Perfect Privacy Review

Disclaimer: The below review is my opinion, which I will try to provide as many examples for and as much evidence as possible to support.  Readers can learn more about how I conduct my reviews, my methodology, etc – here.  More information on review badges here.

This review’s roll was #89 (at the time of the roll, Perfect Privacy).

 

Written Sep 2, 2016

Signing up for the service: Sign up for Perfect Privacy went fairly smoothly.  Here are a few things that stood out to me:  I was asked for a working e-mail address upon signup, which my password WAS sent to.  So anyone looking to use a throwaway might be disappointed.  Email address is the most I care to provide when signing up for a VPN service, so they were right on the edge to me personal info-wise.  I appreciate that during sign up and payment I’m given the option to select a non-subscription purchase, so I don’t have to go into my PayPal recurring payments settings to cancel once I’m done.  The price point stood out to me as unusually high (around $18-$19 for one month, although like most services, this scales down when signing up for more time)  I also appreciated that welcome notifications from Perfect Privacy were elegant and limited.  I received only one or two emails/receipts and a welcome screen with useful links after payment – instead of the 5-7 poorly thought out welcome emails that a lot of other services spew when buying them.

 

Configuring the service: OpenVPN config files were just a little tricky to find. I had to go into Member Downloads and dig just a bit for them, but nothing too terrible.  Config files were grouped into Single Server/Grouped and TCP/UDP categories.  Fairly easy to download exactly what you need without too much hassle.  One slight annoyance was that the default tutorials you’re presented with are for the official client and you have to do a little extra digging for the manual config instructions – for which it appeared they only had the command line instructions for, not the Network Manager ones.  File packages had everything needed.  No Western USA server (Chicago and New York only).

 

One red flag were some warnings that were thrown back in the log file (this is one example, but there were many lines with similar warnings for different cipher names)

“DEPRECIATED TLS cipher name ‘DHE-RSA-AES256-GCM-SHA384,please use IANA name ‘TLS-DHE-RSA-WITH-AES-256-GCM-SHA384’

This indicates an out of date server configuration – which is important, as, if server configurations and software versions aren’t updated regularly, it can directly impact the security and experience of the user.

broken

 

Speed & Stability tests: Overall, speeds were respectable / above average, but not the best I’ve seen.

 

Speed Tests – Perfect Privacy – Desktop
    Latency Download Upload
No VPN Trial 1 9 ms 95.97 mbps 11.85 mbps
Trial 2 9 ms 95.81 mbps 12.02 mbps
Trial 3 9 ms 96.58 mbps 12.49 mbps
Average 9 ms 96.12 mbps 12.12 mbps
               
Chicago Trial 1 118 ms 65.54 mbps 8.87 mbps
Trial 2 118 ms 60.18 mbps 8.20 mbps
Trial 3 117 ms 59.22 mbps 8.31 mbps
Average 118 ms 61.65 mbps 8.46 mbps
Comp to Bench +109 ms 64.14% 69.80%
               
UK Trial 1 323 ms 15.14 mbps 3.79 mbps
Trial 2 324 ms 14.00 mbps 2.36 mbps
Trial 3 322 ms 16.50 mbps 2.64 mbps
Average 323 ms 15.21 mbps 2.93 mbps
Comp to Bench +314 ms 15.83% 24.17%
               
Hong Kong Trial 1 340 ms 15.03 mbps 4.03 mbps
Trial 2 340 ms 15.13 mbps 3.56 mbps
Trial 3 340 ms 0.00 mbps 2.55 mbps
Average 340 ms 10.05 mbps 3.38 mbps
Comp to Bench +331 ms 10.46% 27.89%
               
Australia Trial 1 374 ms 2.06 mbps 1.68 mbps
Trial 2 377 ms 1.74 mbps 1.62 mbps
Trial 3 372 ms 1.60 mbps 1.70 mbps
Average 374 ms 1.80 mbps 1.67 mbps
Comp to Bench +365 ms 1.87% 13.75%

 

Speed Tests – Perfect Privacy – Mobile
    Latency Download Upload
No VPN Trial 1 12 ms 73.04 mbps 14.51 mbps
Trial 2 11 ms 73.04 mbps 13.89 mbps
Trial 3 11 ms 72.88 mbps 14.36 mbps
Average 11 ms 72.99 mbps 14.25 mbps
               
Chicago Trial 1 120 ms 12.46 mbps 11.55 mbps
Trial 2 125 ms 14.58 mbps 11.23 mbps
Trial 3 123 ms 12.49 mbps 10.93 mbps
Average 123 ms 13.18 mbps 11.24 mbps
Comp to Bench +111 ms 18.05% 78.84%
               
UK Trial 1 319 ms 2.63 mbps 4.18 mbps
Trial 2 320 ms 2.83 mbps 7.02 mbps
Trial 3 323 ms 2.38 mbps 5.97 mbps
Average 321 ms 2.61 mbps 5.72 mbps
Comp to Bench +309 ms 3.58% 40.15%
               
Hong Kong Trial 1 406 ms 2.79 mbps 7.29 mbps
Trial 2 407 ms 2.74 mbps 6.05 mbps
Trial 3 340 ms 3.34 mbps 4.83 mbps
Average 384 ms 2.96 mbps 6.06 mbps
Comp to Bench +373 ms 4.05% 42.49%
               
Australia Trial 1 403 ms 2.75 mbps 3.28 mbps
Trial 2 406 ms 1.87 mbps 2.91 mbps
Trial 3 377 ms 5.68 mbps 2.38 mbps
Average 395 ms 3.43 mbps 2.86 mbps
Comp to Bench +384 ms 4.70% 20.04%

 

Note that Hong Kong – Trial 3 – Download is correctly showing a 0.00 mbps, however, as this only occurred once, I tend to think it’s not typical and possibly a fluke or something similar.

All tests were run using UDP – AES-256.  AES-256 is a strong encryption standard, which could be at least partially responsible for relatively slow speeds given the high overhead – especially on mobile where hardware resources are more limited.

 

Getting support: I submitted a support ticket via the website asking some general questions.  They responded relatively quickly (less than 24 hours), but their answers were a little evasive – for example, I asked if there was a tutorial to configure OpenVPN manually using Network Manager and not the command line – they responded saying they offered a native Linux client, which isn’t what I asked about.  Another example was me asking them to justify their price point – to which they responded saying they felt they were a premium service with lots of features others might not offer, (which some do, some don’t) such as IPv6 support, multiple points of connection, unlimited devices, etc.

 

Getting a refund: I replied to the support email asking for a refund, which was denied because according to them, there was no good reason to.  I replied to this stating that I was not satisfied with the service and felt it was too expensive for what you get.  They claimed this was merely me changing my mind, which I felt could be partially valid, so I listed several more reasons why a refund should be justified.  I asked them to reconsider, based on their policy, which states:

If you are less than 100% satisfied with the Perfect Privacy VPN service, as the service proves to be not useable [sic] for you, we will gladly refund your payment if the refund is requested within seven (7) days from the date of the purchase.

-and also citing the connection logs indicating depreciated cipher names, no official Network Manager support, and the hit-and-miss speeds listed above.  They finally acquiesced and granted the refund after a little back and forth.  It’s clear now that they most likely intend to enforce their refund policy to the letter, with few if any exceptions.

 

Concerns in Terms & Conditions / Privacy Policy: Perfect Privacy’s terms are far from the worst I’ve seen, for the most part they are unoffensive with one exception.  Here’s what stood out to me:

 

If you are less than 100% satisfied with the Perfect Privacy VPN service, as the service proves to be not useable [sic] for you, we will gladly refund your payment if the refund is requested within seven (7) days from the date of the purchase.

It’s possible that a non-native English speaker wrote this term, but based on the refund experience above, the wording should probably be clarified.  They intend for you to not receive a refund unless the service is literally unusable, not just dissatisfying.  Make your purchasing decisions accordingly.

obtuse

 

Our services use safe and reliable industry standards

(Except for out-of-date tls cipher names in the server configs)

 

We use Google Analytics to be able to effectively control ad serving and to continuously improve and expand the content of our pages.

Not ideal.  There are free/open source (and much more privacy centric) analytics packages one can use (such as Piwik).

 

To manage our affiliate program we use Post Affiliate Pro. Hence an according tracking javascript gets loaded if the website has not been accessed directly.

Another advantage of scrapping the affiliate program would be getting rid of this.

 

Final thoughts: One last thing that I should note.  Like many VPN services, Perfect Privacy relies a little too heavily on affiliate marketing (native advertising/paid reviews, etc).  Their resellers appear to refuse to provide full and prominent disclosure of their financial relationship with Perfect Privacy (as most affiliates do unfortunately) and I couldn’t find evidence that they expect anything more from them.  This is encouraging unethical behavior and is not in the best interest of their customers.  Most commercial services do this – and it’s never okay.

shady

Perfect Privacy strikes me as an above average VPN service, but only just.  Their site is pretty good, and it’s pretty easy to get started with their service – but it comes at a pretty high price.  It appeared that the server configs needed a little updating, but other than what I showed above, things seemed to work pretty well and run decently fast.  Their support was responsive, but I felt talked down to quite a bit.  I understand they may be conditioned to customers trying to abuse the refund policy, or not doing due diligence before asking a question.  Their terms are mostly unoffensive, with the exception of the refund policy, which barely tips it over into the realm of obtuse to me. I can’t say I’d recommend Perfect Privacy necessarily, but I wouldn’t sound the alarms either.  It is what it is – a very expensive, slightly above average VPN service.

 

FROM THE VPN COMPARISON CHART
CATEGORY VPN SERVICE Perfect Privacy
JURISDICTION Based In (Country) Switzerland
Fourteen Eyes? Cooperative
Enemy of the Internet No
LOGGING Logs Traffic No
Logs DNS Requests
Logs Timestamps
Logs Bandwidth
Logs IP Address No
ACTIVISM Anonymous Payment Method Email
Accepts Bitcoin Yes
PGP Key Available Yes
Meets PrivacyTools IO Criteria Yes
LEAK PROTECTION 1st Party DNS Servers Yes
IPv6 Supported / Blocked Yes
  Offers OpenVPN Yes
OBFUSCATION Supports Multihop Yes
Supports TCP Port 443
Supports Obfsproxy
Supports SOCKS Yes
Supports SSL Tunnel
Supports SSH Tunnel Yes
Other Proprietary Protocols Yes
PORT BLOCKING Auth SMTP
P2P Some
SPEEDS US Server Average % 64.14
Int’l Server Average % 9.39
SERVERS Dedicated or Virtual
SECURITY Default Data Encryption AES-256
Strongest Data Encryption AES-256
Weakest Handshake Encryption
Strongest Handshake Encryption RSA-4096
AVAILABILITY # of Connections 25
# of Countries 23
# of Servers 41
Linux Support (Manual) Yes
WEBSITE # of Persistent Cookies 1
# of External Trackers 1
# of Proprietary APIs 7
Server SSL Rating A+
SSL Cert issued to Self
PRICING $ / Month (Annual Pricing) 13.95
$ / Connection / Month 0.56
Free Trial No
Refund Period (Days) 7
ETHICS Contradictory Logging Policies
Falsely Claims 100% Effective
Incentivizes Social Media Spam
POLICIES Forbids Spam Some
Requires Ethical Copy No
Requires Full Disclosure No
AFFILIATES Practice Ethical Copy
Give Full Disclosure No

 

If you like the project and find my work useful, please consider donating – your generous contributions help pay for the hosting, tools, and time I need to do my research and keep the data fresh.