Maintaining an individual's privacy and security are two of Redfin's core principals. However, we are sometimes forced to make the difficult choice between empowering users and protecting Redfin assets (both intellectual and physical) from so called "cyber" attacks.
As it turns out, Multiple Listing Service data (i.e. the real estate data that Redfin displays on our website) is a hot commodity in the seedier parts of the internet. People are constantly trying to capture as much of our MLS data as possible using scripts or other programmatic methods (a technique commonly referred to as "scraping") to then either use on their own website or to resell. This type of activity is explicitly prohibited in our Terms of Service, but that has certainly not prevented people from trying.
The MLS data we display isn't the only thing at stake here, however. As a full brokerage (i.e. you can buy or sell houses directly through Redfin, using a Redfin Real Estate agent) we have the privilege of peering directly with the various MLS providers throughout North America, which gives us near-instantaneous access to any changes made in the real estate market. This is a definite advantage that we have over other online real estate companies (such as Zillow or Trulia), who have to obtain their MLS data through third-party brokers.
However, this advantage that we receive by directly peering with the MLSs is a double-edged sword. We are contractually obligated to protect this MLS data from unauthorized access and/or collection, such as that performed by scrapers. If a MLS is not convinced that we are doing our utmost to protect their intellectual property, they have the right to sever their data feed to us, which would do significant damage to our business model.
While a colocated or VPS-hosted VPN is a wonderful way to protect an individuals's privacy and security, it has also been adopted by scrapers in an effort to "hide their tracks". The battle we wage with scrapers is a game of cat and mouse: we detect them and block their access, and they evolve their methods to work around our blocks. It has come to the point where their scripts are almost indistinguishable from a normal user, and we are forced to detect them on a post-hoc basis. Programmatically blocking their access in real time would lead to far too many "false positives" (i.e. blocking of legitimate users).
To this end, we moved to blocking scrapers by IP address, at which point they began tunneling their scripts through various colocation/VPS providers. It was at this point that we made the difficult decision to block all VPN and proxy access to redfin.com.
Unfortunately, the only way for us to do this was to block the entire colocation provider's network, as that is the only positive identifier of traffic routed through a proxy hosted there (although we still block TOR endpoints by their IP address). So even if you are running a completely legitimate proxy running from that network, your access will still be blocked. Colocated proxies have not been the only victim, however. We have been forced to block numerous other anonymizing proxies (such as TOR) for exactly the same reasons.
We apologize for the inconvenience that this may have caused you.