“Politicians have now discovered that people are using VPNs to protect their privacy and bypass these invasive laws. Their solution? Entirely ban the use of VPNs.”
The current Danish government is clearly no friend of online privacy or anonymity. During its rotating six-month presidency of the EU council, which is, thankfully, coming to an end, it tried to push through the European Commission’s proposed Regulation to Prevent and Combat Child Sexual Abuse — aka, the “Chat Control Law” — despite widespread opposition.
As we noted at the time, the ostensible goal of the proposed regulations — curbing the spread of child sexual abuse material (CSAM) online — is commendable. However, the way the EU was going about it not only threatened fundamental rights and protections for everyone; it risked transforming the Internet into an even more centrally controlled, surveilled environment.
In its original form, the proposed law effectively mandated the scanning of private communications, including those currently protected by end-to-end encryption. If enacted, messaging platforms, including WhatsApp, Signal and Telegram, would have to scan every message, photo and video sent by users, even when encrypted.
The proposal was opposed by enough member states, including Germany, in large part due to grassroots pressure, to prevent it from passing the EU Council. So, the Danish government went back to the drawing board. The compromise bill it came up with mandates a voluntary search for sensitive material in private chats, instead of general monitoring, and was duly approved.
While a marked improvement on the original, the new proposal still raises serious concerns. Former MEP Patrick Beyer, one of the key defenders of privacy in Europe, warns that three major problems still remain unsolved. From Euronews:
[T]he proposal still does not follow the European Parliament’s position that only courts can decide to access communication channels; it still bans children from downloading messaging apps; and, lastly, anonymous communication is effectively outlawed.
[T]he current Danish proposal does not follow the European Parliament’s (EP) position to allow scanning of communications only by court order.
The EP’s proposal is a fundamental safeguard for Europeans’ privacy of communications and sets a standard that cannot later be changed by extra pressure from EU institutions, such as the famous “Voluntary Codes of Practice/Conduct” we’ve seen for general-purpose AI and disinformation.
“Voluntary” in Europe often isn’t: opting out of a “voluntary code” can mean stricter treatment, nudging tech firms toward de facto mandatory scanning without explicitly regulating it…
[T]he Danish proposal’s Article 4(3) would effectively ban anonymous email and messenger accounts, as well as anonymous chatting:
“They would need to present an ID or their face, making them identifiable and risking data leaks”.
This alone should alarm journalists and civil society organisations that rely on private communication with whistleblowers.
Seemingly not satisfied with achieving a consensus on EU-wide control of messaging apps, the Danish government recently came up with a legislative proposal that sought to ban the domestic use of VPNs — to access geo-restricted streaming content and bypass website blocks.
The proposal formed part of a broader legislative effort to combat online piracy that has alarmed digital rights advocates, reported Tech Radar:
Jesper Lund, chairman of the IT Political Association, expressed deep concern over the bill’s ambiguous language, stating it has a “totalitarian feel to it.”
Lund argued that the current wording could be interpreted so broadly that it would not only criminalize streaming but also hinder the sale and legitimate use of VPN services across Denmark.
“Even in Russia, it is not punishable to bypass illegal websites with a VPN,” Lund told Danish broadcaster DR, pointing out that the proposed Danish law could go further than measures seen in more authoritarian states.
The good news is that the proposed measure drew so much flak from digital rights advocates and the general public that the government withdrew it — or at least temporarily shelved it — last week. Again, from Tech Radar:
The Danish Minister for Culture, Jakob Engel-Schmidt, announced on Monday that he was cutting the contentious section from the bill. “I do not support making VPNs illegal, and I have never proposed to do so,” Engel-Schmidt said in a statement. He admitted the initial text was “not formulated precisely enough” and led to a fundamental misunderstanding of its purpose.
The original proposal, part of a wider anti-piracy effort, sought to make it illegal to “use VPN connections to access media content which would otherwise not be available in Denmark, or to circumvent blocks on illegal websites.” This sparked alarm among privacy groups, who warned that the vague wording could criminalize not only streaming enthusiasts but also ordinary citizens using the best VPN services for legitimate privacy and security reasons…
Jesper Lund of the IT Political Association described the proposal as having a “totalitarian feel to it” and warned it could go further than measures seen in more authoritarian countries.
Denmark is by no means the only Western “liberal democracy” to have turned its sights on VPNs in recent months. Since VPNs essentially function as anonymity masks that allow users to hide their online activity and access restricted content, their popularity has grown as governments have sought to impose increasingly draconian restrictions on Internet use.
As readers may recall, when the UK’s Starmer government made age verification checks mandatory for accessing pornography and other supposedly adult content online in July, it sparked an explosion in VPN use. As we had previously warned, these online age verification checks, that are now proliferating across the collective West’s ostensibly liberal democracies, threaten to trap everyone, not just minors, in their web.
The Starmer government’s predictable response has been to buckle down by including amendments to its Orwellian-titled Children’s Wellbeing and Schools Bill that seek to ban children from using VPNs, among other things.
The UK Parliament just debated a petition with 550,000 signatures calling to repeal the Online Safety Act. It could have been a moment to defend free speech. Instead, MPs used it to demand even more control over the internet.
They said it’s “not about controlling speech,” while… https://t.co/AUNNWRs3on
— Reclaim The Net (@ReclaimTheNetHQ) December 18, 2025
As with the age verification checks for pornography websites, the new checks, if implemented, will trap both adults and children in their web.
It would be bad enough if this were just another bout of madness on the part of Europe’s political class, but the same thing is happening throughout the so-called “Collective West”. Australia just introduced its long-awaited age verification legislation, which blocks under-16s from joining social media platforms, thereby all adults to submit ID to access platforms.
As we warned in November 2024, online age verification appears to be the Trojan Horse for the mass rollout and enforced adoption of digital IDs. Other Western jurisdictions, including the UK, the EU, and the US, are now treating the Australian rules as a blueprint for their own legislation, reports Reclaim the Net.
In the United States, Senator Katie Britt of Alabama said she hopes “Australia taking this step…leads the US to actually doing something.”
Britt, a mother of two, is one of the sponsors of the bipartisan Kids Off Social Media Act, which would prevent children under thirteen from using social platforms.
Senator Josh Hawley, a Republican member of the Senate Judiciary Committee, told The Sydney Morning Herald that he supports similar limits. “I like it. I’ve supported age limits here in the US for kids on social media,” he said.
“I say this as a parent…Parents need help, and they feel like they’re swimming upstream when everybody else has social media.”
Hawley, author of The Tyranny of Big Tech, said he has spoken with Australian stakeholders about the ban, though he did not identify them.
The Starmer government’s proposed amendment to the also calls for requiring social media to use “highly-effective” age assurance measures to prevent children under 16 from using such services.
The problem is that most age assurance measures are anything but effective. While governments in the West are lauding the benefits of Australia’s age verification system and its social media ban for under-16s, the reality on the ground is that Australian teenagers, like their counterparts in the UK, are finding embarrassingly easy workarounds, including using VPNs and other people’s faces, as the report below explains.
Looks like Australia's social media ban for under 16s is a colossal failure and the laughing stock of the world. Young people are smart and have easy workarounds for the "ban". They are openly mocking Anthony Albanese and one even says straight up, "I know who I'm not voting for… pic.twitter.com/wyxxeeRUIo
— Francynancy (@FranMooMoo) December 18, 2025
After the UK implemented its similar Online Safety Act to prevent youth from accessing online adult content in July, the country’s VPN usage surged 6,430% as teens sough to skirt age checks on social media platforms and pornography websites. Perhaps with time, the restrictions will become more effective.
According to Information Age, tech companies, including SNAP, Meta and Reddit, are confident of being able to comply with the new age restrictions — failure to do so could result in eight-figure fines:
Speaking with Information Age, a spokesperson for social media company Snap confirmed using a VPN won’t change existing users’ “ability to access Snapchat”.
“Snapchat determines eligibility based on where your account has been active over the past month, not just your current network connection,” they said.
“If your account is locked because you’re under 16 in Australia, it will stay locked until you turn 16 and complete age verification.”
Social media giant Meta – which owns Facebook, Instagram and Threads – also confirmed it is prepared to adhere to the ban despite VPN usage.
“While VPNs allow users to change their IP address, we also consider signals beyond just IP when determining a user’s location,” a spokesperson said.
Reddit did not explain precisely how it plans to block underage VPN users, but a spokesperson confirmed it is “taking steps to comply with Australia’s Social Media Minimum Age Law, including suspending accounts of users confirmed to be under 16 and requiring new users to be at least 16 to create accounts”.
As other governments are looking to impose their own online age verification rules, they’re also looking at ways to close off access to the most important workaround: VPNs. A few months ago, Forbes reported that some US states are debating the merits of imposing VPN bans or restrictions. The US’ cyber defense agency, CISA, has even published a warning for Android and iPhone users: “Do not use a personal VPN”:
This reissued advice first surfaced a year ago, now it will resonate given the VPN surge seen since.
Virtual Private Networks work by tunnelling data to and from a device via third-party servers. This masks location and specific activity (sites and platform visited) from the networks and ISPs carrying the traffic. Good VPNs also provide a layer of protection when connecting via public Wi-Fi networks, albeit they’re not strictly necessary.
CISA warns that “personal VPNs simply shift residual risks from the internet service provider (ISP) to the VPN provider, often increasing the attack surface. Many free and commercial VPN providers have questionable security and privacy policies.”
As a blanket warning its not unhelpful. An unsafe VPN from an unsafe developer is much worse than no VPN at all. And while hiding your location to bypass a porn ban is straightforward, most if not all the content to/from your device is encrypted anyway.
What the Forbes article doesn’t mention is the extent to which Israeli tech companies have come to dominate the VPN market. As Alan Mcleod reports for Mint Press, “a considerable chunk of the market — including three of the six most popular VPNs — is quietly operated by an Israeli-owned company with close connections to that country’s national security state, including the elite Unit 8200 and Duvdevan Units of the Israeli Defense Forces (IDF).”
This is the same Israel whose companies and intelligence agencies have created many of the world’s most advanced online surveillance programs and hacking tools, including Cellebrite and Pegasus. The fact that it also controls many of the world’s VPNs, with which it could “create backdoors for Israeli intelligence to carry out a vast kompromat operation on users around the globe” is an obvious cause for concern, warns Mcleod.
In other words, one should be selective when choosing a VPN service, especially now that governments have them squarely in their sights — at the same time that they are intensifying their censorship efforts.
“Politicians have now discovered that people are using VPNs to protect their privacy and bypass these invasive laws,” EFF warns. “Their solution? Entirely ban the use of VPNs… And that battle is being fought by people who clearly have no idea how any of this technology actually works.”
NC reader Baron Aroxdale raised a similar point in the comments section of a previous post, noting that VPN bans are unlikely to work — at least not without causing serious damage to the internet along the way:
VPNs are a very standard part of business IT. They are simply a means to connect remote computers together on the same virtual network. Support for them is normally inbuilt into operating systems, and hardware network companies will normally provide desktop applications to support VPN setup on their routers.
VPNs are about as common as internet proxies or email. You can’t just “ban” them without breaking the backbone of modern IT systems since the late 1990s.
That didn’t prevent the Danish government from trying. However, it was forced into a retreat by the ferocity of the public backlash. This may hold an important lesson for us all in the so-called “liberal” West: if we are to have any chance of preserving any degree of privacy and anonymity online, we’re going to have to fight tooth and nail for it.
Over a decade ago, popular grassroots movements in the US were able to halt the passage of the SOPA and PIPA bills that threatened free speech, internet security and online innovation. Similarly, one of the main reasons why the EU couldn’t push through the Chat Control legislation in its original form was a one-man grassroots online campaign that brought pressure to bear on Europe’s elected representatives.
In both cases, the unparalleled network effects of the internet were used as a powerful weapon against government’s repressive designs for the internet. The problem today, however, is that governments keep learning from these failures and adopting their strategy. They are also more determined than ever to bring the internet under their control, even if it means doing so in a salami slicing way — something the EU is particularly adept at.
The peons will only take so much for so long. The Soviet Union didn’t implode because of US defense spending and star wars. The French Revolution didn’t start because of the supply of cake either.
At some point so called liberal democracies are going to get a wake-up call and it might be of an ugly kind.
Nice summary of a term most people know but few really understand. Assuming you find an honest VPN (ha!) you will find that while VPNs mask your activity, in so they doing draw attention to your account. The internet is so vast you can do almost anything but once you start doing it via VPN you stick out like a nail waiting to be hammered.
The only way to protect yourself online is to elect new politicians who respect privacy. Good luck with that.
Been using Privado since around 2016. A premium account comes free with a subscription to UsenetServer, which is also very useful. I’ve had mixed results trying to stream with it but it works fine for websites and twitter. Nice being able to read the banned Russian news here. No connection to the Israelis as far as I could turn up, but who knows these days.
as ive said many times, since i first gained access to this system of tubes, circa 1999, i have done so with the working assumption that “They” are watching everything i do.
given that the whole shebang comes out of DARPA, and all.
this method hasnt stopped me from issuing vicious critique of all and sundry…nor exploring controversial things.
i dont care if “they” know all about me.
its silly, since all “they” needed to do was ask me, and i’d be happy to give them my opinion on a great many things.
all this method has done is to curtail my calls for violent revolution…which are nonexistent anyway, since i reckon that would fail….and is likely exactly what the pseudofascist neofeudalists are hoping for.
and its not really my thing, after all…im still and always a “dropping out is a revolutionary act” kind of guy.
i forget who said it, but “when Gengis Khan shows up at yer door, offer him a beer”.
What is up with the Danes? It was only a few days ago that they finally banned the sending of letters and by now have removed the last mail boxes. You wanna send a letter to someone in Denmark? Then you are all out of luck. And I sometimes think that the reason that they did this was because they could not open up and read people’s mail as there were so many letters so now they have forced people onto digital platforms to communicate where what they say can be quickly and easily scanned by the authorities.
I was dubious about that and thought that something must have been lost in translation. It’s not like people have totally stopped sending each other greeting cards? I looked at the Denmark Post Wikipedia entry and it says that the newspaper delivery service is taking over letter delivery while PostNord concentrate on packages.
Parcels are still in of course because they are lucrative but you can forget Christmas cards. I believe that there are private letter carriers but it costs about eight bucks a letter to send one.
What’s is up with the Danes? hygge don’t you know. Smug so and sos.
The Danes are world-class in controlling information using your ID number (the CPR = Central Person Register). Without that you can do very little. A friend of mine, Danish, but not born in Denmark, could not get an annual public transport ticket because she did not have a CPR. A foreigner moving to DK will have to jump through hoops and loops to register a car, because they don’t have a CPR. You get the picture. Your tax return has come pre-filled out since at least the 90s, you only need to do something if you disagree.
The US could easily do the same if it wanted to. Make everything tied to your SS number, and then actually use all the information that they have on you. They just like not informing the public of how much they track.
RE: “… Australian teenagers, like their counterparts in the UK, are finding embarrassingly easy workarounds, including using VPNs and other people’s faces…”
Go ahead and do it. It will be hilarious to see everybody logging in to pr0n sites using Keir Starmer’s church lady-esque puss.
On a serious note, I had been thinking of paying for Protonmail’s VPN service, but the other day there was a link about Proton looking to leave Switzerland due to impending government surveillance. Maybe better to wait until they find a new and hopefully more private home?
You could try their free version of VPN for now.
p.s. Keep in mind they do cooperate with law enforcement if those knock at their door. The new position is re: standardized scanning of all communication which was not done in Switzerland. That doesn´t mean they are not keeping logs at all. (I am not up to date in that regard but safety goes first if in doubt.)
I do remember that Proton suggested to use TOR when going via their VPN. Almost like an admission and warning their own users of their imperfect protection of privacy. Pretty crazy, frankly.
Baron Aroxdale’s comment is right on target. Business are not going to go along with this. VPNs have been used for decades to [1] protect intellectual property and [2] to ensure that the business is handling privacy-required, export-controlled, or even classified information properly without risk of disclosure to unauthorized parties.
The second one is often required by law, and banning VPNs as a means of ensuring compliance with said laws could not possibly end well. The hackers would have a field day.
They’ll simply come up with a way for companies to use then legally. It’s the general population that want to keep an eye on.
No. You cannot make that distinction. Many do business at home. A lot work from home.
You can very easily make that distinction. Especially for larger corporations. A licensing system to allow a company to use a VPN for example. And for workers from home, they most likely use work provided computers that would be covered by any exemption.
Businesses generally don’t use public (or whatever you might want to call them) VPNs.
They use the same technology but connect to their own network through the tunnel.
The way to ban VPNs would either be to require sites in their jurisdiction to block connections coming from known VPN IPs or to make payments to VPN companies illegal.
There are workarounds of course but there always are workarounds for people with enough technical knowledge. The goal is to prevent the majority to easily access VPNs for a few $/month.
AND…the only way to “enforce” any kind of VPN ban would be to require new, NON-STANDARD network hardware.
There’s also the aspect that outlawing VPNs would be prohibiting safety and security measures while requiring them. What does that do, other than encouraging all assets to leave before they are stolen?
Hey, EU, just because Denmark wants to commit suicide doesn’t mean you are required to do it, too.
I was looking at this from a PtP angle years ago and no major provider allows this, you really need open ports for this and I found none that allow this, and realized they’re all companies I wouldn’t trust anyway. I went with a random that I pay with PayPal and it converts to euros. Granted could be a honey pot for some intelligence service. There’s always a risk.
I was pondering the other day that law enforcement is only gonna bleat publicly about services that they aren’t worried about, why advertise stuff that’s really an issue? But I might imbue too much strategic thinking where none exists.
Should be noted that there are some separate use cases for VPN. A VPN server can act as a gateway to a LAN inside a firewall. Since LAN addresses typically aren’t exported outside a LAN (though ipv6 does make it practical) this is a way to directly connect to a resource on a LAN (such as SMB) from outside.
Of course “cloud” services are an alternative.
3rd party VPN were valuable when http: was the dominant protocol as it provided enroute encryption. With https: largely replacing http:, the encryption advantage has mostly gone away, but obfuscating the destination for a GET or POST response has its advantages.
Yep. This is happening in Australia and NZ, and it is coming after Substack writers and readers there as well, not just social media. Substack is not social media.
From Seemorerocks:
Substack expands censorship to Australian users
….but the message extended to New Zealand
https://seemorerocks.substack.com/p/substack-expands-censorship-to-australian
I must note that early on, at least in the US, Substack presented it as a defender of free speech and even touted having a big litigation reserve.
I hate to have to keep saying it, “If your business depends on a platform, you don’t have a business.”