No, they (usually) don't. In fact, given that your ISP likely rotates your IP more often than your AWS server, rolling your own VPN may in fact be a decrease in anonymity in some cases.
The benefits to privacy would be:
- It may still make it harder for your ISP to track you, which can be worthwhile.
- It can still be useful to help hide your physical location, since your IP won't be in the same county as you. That's also not nothing.
For 3rd-party sites, you'll be making your traffic easier to correlate across domains, locations, etc... Up to you whether or not that's part of your threat model.
I run a VPN server via Vultr, and I've wondered if it would be worth the hassle to rotate instances once a week to solve this issue. So, every week, run a script that spins up a new instance, sets up the VPN, and shuts down the old one. If you use DNS to point to the server instead of a static IP address, this can be automated completely without even touching the VPN clients. Hell, if it works well enough, I don't see why you couldn't do this every night.
I recently saw a comment from someone really dedicated to privacy (I think they said they were a journalist) who scripted this via Streisand. They set up a new instance at the start of each day as part of their normal workflow. So I'm sure it's possible, and maybe not even too much of a hassle once you have the scripting in place.
The ISP retains records. It's not uncommon to get letters from your ISP telling you to stop torrenting that blockbuster movie you torrented last week because some law office reported your IP address at the time. So clearly someone can ascertain your identity through legal discovery if you just use your ISP.
- Rolling your own VPN (control your own infrastructure)
- Using an existing VPN service (crowd-based anonymity)
- Doing nothing (privacy nihilism)
Each decision has their own benefits and tradeoffs. If you're someone who torrents, you should probably be using crowd-based anonymity. If you really dislike the trust relationship you have with your VPN and you're technically inclined, you can roll your own VPN. If you don't want to spend the time worrying about this stuff, setting up a VPN on its own and doing nothing else won't make you private anyway.
I (very cautiously) lean towards advising people to use an existing VPN service, but that's not a strong opinion. I do think people who argue that rolling your own VPN is the only sensible choice are either full of crap, or haven't thought through the actual threat models real people face.
There's a big movement in some portions of the security industry to say that moving trust around isn't valuable, and that doing nothing is better than centralizing your trust. I'm not going to mince words, I think that's a really dumb perspective.
The benefits to privacy would be:
- It may still make it harder for your ISP to track you, which can be worthwhile.
- It can still be useful to help hide your physical location, since your IP won't be in the same county as you. That's also not nothing.
For 3rd-party sites, you'll be making your traffic easier to correlate across domains, locations, etc... Up to you whether or not that's part of your threat model.