The router could be running outdated and compromised firmware. The router could actually be malicious and actively sniffing packets and logging your data. The router could be improperly configured and other users on the network could be sniffing your data or probing your laptop or mobile device. You never have any guarantee whatsoever that an unknown Wi-Fi hotspot isn’t, either through malice or poor configuration, exposing your data. (A password doesn’t indicate a network is secure, either–even if you have to enter a password, you could be subject to any of these problems.)
Cost: This VPN service comes in three plans: Basic, Pro, and Premier, any of which can be purchased on a six month, one year, two-year, or three-year basis. The premier plan is $5.83 /month if you pay all 36 months up front, the professional plan is $4.44/month if you buy all three years at once, and the basic plan is $3.06/month for three years. Basic also lets you pay monthly, for $5.99/month.

Voluntary tunneling occurs when a client computer or routing server creates a virtual connection to the target tunnel server. To accomplish this, tunneling client software and the appropriate tunneling protocol must be installed on the client computer. For the protocols discussed in this technical reference, voluntary tunnels require an IP connection (either LAN or dial-up).
For VPN connections, however, IP datagrams sent across the Internet can arrive in a different order from the one in which they were sent, and a higher proportion of packets can be lost. Therefore, for VPN connections, MPPE changes the encryption key for each packet. The decryption of each packet is independent of the previous packet. MPPE includes a sequence number in the MPPE header. If packets are lost or arrive out of order, the encryption keys are changed relative to the sequence number.
That attitude to the safety and privacy of personal data creates an enormous online security risk. Public Wi-Fi networks, which are ubiquitous and convenient, are unfortunately also highly convenient for attackers looking to compromise your personal information. How do you know, for example, that "starbucks_wifi_real" is actually the Wi-Fi network for the coffee shop? Anyone could have created that network, and they may have done so in order to lure victims into disclosing personal information over it. In fact, a popular security researcher prank is to create a network with the same name as a free, popular service and see how many devices will automatically connect because it appears safe.