Perhaps some background and context would be worthwhile in gaining some understanding of the relative merits/advantages/disadvantages of using a VPN.
Armed with a little knowledge, you can make an objective decision as to whether or not your usage will benefit from the additional security afforded by a VPN connection. First a couple of important points:
1) While a VPN can offer additional privacy and protection in limited circumstances, it is not a fix-all security blanket.
2) Due to protocol overheads, there will be some impact to available bandwidth/data-throughput for a given network connection. While different VPN protocols have differing levels of performance, you will typically encounter a 10% reduction in available throughput - which on a slow link, may be the difference between a useable and unusable network connection. For a properly configured VPN connection, commonly suggested throughput figures of only 25-50% are simply untrue.
Security & Privacy
A VPN connection can only protect traffic between the VPN Client and the VPN Gateway. If you are running your own VPN Gateway (perhaps unlikely), while the VPN is active (and a no-split-tunnel traffic policy is applied) all traffic to your Gateway will have protection of the VPN tunnel between these two endpoints. Similarly, when connecting to an Enterprise (such as your employers business network) a correctly configured VPN connection can provide robust network security for this type of connection.
If instead you are connecting to a commercial VPN Service, your VPN traffic will be protected as far as your VPN Provider's Gateway - where it will be delivered to (and traverse) the internet without additional benefit of the VPN. As such, when connecting to an untrusted public WiFi, all of your network traffic will be protected over the least-trustworthy public WiFi connection - but receive no additional protection from where your traffic exits the VPN at the Gateway.
It is when using untrusted WiFi networks that Commercial VPN Apps may have some useful utility - but you must consider that your unencrypted data remains visible to the VPN Provider. Choose your Provider with care - as not all are themselves trustworthy.
Also consider that much of your network traffic is already encrypted by default using TLS/SSL. That said, there are some network protocols (such as DNS) that do not have benefit of encryption - and this traffic can be intercepted or maliciously manipulated. This risk can be mitigated using DoH, DoT or ODoH protocols.
In more detail...
Part #1
Much of the hype and negative comment that you will observe throughout the Apple Support Communities are derived from a bias against, or a fundamental misunderstanding of, VPN technologies and their uses/benefits - in addition to misguided faith in Apple products being immune to cyber-threat. In many cases, negative viewpoint will be based upon consumption of misinformed commentary of others; such commentary often reinforces preconceived faith in both invulnerability and perceived immutable truth.
It is impossible to provide an in-depth discussion of Information Security and IP networking with the limited space that this forum allows. The following is intended to provide brief overview and insight - from which you are free to ask additional questions, draw conclusions as to efficacy, and/or make informed decision as to potential benefit in securing your internet communications.
Enterprise applications may use VPN technologies to securely connect remote users to corporate systems - security benefit being derived through the entire path being protected. Commercial VPNs, as used by private individuals, do not offer protection over the entire path as the encrypted tunnel terminates at the VPN Gateway from which your traffic is routed over the internet to its destination(s). Properly configured commercial VPN services do, however, provide useful mitigation against very specific threats. In using these services, It is important to understand the risks against which a commercial VPN can provide useful protection - and those that it can not. A commercial VPN cannot provide total protection against all monitoring of your internet traffic - as the end-to-end path is not protected by the VPN in its entirety.
A high proportion of your traffic (such as browser traffic) already benefits from encryption (e.g., SSL/TLS) without use of a VPN - but some protocols (such as DNS) are entirely “in-clear” and can be intercepted and manipulated. Header and routing information are also unencrypted - and is available to anyone that is able to monitor your local network connection. Where utilised, VPN encapsulation ensures that all your traffic, including unencrypted data, is contained within the VPN tunnel away from prying eyes and threat actors.
