VPNs for Security and Privacy: 2017 Edition

Mullvad is in my opinion currently the most secure known VPN for Windows. It is listed on Privacy Tools very selective VPN providers with extra layers of privacy list and was one of only six VPNs (of 29 tested) that passed VPNTesting.info's extensive leak test on Windows. They did however not pass the Mac leak test. It also does really well in That One Privacy Site's VPN comparison chart. Mullvad run by Internet activists and is based in Sweden, which has good privacy laws, they keep no logs, support OpenVPN, and their VPN client is open source. Mullvad allows customers to pay anonymously via Bitcoin or even by mailing them cash, for those who do not want a digital trail left behind after their VPN purchase. They have recently also started selling anonymous activation codes for Mullvad in stores in the Nordic countries. Mullvad requires no personal information to start an account, not even an email address, making it the most anonymous VPN service on this list. Just fill in the captcha, generate an account number and pay to activate the account.

OVPN.se is in my judgement currently the most secure known VPN for Mac. It is listed on Privacy Tools very selective VPN providers with extra layers of privacy list and was one of only four VPNs (of 29 tested) that passed VPNTesting.info's extensive leak test on Mac. OVPN.se did however not pass the Windows leak test. It also does really well in That One Privacy Site's VPN comparison chart. OVPN.se is based in Sweden, which has good privacy laws, they keep no logs, support OpenVPN, and they allow customers to pay anonymously via Bitcoin or even by mailing them cash, for those who do not want a digital trail left behind after their VPN purchase. OVPN.se has gone to great lengths to ensure physical security by removing any kind of storage media, so their servers have no hard drives, USBs, or CD in them and thus it is impossible for those servers to store any user data. OVPN.se has taken out an insureance for trial costs that covers up to 2.5 million SEK (about $280 000 / 260 000€).

AirVPN is a secure VPN for Windows. It is listed on Privacy Tools very selective VPN providers with extra layers of privacy list and was one of only six VPNs (of 29 tested) that passed VPNTesting.info's extensive leak test on Windows. AirVPN did however not pass the Mac leak test. It also does really well in That One Privacy Site's VPN comparison chart. AirVPN is based in Italy, keeps no logs, allows customers to pay anonymously via Bitcoin, supports OpenVPN, and their VPN client is open source. AirVPN's staff includes activists, hacktivists and members or the Swedish and Italian Pirate Parties.

ProtonVPN is a new VPN service by the former CERN and MIT researchers behind the well-known encrypted ProtonMail email service. The ProtonVPN client has a feature called Secure Core which - much like Tor - routes traffic via two intermediary VPN servers before reaching the final VPN server in order to make surveillance harder for adversaries to preform. VPN servers in countries that are well-known for having some of the strongest privacy laws in the world - Iceland and Sweden - are used as intermediary destinations for the Secure Core feature. ProtonVPN is based in Switzerland, which has good privacy laws. ProtonVPN only keeps connection logs (when you connect and disconnect from the VPN) in order to prevent intrusion attempts into their service, it supports OpenVPN and accepts Bitcoin. ProtonVPN offer quite a generous free plan, which is ment to convince potential customers to pay for one of their premium plans for more features and higher speeds (the speed on the free servers is still very good though). The free servers do not support BitTorrent, which is understandable since the server load and hosting costs that would result of offering a free torrenting VPN to the world is not sustainable. ProtonVPN has not been thoroughly leak tested by vpntesting.info or anyone else yet, so please keep that in mind and leak test the VPN before using it for anything mission critical as there has been some issues with IP and DNS leaks in the past on various operating systems.

My personal opinion after trying ProtonVPN for quite a while is that they have a long way to go before I'd recommend paying for their service. As of right now I'm only having them on this list because it's the only decent freemium VPN service that doesn't data mine its users in order to make a quick buck via data broking companies and is a better option than not using a VPN at all and because it's the only one of the VPNs on this list that has a VPN client for Android & iOS. (There are third party mobile VPN clients that can be used for VPN services that don't have their own app).
The leaks are one thing, it's hard to leak proof a VPN service across all operating systems, especially considering that those OS' and the the Internet in general were never designed to be used anonymously. And to some degree some of the leaks seem to be because of a third party VPN client called Tunnelblick that a lot of Mac users use, so that's outside of ProtonVPN's control until they've made their own Mac client. (Pro-tip for Mac users: Just pay for Viscosity. According to Reddit users it doesn't leak and it only costs $9. If you're getting a VPN you might as well make it work properly.)
What I have a harder time understanding is why the ProtonVPN client feels like it's still in beta. While it is beautiful design-wise, it has some functionality problems. It often has problem reconnecting after dropping the connection due to the killswitch option killing the VPN connection itself. The client also regularly forgets the login credentials, which it's supposed to remember. These are two well-known issues and why they haven't been fixed yet is beyond me.
All-in-all, it looks like a promising VPN service that has had a bumpy (and well-publicized) start. I wouldn't choose it over any of the previously mentioned VPNs on this list as of right now, unless you plan on not paying for your VPN at all and are satisfied with a VPN service that might occasionally leak or an official client that has some annoying bugs.