Governments in the West Are Turning Their Sights on VPNs

72 pointsposted 14 hours ago
by indigodaddy
(nakedcapitalism.com)

35 Comments

gorgoiler

10 hours ago

”After the UK implemented its Online Safety Act the country’s VPN usage surged as teens sough [sic] to skirt age checks on social media platforms and pornography websites.”

The report they link to presents no evidence that the surge was from “teens”.

Practically, it’s also wrong to categorize all popular sites that opted into the geo-block as being social or adult. For example, imgur.com is by all sensible definitions a general purpose image upload site with 3M DAU worldwide. It is as much a “pornography website” as YouTube or Reddit.

I would suggest this article be corrected to instead say “usage surged as netizens sought to avoid online ID checkpoints and mandatory facial recognition”, but that’s bordering on inflammatory in the other direction.

orthoxerox

8 hours ago

Out of Imgur, YouTube and Reddit, Imgur is actually the most prudish. Reddit is full of hardcore pornography; YouTube still allows some "people being naked for non-sexual reasons" videos; Imgur is right there with Facebook, automatically deleting anything racy.

ssl-3

7 hours ago

Is imgur blocked because it is a "pornography website" or because it is a "social media website"?

imgur has featured a combination of social media features including accounts, commenting, tagging, upvotes, downvotes, and et cetera for a good number of years.

It hasn't been just a simple image-host for a long time.

ndsipa_pomu

6 hours ago

Imgur is blocking itself to avoid any legal exposure from the UK's insane law.

godelski

11 hours ago

I wish these articles would highlight the very real dangers these types of laws present to children. How they often create the very harm they claim to prevent. Surveilling children only makes it easier for the creeps to track them too.

This has been one thing I've liked about how Benn Jordan has been handling the Flock issues. How he shows that the very cameras used to protect children can also be used to harm them. And uses this to walk into the conversation about wider privacy concerns and authoritarian turkey tyranny.

But with the article, we've been using the same rhetoric for decades. There's nothing wrong with it, per se, but we need to iterate on it if we're to communicate these dangers more effectively. Those trying to get that authoritarian control are iterating and they're effective. The dangers are only becoming more real and the current rise in global authoritarianism should make many realize how dangerous it is

spencerflem

7 hours ago

Sadly, I think the unspoken point is never to protect children but to control them.

If you look at the many “think of the children” arguments from this angle it becomes a lot more consistent

godelski

3 hours ago

Maybe, but that doesn't mean this side of the argument won't be impactful. Even if people want more control over their own children I very much doubt they want others to have similar control. Especially those that wish to do harm.

Take for example the age verification via camera we're seeing be suggested in some places. I can't think of a more endangering technology than putting a camera in every child's bedroom. We know how bad security is and how even making it a lot better still makes this a highly valuable target for these people.

People want control because they're scared. But what they need to be taught is that these people are leveraging that fear to turn those nightmares into reality.

mikewarot

12 minutes ago

Am I the only one who thinks it's possible that the vast majority of VPN providers are actually working for the intelligence agencies of the world? It wouldn't be the first time something like that happened.

There was a Swiss company[1] selling cryptography gear that turn out to be a CIA front.

[1] https://en.wikipedia.org/wiki/Crypto_AG

cjs_ac

7 hours ago

I think the hidden motivation for all of these crackdowns across the developed world is the increasing risk of a third world war. Propaganda is already rife across social media for both sides of both the Russia-Ukraine and Israel-Palestine conflicts. Governments very much want to be able to repeat feats like the XX System, and will need strict control over online communications to achieve that.

https://en.wikipedia.org/wiki/Double-Cross_System

Hizonner

5 minutes ago

1. That's unrealistic.

2. There is no way any significant number of the people involved in this are thinking that far ahead.

why-o-why

9 hours ago

>> a considerable chunk of the market — including three of the six most popular VPNs — is quietly operated by an Israeli-owned company with close connections to that country’s national security state, including the elite Unit 8200 and Duvdevan Units of the Israeli Defense Forces (IDF).”

What are those VPNs? Asking for a friend...

almaight

7 hours ago

Fully HTTPS traffic can bypass that damned Great Firewall. Greetings from inside the Great Firewall.

galleywest200

11 hours ago

Does this impact people who work from home and connect to the corporate VPN? I have to do that to access production servers, as I assume most people here who WFH do as well.

Reading TFA it seems that use case would be allowed, but would I be a criminal for checking social media on my work PC when connected to the corporate VPN?

flipped

10 hours ago

They can't do jackshit. They are totally clueless and run by a bunch of extremely incompetent boomers. Next, they will try to ban Tor but guess what that can't happen as Tor is censorship-resistant!

Bender

2 hours ago

Blocking the exit nodes is quite tivial [1] but it would indeed be hard to stop people from accessing Tor and .onion sites. More websites should add some Tor .onion nodes even if they have to put those in read-only mode on user-provided multimedia sites to avoid complex CSAM filters.

[1] - https://github.com/firehol/blocklist-ipsets/blob/master/tor_...

godelski

8 hours ago

  > Tor is censorship-resistant
I'm not sure that's actually accurate. Using Tor or even many VPNs you get hit with a lot of block lists or bot detectors. I also heard that Tor is blocked in China. I mean isn't the list of entries and exits public?

Of course these groups are also shooting themselves in the foot. Tor was invented by the Navy after all and they like spies to go through it because connecting to "totallynotNSA.com" is a great way to get yourself found. But Tor also only works for those purposes if non bad actors make up the majority of traffic

pabs3

7 hours ago

Tor bridges allow people to bypass blocking of Tor entry nodes and look more like normal traffic and less like Tor traffic, here is an example of how to set one up.

https://community.torproject.org/relay/setup/webtunnel/

godelski

5 hours ago

Oh interesting, thanks. Do you know how well that compares with Mullvad? I know Tor and them collaborate on the browser but I'm traveling right now and Mullvad's is definitely getting picked up by some routers

inkyoto

9 hours ago

They are after the personal use VPN clients, but corporate users will follow soon.

Using the corporate VPN for personal purposes, including social media, is generally against corporate policy and is frowned upon (at least officially) in most businesses and organisations. It is also fraught with complications and could lead to disciplinary action or other unpleasant consequences. Just because the policy is not enforced does not mean it won’t be in the future.

If governments start targeting personal VPN's, it is only a matter of time before businesses crack down on unauthorised corporate VPN use as it will increase their risk of legal action stemming from employees’ missteps or misdeeds.

tomnipotent

10 hours ago

I imagine it's referring to anonymous VPN traffic through providers like Mullvad. Your internet traffic through your corp VPN is likely already at Orwellian-levels of surveillance, and that traffic can at least be tracked back to a asingle identifiable business.

jwrallie

8 hours ago

Would a child have access to a paid VPN like Mullvad anyway, I wonder.

If they ban OpenVPN and WireGuard through what I can only think is something akin to the great firewall of China, then what is the next step, making ssh -D unlawful?

Maybe encryption too? Maybe they need to ban booting Linux and filter access to open source software as well? Running unsigned code? Might as well just shut down the internet.

techjamie

2 hours ago

I'd say Mullvad is on the more accessible side, since a Mullvad subscription can be obtained through a relatively small amount of cash. All you need is a few dollars and the ability to mail a letter with a few bucks to Europe.

Wisconsin is a state that's been looking at banning VPNs[1]. And they also apply laws to "companies commonly known to provide VPN services" - which makes me wonder how far that goes. Because technically I could get a free AWS instance, spin up Tailscale on it, and I have a VPN. Is AWS a VPN company since they certainly host servers that are used for VPNs? Who knows!

[1] https://www.eff.org/deeplinks/2025/11/lawmakers-want-ban-vpn...

ssl-3

6 hours ago

> Would a child have access to a paid VPN like Mullvad anyway, I wonder.

Sure. Why not? Paid VPNs are cheap to use, and kids are smart.

A kid who already has a computer to use can turn a relatively large amount of electricity into a relatively small amount of crypto, and can do so very informally. It's usually a money-losing operation, but that matters less when a person is (say) 14 and someone else pays the electric bill: Out of sight, out of mind.

After that: Simply use the proceeds to pay for something like Mullvad or AirVPN (they accept crypto payments just fine).

It's been quite a long time since I was 14 and it was a very different world back then, but I don't think I would have had any trouble connecting these dots at that age.

(And indeed, that's how I used to pay for my own VPN service as a grown adult back when using those things was a lot less common. Rather than potentially draw unwanted interest from my bank by making international payments, I'd just mine some crypto to cover the VPN, and pay the electric bill. It wasn't strictly anonymous or untraceable or anything like that, but it did help cover the tracks that I cared about covering.)

deafpolygon

an hour ago

> Would a child have access to a paid VPN like Mullvad anyway, I wonder.

What's stopping the kid from obtaining a VPN number and mailing 5 bucks to Mullvad?

jillesvangurp

9 hours ago

I'm sure the Chinese, Russians, and other adversaries of the west will welcome any intentional weakening of network security to "protect children".

Any back doors, crippled encryption, etc, is a way in for their intelligence services. I find it baffling that politicians are so careless with their national sovereignty. It's especially worrying that a lot of populist support for this nonsense is indirectly supported by the before mentioned adversaries. There's a well documented history of especially Russian and Chinese propaganda aimed at supporting fringe populist parties. The agenda with that is complex but it isn't necessarily with friendly intentions.

Both Russia and China have isolated their own populations from the normal internet and effectively their countries run on centralized infrastructure where private VPNs are no longer allowed and traffic is monitored, filtered, and analyzed. Additionally, especially China has long targeted academic and enterprise network security for industrial espionage reasons. Weak government security has caused a few embarrassing situations across especially EU governments (e.g. Germany) with scandals related to over reliance on Chinese technology for telecommunications (huawei) and components for energy, auto motive, etc.

The point here is that those countries calling for this the most are also the most at risk of being compromised like this.

9dev

6 hours ago

> There's a well documented history of especially Russian and Chinese propaganda aimed at supporting fringe populist parties. The agenda with that is complex but it isn't necessarily with friendly intentions.

You can add the USA to that list now, who follow the exact same strategy in the EU.

ETH_start

10 hours ago

It's always the same pattern. Point to a genuine evil and then use that as justification to strip everyone of their rights.

jd172

10 hours ago

in Michigan there is a recently proposed piece of legislation that aims to ban content that "corrupts the public morals“ (which includes pornography, manga, and talking about trans people). It labels VPNs, proxies and encrypted tunneling methods as "circumvention tools" and would make it illegal to use them to access such content.

I hope people will start to see these blatant censorship proposals for what they are, but honestly I'm not too optimistic...

ranger_danger

9 hours ago

The scary thing about that is who gets to say what public morals are. And how this would normally be next to impossible to prove.

why-o-why

9 hours ago

Seeing as how the US government recently said anti-capitalist and anti-christian opinions are a threat, well... hold on to your collective hats.

ranger_danger

10 hours ago

Pretty sure a ban on VPNs would simply collapse society overnight. I think lawmakers vastly underestimate just how prevalent and necessary they are to ordinary business functions, including by ISPs themselves.

netsharc

5 hours ago

Your comment is one of several that doesn't distinguish between corporate VPNs (to access internal systems) and commercial VPNs (to bypass country-level laws and restrictions). Do you not think the lawmakers would realize this difference, it's a cartoonish level of understanding if you think lawmakers will accidentally ban any software with the term "VPN" in it. They'll describe a ban of tools/services to circumvent the laws..

DangitBobby

an hour ago

Lawmakers in the aggregate are apparently cartoonishly incompetent so it's not much of a stretch.

Madmallard

8 hours ago

Corporations and military of course will have a way to exclude themselves from this.