PIA VPN Review 2023: An Open-Source VPN Provider That Does Transparency Right

Private Internet Access, sometimes known simply as PIA, is a well-established VPN provider operating out of the United States since 2010. It’s an excellent budget-friendly option that puts its money where its mouth is with regards to user privacy. So if you’re on a budget and in the market for an OG VPN that delivers on privacy and transparency, give PIA a look.

 

PIA has been around longer than most other VPNs and is one of the most transparent VPN services available. PIA is independently audited, publishes transparency reports regularly and its apps are all fully open-source — all of this going above and beyond what many of its competitors offer in terms of transparency. And while you won’t get any over-the-top bonus features with PIA, you’ll get everything you need to protect your privacy online. Once you take the time to learn the app, it’s highly customizable and easy to use across platforms. PIA’s main strengths are in privacy and transparency, but its speeds are competitive as well. However, one area where I’m hoping for some improvement is in its streaming capabilities — PIA struggled with a few streaming services.

My evaluation of Private Internet Access involved an in-depth look into its features and performance on major platforms as well as its Privacy Policy and Terms of Service. I conducted 250 individual speed tests and evaluated its streaming capabilities with various streaming providers. I also analyzed its cost and overall value compared to other providers. Overall, I was impressed with the service, and I found PIA to be a capable VPN provider for most use cases.

Read more: How We Test VPNs

Speed: Consistent speeds, and fast enough for just about anything

• Average speed loss: 24% in July 2023 tests
• Number of servers: 35,000
• Number of countries: 84

PIA performed satisfactorily in my very first speed evaluation of the VPN service, with an average speed loss of 24% compared to my base internet speeds. PIA’s 24% speed loss is good for third place behind NordVPN (10% speed loss) and ExpressVPN (18% speed loss), which are our two picks for the fastest VPNs. And considering most VPNs will reduce your normal internet speeds by half or more, a 24% speed loss is still respectable.

There are many factors that can influence your VPN speeds — including the VPN protocol you’re using. With PIA, you can connect via OpenVPN and WireGuard on its desktop applications. Connecting via WireGuard generally results in faster speeds than through OpenVPN because it’s a lightweight protocol that’s engineered for speed and security. I tested PIA’s speed performance through both WireGuard and OpenVPN and as you’d guess, found that PIA’s speeds were faster through WireGuard as they were through OpenVPN. I measured an average speed loss of 33% when connecting through OpenVPN, whereas my average speed loss through WireGuard was only 15% — which averages out to a 24% speed loss between the two.

I found PIA’s speeds to be generally stable and consistent with my expectations based on my physical location and the VPN server locations I was connecting through while testing. Consistency and stability aren’t a given when it comes to VPN speeds, so it was good to see PIA excel in that regard. Other top VPNs like Surfshark, IPVanish and Proton VPN have struggled with consistency in my experience testing their speeds.

From my location in Ohio, my base internet speeds hover around 370Mbps. The fastest VPN speeds I got through WireGuard were to PIA’s servers in New York City, where my speeds averaged 348Mbps. VPN speeds to Europe (France and Germany) averaged 340Mbps and speeds to the UK averaged 317Mbps. And as expected, the slowest speeds I registered through PIA using WireGuard were to Australia and Singapore, where I averaged 309Mbps and 261Mbps, respectively.

My fastest speeds through OpenVPN were to Europe at 303Mbps, and speeds to New York City followed at 281Mbps. The one peculiarity I noticed with PIA’s OpenVPN speeds was that speeds to Australia and Singapore were faster than the speeds I measured to the UK. In fact, the average speeds I measured to Australia were significantly faster at 263Mbps as opposed to 185Mbps when connecting to the UK. My average speeds to Singapore averaged slightly faster than the UK at 198Mbps.

If you’re looking to maximize the speeds you get out of your PIA VPN connection — for things like streaming or gaming, for example — then use WireGuard. But if speed is a secondary consideration and you need heightened privacy online or need to evade censorship, then I recommend using OpenVPN because it is the most secure VPN protocol available and can get around firewalls. Even so, PIA’s OpenVPN speeds should be fast enough for most any online activity, provided your non-VPN speeds are adequate.

Read more: Fastest VPN of 2023

Cost: One of the cheapest VPNs available

• $40 per year or $12 per month (3-year plans available at $79 every three years)
• Money-back guarantee: 30 days
• Payment options: Credit card, PayPal, cryptocurrency
• Apps available for Windows, MacOS, Linux, Android, iOS, Fire TV, Chrome, Firefox, Opera

If you’re on a budget and want a decent VPN solution, consider checking out Private Internet Access. Convoluted pricing structures are all too common in the VPN industry, but PIA (thankfully) doesn’t bother with such practices and locks its prices at the same budget-friendly rate throughout the course of your subscription. PIA’s annual plan is $40 per year and its monthly plan is $12 per month. Although the company does offer a three-year plan at $79 every three years, I don’t recommend signing on with a VPN provider for longer than a year at a time, given how rapidly things tend to shift in the VPN industry.

PIA’s pricing is actually cheaper and far more straightforward than Surfshark’s, which currently holds CNET’s Editors’ Choice Best Value VPN designation. Surfshark’s annual plan starts at an introductory price of $48 for the first year, but then increases to $60 for any subsequent year. Similarly, Surfshark’s two-year plan starts out at $60 for the first two years combined, but then renews at $60 annually afterwards. Its monthly plan is on the expensive side at $13 per month.

For less than Surfshark’s introductory annual price, you’ll get access to a large network of approximately 35,000 servers located in 84 countries around the world. And as with other top VPNs like Surfshark and IPVanish, PIA has ditched connection limits and has begun offering unlimited simultaneous connections, while other competitors like its sister company ExpressVPN and NordVPN restrict their users to five and six connections, respectively. Native apps are available on all major operating systems including Windows, MacOS, Linux, Android and iOS. And while many VPNs only offer a command line option for Linux users, PIA recently upgraded its native Linux app to include most of the key features available on other platforms, like a kill switch and split tunneling. PIA also offers additional features like an ad tracker and malware blocker, multihop connections, obfuscation and automated connection settings.

PIA app performance

PIA’s app may seem a little daunting at first to VPN newbies as compared to the clean, simple app interfaces of services like ExpressVPN and Surfshark. But I like how you can pin certain components to display above the fold and customize what information you want at the forefront of the app whenever you connect. So you can make the app as clean or as dense as you want.

While my experience using PIA was largely positive, there were a few instances where I was left disappointed with its performance. I found PIA’s streaming capabilities to be hit or miss. For example, I wasn’t able to establish any connection using OpenVPN on PIA’s Amazon Fire TV Stick app. This could be an issue for anyone who needs to have a kill switch or split tunneling enabled while streaming, because PIA doesn’t offer either feature through WireGuard on its Amazon Fire TV Stick app. And while I was able to establish a connection via WireGuard using PIA’s Amazon Fire TV Stick app, the results were rather disappointing. I was able to access Disney Plus content, but both Netflix and Amazon Prime Video blocked access to its content while connected to PIA — even while I was connected to a “Streaming Optimized” server in the US.

I was able to access Netflix content via PIA’s desktop app — though only when connected to US servers — but Amazon Prime Video continued to detect the VPN and block my access. Overall, I found PIA’s streaming performance to be a far cry from the level of performance that others like Surfshark and ExpressVPN consistently deliver. If you’re looking to access streaming content through your smart TV or streaming device, ExpressVPN and Surfshark are better choices.

PIA’s split tunneling feature also ran into some major issues. I couldn’t get it to work on my Windows machine even though other VPNs’ split tunneling features worked as expected. PIA engineers said that the PIA app was conflicting with a background service I had running on my PC within Intel’s Killer Performance Suite, which was causing the split tunneling feature to fail and sometimes cause my entire system to crash. Once I removed the offending program, PIA’s split tunneling feature worked as expected. PIA engineers surmised that the VPN’s “advanced split tunneling features” were a contributing factor as to why PIA’s feature failed while other VPNs’ split tunneling worked normally on my machine. For example, engineers pointed to the fact that PIA can split DNS traffic, which allows you to run all of your DNS requests through PIA’s DNS servers or allow DNS server settings to redirect on a per-app basis. Whatever the case, PIA’s spokesperson told me that the engineers will continue to look into the compatibility issues I raised.

So if you’re a Windows user and the split tunneling feature isn’t working for you, get in touch with support to see if something on your machine is causing it to fail. If you’re a MacOS user, be aware that split tunneling only works on pre-Monterey versions of MacOS. So, even though the feature is present in PIA’s MacOS app, if you’re using MacOS Monterey or later, it simply won’t work.

While PIA is cheaper than CNET’s Best Value VPN, Surfshark, it doesn’t quite boast the wealth of features and capabilities that Surfshark does, meaning it can’t quite match the overall value. That said, PIA is a capable VPN in most respects and is a great option for anyone on a strict budget.

Read more: The Best Cheap VPN in 2023

Privacy and security: Top-tier privacy and transparency efforts

• Open-source
• RAM-only servers
• No leaks detected
• Independently audited

One of the areas where PIA shines is in its commitment to privacy and transparency. All of PIA’s apps are open-source, meaning that the software’s source code is publicly available for scrutiny by anyone who wants to inspect it. This helps ensure the software does what the company says it does and that it’s free of potential security issues. It’s good to see that PIA has gone open-source because it’s not the norm in the VPN industry (most VPNs are closed-source). Out of CNET’s list of best VPN services, only Proton VPN is open-source.

PIA had its no-logs policy independently audited by Deloitte last summer. According to a blog post published by PIA outlining the results of the audit, auditing firm Deloitte “found that server configurations align as of June 30, 2022 with internal privacy policies and are not designed to identify users or pinpoint their activities.”

Positive results from an independent audit like this are a good way of building trust in the company’s assurances that it doesn’t collect or store any logs related to users’ online activity while connected to its servers. If PIA doesn’t collect any usage logs, that means it doesn’t have any useful information to hand over to authorities if requested. But a VPN’s no-logs claims are virtually impossible to verify with complete certainty, even with the publication of an independent audit. A PIA spokesperson told me that the company is “confident that Deloitte’s findings remain correct today,” and that it’s working on coordinating its next audit as part of its “broader efforts around regular transparency reporting.”

“PIA’s server infrastructure is not designed to identify users or pinpoint their activities and we do not store any logs relating to traffic, session, DNS or metadata. There are no logs kept for any person or entity to match an IP address nor a timestamp to a current or former user of our service,” the spokesperson said.

But PIA has a few additional aces up its sleeve that help boost the credibility of its no-logs claims. The company’s latest semi-annual transparency report outlines the number of court orders, subpoenas, warrants and notices it received in the past six months, and states that it produced logs a total of zero times in the 166 instances it was approached for information. Additionally, PIA has had its claims tested in court and was unable to produce logs.

PIA’s RAM-only server architecture also helps strengthen its stance on privacy. With RAM-only servers, data is theoretically never stored to a hard disk and is wiped every time the server is rebooted.

PIA offers industry-standard AES 256-bit encryption, along with essential privacy features like a kill switch and DNS leak protection. In addition to its standard kill switch feature, PIA offers an Advanced Kill Switch that completely kills your internet connection even when you’ve turned the VPN off. This is a nuclear option, but presents an excellent way for users with critical privacy needs to ensure that they can’t accidentally go online without protection from the VPN. Both kill switch features worked as expected during my testing, and I detected no leaks whatsoever.

Though PIA’s commitment to privacy is solid, a few things may be a deal-breaker if you require critical levels of privacy from your VPN. First, the company’s US jurisdiction may scare you off due to the US government’s rocky track record concerning digital privacy. Second, PIA’s Kape Technologies ownership may give you pause. Kape owns CyberGhost VPN, ZenMate VPN and ExpressVPN, in addition to PIA, and up until 2018, Kape Technologies was known as Crossrider, a company with a bit of a checkered past.

Additionally, two key statements in PIA’s privacy policy stood out to me. One indicating that the company shares certain information under certain conditions with Kape and companies under the Kape umbrella:

“While we may disclose collected Personal Data to necessary members in our group of companies (across our ultimate holding company and all its subsidiaries) insofar as is reasonably necessary to continue our Service in line with this Policy, we regard our commitment to user privacy as paramount.”

And another indicating that PIA also grants some control of processing user data to employees across PIA’s group of companies:

“Only key employees of PIA and PIA’s Group with a need to administer or process Personal Data are granted access to the servers and information where Personal Data is stored.”

This is a concern, because as VPN companies are continuing to consolidate under larger holding companies, it’s getting increasingly difficult to keep track of where user data is being stored and who is controlling or processing it. Unlike PIA, ExpressVPN — which was purchased by Kape in 2021 — states explicitly in its Privacy Policy that “Your Personal Data is controlled by and stored under ExpressVPN, and not by its ultimate holding company, Kape Technologies PLC (UK) or other related entities.” We would have liked to see a similarly clear line drawn in PIA’s policy.

When I voiced my concerns about the privacy policy, a PIA spokesperson told me via email, “Kape does not control PIA user data. PIA controls its own user data and the only employees with access to this are those working directly on PIA product and user experience, and even then this is in a very limited capacity.”

The spokesperson also said PIA’s legal team is now working on updating its privacy policy to more clearly communicate this.

All things considered, PIA seems to be doing everything in its power to assuage concerns about its US jurisdiction with its wide-ranging transparency efforts. And there is no indication that Kape Technologies is in any way still involved in its previous ad-injection practices while operating as Crossrider. If you’re not concerned about the US jurisdiction, PIA is still an excellent choice for privacy-conscious users.