All About Cookies is an independent, advertising-supported website. Some of the offers that appear on this site are from third-party advertisers from which All About Cookies receives compensation. This compensation may impact how and where products appear on this site (including, for example, the order in which they appear).
All About Cookies does not include all financial or credit offers that might be available to consumers nor do we include all companies or all available products. Information is accurate as of the publishing date and has not been provided or endorsed by the advertiser.
The All About Cookies editorial team strives to provide accurate, in-depth information and reviews to help you, our reader, make online privacy decisions with confidence. Here's what you can expect from us:
The Senate has until June 12 to vote on renewing a surveillance law that lets U.S. intelligence agencies search Americans' private communications without a warrant. If the law passes as written, the traffic from your VPN could be treated as a foreign signal by U.S. intelligence agencies, subjecting it to warrantless collection.[1]
The law is called FISA Section 702, and most Americans have never heard of it. But according to our latest survey, 60% of Americans actively use VPNs to change their perceived online location, and the same feature that makes a VPN work for privacy may be working against them under this law.
Section 702 of the Foreign Intelligence Surveillance Act authorizes U.S. intelligence agencies to collect communications from foreign targets overseas by compelling American companies, including Google, AT&T, and Verizon, to hand over calls, texts, and emails. No warrant is required.
The catch is that those foreign targets also communicate with Americans. When they do, Americans' messages get swept in too. The FBI, CIA, and NSA then run what the government calls "backdoor searches" through that collected data to find Americans' communications, also without a warrant. It's a form of government mass surveillance that has drawn bipartisan criticism for years.
The documented history of how that data gets used makes privacy concerns more than theoretical. The Foreign Intelligence Surveillance Court, which oversees the program, has largely approved this practice. But even the FISA Court's own 2022 opinion found the FBI's track record troubling, calling compliance violations "persistent and widespread."
And the abuses are well-documented. Government agencies have been using backdoor searches to look through the communications of political protesters, members of Congress, and approximately 19,000 donors to a U.S. political campaign.
A bipartisan amendment that would have required a warrant before agencies search Americans' data nearly passed in 2024, failing on a tied vote.
The House passed a three-year renewal of Section 702 on April 29 by a vote of 235-191. The Senate rejected that version, and Congress instead passed a 45-day extension on April 30, buying time until approximately mid-June to determine what a longer-term reauthorization would look like.
Into that uncertainty, Sen. Ron Wyden (D-OR) and a group of colleagues sent a formal letter to Director of National Intelligence Tulsi Gabbard asking whether VPN users could be losing their privacy rights under this very law. The letter asks "if these VPN services, which are advertised as a privacy protection … could, in fact, negatively impact their rights against U.S. government surveillance."
No public response has come.
More than half of VPN users (52%) say they are mostly or completely confident in their online anonymity when using a VPN, according to a 2026 All About Cookies VPN survey of 1,000 U.S. adults. That confidence doesn't account for Section 702.
The specific risk comes down to how traffic is classified: a VPN works by routing your connection through an encrypted tunnel to a server that could be in the U.S. or abroad. That server location is what masks your real IP address and provides privacy protection.
The government's default position is that data of unknown origin is treated as foreign, subject to few privacy protections. A VPN, by design, obscures the origin of your traffic. But under the logic of a law designed to target foreign communications, that same behavior can make your activity look foreign to an intelligence agency.
There is no VPN setting that shields you from Section 702 collection since the law doesn't target individuals directly. Instead, the law targets the companies that carry your data. If your traffic looks foreign and passes through infrastructure controlled by a U.S. company, it can be collected.
A fix is on the table. The bipartisan Government Surveillance Reform Act, backed by Sen. Wyden (D-OH) and Sen. Mike Lee (R-UT), would require a warrant before agencies run backdoor searches on Americans' data collected under 702. It would also close a separate loophole that currently lets agencies buy Americans' location data and browsing history directly from data brokers, bypassing courts entirely.
Whether it advances before June 12 remains an open question.
There is no app or browser setting that blocks Section 702 collection. The law operates at the level of U.S. companies and the infrastructure they control, not at your device.
What you can do is reduce how much of your data is stored with American providers that can be legally compelled to hand it over.
For sensitive communications, the mechanism that matters most is end-to-end encryption (E2EE). Unlike standard encryption, E2EE scrambles your messages before they leave your device, and only the intended recipient's device can decrypt them.
That means the company delivering your message can’t read it, which means there is nothing useful to hand over, even under a legal compulsion order.
Here are some examples of products with E2EE:
Moving sensitive communications and files from U.S. providers like Google and Apple to the Proton suite is one of the more practical steps available right now.
Comprehensive security bundle with VPN, email, cloud storage, and password manager
Includes Proton VPN, our top privacy VPN, which offers 20,000+ servers high-speed servers
Backed by Proton's Swiss privacy protection and end-to end encryption
For VPN users specifically, choosing a provider with a verified no-log policy means there is no stored record of your activity to hand over, even if the company receives a legal demand. Look for providers audited by independent third parties, not just ones that make the promise in their terms of service. Our guide to the best no-log VPNs has a full breakdown of audited options.
A data removal service can also reduce your footprint by scrubbing your personal information from the data broker databases that intelligence agencies can currently purchase without a warrant.
FISA Section 702 expires June 12, but the Senate has not yet voted. Senators are asking publicly whether the VPNs Americans use for privacy are being turned against them by a surveillance law written before that technology existed, and the government hasn’t answered.
Whatever Congress decides before the deadline, the underlying exposure doesn't disappear. The more your data sits with U.S. providers, the more exposure you carry under Section 702. A VPN alone won't close that gap.
Comprehensive security bundle with VPN, email, cloud storage, and password manager
Includes Proton VPN, our top privacy VPN, which offers 20,000+ servers high-speed servers
Backed by Proton's Swiss privacy protection and end-to end encryption
/images/2023/10/12/best_identity_theft_protection_with_dark_web_monitoring.jpg)
/images/2023/12/01/omniwatch_review.jpg)
/images/2026/05/29/capitol_dome_building_exterior_washington_dc_usa._home_of_congress_and_YuuNtGo.jpg)
/images/2026/05/22/aerial_panoramic_helicopter_city_view_on_lower_manhattan_district_and__pezbO1O.jpg)
/images/2026/05/25/ai-therapy-notes-privacy-new.png)
/images/2026/05/14/red_netflix_logo.jpg){kind=logo}
/images/2026/05/13/national_health_service_logo_on_blue_background.jpg){kind=logo}
/images/2026/05/12/hacker_in_data_security_concept._hacker_using_laptop._hacking_the_inte_q9rPpHH.jpg)
/authors/kate-quinlan-new.jpg){kind=small}
/authors/kalleigh-lane-new.jpg){kind=small}
/images/2026/04/06/proton-logotype-purple-transparent.png)
/authors/kate-quinlan-new.jpg)