“Now if the USA gets really nasty”
Nord VPN is supposed to be pretty good. But remember, their servers are all over the place, including the US. I suppose if the US demanded to “bug” them, they could just pull out, then you would have to use one of their servers in another country. Your VPN provider pulling out of the US is actually one of those canary in the coalmine things to watch for. I think what might happen is that the US “licences” VPNs, so you will have to have to have a permit and you will have to give them the “keys” so they can eavesdrop. This will be interesting because VPNs are what makes teleworking possible. Many if not most companies will fall in line like they have for political correctness. The rest will have to either stop teleworking or most likely leave the US. As for individuals, what would be the point of having one? I suppose you could deprive Google of some datapoints, but that’s about it.
“Just find out the VPNs servers and block them”
Most likely they would block the protocols. That would go for Tor, as well. I suppose you could try to obfuscate, use unconventional ports, etc, but I suppose AI would soon follow that could detect if something “funny” is going on.
“Their servers are in Panama”
The more I think about it, the more I want to liquidate everything and go down there and be with those servers.
fwiw from Wikipedia
“NordVPN is based in Panama, as the country has no mandatory data retention laws and does not participate in the Five Eyes or Fourteen Eyes alliances.”