8, 2017
Accepted Answer

@hansen

Yes, traffic is going in and out to DO is viewable to them and their ISPs - unless it’s encrypted, which it would be in case of OpenVPN/SWAN/etc. * your ISP can’t see anything but an encrypted VPN tunnel. DO (and their ISPs) will only be able to see traffic from DO to the final website, if it’s non-HTTPS*

so that jibes with what I was thinking…using a droplet as an openVpn server essentially encrypts things up to DO (and their ISP)…so, going back to the first post:

ISPs would not have to get consumers’ explicit consent before selling or sharing Web browsing data and other private information with advertisers and other third parties.

I would like to know if DO has plans to take advantage of this data to share/sell to advertisers and third parties, or does their dedication to privacy extend to using them as a VPS end-point

Jonathan TittleMarch 9, 2017

@sierracircle

Just logged in to check the status of my ticket, as mentioned in my previous response, and here’s the overview (thanks Ethan!)

1). We do not log customer traffic, we do log the volume of that traffic and know which IPs are assigned to Droplets, we do not “filter” traffic but we do have automated alerts in place to check for abuse based on a variety of factors (PPS, Bandwidth, etc.). If one of this alerts is tripped, we may then start filtering out / black holing traffic to protect the infrastructure from harm.

2). Specifically on the point of VPNs: we have no way to decrypt that traffic, even if we wanted to, which we don’t. :) My advise if you are concerned about security has always been “encrypt everything everywhere”, it is the safest bet to data security at all levels.

3). We actually go over a lot of what you are asking about, pertaining to what we do and don’t collect here in our privacy policy. We then also have a Law Enforcement Guideline you can read over to see how someone would need to request information from the platform.

https://www.digitalocean.com/legal/privacy/

https://www.digitalocean.com/legal/enforcement/

As you can see there, we could give over the contents of a Droplet to abide a proper legal requests, but we couldn’t decrypt any data on the drive (again, impossible for us to do).

suloveounSeptember 30, 2021

I think it is too old for question but it is really new for now.

As you know recently the arrest of French activist where ProtonMail has been disclose his IP to authority.

Now I want to create VPN to allow anyone use and want to open the internet by choosing DO Droptlet but I am not clear too if I create VPN server on DO and sometime that VPN use by hacker to hacker hide himself so what DO did to my VPN server?

I want to create VPN server where I really don’t log user IP or I don’t even know what they do just free for use VPN.

I don’t know it is bad idea or not but if my VPN server use by hacker on the internet did DO block or delete my droplet?

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Sign up

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Learn more

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Learn more

Featured on Community
Kubernetes CourseLearn Python 3Machine Learning in PythonGetting started with GoIntro to Kubernetes
DigitalOcean Products
CloudwaysVirtual MachinesManaged DatabasesManaged KubernetesBlock StorageObject StorageMarketplaceVPCLoad Balancers
Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel
© 2024 DigitalOcean, LLC.Sitemap.