Search for free VPN on the Play Store and the results scroll for pages. Bright icons, five-star ratings, hundreds of millions of installs between them. Most promise the same things: unlimited data, no signup, anonymous browsing. The pitch is simple, and for anyone who doesn't want to pay a subscription just to dodge an aggressive ad tracker, it lands.
The pitch is also, for a sizeable chunk of those apps, misleading.
The category has a trust problem
Independent audits of the top free VPN apps on Android have repeatedly turned up the same pattern over the last few years: a meaningful share of them ship with permission requests that have nothing to do with running a VPN. Access to the device camera. Continuous GPS. Phone state. Sensors. Sometimes microphone.
None of those are needed to encrypt traffic and route it through a remote server. They show up because the apps are monetised somewhere, and when the user isn't paying, the monetisation is usually advertising or data brokerage. Some apps are upfront about it. Most aren't.
On top of that, a smaller but persistent slice of the category fails the basic test: keeping DNS queries inside the encrypted tunnel. A DNS leak defeats the point of the product. The user thinks their browsing is private; their internet provider sees every domain they visit anyway.
That said, free isn't always a trap
It would be lazy to write off the entire free tier. Some of the most respected names in the industry run freemium plans precisely because they want users to test the product before paying. These are not the same animal as a no-name app pulled from a developer account with no website. They are throttled versions of paid services, usually with a smaller server list, a data cap, or speed limits, but built on the same encryption stack the paying customers use.
For a lot of casual use cases, that's enough. Checking email on hotel Wi-Fi. Reading news sites that block your region. Avoiding the targeted-ad spiral that follows you for a week after one badly-timed search. A capped free tier from a company with a published privacy policy, a working website, and a paid version it actually wants to upsell you on is a different proposition entirely from a 100MB-install novelty app whose parent company you cannot find.
The freemium route also has a side benefit: it's a low-stakes way to figure out whether a VPN slows your connection too much, whether the kill switch behaves, whether the apps on your phone and laptop play well together. If they don't, you've lost nothing. If they do, you upgrade.
How to tell the honest free tiers from the rest
This is where most readers get stuck. The Play Store rating is useless. Review-bombing and review-buying are both rampant in this category. Star count tells you nothing about whether the app leaks DNS, and nobody is going to read forty privacy policies to make a Tuesday-evening decision about a tool that costs nothing.
The shortcut most people use, sensibly, is to start from a comparator that has already done the technical work. A good one will have actually run the apps, checked for leaks, looked at what permissions they ask for, and noted who owns the company behind them. A bad one will rank by affiliate payout. The difference shows up fast: if every app on the list links out to a paid plan and the "free" angle is barely mentioned, the writer wasn't really testing free VPNs.
For a starting point that focuses specifically on the free tier rather than the usual paid roundup, Gizmodo's free VPN guide is one of the more useful comparators in English: it separates genuine no-cost services from time-limited trials, and it flags the trade-offs (data caps, server limits, streaming compatibility) without pretending they don't exist. Use it as a filter, not gospel. But it cuts the search space down quickly.
Three things to check before installing
Once a candidate is on the shortlist, the homework that's left is small. First, the company behind the app should be findable. A real corporate address, a parent company you can search, a privacy policy written by someone who has obviously read it. Apps with no website and no traceable owner should be a hard no, regardless of how good the icon looks.
Second, the protocol matters. WireGuard and OpenVPN are the modern standards. If the app supports neither and uses some proprietary protocol it won't describe, that's a flag. Strong AES-256 encryption should be table stakes, not a selling point.
Third, look at what the app asks for at install time. A VPN needs network permissions and not much else. A request for contacts, location, or microphone is a question you deserve an answer to before the app earns a place on your phone.
The free tier sits in an awkward spot. Regulatory pressure on the wider VPN sector keeps tightening, and some serious operators have responded by reshaping where their physical infrastructure lives. Others have leaned harder into their freemium plans as a way of holding on to users who would otherwise drift toward the dodgier corners of the Play Store. The free user, oddly, sometimes ends up better protected than they were five years ago, because the providers still in the game are the ones who took the privacy claim seriously.
Pick carefully. The category rewards it.