The abbreviation VPN stands for Virtual Private Network which means an encrypted connection over the internet from a device to a network.
This article provides some basics about VPN connections and the privacy they cannot provide.
VPN technology was developed to allow remote users and branch offices to access corporate applications and resources. It extends a corporate or you home network through encrypted connections made over the internet. Because the traffic is encrypted between the device and the network, traffic remains private as it travels.
With a VPN you can work outside the office or your home network and still securely connect to the corporate or home network. You do so by establishing an encrypted connection across the Internet known as a tunnel. Because of the encryption anything that is transmitted through the tunnel is hidden from anything outside this tunnel, meaning other users and devices on the internet.
To see the advantages and limitations or even risks of a VPN, you need to understand that the data transmitted is visible at the receiving endpoint regardless of whether the VPN tunnel itself is encrypted. Figuratively spoken, although you cannot see what cars are in the tunnel, you can see them when you are standing at the tunnel's entry or exit. Hence, the only secure VPN is where the participants have control at both ends of the tunnel.
No privacy with Commercial VPN Providers
The internet is full of shiny adverts from VPN services who want to lure you into a contract with them and full of rankings and tests who pretend that they have tested the VPN services for you. But remember that the VPN service provider is sitting at the endpoint of the tunnel and can watch exactly what you are doing and log it, too. You need to decide if you trust them and their promises. But as many of the big commercial VPN services are making highly questionable promises and as they also trace and track you that's not something you would normally expect from a trustful company (and therefore I do not trust them).
Logging your activities
Surely, many VPN services say or even give a "guarantee" that they do not log your activities. But again, you need to trust them that they do not log. There is no way for you to verify that. And you need to know that every VPN service can log. If it does or under what circumstances it does, nobody can tell.
The only safe assumption is that every VPN provider logs.
Anonymity
When using a VPN connection, normally the IP address of the tunnel's end point is used for the internet communication and not the IP address of your device. This leads to the wrong assumption that a VPN provides anonymity. But in fact you are not really anonymous when using a VPN service.
The VPN service provider has your original IP and they can log that. Furthermore, VPN services are likely to disclose your identity unintended by several leaks they may have in their implementation, setup or software. There are lots of cases of this kind documented with several VPN service provides.
They may even have more details about you in case you pay by credit card, Paypal, or whatever.
And in addition to that, there a lots of ways nowadays to trace and track you on the internet and to identify who you are.
Overall, you should never assume that any VPN can give you anonymity.
Hide your IP address to access content illegally
This topic is related to the Anonymity topic before. For the server you connect to, only the IP address of the VPN end-node is visible. That seems to give you some protection in the first place and may delay the criminal proceedings a little bit.
But as you learned above, the VPN service provider has all the data needed for a criminal investigation. And they don't only know the source IP address where you initiated the connection with, they also may have other personal data from you, like credit card details, e-mail address, etc. And, as they are having full access to the data transmitted, they may also monitor each activity you were doing.
Bypass Geo-Blocking
Geo-Blocking is a technology that restricts access to internet content (e.g. video streaming) based on the user's geographical location. A typical approach is to use the user's IP address and checking it against the assigned region or against black- or white-lists. The geo-location may also be used to modify the content provided, for example, the currency in which goods are quoted, the price or the range of goods that are available, besides other aspects.
Because, when using a VPN connection, a server cannot see the user's original IP address, but the IP address from the end-node, geo-location tools may locate you being at the location of the end-node.
But be aware that many streaming sites have blacklisted the IP addresses of the professional VPN services and although having a local IP address, you may still be blocked.
Bypass Internet Censorship
Some countries and providers have blocked specific content or individual websites. When using a VPN tunnel you may be able to still use these websites or content, because the content within the tunnel his hidden to them.
But note that in these countries, who are actively blocking internet content, the use of VPN may be illegal. And these countries may have blocked the professional VPN services and in that case you may not be able to initiate a VPN connection.
Hide Your Browsing Activities from Your Current Network / WiFi Connection
Your browsing activity on non-HTTPS websites is visible not only to the operator of the network but to everyone nearby. To prevent this, a VPN connection can help. If you go with one of the professional VPN services, you know already that they can see everything you do, because they can monitor your activities behind the end-node.
A better alternative can be to set up your own VPN at home and access the internet through your own router (see also topic "Access Your Home or Business Network when Off-Site" below).
Hide Your Browsing Activities from Your Internet Provider
Also your internet provider can see which web sites you connect to and monitor your browsing activity on non-HTTPS websites. To prevent this, a VPN connection can help her, but, as you know already, a professional VPN service provider can monitor your activities, too. The question is now whom do you trust more, your local internet provider or a VPN provider?
A second aspect to be mentioned here is that most of the VPN service providers supplies tools to establish the VPN connection to their infrastructure. The idea behind this is to activate the VPN connection in a more comfortable way than VPN configuration on operating system level. But these tools require to be installed and run on your system and you need to trust that these tools that they do not do anything in the background that you do not really like them to do, such as spying on your local data, establishing back-doors, or misuse your system for spamming or illegal use.
Here an alternative could be to set up your own VPN in the cloud and access the internet through your own cloud instance.
Access Your Home or Business Network when Off-site
Actually, this is the use case VPN was originally developed for: Use your own VPN connection to access your business or home network. Once your are connected and "tunneled" into your business or home network you have access to its local network resources, while the local resources don’t have to be exposed directly to the Internet. In addition to that you can use the connection to hide your activities from public networks (see topic before) and, when accessing websites, you may bypass geo-blocking in the sense that your are connecting to web servers with your home or business IP address.
Obviously you are not anonymous, but as you learned already, with VPN you are not anonymous anyway. And you don't need a professional VPN service for that.
Some routers can be set-up as a VPN server or you configure a Raspberry Pi home server to provide the VPN access.