A lot of the confusion comes because there are two types of "VPN". True VPNs, and public "VPN"s which are really just proxies.<p>The article ignores true VPNs. The purpose of a VPN is to allow extending a private (IP) network over the internet. This means that private-use IP address space can be shared over public-use internet links (or some other protocol, like NetBIOS or AppleTalk, though these are mostly unused by modern equipment). VPN tunnels are encrypted to provide privacy, so that communications between the endpoints can be kept secure even when using legacy unencrypted protocols.<p>Then there are public proxy "VPN"s. These use VPN software, but don't provide a private network routing reserved IP space across the internet. They just provide an encrypted tunnel. These function as an overlaid ISP. They can be handy for evading region blocking, for providing some security from your physical ISP's ability to snoop on traffic (at the expense of giving that ability to the proxy service), and potentially for helping provide some anonymity.<p>So for the first case (true VPNs) HTTPS isn't a substitute, because HTTPS can't affect the routing of anything since it's at not operating on the internet layer. It operates at a higher level!<p>For the second case, proxy servers can shift trust away from your ISP and onto the service provider. With ESNI still in draft this can help close an information leak. But they're far less important here than in the true VPN case, and once ESNI achieves broad adoption they'll be even less of an improvement. Then their only real function will be for obscuring your location.