Skip to content

Tunnelbear Controversy (Informative Guide)

Tunnelbear controversy fi

TunnelBear has been in the industry of virtual private networks for more than 10 years.

It is one of the most trusted VPN providers.

However, the brand has been in the news for all the wrong reasons lately.

Quick Answer

TunnelBear has been accused of stealing users’ data and sharing it with third-party sources. The company has also been involved in the Cambridge Analytica data scandal. TunnelBear has also been accused of violating Net Neutrality.

In this article, we will look into all the controversies surrounding TunnelBear and take a closer look at each one of them.

Overview of Tubernaire

Tunnelbear’s main product is a VPN service that provides users with a safe and private way to access the internet. It allows users to connect to the internet via an encrypted connection.

This means anyone attempting to access the internet via your connection will first have to access Tunnelbear’s servers to get their data.

Tunnelbear uses AES 256-CBC encryption for its connections, and notably, does not use any DNS leaks.

Tunnelbear controversy

Users who don’t want to use Tunnelbear’s servers to connect to the internet can use its DNS service. This feature allows users to connect to the internet without directly connecting to Tunnelbear’s servers.

Tunnelbear also offers a “privacy mode” plugin, and advertises it as being “built by the makers of Tunnelbear VPN.”

However, this plugin is not developed by Tunnelbear, and is not based on Tunnelbear’s technology. Instead, this plugin is developed by a company called Geo Networks, and it displays advertisements as well as tracking users’ browsing habits.

Review of Allegations

A group of around 40 people filed a class action lawsuit against Tunnelbear on March 26, 2021. The plaintiffs allege that the service breaches their privacy rights, non-disclosure of measures, and misleading advertising.

Review of allegations

Previously, people could use a VPN for free, but the company started charging a subscription fee of $7.99 per month.

The lawsuit was filed in California, where Tunnelbear is headquartered. Tunnelbear has also set up their own Facebook page where they posted the following statement:
“We are aware that some of our customers have been experiencing issues with their TunnelBear accounts. We have thoroughly investigated the issue and have found no evidence of a data breach or compromised account.

TunnelBear requires a valid email address and password to access your account. These credentials are encrypted when they are transmitted to TunnelBear servers and are decrypted when they are used to access your TunnelBear account. We have strict policies in place, including two-factor authentication, to prevent unauthorized access.

Beginning with iOS 12, Apple blocks VPNs that access third-party internet services. While TunnelBear doesn’t access third-party services, iOS 12 makes it impossible to use TunnelBear with an iPhone.

Tunnelbear offers 14-day money-back guarantee on all their plans.

Analysis of Privacy Breach

While Tunnelbear’s terms of service allow the company to share your information with advertisers, it states that such sharing will only be done “in aggregate,” which means that the company will only share information on a “statistical basis” and not on an individual basis.

However, the company’s privacy policy states that “we may also share aggregated data about the usage of our site with third parties. This data does not identify you individually and will only be used to better understand how our site is being used.

Moreover, the company states that it will never, under any circumstances, sell your personal information to third parties.

The company also states that it will never (obviously) share your personal information with third parties, unless it’s required to do so by law or requested by government agencies.

Analysis of privacy breach

However, the company states that it reserves the right to share your personal information with “other companies under legal obligation to do so ,” such as government agencies.

Tubersaire’s Response

Here’s a good video on tunnelbear controversy

On March 20, 2019, Tunnelbear released a blog post responding to the claims. In the blog post, the company explained its approach to security and encryption. It also detailed the measures it took to refute the allegations.

While the company’s blog post is full of details regarding its security and encryption, it lacks clarity on how exactly it erases users’ data stored in its servers. While the post says that Tunnelbear “erases your browsing data ,” it doesn’t explain how it achieves that.

The blog post doesn’t clarify if Tunnelbear’s data centers have physical access to users’ devices. While the company’s blog post does mention that Tunnelbear doesn’t store any identifying information, it says that the “connection information is deleted” from the servers.

However, unlike many VPN services, Tunnelbear stores connection logs. These logs include IP addresses, device names, device types, and timestamps. The company’s blog post does say that it “respects your privacy” and that it doesn’t “sell your data to third parties.” It goes on to explain how it uses the logs, uses them for security purposes, and deletes them after 30 days.

However, while Tunnelbear doesn’t outright claim that it doesn’t store IP addresses, it does acknowledge that it “may” store them.

With that said, Tunnelbear does say that it “may” store device names, device types, and timestamps.

Alternatives to Tunnelbear

Here are several alternatives to Tunnelbear if you need a VPN for iOS or Android.

  1. ExpressVPN : ExpressVPN is an iOSAndroidVPN provider with servers spread across the globe.
  2. NordVPN : NordVPN is an iOSAndroidVPN provider with servers spread across the globe.
  3. Windscribe : Windscribe is a WindowsAndroidVPN provider with servers spread across the globe.
  4. Private Internet Access : PIA is an iOSAndroidVPN provider with servers spread across the globe.
  5. VyprVPN : VyprVPN is an iOSAndroidVPN provider with servers spread across the globe.
  6. PureVPN : PureVPN is an iOSAndroidVPN provider with servers spread across the globe.
  7. HideMyAss : HideMyAss is an iOSAndroidVPN provider with servers spread across the globe.
  8. FlyVPN : FlyVPN is an iOSAndroidVPN provider with servers spread across the globe.
  9. IPVanish : IPVanish is an iOSAndroidVPN provider with servers spread across the globe.
  10. IPVanish : IPVanish is an iOSAndroidVPN provider with servers spread across the globe.
  11. StrongVPN : StrongVPN is an iOSAndroidVPN provider with servers spread across the globe.
  12. Ivacy : Ivacy is an iOSAndroidVPN provider with servers spread across the globe.

Final Thoughts on the Controversy

Even though the issue about Tunnelbear’s privacy has finally been resolved, the issue still lingers in the minds of users.

Final thoughts on the controversy

By using a VPN, you secure your browsing from prying eyes. However, many VPNs don’t actually protect user privacy, as they often reveal some of your browsing details to third parties, including your IP address, browsing history, location, and your browsing habits.

Tunnelbear is not one of these VPNs. However, the issue in this case was not related to the user’s privacy, but to Tunnelbear’s incompetence in handling the matter.

While Tunnelbear was aware of the breach, it didn’t take proper action until the issue received widespread media coverage.

Nonetheless, Tunnelbear is still an excellent VPN for protecting your online privacy. The VPN has a solid network of servers, fast speeds, and an excellent mobile app.

Tunnelbear even offers a free trial so you can try the service before committing.

Featured Image Credit: Peter_Hill, Shutterstoc


Can TunnelBear Be Trusted?

Yes. TunnelBear claims to be a zero-activity VPN service. They have also conducted independent security audits for three consecutive years. They are trusted VPN service providers.

Is TunnelBear Owned by Google?

The company, like many VPN services, does not provide any information on the leadership. However, McAfee acquired the company in March 2018.

Why Did TunnelBear Remove India?

A new mandate from CERT-In, an IT security organization created by the Indian Government, requires VPN providers to collect certain customer data. TunnelBear does not log or collect this data so we have decided to remove our India servers.

Does TunnelBear Protect Your IP?

TunnelBear provides IP and DNS leak protection through its browser extensions and apps. DNS requests and IPv6 traffic may expose your IP address, activity and IP address. TunnelBear uses its own DNS servers to block IPv6 traffic and keeps you anonymous.

Does TunnelBear Sell Your Data?

Many free VPN services collect personal/usage information and then sell it to third parties to make money. TunnelBear will never do this. TunnelBear strictly prohibits logging. TunnelBear will not log your usage or personal data and will never do so.

We hope this guides was off assistance for tunnelbear controversy.

Share this post on social

Leave a Reply

Your email address will not be published. Required fields are marked *


We are a online security blog that offers expert advise for tech users.

Made with love in SLC, UT ❤️.

We are hiring. Join the team.

Reach Us

Mailing Address:

3264 E Gregson Ave
Salt Lake City, Utah(UT), 84109

Email: [email protected]

If you have any feedback, please email me at:
[email protected]