In the early 00s there was a tiny moment before the widespread adoption of mobile broadband, after the adoption of home WiFi, and yet before the widespread use of encryption. …read more

Sovereignty has mattered since the invention of the nation state—defined by borders, laws, and taxes that apply within and without. While many have tried to define it, the core idea remains: nations or jurisdictions seek to stay in control, usually to the benefit of those within their borders. Digital sovereignty is a relatively new concept, also difficult to define but straightforward to understand. Data and applications don’t understand borders unless they are specified in policy terms, as coded into the infrastructure. The World Wide Web had no such restrictions at its inception. Communitarian groups such as the Electronic Frontier Foundation, service providers and hyperscalers, non-profits and businesses all embraced a model that suggested data would look after itself. But data won’t look after itself, for several reasons. First, data is massively out of control. We generate more of it all the time, and for at least two or three decades (according to historical surveys I’ve run), most organizations haven’t fully understood their data assets. This creates inefficiency and risk—not least, widespread vulnerability to cyberattack. Risk is probability times impact—and right now, the probabilities have shot up. Invasions, tariffs, political tensions, and more have brought new urgency. This time last year, the idea of switching off another country’s IT systems was not on the radar. Now we’re seeing it happen—including the U.S. government blocking access to services overseas. Digital sovereignty isn’t just a European concern, though it is often framed as such. In South America for example, I am told that sovereignty is leading conversations with hyperscalers; in African countries, it is being stipulated in supplier agreements. Many jurisdictions are watching, assessing, and reviewing their stance on digital sovereignty. As the adage goes: a crisis is a problem with no time left to solve it. Digital sovereignty was a problem in waiting—but now it’s urgent. It’s gone from being an abstract ‘right to sovereignty’ to becoming a clear and present issue, in government thinking, corporate risk and how we architect and operate our computer systems. What does the digital sovereignty landscape look like today? Much has changed since this time last year. Unknowns remain, but much of what was unclear this time last year is now starting to solidify. Terminology is clearer – for example talking about classification and localisation rather than generic concepts. We’re seeing a shift from theory to practice. Governments and organizations are putting policies in place that simply didn’t exist before. For example, some countries are seeing “in-country” as a primary goal, whereas others (the UK included) are adopting a risk-based approach based on trusted locales. We’re also seeing a shift in risk priorities. From a risk standpoint, the classic triad of confidentiality, integrity, and availability are at the heart of the digital sovereignty conversation. Historically, the focus has been much more on confidentiality, driven by concerns about the US Cloud Act: essentially, can foreign governments see my data? This year however, availability is rising in prominence, due to geopolitics and very real concerns about data accessibility in third countries. Integrity is being talked about less from a sovereignty perspective, but is no less important as a cybercrime target—ransomware and fraud being two clear and present risks. Thinking more broadly, digital sovereignty is not just about data, or even intellectual property, but also the brain drain. Countries don’t want all their brightest young technologists leaving university only to end up in California or some other, more attractive country. They want to keep talent at home and innovate locally, to the benefit of their own GDP. How Are Cloud Providers Responding? Hyperscalers are playing catch-up, still looking for ways to satisfy the letter of the law whilst ignoring (in the French sense) its spirit. It’s not enough for Microsoft or AWS to say they will do everything they can to protect a jurisdiction’s data, if they are already legally obliged to do the opposite. Legislation, in this case US legislation, calls the shots—and we all know just how fragile this is right now. We see hyperscaler progress where they offer technology to be locally managed by a third party, rather than themselves. For example, Google’s partnership with Thales, or Microsoft with Orange, both in France (Microsoft has similar in Germany). However, these are point solutions, not part of a general standard. Meanwhile, AWS’ recent announcement about creating a local entity doesn’t solve for the problem of US over-reach, which remains a core issue. Non-hyperscaler providers and software vendors have an increasingly significant play: Oracle and HPE offer solutions that can be deployed and managed locally for example; Broadcom/VMware and Red Hat provide technologies that locally situated, private cloud providers can host. Digital sovereignty is thus a catalyst for a redistribution of “cloud spend” across a broader pool of players. What Can Enterprise Organizations Do About It? First, see digital sovereignty as a core element of data and application strategy. For a nation, sovereignty means having solid borders, control over IP, GDP, and so on. That’s the goal for corporations as well—control, self-determination, and resilience. If sovereignty isn’t seen as an element of strategy, it gets pushed down into the implementation layer, leading to inefficient architectures and duplicated effort. Far better to decide up front what data, applications and processes need to be treated as sovereign, and defining an architecture to support that. This sets the scene for making informed provisioning decisions. Your organization may have made some big bets on key vendors or hyperscalers, but multi-platform thinking increasingly dominates: multiple public and private cloud providers, with integrated operations and management. Sovereign cloud becomes one element of a well-structured multi-platform architecture. It is not cost-neutral to deliver on sovereignty, but the overall business value should be tangible. A sovereignty initiative should bring clear advantages, not just for itself, but through the benefits that come with better control, visibility, and efficiency. Knowing where your data is, understanding which data matters, managing it efficiently so you’re not duplicating or fragmenting it across systems—these are valuable outcomes. In addition, ignoring these questions can lead to non-compliance or be outright illegal. Even if we don’t use terms like ‘sovereignty’, organizations need a handle on their information estate. Organizations shouldn’t be thinking everything cloud-based needs to be sovereign, but should be building strategies and policies based on data classification, prioritization and risk. Build that picture and you can solve for the highest-priority items first—the data with the strongest classification and greatest risk. That process alone takes care of 80–90% of the problem space, avoiding making sovereignty another problem whilst solving nothing. Where to start? Look after your own organization first Sovereignty and systems thinking go hand in hand: it’s all about scope. In enterprise architecture or business design, the biggest mistake is boiling the ocean—trying to solve everything at once. Instead, focus on your own sovereignty. Worry about your own organization, your own jurisdiction. Know where your own borders are. Understand who your customers are, and what their requirements are. For example, if you’re a manufacturer selling into specific countries—what do those countries require? Solve for that, not for everything else. Don’t try to plan for every possible future scenario. Focus on what you have, what you’re responsible for, and what you need to address right now. Classify and prioritise your data assets based on real-world risk. Do that, and you’re already more than halfway toward solving digital sovereignty—with all the efficiency, control, and compliance benefits that come with it. Digital sovereignty isn’t just regulatory, but strategic. Organizations that act now can reduce risk, improve operational clarity, and prepare for a future based on trust, compliance, and resilience. The post Reclaiming Control: Digital Sovereignty in 2025 appeared first on Gigaom.

As President Donald Trump kicked off a birthday military parade on the streets of Washington, DC, what’s estimated as roughly 2,000 events were held across the US and beyond — protesting Trump and Elon Musk’s evisceration of government services, an unprecedented crackdown by Immigration and Customs Enforcement (ICE), and countless other actions from the administration in its first five months. Held under the title “No Kings” (with, as you’ll see, one conspicuous exception), they’re the latest in several mass protests, following April’s Hands Off events and a wave of Tesla Takedown demonstrations in March.As The Verge’s Tina Nguyen went to downtown DC, we also sent reporters to No Kings demonstrations spanning the country, plus a “No Tyrants” event in the UK. How would they unfold after promises of “very heavy force” against protesters in the capital, after the deployment of thousands of military troops in a move a judge has bluntly called illegal, and after promises to “liberate” the city of Los Angeles from its “burdensome leadership” by local elected officials? What about the overnight killing of a Minnesota Democratic state representative and her husband, and the shooting of a Democratic state senator and his wife?The answer, at the events we attended, was fairly calmly — even against a backdrop of chaos.Downtown Los Angeles, CaliforniaAn inflatable baby Donald Trump, dressed in a diaper, hovered over throngs of people rallying outside of Los Angeles City Hall. Demonstrators outnumbered clumps of California National Guard members in fatigues posted up along sidewalks. “Go home to your families, we don’t need you in our streets,” one young person wearing a long braid down her back tells them while marching past. “Trump come catch these hands foo!” the back of her sign reads. I can’t see what the front says, but I can tell there’s an empty bag of Cheetos pasted to it.The big baby joins the march, floating through the streets of Downtown LA over demonstrators. A flatbed truck rolls ahead of it, the band — maybe LA’s own Ozomatli? — singing “We don’t like Trump” to the tune of “We Want The Funk.” Ducking inside Grand Central Market from the march, I talk to Puck and Twinkle Toes — two demonstrators in line for the public restrooms. Twinkle Toes tells me she’s part of an activist clown collective called Imp and Circumstance, wearing pink and white clown makeup and a striped pink and white bow wrapped around a loose hair bun atop her head. She’s here exercising her right to free speech, she says. Demonstrators in Los Angeles marched alongside an inflatable Donald Trump baby dressed in a diaper.“The more people that are out here, the more we know that this is not okay. That we don’t want an autocrat. We want democracy,” Puck tells me, adding that the Pride March in Hollywood last weekend was “nothing but love and sunshine” despite protests and burning driverless cars making headlines in downtown. “The news tries to make you think all of LA is rioting. It’s not.” Puck says.Back out on the streets, a young man quickly writes “Fuck ICE” on a black wall with white spray paint before a group of older demonstrators wearing floppy hats shushes him away — warning him that tagging will only attract more law enforcement.Further along, another older man with tufts of white hair sticking out under his Lakers cap walks stiffly and slowly along under the summer sun. A Mexican flag draped across his shoulders, he crosses Hope Street. A young man wearing a Nike cap makes his way over to ask if he wants water; the old man accepts a bottle and keeps walking without stopping. The march has looped around downtown, and is coming to an end back at City Hall. As I make my way to my bus stop, a line of police vehicles — sirens blasting — whizzes past me, back toward the crowd still gathering around City Hall.The Los Angeles Police Department issued a dispersal order for parts of downtown Los Angeles later in the afternoon, citing people “throwing rocks, bricks, bottles and other objects.” Law enforcement reportedly cleared crowds using gas, and the LAPD authorized the use of “less lethal” force.— Justine CalmaPortland, OregonFour different “No Kings” protests in the greater Portland area on Saturday drew massive crowds of tens of thousands across the city. Various activists, government officials, and representatives for politicians spoke at the rallies, which also featured music and live performances. (One advertised free drag shows.) Protesters of all ages came with dogs, strollers, flags, banners, and hand-made signs. At the downtown waterfront, some tourist boats appeared to still be departing, but the bike rental stand (which also sells ice cream) was closed for the day with a hand-lettered explanation reading “No crowns, no thrones, no kings” and “Americans against oligarchy.” Women appearing to be organizers passed out free American flags; many attendees came with their own American flags modified to fly upside down. Most protesters brought signs expressing a wide range of sentiments on the theme of “No Kings.” Some signs were surprisingly verbose (“If the founders wanted a unitary executive (a king) we’d all still be British”) while others were more succinct (“Sic semper tyrannis”). Others opted for simple images, such as a picture of a crown crossed out, or — less frequently — a guillotine. Image: Sarah JeongThe waterfront park area was filled with people from the shoreline to the curb of the nearest street, where protesters held up signs to passing cars that honked in approval. The honking of a passing fire truck sent the crowd into an uproarious cheer. Portland is about a thousand miles from the border with Mexico, but the flag of its distant neighbor nation has emerged as protest iconography in solidarity with Los Angeles. The rainbow pride flag was flown as often as the Mexican flag. Military veterans were scattered throughout the crowd, some identifying themselves as having seen action in conflicts spanning from Vietnam to Afghanistan. Emanuel, an Air Force veteran, told me that he had turned out in defense of the constitution and due process, saying, “Nobody has any rights if one person doesn’t have any rights.” Image: Sarah JeongAnger was directed at ICE and the mass deportations all throughout the day, in signage, in chants, and in rally speeches. The previous night, about 150 people protested at a local ICE facility — coincidentally located by the Tesla dealership — a mile south of downtown, near a highway exit. The ICE facility protests, which have been continuous for some days, have been steadily building up. A couple of “No Kings” signs were present on Friday. (The following day, a handful of “Chinga la migra” signs would show up at the “No Kings” protests). Demonstrators stood on the curb urging passing cars to “Honk if you hate fascists,” successfully eliciting car horns every few seconds, including some from a pristine white Tesla. Federal law enforcement in camo and helmets, their faces obscured, maced and shot at protesters with pepper balls, targeting them through the gates and sniping at them from the rooftop of the building. A handful of protesters — many wearing gas masks and respirators — formed phalanx formations in the driveway, wielding umbrellas and handmade shields. On Saturday, a speaker at one of the “No Kings” rallies advertised the occupation of the ICE facility, saying, “We’re a sanctuary city.” The crowd — replete with American flags both upside down and right side up — cheered. — Sarah JeongNew Port Richey, FloridaNearly every intersection on Pasco County’s State Road 54 looks the same: a cross-section of strip malls, each anchored by a Walmart or Target or Publix, surrounded by a mix of restaurants, nail salons, and gas stations. It’s not an environment that is particularly conducive to protests, but hundreds of people turned out in humid, 90-plus degree weather anyway. The overall size of the crowd is hard to determine, but it’s larger than I — and other attendees — anticipated, given the local demographics. (Trump won 61 percent of the vote in Pasco County in 2024.) New Port Richey, FL. Image: Gaby Del ValleEveryone is on the sidewalk; an organizer with a megaphone tells people to use crosswalks if they’re going to attempt to brave the six-lane highway. Two days earlier, Governor Ron DeSantis said Floridians could legally run over protesters on the street if they feel “threatened.” New Port Richey, FL. Image: Gaby Del ValleSo far, most drivers seem friendly. There are lots of supportive honks. One woman rolls down her window and thanks the protesters. “I love you! I wish I could be with you, but I have to work today!” she yells as she drives away. Not everyone is amenable. A man in a MAGA hat marches through the crowd waving a “thin green line” flag and yelling “long live the king!” as people in the crowd call him a traitor. A pickup truck drives by blasting “Ice Ice Baby,” waving another pro-law enforcement flag. The protesters have flags, too: American flags large and small, some upside down; Mexican; Ukrainian; Palestinian; Canadian; different configurations of pride and trans flags. Their signs, like their flags, illustrate their diverse reasons for attending: opposition to Trump’s “big beautiful” funding bill, DOGE’s budget cuts, and ICE arrests; support for immigrants, government workers, and Palestinians. One woman wears an inflatable chicken suit. Her friend pulls an effigy of Trump — dressed to look both like an eighteenth-century monarch, a taco, and a chicken — alongside her.New Port Richey, FL. Image: Gaby Del ValleMost of the demonstrators are on the older side, but there are people of all ages in attendance. “I thought it was going to be maybe 20 people with a couple of signs,” Abby, 24, says, adding that she’s pleasantly surprised at both the turnout and the fact that most of the protesters are of retirement age. Abe, 20, tells me this is his first protest. Holding a sign that says “ICE = GESTAPO,” he tells me he came out to support a friend who is Mexican. Three teenagers walk by with signs expressing support for immigrants: “While Trump destroys America, we built it.” “Trump: 3 felonies. My parents: 0.” As I drive away, I notice nine counter-protesters off to the side, around the corner from the main event. They wave their own flags, but the demonstrators seemingly pay them no mind.— Gaby Del ValleHistoric Filipinotown, Los AngelesWearing a camo baseball cap — “Desert Storm Veteran” emblazoned on the front — Joe Arciaga greets a crowd of about 100 people in Los Angeles’ Historic Filipinotown around 9:00AM.“Good morning everyone, are you ready for some beautiful trouble?” Arciaga says into the megaphone, an American flag bandana wrapped around his wrist. The faces of Filipino labor leaders Philip Vera Cruz and Larry Itliong, who organized farm workers alongside Cesar Chavez, peer over his shoulders from a mural that lines the length of Unidad Park where Arciaga and a group called Lakas Collective helped organize this neighborhood No Kings rally. “I’m a Desert Storm veteran, and I’m a father of three and a grandfather of three, and I want to work for a future where democracy is upheld, due process, civil rights, the preservation of the rule of law — That’s all I want. I’m not a billionaire, I’m just a regular Joe, right?”, he tells The Verge.Joe Arciaga speaks to people at a rally in Historic Filipinotown, Los Angeles. Image: Justine Calma“I am mad as hell,” he says, when I ask him about the Army 250th anniversary parade Donald Trump has organized in Washington, DC coinciding with the president’s birthday. “The guy does not deserve to be honored, he’s a draft dodger, right?” Arciaga says. He’s “livid” that the President and DOGE have fired veterans working for federal agencies and slashed VA staff.Arciaga organizes the crowd into two lines that file out of the park to stand along Beverly Blvd., one of the main drags through LA. Arciaga has deputized a handful of attendees with security or medical experience with whistles to serve as “marshals” tasked with flagging and de-escalating any potentially risky situation that might arise. Johneric Concordia, one of the co-founders of the popular The Park’s Finest barbecue joint in the neighborhood, is MCing out on Beverly Blvd. He and Arciaga direct people onto the sidewalks and off the asphalt as honking cars zip by. In between chants of “No hate! No fear! Immigrants are welcome here!” and rap songs from LA artist Bambu that Concordia plays from a speaker, Concordia hypes up the organizers. “Who’s cool? Joe’s cool?” He spits into the microphone connected to his speaker. “Who’s streets? Our streets!” the crowd cheers. An hour later, a man sitting at a red light in a black Prius rolls down his window. “Go home!” he yells from the intersection. “Take your Mexican flag and go home!”The crowd mostly ignores him. One attendee on the corner holds up his “No Kings” sign to the Prius without turning his head to look at him. A few minutes later, a jogger in a blue t-shirt raises his fist as he passes the crowd. “Fuck yeah guys,” he says to cheers.By 10AM, the neighborhood event is coming to a close. Demonstrators start to trickle away, some fanning out to other rallies planned across LA today. Concordia is heading out too, microphone and speaker still in hand, “If you’re headed to downtown, watch out for suspicious crew cuts!” — Justine CalmaSan Francisco, California1/10Most of the crowd trickled out after 2pm, which was the scheduled end time of the protest, but hundreds stayed in the area. Image: Vjeran PavicLondon, UKLondon’s protest was a little different than most: it was almost entirely bereft of “No Kings” signs, thanks to the fact that about two miles away much larger crowds were gathered to celebrate the official birthday of one King Charles III. “We don’t have anything against King Charles,” Alyssa, a member of organizers Indivisible London, told me. And so, “out of respect for our host country as immigrants,” they instead set up shop in front of the US embassy with a tweaked message: “No kings, no crowns” became “no tyrants, no clowns.” London, UK. Image: Dominic PrestonOf the hundreds gathered, not everyone got the memo, with a few painted signs decrying kings and crowns regardless, and one brave Brit brandishing a bit of cardboard with a simple message: “Our king is better than yours!”London, UK. Image: Dominic PrestonStill, most of the crowd were on board, with red noses, clown suits, and Pennywise masks dotted throughout, plus costumes ranging from tacos to Roman emperors. “I think tyrants is the better word, and that’s why I dressed up as Caesar, because he was the original,” says Anna, a Long Island native who’s lived in London for three years. “Nobody likes a tyrant. Nobody. And they don’t do well, historically, but they destroy a lot.”For 90 minutes or so the crowd — predominantly American, judging by the accents around me — leaned into the circus theme. Speakers shared the stage with performers, from a comic singalong of anti-Trump protest songs to a protracted pantomime in which a woman in a banana costume exhorted the crowd to pelt a Donald Trump impersonator with fresh peels. London, UK. Image: Dominic PrestonDuring a break in festivities, Alyssa told the crowd, “The most threatening sound to an oligarch is laughter.”— Dominic PrestonProspect Park, Brooklyn, New YorkThe No Kings protest at Brooklyn’s Grand Army Plaza was a calmer affair. Instead of gathering under the picturesque memorial arch, protesters were largely sequestered to a corner right outside Prospect Park, with some streets blocked off by police. The weekly farmers market was in full swing, meaning people cradling bundles of rhubarb were swerving in and out of protest signs that read things like, “Hating Donald Trump is Brat” and “Is it time to get out the pitch forks?” Like during the Hands Off protest in April, New York got rain on Saturday.Prospect Park, Brooklyn. Image: Mia SatoThe area where protesters were gathered made it difficult to count the crowd, but there were hundreds — perhaps a few thousand — people that streamed in and out. At one point, some protesters began marching down the street alongside Prospect Park, while others stayed at Grand Army Plaza to chant, cheer, and hold signs up at oncoming vehicles. With its proximity to the public library, the park, and densely populated neighborhoods, the massive intersection is a high-foot traffic area. Cars blared their horns as they passed, American flags waving in the chilly afternoon breeze.Jane, a Brooklyn resident who stood on the curb opposite the protesters, said she isn’t typically someone who comes out to actions like this: before the No Kings event, she had only ever been to one protest, the Women’s March. (Jane asked that The Verge use her first name only.) Prospect Park, Brooklyn. Image: Mia Sato“I’m deeply concerned about our country,” Jane said, pausing as a long stream of trucks and cars honked continuously in support of the protesters in the background. “I think Trump is behaving as an authoritarian. We’ve seen in Russia, in Hungary, in Hong Kong, that the slide from freedom to not freedom is very fast and very quick if people do not make their voices heard,” Jane said. “I’m concerned that that’s what’s happening in the United States.” Jane also cited cuts to Medicaid and funding for academic research as well as tariffs as being “unacceptable.”Prospect Park, Brooklyn. Image: Mia SatoThe event was peaceful — there were lots of kids present — and people were in good spirits despite the rain. Protest signs ran the gamut from general anti-Trump slogans (“I trust light tampons more than this administration”) to New York City-specific causes like “Andrew Cuomo can’t read” (there is a contenious mayoral election this month). One sign read, “Fix your hearts or die,” an iconic line from the late director, David Lynch’s, Twin Peaks: The Return. And of course, amid nationwide immigration raids that have been escalated by the involvement of the federal government, ICE was top of mind: one sign simply read, “Melt ICE,” and another protester held a large “NO ICE IN NYC” sign. Though it was smaller and more contained than other events, the protest didn’t lack conviction: attendees of all ages stood in the cold rain, chanting and blowing into vuvuzela, banging the lids of pots and pans. At one point a man stood on the median on the street, leading the group in chants of “No justice, no peace.” Cars laid on the horn as they drove by.— Mia SatoAkron, OhioIt’s been raining pretty hard the last few days in Akron, OH, so much that I didn’t think there’d be a large turnout for our chapter of the No Kings protest. But I was emphatically proven wrong as the crowds I saw dwarfed the Tesla Takedown protests last month. Officially, the protest was to take place in front of the John F. Seiberling Federal Building on Main Street in Downtown Akron. But the concentration of people spilled over from that small space down Main Street and up Market Street. All told, though there were no official counts, I estimate somewhere between 500 to 900 people in this blue enclave in Northeast Ohio.The mood was exuberant, buoyed by supporters who honked their horns as they passed. The chorus of horns was nonstop, and when a sanitation truck honked as it went by, cheers got louder. The chants the crowds were singing took on a local flare. Ohio is the home of the Ohio State Buckeyes and anywhere you go, shout “O-H” and you’ll invariably get an “I-O” response. The crowds used that convention to make their own chant, “OH-IO, Donald Trump has got to go.”There was no police presence here and the crowd was very good at policing itself. Ostensibly out of concern for the incidents where people have rammed their cars into protestor crowds, the people here have taken up crossing guard duties, aiding folks who wish to cross Main or Market Streets. Toward the end of my time at the protest, I saw an older gentleman wearing Kent State gear and holding a sign that read, “Remember another time the National Guard was called in?” His sign featured a drawing of the famous photo from the event in which four Kent State students during a protest of the Vietnam War were killed by National Guard troops. I caught up with him to ask him some questions and he told me his name was Chuck Ayers, a professional cartoonist, and was present at the shooting. Akron, OH. Image: Ash Parrish“When I saw the National Guard in front of the federal building in LA,” he told me, “It was just another flashback.”He did not tell me this at the time, but Ayers is a nationally recognized cartoonist, noted for co-creating the comic strip Crankshaft. He’s lived in Ohio his entire life and of course, drew that sign himself. As he was telling me about how seeing news of the National Guard being deployed in LA, I could see him strain to hold back his emotions. He said it still hurts to see this 55 years later, but that he was heartened to see so many people standing here in community and solidarity. He also said that given his pain and trauma he almost didn’t come. When I asked why he showed up when it so obviously causes him pain he said simply, “Because I have to.”— Ash ParrishOneonta, New YorkOn a northward drive to Oneonta — population roughly 15,000, the largest city in New York’s mainly rural Otsego County — one of the most prominent landmarks is a sprawling barn splashed in huge, painted block letters with TRUMP 2024. (The final digits have been faithfully updated every election since 2016.) It’s Trump country, but not uniformly Trumpy country, as evidenced by what I estimated as a hundreds-strong crowd gathered in a field just below Main Street that came together with a friendly county-fair atmosphere. Kids sat on their parents’ shoulders; American flags fluttered next to signs with slogans like SHADE NEVER MADE ANYONE LESS GAY, and attendees grumbled persistently about the event’s feeble sound system, set up on the bed of a pickup truck. It was the kind of conspicuously patriotic, far-from-urban protest that the Trump administration has all but insisted doesn’t exist.Image: Adi RobertsonBeyond a general condemnation of Trump, protest signs repped the same issues being denounced across the country. The wars in Gaza and Ukraine made an appearance, as did Elon Musk and Tesla. A couple of people called out funding cuts for organizations like NPR, one neatly lettered sign reminded us that WEATHER FORECASTING SAVES LIVES, another warned “Keep your nasty little hands off Social Security,” and a lot — unsurprisingly, given the past week’s events — attacked mass deportations and ICE. An attendee who identified himself as Bill, standing behind a placard that blocked most of him from sight, laid out his anger at the administration’s gutting of the Environmental Protection Agency. “I think if it was not for protests, there would be no change,” he told me.The event itself, supported by a coalition including the local chapter of Indivisible, highlighted topics like reproductive justice and LGBTQ rights alongside issues for groups often stereotyped as Republican blocs — there was a speech about Department of Veterans Affairs cuts and a representative from the local Office for the Aging (whose words were mostly lost to the sound system’s whims). Rules for a march around the modest downtown were laid out: no blocking pedestrians or vehicles, and for the sake of families doing weekend shopping, watch the language. “Fuck!” one person yelled indistinctly from the audience. “No, no,” the event’s emcee chided gently. The philosophy, as she put it, was one of persuasion. “We want to build the resistance, not make people angry at us.”Image: Adi RobertsonBut even in a place that will almost certainly never see a National Guard deployment or the ire of a Truth Social post, the Trump administration’s brutal deportation program had just hit close to home. Only hours before the protest commenced, ICE agents were recorded handcuffing a man and removing him in an unmarked black car — detaining what was reportedly a legal resident seeking asylum from Venezuela. The mayor of Oneonta, Mark Drnek, relayed the news to the crowd. “ICE! We see you!” boomed Drnek from the truckbed. “We recognize you for what you are, and we understand, and we reject your vile purpose.”The crowd cheered furiously. The stars and stripes waved.- Adi RobertsonSee More: Policy

© Henrique Ferreira via Unsplash Finding property lines can be tricky, especially for individuals who are looking to purchase or list a home for sale. Conventional techniques, including engaging surveyors, are costly and labor-intensive. As an alternate solution, technology provides apps that profess to show property lines. This raises the question: How precise are these digital resources at demarcating boundary lines? The emergence of an app that shows property lines has revolutionized how property owners, buyers, and real estate professionals interact with land boundaries. These digital tools leverage advanced mapping technologies to provide visual representations of property boundaries, offering a more accessible alternative to traditional surveying methods while raising important questions about their accuracy and reliability. What Are Property Line Apps? Apps that display property lines use Geographic Information Systems (GIS) and satellite imagery. They offer users a visual display of land boundaries, most commonly available on smartphones or tablets. These apps are meant to help make property borders easier to identify and are a helpful tool for property owners, real estate agents, and buyers. These applications typically draw information from public records, county assessor data, and other official sources to create digital representations of property boundaries. Many also incorporate user-friendly features like measurement tools, parcel information displays, and the ability to save or share property data with others. How Various Factors Affect Accuracy Several factors impact the reliability of property line apps. First, the source of the data is significant. Apps usually have access to government databases and public records that vary in accuracy based on when the data was last refreshed. Second, GPS technology limitations impact accuracy. Although GPS technology is becoming more advanced, apps might still have discrepancies where tree cover or high buildings block signals from satellites and influence tracking accuracy. The resolution of satellite imagery also plays a crucial role in determining how precisely property lines can be displayed. Higher-resolution images allow for more detailed and accurate boundary placements, while lower-quality imagery may result in less precise representations. Additionally, the frequency of data updates affects whether the app reflects recent property divisions, consolidations, or boundary adjustments. Comparing Traditional Surveying and Apps Professional surveyors approach property line determination using high-precision equipment and established methodologies. This traditional approach yields highly accurate results with precise and legally enforceable boundaries. Apps offer more general information on property lines compared to professional surveys. While they are fast and convenient, they provide no substitute for the precision of a professional survey. App-generated boundaries should not be relied upon as definitive indications of legal property lines. Traditional surveys involve physical measurements taken directly on the property, considering historical markers, neighboring properties, and legal descriptions. In contrast, apps rely on digital interpretations of existing records, which may not account for all the nuances that a professional surveyor would observe in person. Advantages of property line applications App-Generated Property Lines Property line apps may have their limitations, but they do have valuable uses. They are useful for general assessments where an immediate overview of boundaries may be required. The applications also have user-friendly interfaces that allow a wider audience to use these applications and learn technical skills. Additionally, they are often enhanced with more functionalities, such as calculating areas and providing land parcel information, thus expanding their usefulness for users. According to the U.S. Bureau of Land Management, these digital tools have significantly increased public access to property information that was previously difficult to obtain without professional assistance. This democratization of property data allows property owners to be more informed about their land assets and helps potential buyers better understand properties of interest before making major decisions. Potential Limitations and Risks Property line apps may be convenient, but they have clear limitations. Since the data relies heavily on public records, data errors are common. It can be outdated or incomplete, which can lead to misunderstandings or disputes. In addition, these apps are incapable of recognizing legal nuances, such as easements or encroachments, which can significantly impact property rights and boundaries. There is also a risk that users might place too much confidence in app-generated boundaries when making important decisions. While these tools can provide helpful guidance, they should not be the sole basis for resolving boundary disputes, building structures near property lines, or making purchase decisions without professional verification. Best Practices for Users Users should follow a few best practices to make the best and most effective use of a property line app. Cross-referencing results with official records verifies data accuracy, minimizing potential inaccuracies. Moreover, when app data is paired with physical inspections, it provides a fuller picture of property lines. Advice from professionals, including surveyors or real estate agents, can also be beneficial, especially for legal transactions. For important matters such as property purchases, boundary disputes, or construction projects near property lines, it’s advisable to use apps as preliminary tools only, following up with professional surveys before making final decisions. Understanding the limitations of these digital tools helps users utilize them appropriately within a broader strategy for property boundary determination. Conclusion Instead, property line apps provide a convenient and accessible way to determine where your land ends and where your neighbor’s begins. Yet, the precision of these tools is contingent on multiple factors such as data sources and technological limitations. Although useful as an initial step, these tools should not be used, and they should not be used for legal purposes, instead of professional surveys. Users can properly contextualize property boundary information by understanding what these applications can and cannot do. Technology continues to shape how we deal with real estate by digitalizing and providing easy access to tools that simplify complex processes. These apps will likely improve accuracy over time and become increasingly integral to property transactions. Until then, users must balance convenience with reliability, ensuring that the information they obtain is helpful and accurate. Smart Technologytechnology by ArchEyes Team Leave a comment

Limited-time offer: Get more than 30% off a Vox Membership. Join today to support independent journalism. Federal civil servants are supposed to enjoy robust protections against being fired or demoted for political reasons. But President Donald Trump has effectively stripped them of these protections by neutralizing the federal agencies that implement these safeguards.An agency known as the Merit Systems Protection Board (MSPB) hears civil servants’ claims that a “government employer discriminated against them, retaliated against them for whistleblowing, violated protections for veterans, or otherwise subjected them to an unlawful adverse employment action or prohibited personnel practice,” as a federal appeals court explained in an opinion on Tuesday. But the three-member board currently lacks the quorum it needs to operate because Trump fired two of the members.Trump also fired Hampton Dellinger, who until recently served as the special counsel of the United States, a role that investigates alleged violations of federal civil service protections and brings related cases to the MSPB. Trump recently nominated Paul Ingrassia, a far-right podcaster and recent law school graduate to replace Dellinger.The upshot of these firings is that no one in the government is able to enforce laws and regulations protecting civil servants. As Dellinger noted in an interview, the morning before a federal appeals court determined that Trump could fire him, he’d “been able to get 6,000 newly hired federal employees back on the job,” and was working to get “all probationary employees put back on the job [after] their unlawful firing” by the Department of Government Efficiency and other Trump administration efforts to cull the federal workforce. These and other efforts to reinstate illegally fired federal workers are on hold, and may not resume until Trump leaves office.Which brings us to the US Court of Appeals for the Fourth Circuit’s decision in National Association of Immigration Judges v. Owen, which proposes an innovative solution to this problem.As the Owen opinion notes, the Supreme Court has held that the MSPB process is the only process a federal worker can use if they believe they’ve been fired in violation of federal civil service laws. So if that process is shut down, the worker is out of luck.But the Fourth Circuit’s Owen opinion argues that this “conclusion can only be true…when the statute functions as Congress intended.” That is, if the MSPB and the special counsel are unable to “fulfill their roles prescribed by” federal law, then the courts should pick up the slack and start hearing cases brought by illegally fired civil servants.For procedural reasons, the Fourth Circuit’s decision will not take effect right away — the court sent the case back down to a trial judge to “conduct a factual inquiry” into whether the MSPB continues to function. And, even after that inquiry is complete, the Trump administration is likely to appeal the Fourth Circuit’s decision to the Supreme Court if it wants to keep civil service protections on ice.If the justices agree with the circuit court, however, that will close a legal loophole that has left federal civil servants unprotected by laws that are still very much on the books. And it will cure a problem that the Supreme Court bears much of the blame for creating.The “unitary executive,” or why the Supreme Court is to blame for the loss of civil service protectionsFederal law provides that Dellinger could “be removed by the President only for inefficiency, neglect of duty, or malfeasance in office,” and members of the MSPB enjoy similar protections against being fired. Trump’s decision to fire these officials was illegal under these laws.But a federal appeals court nonetheless permitted Trump to fire Dellinger, and the Supreme Court recently backed Trump’s decision to fire the MSPB members as well. The reason is a legal theory known as the “unitary executive,” which is popular among Republican legal scholars, and especially among the six Republicans that control the Supreme Court.If you want to know all the details of this theory, I can point you to three different explainers I’ve written on the unitary executive. The short explanation is that the unitary executive theory claims that the president must have the power to fire top political appointees charged with executing federal laws – including officials who execute laws protecting civil servants from illegal firings.But the Supreme Court has never claimed that the unitary executive permits the president to fire any federal worker regardless of whether Congress has protected them or not. In a seminal opinion laying out the unitary executive theory, for example, Justice Antonin Scalia argued that the president must have the power to remove “principal officers” — high-ranking officials like Dellinger who must be nominated by the president and confirmed by the Senate. Under Scalia’s approach, lower-ranking government workers may still be given some protection.The Fourth Circuit cannot override the Supreme Court’s decision to embrace the unitary executive theory. But the Owen opinion essentially tries to police the line drawn by Scalia. The Supreme Court has given Trump the power to fire some high-ranking officials, but he shouldn’t be able to use that power as a back door to eliminate job protections for all civil servants.The Fourth Circuit suggests that the federal law which simultaneously gave the MSPB exclusive authority over civil service disputes, while also protecting MSPB members from being fired for political reasons, must be read as a package. Congress, this argument goes, would not have agreed to shunt all civil service disputes to the MSPB if it had known that the Supreme Court would strip the MSPB of its independence. And so, if the MSPB loses its independence, it must also lose its exclusive authority over civil service disputes — and federal courts must regain the power to hear those cases.It remains to be seen whether this argument persuades a Republican Supreme Court — all three of the Fourth Circuit judges who decided the Owen case are Democrats, and two are Biden appointees. But the Fourth Circuit’s reasoning closely resembles the kind of inquiry that courts frequently engage in when a federal law is struck down.When a court declares a provision of federal law unconstitutional, it often needs to ask whether other parts of the law should fall along with the unconstitutional provision, an inquiry known as “severability.” Often, this severability analysis asks which hypothetical law Congress would have enacted if it had known that the one provision is invalid.The Fourth Circuit’s decision in Owen is essentially a severability opinion. It takes as a given the Supreme Court’s conclusion that laws protecting Dellinger and the MSPB members from being fired are unconstitutional, then asks which law Congress would have enacted if it had known that it could not protect MSPB members from political reprisal. The Fourth Circuit’s conclusion is that, if Congress had known that MSPB members cannot be politically independent, then it would not have given them exclusive authority over civil service disputes.If the Supreme Court permits Trump to neutralize the MSPB, that would fundamentally change how the government functionsThe idea that civil servants should be hired based on merit and insulated from political pressure is hardly new. The first law protecting civil servants, the Pendleton Civil Service Reform Act, which President Chester A. Arthur signed into law in 1883.Laws like the Pendleton Act do more than protect civil servants who, say, resist pressure to deny government services to the president’s enemies. They also make it possible for top government officials to actually do their jobs.Before the Pendleton Act, federal jobs were typically awarded as patronage — so when a Democratic administration took office, the Republicans who occupied most federal jobs would be fired and replaced by Democrats. This was obviously quite disruptive, and it made it difficult for the government to hire highly specialized workers. Why would someone go to the trouble of earning an economics degree and becoming an expert on federal monetary policy, if they knew that their job in the Treasury Department would disappear the minute their party lost an election?Meanwhile, the task of filling all of these patronage jobs overwhelmed new presidents. As Candice Millard wrote in a 2011 biography of President James A. Garfield, the last president elected before the Pendleton Act, when Garfield took office, a line of job seekers began to form outside the White House “before he even sat down to breakfast.” By the time Garfield had eaten, this line “snaked down the front walk, out the gate, and onto Pennsylvania Avenue.” Garfield was assassinated by a disgruntled job seeker, a fact that likely helped build political support for the Pendleton Act.By neutralizing the MSPB, Trump is effectively undoing nearly 150 years worth of civil service reforms, and returning the federal government to a much more primitive state. At the very least, the Fourth Circuit’s decision in Owen is likely to force the Supreme Court to ask if it really wants a century and a half of work to unravel.See More:

In its lawsuit, Reddit said Anthropic had also declined to enter into a licensing agreement for data and had unjustly enriched itself at Reddit’s expense.

If you wanted to get a COVID vaccine during pregnancy, to protect yourself and your future baby from the virus, that may soon be difficult to impossible. According to a short video posted on X, U.S. Department of Health and Human Services secretary Robert F. Kennedy, Jr, who is also a noted anti-vaccine activist, said that the COVID-19 vaccine “has been removed” from the list of vaccines recommended in pregnancy, as well as the list of vaccines recommended for healthy children. This announcement sidesteps the usual regulatory process, and it’s not clear exactly what will happen next—but here’s what we know. The announcement may not be entirely validRFK, Jr made the announcement in a video where he stood alongside the NIH director Jay Bhattacharya and FDA commissioner Marty Makary. Notably, nobody from the CDC was present. The FDA approves vaccines, but it’s the CDC that is in charge of recommendations. (It is not clear who the CDC’s acting director actually is, or whether there is one.) Normally, the CDC has an advisory panel called ACIP (the Advisory Committee for Immunization Practices) that reviews scientific evidence to make recommendations for vaccines. They’ll vote on whether a given vaccine should be recommended for everybody in a group of people. Their decisions are then passed to CDC leadership, who make the final call as to whether the vaccine gets officially recommended for that group. Vaccines are not usually added or removed to the recommended list by the CDC without consulting with ACIP, and they definitely aren’t usually added or removed by tweeting a video. Dorit Reiss, a law professor who specializes in vaccine policy, posted on LinkedIn that the announcement may not be legally valid if it’s not immediately followed by supporting documentation. She says: “Under administrative law, to avoid being found arbitrary and capricious, an agency's decision has to meet certain criteria, including explaining the agency's fact finding, a connection between the facts and the decisions, etc. A one minute video on Twitter doesn't quite get you there.” So far, the CDC’s web page on vaccines recommended in pregnancy still says that “A pregnant woman should get vaccinated against whooping cough, flu, COVID-19, and respiratory syncytial virus (RSV).” The adult and child vaccine schedules still include COVID vaccines.Strangely, this move on behalf of the CDC contradicts the one we reported about recently from the FDA. The FDA plans to require extra steps (possibly unethical and/or impractical ones) to approve new COVID vaccines for healthy children and adults. But these steps don’t apply to people who are at high risk for complications of COVID. The FDA’s policy announcement included a list of those high risk health conditions—which includes pregnancy.Why it matters which vaccines are “recommended”Recommending a vaccine doesn’t just mean expressing an opinion; the Affordable Care Act requires that vaccines recommended by ACIP must be covered by most private insurance and Medicaid expansion plans without any cost sharing. That means no deductible and no copay—so these vaccines must be free to you out of pocket if you fall into a group of people for whom they are recommended. The recommended vaccines include all the standard childhood vaccines, plus your seasonal flu shot, and other vaccines that are recommended for adults, for people who are pregnant, and so on. The full schedules are here. If you’ve gotten a COVID shot, a flu shot, a tetanus shot, a shingles shot—the shot’s inclusion on this list is why you were able to (probably) get it for free.So taking a vaccine off the recommended list means that it could be prohibitively expensive. GoodRX, which keeps tabs on pharmacy prices, reports that COVID shots may cost $200 or more out of pocket, plus any applicable administration fee that the provider might charge.Taking a vaccine off the recommended list may also mean it won’t be covered by the Vaccines for Children program, which provides free vaccines to children who don’t have coverage for them through health insurance.Whether or not the vaccine actually gets taken off the list, the recent HHS announcement has another impact: The American College of Obstetricians and Gynecologists said in a statement that “Following this announcement, we are worried about our patients in the future, who may be less likely to choose vaccination during pregnancy despite the clear and definitive evidence demonstrating its benefit.” The ACOG statement also pointed out a few ways in which removing the vaccines from the recommended list is not “common sense and good science,” as the HHS announcement claimed. ACOG writes: “As ob-gyns who treat patients every day, we have seen firsthand how dangerous COVID infection can be during pregnancy and for newborns who depend on maternal antibodies from the vaccine for protection. We also understand that despite the change in recommendations from HHS, the science has not changed. It is very clear that COVID infection during pregnancy can be catastrophic and lead to major disability, and it can cause devastating consequences for families.”

Author Hi, I've downloaded a recent android app called NCM - Next Chess Move and it states that it uses stockfish on the device. I've did some digging up and it seems it's true, it's calculating moves even when the internet is off,Being interested in chess and studies this in the past I though then , because of the licensing for Stockfish, the source code for this app must be public right ? And if that is the case, any way I could find the source code for this app ?The license for Stockfish is GPLv3.  Author I'm  interested in this since I've been toying with the idea of creating a closed source 3D chess game and would be so much better to use Stockfish locally than on a server. Can anyone point in the right direction, please ?  Advertisement The author of NCM should be able to point you in the right direction Note that GPL affects all software around it. If you combine it with other software, the other software then carries the GPL license as well.In other words you cannot leverage GPL software and wrap it in closed source without also publishing the code of the closed source. It's tricky. There are ways to mix GPL and non-GPL software, but it needs a good lawyer who is comfortable with software generally and the nuance of the GPL specifically.It is tricky but possible to build up non-free tools and software that rely heavily on F/OSS systems, including GPL systems. For example, they might build a standalone chess engine and release the engine portions and interface under the terms of the GPL, and also have their UI and front-end that interfaces with it which they sell. There would need to be a clear, clean break between them, but it is possible to do and has been done on a few projects.I don't see them under an LGPL license, but those are similarly able to co-exist with proper lawyer involvement. Companies like EA have a page where they distribute the libraries with source and the implementation changes they made. Author Is it possible then to use Stockfish: 1. On a server and distribute the server code ?2. Build a binary framework, link to that and only distribute the binary framework if building an app with it ? Advertisement I am not a lawyer and cannot answer if any specific way is sufficient to avoid a lawsuit.The license is trying very hard to make it impossible to use the software in a non-free/open source context.  If you want to do it anyway and be legally safe, talk to a lawyer.Alternatively, don't go there. Yup, it's generally best to be 100% in or 100% out unless you have careful legal reviews by experienced lawyers. Working with GPL, release it all GPL and you are safe. Not touching anything with GPL, release it without source as a proprietary system and you are safe. It is possible to mix them, but only when you have lawyers involved asking difficult questions about the details. No lawyers, don't mix it.  GPL does not demand you reveal source code when the program is only interacted with over the internet. It only demands you publish the entire source code to the person whose machine it is running on, basically (besides granting the right to run, modify, publish, and publish modified versions und the same license). Also, as soon as you use a GPL component in a project, the entire project needs to be GPL, but you may use sub-components in the parent project that are non-GPL (such as MIT). But the overall parent project must be under a GPL license.If you want a GPL license that also enforces the open-sourcing when interacted with over the network, choose AGPL. You can use GPL dependencies in an AGPL parent project, but you cannot use AGPL dependencies in a GPL parent project. There is also the LGPL which is a bit less ideologically strict.

ExpressVPN is good at its job. It's easy to be skeptical of any service with a knack for self-promotion, but don't let ExpressVPN's hype distract you from the fact that it keeps its front-page promise of "just working." Outside of solid security, the two best things ExpressVPN offers are fast speeds and a simple interface. Our tests showed only a 7% average drop in download speed and a 2% loss of upload speed, worldwide. And while the lack of extra features may frustrate experienced users, it makes for a true set-and-forget VPN on any platform. This isn't to say ExpressVPN is without flaws — it's nearly bereft of customization options and it's notably more expensive than its competition — but it beats most VPNs in a head-to-head matchup. For this review, we followed our rigorous 10-step VPN testing process, exploring ExpressVPN's security, privacy, speed, interfaces and more. Whether you read straight through or skip to the sections that are most important for you, you should come away with all the information you need to decide whether to subscribe. Editors' note: We're in the process of rebooting all of our VPN reviews from scratch. Once we do a fresh pass on the top services, we'll be updating each review with a rating and additional comparative information. Table of contents Findings at a glance Installing, configuring and using ExpressVPN ExpressVPN speed test: Very fast averages ExpressVPN security test: Checking for leaks How much does ExpressVPN cost? ExpressVPN side apps and bundles Close-reading ExpressVPN's privacy policy Can ExpressVPN change your virtual location? Investigating ExpressVPN's server network Extra features of ExpressVPN ExpressVPN customer support options ExpressVPN background check: From founding to Kape Technologies Final verdict Findings at a glance Category Notes Installation and UI All interfaces are clean and minimalist, with no glitches and not enough depth to get lost in Windows and Mac clients are similar in both setup and general user experience Android and iOS are likewise almost identical, but Android has a nice-looking dark mode Speed Retains a worldwide average of 93% of starting download speeds Upload speeds average 98% of starting speeds Latency rises with distance, but global average stayed under 300 ms in tests Security OpenVPN, IKEv2 and Lightway VPN protocols all use secure ciphers Packet-sniffing test showed working encryption We detected no IP leaks Blocks IPv6 and WebRTC by default to prevent leaks Pricing Base price: $12.95 per month or $99.95 per year Lowest prepaid rate: $4.99 per month Can save money by paying for 28 months in advance, but only once per account 30-day money-back guarantee Bundles ExpressVPN Keys password manager and ID alerts included on all plans Dedicated IP addresses come at an extra price ID theft insurance, data removal and credit scanning available to new one-year and two-year subscribers for free 1GB eSIM deal included through holiday.com Privacy policy No storage of connection logs or device logs permitted The only risky exceptions are personal account data (which doesn't leave the ExpressVPN website) and marketing data (which the policy says should be anonymized) An independent audit found that ExpressVPN's RAM-only server infrastructure makes it impossible to keep logs Virtual location change Successfully unblocked five international Netflix libraries, succeeding on 14 out of 15 attempts Server network 164 server locations in 105 countries 38% of servers are virtual, though most virtual locations are accessed through physical servers within 1,000 miles A large number of locations in South America, Africa and central Asia Features Simple but effective kill switch Can block ads, trackers, adult sites and/or malware sites but blocklists can't be customized Split tunneling is convenient but unavailable on iOS and modern Macs Aircove is the best VPN router, albeit expensive Customer support Setup and troubleshooting guides are organized and useful, with lots of screenshots and videos Live chat starts with a bot but you can get to a person within a couple minutes Email tickets are only accessible from the mobile apps or after live chat has failed Background check Founded in 2009; based in the British Virgin Islands Has never been caught selling or mishandling user data Turkish police seized servers in 2017 but couldn't find any logs of user activity Owned by Kape Technologies, which also owns CyberGhost and Private Internet Access A previous CIO formerly worked on surveillance in the United Arab Emirates; no evidence of shady behavior during his time at ExpressVPN Windows Version 12 leaked some DNS requests when Split Tunneling was active Installing, configuring and using ExpressVPN This section focuses on how it feels to use ExpressVPN on each of the major platforms where it's available. The first step for any setup process is to make an account on expressvpn.com and buy a subscription. Windows Once subscribed, download the Windows VPN from either expressvpn.com or the Microsoft Store, then open the .exe file. Click "Yes" to let it make changes, wait for the install, then let your computer reboot. Including the reboot, the whole process takes 5-10 minutes, most of it idle. To finish, you'll need your activation code, which you can find by going to expressvpn.com and clicking "Setup" in the top-right corner. You can install ExpressVPN's Windows app from the Microsoft store, but we found the website more convenient. Sam Chapman for Engadget Extreme simplicity is the watchword for all ExpressVPN's designs. The Windows client's launch panel consists of three buttons and less than ten words. You can change your location or let the app pick a location for you — the "Smart Location" is the server with the best combination of being nearby and unburdened. Everything else is crammed into the hamburger menu at the top left. Here, in seven tabs, you'll find the Network Lock kill switch, the four types of content blockers, the split tunneling menu and the option to change your VPN protocol. You can also add shortcuts to various websites, useful if you regularly use your VPN for the same online destinations. To sum up, there's almost nothing here to get in the way: no delays, no snags, no nested menus to get lost in. It may be the world's most ignorable VPN client. That's not a bad thing at all. Mac ExpressVPN's app for macOS is almost identical in design to its Windows app. The process for downloading and setting it up is nearly the same too. As on Windows, it can be downloaded from the App Store or sideloaded directly from the expressvpn.com download center. Only a few features are missing and a couple others have been added. Split tunneling is gone (unless you're still on a macOS lower than 11), and you won't see the Lightway Turbo setting. ExpressVPN recommends some servers, but it's easy to search the whole list. Sam Chapman for Engadget Mac users do gain access to the IKEv2 protocol, along with the option to turn off automatic IPv6 blocking — Windows users have to leave it blocked at all times. Almost every website is still accessible via IPv4, but it's useful if you do need to access a specific IPv6 address while the VPN is active. Android Android users can download ExpressVPN through the Google Play Store. Open the app, sign in and you're ready to go. The Android app has a very nice dark-colored design, only slightly marred by an unnecessary information box about how long you've used the VPN this week. ExpressVPN's Android app puts a little more information on the screen than it needs to, but still runs well. Sam Chapman for Engadget There's a large button for connecting. Clicking on the server name takes you to a list of locations. On this list, you can either search or scroll and can choose individual locations within a country that has more than one. We connected to as many far-flung server locations as we could, but not a single one took longer than a few seconds. The options menu is organized sensibly, with no option located more than two clicks deep. You will see a couple of options here that aren't available on desktop, the best of which is the ability to automatically connect to your last-used ExpressVPN server whenever your phone connects to a non-trusted wifi network. There are also a few general security tools: an IP address checker, DNS and WebRTC leak testers and a password generator. These are also available on the website, but here, they're built into the app. With the exception of the latter, we'd recommend using third-party testing tools instead — even a VPN with integrity has an incentive to make its own app look like it's working. iPhone and iPad You can only install ExpressVPN's iOS app through the app store. During setup, you may need to enter your password to allow your phone to use VPN configurations. Otherwise, there are no major differences from the Android process. ExpressVPN looks good on iPhone and iPad. Sam Chapman for Engadget The interface is not quite as pleasing as the dark-mode Android app, but it makes up for that by cutting out some of the clutter. The tabs and features are similar, though split tunneling and shortcuts are absent. Also, both mobile apps make customer support a lot more accessible than their desktop counterparts — plus, mobile is the only way to send email support tickets. Browser extension ExpressVPN also includes browser extensions for Firefox and Chrome. These let you connect, disconnect and change server locations without leaving your browser window. It's nice, but not essential unless you have a very specific web browser flow you like. ExpressVPN speed test: Very fast averages Connecting to a VPN almost always decreases your speed, but the best VPNs mitigate the drop as much as possible. We used Ookla's speed testing app to see how much of your internet speed ExpressVPN preserves. For this test, we emphasized the locations ExpressVPN uses for most of its virtual servers, including the Netherlands, Brazil, Germany and Singapore. Some terms before we start: Latency, measured in milliseconds (ms), is the time it takes one data packet to travel between your device and a web server through the VPN. Latency increases with distance. It's most important for real-time tasks like video chatting and online gaming. Download speed, measured in megabits per second (Mbps), is the amount of information that can download onto your device at one time — such as when loading a web page or streaming a video. Upload speed, also measured in Mbps, is the amount of information your device can send to the web at once. It's most important for torrenting, since the amount of data you can seed determines how fast you can download in exchange. The table below shows our results. We conducted this on Windows, using the automatic protocol setting with the Lightway Turbo feature active — a recent ExpressVPN addition that keeps speed more consistent by processing connections in parallel. Server location Latency (ms) Increase factor Download speed (Mbps) Percentage dropoff Upload speed (Mbps) Percentage dropoff Portland, Oregon, USA (unprotected) 18 -- 58.77 -- 5.70 -- Seattle, Washington, USA (best server) 26 1.4x 54.86 6.7% 5.52 3.2% New York, NY, USA 156 8.7x 57.25 2.6% 5.57 2.3% Amsterdam, Netherlands 306 17x 53.83 8.4% 5.58 2.1% São Paulo, Brazil 371 20.6x 53.82 8.4% 5.65 0.9% Frankfurt, Germany 404 22.4x 55.71 5.2% 5.67 0.5% Singapore, Singapore 381 21.2x 52.76 10.2% 5.64 1.0% Average 274 15.2x 54.71 6.9% 5.61 1.6% These are extremely good results. ExpressVPN is a winner on both download and upload speed. No matter where we went in the world, we never lost more than about 7% of our download speeds, and upload lost an astoundingly low average of 2%. This suggests that ExpressVPN deftly distributes its user load between servers to eliminate bottlenecks. This Ookla speedtest shows you can still get fast internet while connected to ExpressVPN -- our unprotected speeds are around 58 Mbps. Sam Chapman for Engadget The latency numbers look worse, but the rise in the table is less sharp than we projected. Ping length depends far more on distance than download speed does, so we expect it to shoot up on servers more than 1,000 miles from our location. Keeping the average below 300 ms, as ExpressVPN does here, is a strong showing. ExpressVPN security test: Checking for leaks A VPN's core mission is to hide your IP address and make you untraceable online. Our task in this section is to figure out if ExpressVPN can carry out this mission every time you connect. While we can't be 100% certain, the tests we'll run through below have led us to believe that ExpressVPN is currently leak-proof. Available VPN protocols A VPN protocol is like a common language that a VPN server can use to mediate between your devices and the web servers you visit. If a VPN uses outdated or insecure protocols, or relies on unique protocols with no visible specs or source code, that's a bad sign. Not all protocols are available on all apps, but Mac has the full range. Sam Chapman for Engadget ExpressVPN gives you a selection of three protocols: IKEv2, OpenVPN and Lightway. The first two are solid choices that support the latest encryption algorithms. OpenVPN has been fully open-source for years and is the best choice if privacy is your goal. While IKEv2 started life as a closed project by Microsoft and Cisco, ExpressVPN uses an open-source reverse-engineering, which is both better for privacy and quite fast. Lightway is the odd one out, a protocol you'll only find on ExpressVPN, though its source code is available on Github. It's similar to WireGuard, in that both reach for faster speeds and lower processing demands by keeping their codebases slim. However, Lightway was recently rewritten in Rust to better protect the keys stored in its memory. Ultimately, you can't go wrong with any of ExpressVPN's protocol options. 99% of the time, your best choice will be to set the controls to Automatic and let the VPN decide which runs best. Testing for leaks ExpressVPN is one of the best services, but it's not leak-proof (as you can read in the Background Check below). Luckily, checking for DNS leaks is a simple matter of checking your IP address before and after connecting to a VPN server. If the new address matches the VPN server, you're good; if not, your VPN is leaking. First, we checked the Windows app with split tunneling active to ensure the flaw really had been patched. We tested several servers and didn't find any leaks, which suggests the patch worked, though leaks were rare even before ExpressVPN fixed the vulnerability. We checked our IP while connected to the virtual India location, which is run from a physical server in Singapore. Don't worry -- it still looks like India to streaming services. Sam Chapman for Engadget In fact, we didn't find any leaks on any ExpressVPN server we tested on any platform. Though questions remain about iOS, as you'll see later in this section, that's a problem on Apple's end that even the best VPNs can do very little about for now. The most common cause of VPN leaks is the use of public DNS servers to connect users to websites, which can mistakenly send browsing activity outside the VPN's encrypted tunnel. ExpressVPN avoids the risks of the public system by installing its own DNS resolvers on every server. This is the key factor behind its clean bill of health in our leak testing. Two other common flaws can lead to VPN leaks: WebRTC traffic and IPv6. The former is a communication protocol used in live streaming and the latter is a new IP standard designed to expand domain availability. Both are nice, but currently optional, so ExpressVPN automatically blocks both to ensure there's no opportunity for leaks to arise. One note about VPN security on iOS: it's a known and continuing problem that iOS VPNs do not prevent many online apps from communicating with Apple directly, outside the VPN tunnel. This risks leaking sensitive data, even with Lockdown Mode active in iOS 16. A blog post by Proton VPN shares a workaround: connect to a VPN server, then turn Airplane Mode on and off again to end all connections that were active before you connected to the VPN. Testing encryption We finished up our battery of security tests by checking out ExpressVPN's encryption directly. Using WireShark, a free packet sniffer, we inspected what it looks like when ExpressVPN transmits data from one of its servers to the internet. The screenshot below shows a data stream encrypted with Lightway UDP. After connecting to ExpressVPN, HTTP packets were rendered unreadable while in transit. Sam Chapman for Engadget That lack of any identifiable information, or even readable information, means encryption is working as intended. We repeated the test several times, always getting the same result. This left us satisfied that ExpressVPN's core features are working as intended. How much does ExpressVPN cost? ExpressVPN subscriptions cost $12.95 per month. Long-term subscriptions can bring the monthly cost down, but the great deals they offer tend to only last for the first billing period. A 12-month subscription costs $99.95 and includes three months for free with your first payment, costing a total of $6.67 per month. The bonus disappears for all subsequent years, raising the monthly cost to $8.33. You can also sign up for 28 months at a cost of $139.72, but this is also once-only — ExpressVPN can only be renewed at the $99.95 per year level. There are two ways to test ExpressVPN for free before making a financial commitment. Users on iOS and Android can download the ExpressVPN app without entering any payment details and use it free for seven days. On any platform, there's a 30-day money-back guarantee, which ExpressVPN has historically honored with no questions asked. You will have to pay before you can use it, though. In our opinion, ExpressVPN's service is solid enough that it's worth paying extra. Perhaps not this much extra, but that depends on what you get out of it. We recommend using the 30-day refund period and seeing how well ExpressVPN works for you. If it's a VPN you can enjoy using, that runs fast and unblocks everything you need, that's worth a server's weight in gold. ExpressVPN side apps and bundles ExpressVPN includes some special features that work mostly or wholly separate from its VPN apps. Some of these come free with a subscription, while others add an extra cost. Every subscription includes the ExpressVPN keys password manager. This is available under its own tab on the Android and iOS apps. On desktop, you'll need to download a separate extension from your browser's store, then sign in using your account activation code. It's available on all Chromium browsers, but not Firefox. Starting in 2025, new subscribers get an eSIM plan through holiday.com, a separate service linked to ExpressVPN. The baseline 1GB holiday eSIM plans last for 5 days and can apply to countries, regions, or the entire world (though it's not clear whether the package deal applies to the regional and global plans). Longer-term plans include larger eSIM plans. You can add a dedicated IP address to your ExpressVPN subscription for an additional cost per month. A dedicated IP lets you use the same IP address every time you connect to ExpressVPN. You can add the address to whitelists on restricted networks, and you're assured to never be blocked because of someone else's bad activity on a shared IP. Unlike many of its competitors, ExpressVPN doesn't currently offer antivirus or online storage services, but there is a comprehensive bundle of ID protection tools called Identity Defender. We haven't reviewed any of these products in detail, but here's a list for reference: ID Alerts will inform you if any of your sensitive information is leaked or misused online. It's free with all plans, but you'll have to enter your personal information on your ExpressVPN account page or a mobile app. ID Theft Insurance grants up to $1 million in identity theft reimbursement and comes free with new ExpressVPN one-year or two-year subscriptions. It's not yet available to those who subscribed before it launched in October 2024. Data Removal scans for your information in data brokerages and automatically requests that it be deleted. It's also free with one-year and two-year plans. Credit Scanner is only available for United States users. It monitors your activity on the three credit bureaus so you can quickly spot any suspicious transactions. The Identity Defender features are currently only available to new ExpressVPN customers in the US. Close-reading ExpressVPN's privacy policy Although we worry that the consolidation of VPN brands under the umbrella of Kape Technologies (ExpressVPN's parent company) will make the industry less competitive, we don't believe it's influencing ExpressVPN to take advantage of its users' privacy. To confirm, and get a full sense of what sort of privacy ExpressVPN promises its users, we set out to read ExpressVPN's privacy policy in detail. It's long, but thankfully aimed at casual users instead of lawyers. You can see it for yourself here. In the introduction, ExpressVPN states that it does not keep either activity logs (such as a user's browsing history while connected to the VPN) or connection logs (such as the duration of a user's session and their IP address, which can be used to extrapolate browsing activity). It then specifies the seven types of data it's legally allowed to collect: Data used to sign up for an account, such as names, emails and payment methods. VPN usage data which is aggregated and can't be traced to any individual. Credentials stored in the ExpressVPN Keys password manager. Diagnostic data such as crash reports, which are only shared upon user request. IP addresses authorized for MediaStreamer, which is only for streaming devices that don't otherwise support VPN apps. Marketing data collected directly from the app — a "limited amount" that's kept anonymous. Data voluntarily submitted for identity theft protection apps. Of those seven exceptions, the only ones that count as red flags are account data and marketing data. Both categories are highly personal and could be damaging if mishandled. Fortunately, complying with subpoenas is not one of the allowed uses listed for either data category, nor does the policy let ExpressVPN sell the data to other private parties. The only really annoying thing here is that if you ask ExpressVPN to delete your personal data, you won't be able to use your account from then on. You aren't even eligible for a refund in this case, unless you're within 30 days of your initial subscription. As for marketing data, ExpressVPN collects device fingerprints and location data when you sign up for an account on its website. The privacy policy also claims this is anonymized, as its "systems are engineered to decouple such data from personally identifiable information." Audits corroborate this, as we'll see in the next section. So, while it would be better if ExpressVPN didn't collect any personal data at all, its practices don't appear to pose a risk to anything you do while using the VPN — just the ExpressVPN website. Privacy audits VPN providers often get third-party accounting firms to audit their privacy policies. The idea is that a well-known firm won't mortgage its reputation to lie on behalf of a VPN, so their results can be trusted. For the last several years, ExpressVPN has had KPMG look over its privacy policy and relevant infrastructure (see "TrustedServer" below). KPMG's most recent report, completed in December 2023 and released in May 2024, found that ExpressVPN had enough internal controls in place that users could trust its privacy policy. The report is freely available to read. This is a very good sign, though we're looking out for a more up-to-date audit soon. TrustedServer "TrustedServer" is a marketing term ExpressVPN uses for its RAM-only server infrastructure. RAM-only servers have no hard drives for long-term storage and return to a standard disk image with every reboot. This makes it theoretically impossible to store user activity logs on them, even if ExpressVPN wanted to do that. The KPMG audit, linked above, reports that TrustedServer works as advertised. Between its many clean privacy audits and the Turkish server incident in 2017, we're prepared to say ExpressVPN is a private VPN, in spite of its aggravating exception for marketing. Can ExpressVPN change your virtual location? Next, we tested whether ExpressVPN can actually convince websites that you're somewhere other than your real location. Our security tests have already proven it can hide your IP address, but it takes more than leak-proofing to fool streaming sites these days — Netflix and the others have gotten very good at combing through metadata to sniff out proxy users. The process for testing this is a lot like how we handled the DNS leak tests: try several different servers and see if we get caught. We checked five sample locations outside the U.S. to see if we a) got into Netflix and b) saw different titles in the library. The results are below. Server Location Unblocked Netflix? Library changed? Canada Y Y United Kingdom Y (second try; Docklands failed) Y Slovakia Y Y India Y Y (different from UK library) Australia Y Y In fifteen tests, ExpressVPN slipped up only once. Docklands, the UK server it chose as the fastest, wasn't able to access Netflix. We switched to a server labeled simply "London" and unblocked it without issue. ExpressVPN can change your virtual location so you can explore the wonderful world of K-drama. Sam Chapman for Engadget All the other locations got us access to an alternate Netflix library on the first try. We even checked whether the India server, which is physically located in the UK, showed us different videos than the UK servers. It did, which makes us even more confident that ExpressVPN's virtual locations are airtight. Investigating ExpressVPN's server network ExpressVPN users can connect to a total of 164 server locations in 105 countries and territories. These locations are reasonably well distributed across the globe, but as with all VPNs, there's a bias toward the northern hemisphere. There are 24 locations in the U.S. alone and a further 66 in Europe. That isn't to say users in the Global South get nothing. ExpressVPN has IP addresses from nine nations in South America (Argentina, Brazil, Bolivia, Chile, Colombia, Ecuador, Peru, Uruguay and Venezuela) and six in Africa (Algeria, Egypt, Ghana, Kenya, Morocco and South Africa). The network even includes Kazakhstan, Uzbekistan and Mongolia, impressive since central Asia may be the region most often shafted by VPNs. However, many of these servers have virtual locations different from their real ones. For those of you choosing a server based on performance instead of a particular IP address, ExpressVPN's website has a helpful list of which servers are virtual. The bad news is that it's a big chunk of the list. A total of 63 ExpressVPN locations are virtual, or 38% of its entire network. To reduce the sting, ExpressVPN takes care to locate virtual servers as close to their real locations as possible. Its virtual locations in Indonesia and India are physically based in Singapore. This isn't always practical, leading to some awkwardness like operating a Ghana IP address out of Germany. But it helps ExpressVPN perform better in the southern hemisphere. Extra features of ExpressVPN Compared to direct competitors like NordVPN and Surfshark, ExpressVPN doesn't have many special features. It's aimed squarely at the casual market and will probably disappoint power users. Having said that, what they do include works well. In this section, we'll run through ExpressVPN's four substantial features outside its VPN servers themselves. Network Lock kill switch "Network Lock" is the name ExpressVPN gives to its kill switch (though it's called "Network Protection" on mobile). A VPN kill switch is a safety feature that keeps you from broadcasting outside the VPN tunnel. If it ever detects that you aren't connected to a legitimate ExpressVPN server, it cuts off your internet access. You won't be able to get back online until you either reconnect to the VPN or disable Network Lock. ExpressVPN's kill switch is called Network Lock on desktop, and Network Protection on mobile (Android pictured) Sam Chapman for Engadget This is important for everyone, not just users who need to hide sensitive traffic. The recently discovered TunnelVision bug theoretically allows hackers to set up fake public wi-fi networks through which they redirect you to equally fake VPN servers, which then harvest your personal information. It's unlikely, but not impossible, and a kill switch is the best way to prevent it — the switch always triggers unless you're connected to a real server in the VPN's network. Like most of ExpressVPN's features, all you can do with Network Lock is turn it on and off. You can also toggle whether you'll still be able to access local devices while the kill switch is blocking your internet — this is allowed by default. Threat manager, ad blocker and parental controls ExpressVPN groups three tools under the heading of "advanced protection" — Threat Manager, an ad blocker and parental controls. Threat Manager consists of two checkboxes: one that blocks your browser from communicating with activity tracking software and one that blocks a list of websites known to be used for malware. Check any of these boxes to use the pre-set blocklists whenever you're connected to ExpressVPN. Sam Chapman for Engadget You can't customize the lists, so you're limited to what ExpressVPN considers worthy of blocking. They share their sources on the website. While the lists are extensive and open-source, they rely on after-the-fact reporting and can't detect and block unknown threats like a proper antivirus. The adblock and parental control options work the same way: check a box to block everything on the list, uncheck it to allow everything through. In tests, the ad blocker was nearly 100% effective against banner ads, but failed to block any video ads on YouTube or Netflix. The parental control option blocks a list of porn sites. It's an easy option for concerned parents, but only works while ExpressVPN is connected. As such, it's meant to be used in conjunction with device-level parental controls that prevent the child from turning off or uninstalling the VPN client. Split tunneling Sometimes, you'll find it helpful to have your device getting online through two different IP addresses at once — one for your home services and one for a location you're trying to spoof. That's where split tunneling is helpful: it runs some apps through the VPN while leaving others unprotected. This can also improve your speeds, since the VPN needs to encrypt less in total. You can configure split tunneling through either a blocklist or an allowlist. Sam Chapman for Engadget ExpressVPN includes split tunneling on Windows, Android and Mac (though only on versions 10 and below). You can only split by app, not by website, but it's still pretty useful. For example, you can have BitTorrent handling a heavy download in the background while you use your browser for innocuous activities that don't need protecting. ExpressVPN Aircove router By now, it should be clear that we find ExpressVPN to be a highly reliable but often unexceptional VPN service. However, there's one area in which it's a clear industry leader: VPN routers. ExpressVPN Aircove is, to our knowledge, the only router with a built-in commercial VPN that comes with its own dashboard interface. Usually, installing a VPN on your router requires tinkering with the router control panel, which turns off all but the most experienced users — not to mention making it a massive pain to switch to a new server location. Aircove's dashboard, by contrast, will be instantly familiar to anyone who already knows how to use an ExpressVPN client. It even allows different devices in your home to connect to different locations through the router VPN. Aircove's biggest drawback is its price. Currently retailing at $189 (not including an ExpressVPN subscription), it's around three times more expensive than an aftermarket router fitted with free VPN firmware. Some of you might still find the convenience worth the one-time payment. ExpressVPN customer support options ExpressVPN's written help pages are some of the best on the market. Its live chat is more of a mixed bag, and complex questions may cause delays. However, it is at least staffed with human agents who aim to reply accurately, rather than resolve your ticket as quickly as possible. You can directly access both live chat and email from ExpressVPN's mobile apps (on desktop, you'll have to go to the website). Sam Chapman for Engadget We approached ExpressVPN's support features with a simple question: "If I requested that ExpressVPN delete all my personal data, would I be able to get a refund for my unused subscription time?" (Remember from the Privacy Policy section that submitting a full deletion request also cancels your ExpressVPN account.) Our first stop was expressvpn.com/support, the written support center and FAQ page. It's divided into setup guides, troubleshooting, account management and information on each of ExpressVPN's products. The setup guides are excellent, including screenshots and clearly written steps; each one includes a video guide for those who learn better that way. Troubleshooting is just as good — no videos, but the same standards of clarity and usefulness prevail. The section starts with general problems, then delves into specific issues you might face on each operating system. Each article clearly derives from a real customer need. The live support experience To get answers on our refund question, we visited the account management FAQs. This section stated that the refund policy only applies within 30 days of purchase. Pretty clear-cut, but we still wanted an answer on our special case, so we contacted live chat by clicking the button at the bottom-right of every FAQ page. Live chat is in the bottom-right corner of every page of expressvpn.com. Sam Chapman for Engadget Live chat starts with an AI assistant, which is not too hard to get past — just ask it a question it can't answer, then click "Transfer to an Agent." We got online with (what claimed to be) a human in less than a minute. Answering the question took longer and involved an uncomfortable 10-minute silence, but we did get a clear verdict from a real person: refunds are within 30 days only, no matter what. If the live chat agent can't answer your question, you'll be redirected to open an email support ticket. Annoyingly, there's no way to go directly to email support through the website or desktop apps, though mobile users have the option to skip directly there. ExpressVPN background check: From founding to Kape Technologies ExpressVPN launched in 2009, which makes it one of the oldest consumer VPNs in continual operation. In more than 15 years of operation, it's never been caught violating its own privacy policy, though its record isn't free of more minor blemishes. Headquarters in the British Virgin Islands Founders Dan Pomerantz and Peter Burchhardt registered the company in the British Virgin Islands from the start to take advantage of that territory's favorable legal environment for online privacy. The BVIs have no law requiring businesses to retain data on their users, and the process for extraditing data is famously difficult, requiring a direct order from the highest court. In 2021, the BVI implemented the Data Protection Act (DPA) [PDF link], which prevents companies based in the territory from accessing data on their users anywhere in the world. It's a great privacy law in theory, modeled on best-in-class legislation in the EU. However, we couldn't find any evidence that its supervising authority — the Office of the Information Commissioner — has a leader or staff. In other words, while ExpressVPN is not legally required to log any data on its users, there's technically nobody stopping them from doing so. Whether you trust the jurisdiction depends on whether you trust the company itself. Let's see what the other evidence says. Security and privacy incidents Two significant incidents stand out from ExpressVPN's 16-year history. In 2017, when Andrei Karlov, Russia's ambassador to Turkey, was shot to death at an art show. Turkish police suspected someone had used ExpressVPN to mask their identity while they deleted information from social media accounts belonging to the alleged assassin. To investigate, they confiscated an ExpressVPN server to comb for evidence. They didn't find anything. A police seizure is the best possible test of a VPN's approach to privacy. The provider can't prepare beforehand, fake anything, or collude with investigators. The Turkey incident is still one of the best reasons to recommend ExpressVPN, though eight years is a long time for policy to change. The second incident began in March 2024, when a researcher at CNET informed ExpressVPN that its version 12 for Windows occasionally leaked DNS requests when users enabled the split tunneling feature. While these users remained connected to an ExpressVPN server, their browsing activity was often going directly to their ISP, unmasked. The bug only impacted a few users, and to their credit, ExpressVPN sprang into action as soon as they learned about it. The team had it patched by April, as confirmed by the researcher who initially discovered the vulnerability. But while their quick and effective response deserves praise, it's still a mark against them that a journalist noticed the bug before they did. Kape Technologies ownership and management questions In 2021, an Israeli-owned, UK-based firm called Kape Technologies purchased a controlling interest in ExpressVPN. In addition to ExpressVPN, privately held Kape owns CyberGhost, Private Internet Access, and Zenmate (before it merged into CyberGhost). As shown on its website, it also owns Webselenese, publisher of VPN review websites WizCase and vpnMentor, which poses an apparent conflict of interest. When reached for comment, a representative for ExpressVPN said that "ExpressVPN does not directly engage with, nor seek to influence, the content on any Webselenese site," and pointed us to disclosure statements on the websites in question — here's one example. Even so, it's a good reminder not to take VPN reviews at face value without knowing who's behind them (Engadget is owned by Yahoo, which does not own any VPNs). Diving deeper into the background of Kape's ownership will lead you to owner Teddy Sagi. Go back far enough, and you'll see he did prison time in Israel and was mentioned in the Pandora Papers, among other things. More recently, headlines about the billionaire have focused more his businesses in the online gambling and fintech arenas, as well as his real estate ventures. An ExpressVPN representative told us that "Kape's brands continue to operate independently," and our investigation bore that out — we couldn't find any proof that Kape or Sagi have directly attempted to influence ExpressVPN's software or daily operations. Closer to the immediate day-to-day operations of ExpressVPN was the company's employment of Daniel Gericke as CTO from 2019 through 2023. During that time, the US Justice Department announced it had fined Gericke and two others for their previous employment on a surveillance operation called Project Raven, which the United Arab Emirates (UAE) used to spy on its own citizens. The revelation prompted a public response from ExpressVPN defending its decision to hire Gericke, arguing that "[t]he best goalkeepers are the ones trained by the best strikers." ExpressVPN's representative confirmed that the company still stands by that linked statement. Gericke parted ways with ExpressVPN in October 2023, per his LinkedIn profile. While we don't know what we don't know, we can say that ExpressVPN has not notably changed its public-facing security and privacy policies during the time it's been connected to Kape, Sagi, or Gericke. In the end, how much ExpressVPN's history matters to you is a personal choice. If you object to any current or past actions by Kape Technologies or Teddy Sagi, there are other premium VPN options you might prefer. If you need more information to make up your mind, we recommend reading through CNET's 2022 deep dive on ExpressVPN's corporate history. Final verdict ExpressVPN is the VPN we most often recommend to beginners. It takes zero training to use, and consistently gets past filters on streaming sites. It also runs in the background with virtually no impact. If anything is worth the high price of admission, it's the excellent speeds distributed evenly across the worldwide server network. However, for certain specific cases, ExpressVPN may not be the best choice. There's no way to set up your own server locations, like NordVPN offers, and no double VPN connections, like you can build for yourself on Surfshark. Its corporate background is more suspect than the entities backing Proton VPN, and unlike Mullvad, ExpressVPN doesn't work in China — it's so well-known that the government targets its servers specifically. We suggest going with ExpressVPN for general online privacy, for spoofing locations in your home country while traveling, or if you regularly need to unblock sites in other countries. That encompasses 19 of every 20 users, which is fine by us, as ExpressVPN is a great service. It's just more of a reliable old screwdriver than a multi-tool. This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/expressvpn-review-2025-fast-speeds-and-a-low-learning-curve-160052884.html?src=rss

Insurance is a modern necessity—and it can often be a literal lifesaver. When any sort of disaster strikes, whether it’s to your property, your business, or your health, getting a payment on your claim can mean the difference between getting through the emergency in one piece and being buried under bills for years to come.While it might seem pretty straightforward, anyone who’s actually dealt with insurance companies knows that their least favorite thing to do in this world is pay out on claims. In fact, studies have found that 17% of claims made to HealthCare.gov insurers and 18% of claims made to private insurers are denied—with some insurance companies rejecting nearly 50% of all claims.In fact, some insurers employ several legal but underhanded tricks to avoid paying out on claims. Here are five common tricks insurance companies will use against you.Moving as slowly as possibleThe simplest trick an insurance company can play is to drag their feet on your claim—there’s a reason the phrase “deny and delay” has become linked to the insurance industry as a whole. This tactic works because your insurer knows you’re desperate for a settlement on your claim; that’s the whole point of insurance. The longer they make you wait, the more likely you’ll accept whatever they offer you, even if you know it’s much less than you’re entitled to.Delay tactics vary, but can include:Documentation overload. Insurance companies sometimes request huge amounts of (sometimes unnecessary) documentation that takes a lot of time to procure and organize.Personnel swaps. Insurers may change the adjuster and other employees on your case, with each new person requiring some time to review the claim and get up to speed.Claiming no response. Your insurer asked for something, and you provided it. Weeks later they claim they never received it, and ask that you submit it again.The best way to counter these tactics is meticulous record-keeping. If you feel that your insurer is asking for unnecessary documentation, ask them to explain why they need the documents—this sometimes makes document requests magically vanish. Send all written communications via certified mail and turn on read receipts for emails and other electronic communications.Love bombingInsurers are often extremely nice to you when you initially start dealing with them. They express sympathy, use the words “I’m sorry” in the context of your injuries or loss, and generally sound warm and friendly. That’s nice, and may even be genuine. But it’s also a tactic they use to delay or eventually find reasons to deny your claim.Studies have found that apologies can be weaponized, and that people will tolerate delays and settle for less if they think the other party is taking responsibility or expressing empathy. Being excessively nice to you can fool you into thinking you can rely on the insurer to handle things on your behalf. This lets the company delay as much as possible, stringing you along. Love bombing like this can also get you to say things you shouldn’t say—as we’ll see in the next entry.Twisting your wordsAnother reason an insurance adjuster or other employee might apologize to you? Because it can gently goad you into expressing regrets of your own which can then be used against you. Any expression of apology or regret could be interpreted as an admittance of fault. And establishing a friendly, sympathetic rapport with you could be a tactic to get you to say more than you should by speculating on causes or your responsibility in a claim.For example, while speaking with a friendly adjuster about a car accident you were involved with, you might tell them you wish you’d noticed the other car driving erratically—if you had, you might have avoided the accident. This might seem like a simple observation, but it could be twisted into an admittance that you weren’t paying attention—and thus your claim is denied.Insurers will also sometimes demand that you submit a recorded statement, often very quickly after the incident covered by the claim. They will sometimes state that this is best for you, as it will get the claim moving more quickly. But a rushed recorded statement can also lead to a denied claim—if you’re wrong or inaccurate about anything in your statement, this could be used as a basis for denial.To avoid the tactics listed above, follow a few simple rules for dealing with insurers:Lawyer up. Hiring a lawyer to help you deal with insurance claims might seem like overkill, but you should always have a lawyer with you when speaking with insurers. An experienced attorney can ensure you don’t say anything that could hurt your claim.Never record. You’re typically not required to submit recorded statements, so don’t do it. Insist that all communications be done in person or over the phone, with your attorney present.Be suspicious. If an adjuster or other representative of the insurance company is overly friendly, don’t fall for it. Their sympathy might be genuine, but it can still get you into trouble if you let your guard down.RushingIronically, an effective tactic to delay and deny claims is to rush things. You file your claim, and before you can get organized, hire a lawyer, and recover from whatever happened, the insurer is on the phone, offering a settlement. This is often combined with pressure—like sending you a letter stating that you have two weeks to accept the settlement offer, or the company will “close the file.”This is usually designed to reduce the payout—that easy, fast settlement is probably for a lot less than the amount you’re actually entitled to—and to force errors on your part. By rushing to pull together information, you’ll probably make mistakes that can then be used to deny the claim.You can defend against this in two simple ways:Slow down. Ignore pressure to respond immediately or by arbitrary deadlines. Take your time, gather information, and respond when you’re ready. An attorney can help by acting as a buffer between you and the company.Know the statute. If your insurer tells you it will close your claim file, let it happen. It’s a meaningless administrative action. Your state’s laws will have a defined Statute of Limitations on your claim—a period of time when you’re legally allowed to pursue the claim. As long as you’re within that time period, you can force the insurer to re-open the claim.LowballingIf your insurer doesn’t think it can totally deny your claim, it may offer you a lowball settlement. You shouldn’t accept an insurance company’s calculations as gospel. In fact, the most important piece of information you can have about the claims process is that you are allowed to hire your own insurance adjuster. A public insurance adjuster works for you, not the insurance company, and will often arrive at a much higher figure for your claim.Hiring your own adjuster also insulates you from internal delays, as you won’t have to wait on your insurer’s processes or play phone tag with their adjuster. In addition to an experienced lawyer, a public adjuster can also ensure that you have all the support and knowledge you need to navigate the often murky world of insurance claims.