“Politicians have now discovered that people are using VPNs to protect their privacy and bypass these invasive laws. Their solution? Entirely ban the use of VPNs.”
The current Danish government is clearly no friend of online privacy or anonymity. During its rotating six-month presidency of the EU council, which is, thankfully, coming to an end, it tried to push through the European Commission’s proposed Regulation to Prevent and Combat Child Sexual Abuse — aka, the “Chat Control Law” — despite widespread opposition.
As we noted at the time, the ostensible goal of the proposed regulations — curbing the spread of child sexual abuse material (CSAM) online — is commendable. However, the way the EU was going about it not only threatened fundamental rights and protections for everyone; it risked transforming the Internet into an even more centrally controlled, surveilled environment.
In its original form, the proposed law effectively mandated the scanning of private communications, including those currently protected by end-to-end encryption. If enacted, messaging platforms, including WhatsApp, Signal and Telegram, would have to scan every message, photo and video sent by users, even when encrypted.
The proposal was opposed by enough member states, including Germany, in large part due to grassroots pressure, to prevent it from passing the EU Council. So, the Danish government went back to the drawing board. The compromise bill it came up with mandates a voluntary search for sensitive material in private chats, instead of general monitoring, and was duly approved.
While a marked improvement on the original, the new proposal still raises serious concerns. Former MEP Patrick Beyer, one of the key defenders of privacy in Europe, warns that three major problems still remain unsolved. From Euronews:
[T]he proposal still does not follow the European Parliament’s position that only courts can decide to access communication channels; it still bans children from downloading messaging apps; and, lastly, anonymous communication is effectively outlawed.
[T]he current Danish proposal does not follow the European Parliament’s (EP) position to allow scanning of communications only by court order.
The EP’s proposal is a fundamental safeguard for Europeans’ privacy of communications and sets a standard that cannot later be changed by extra pressure from EU institutions, such as the famous “Voluntary Codes of Practice/Conduct” we’ve seen for general-purpose AI and disinformation.
“Voluntary” in Europe often isn’t: opting out of a “voluntary code” can mean stricter treatment, nudging tech firms toward de facto mandatory scanning without explicitly regulating it…
[T]he Danish proposal’s Article 4(3) would effectively ban anonymous email and messenger accounts, as well as anonymous chatting:
“They would need to present an ID or their face, making them identifiable and risking data leaks”.
This alone should alarm journalists and civil society organisations that rely on private communication with whistleblowers.
Seemingly not satisfied with achieving a consensus on EU-wide control of messaging apps, the Danish government recently came up with a legislative proposal that sought to ban the domestic use of VPNs — to access geo-restricted streaming content and bypass website blocks.
The proposal formed part of a broader legislative effort to combat online piracy that has alarmed digital rights advocates, reported Tech Radar:
Jesper Lund, chairman of the IT Political Association, expressed deep concern over the bill’s ambiguous language, stating it has a “totalitarian feel to it.”
Lund argued that the current wording could be interpreted so broadly that it would not only criminalize streaming but also hinder the sale and legitimate use of VPN services across Denmark.
“Even in Russia, it is not punishable to bypass illegal websites with a VPN,” Lund told Danish broadcaster DR, pointing out that the proposed Danish law could go further than measures seen in more authoritarian states.
The good news is that the proposed measure drew so much flak from digital rights advocates and the general public that the government withdrew it — or at least temporarily shelved it — last week. Again, from Tech Radar:
The Danish Minister for Culture, Jakob Engel-Schmidt, announced on Monday that he was cutting the contentious section from the bill. “I do not support making VPNs illegal, and I have never proposed to do so,” Engel-Schmidt said in a statement. He admitted the initial text was “not formulated precisely enough” and led to a fundamental misunderstanding of its purpose.
The original proposal, part of a wider anti-piracy effort, sought to make it illegal to “use VPN connections to access media content which would otherwise not be available in Denmark, or to circumvent blocks on illegal websites.” This sparked alarm among privacy groups, who warned that the vague wording could criminalize not only streaming enthusiasts but also ordinary citizens using the best VPN services for legitimate privacy and security reasons…
Jesper Lund of the IT Political Association described the proposal as having a “totalitarian feel to it” and warned it could go further than measures seen in more authoritarian countries.
Denmark is by no means the only Western “liberal democracy” to have turned its sights on VPNs in recent months. Since VPNs essentially function as anonymity masks that allow users to hide their online activity and access restricted content, their popularity has grown as governments have sought to impose increasingly draconian restrictions on Internet use.
As readers may recall, when the UK’s Starmer government made age verification checks mandatory for accessing pornography and other supposedly adult content online in July, it sparked an explosion in VPN use. As we had previously warned, these online age verification checks, that are now proliferating across the collective West’s ostensibly liberal democracies, threaten to trap everyone, not just minors, in their web.
The Starmer government’s predictable response has been to buckle down by including amendments to its Orwellian-titled Children’s Wellbeing and Schools Bill that seek to ban children from using VPNs, among other things.
The UK Parliament just debated a petition with 550,000 signatures calling to repeal the Online Safety Act. It could have been a moment to defend free speech. Instead, MPs used it to demand even more control over the internet.
They said it’s “not about controlling speech,” while… https://t.co/AUNNWRs3on
— Reclaim The Net (@ReclaimTheNetHQ) December 18, 2025
As with the age verification checks for pornography websites, the new checks, if implemented, will trap both adults and children in their web.
It would be bad enough if this were just another bout of madness on the part of Europe’s political class, but the same thing is happening throughout the so-called “Collective West”. Australia just introduced its long-awaited age verification legislation, which blocks under-16s from joining social media platforms, thereby all adults to submit ID to access platforms.
As we warned in November 2024, online age verification appears to be the Trojan Horse for the mass rollout and enforced adoption of digital IDs. Other Western jurisdictions, including the UK, the EU, and the US, are now treating the Australian rules as a blueprint for their own legislation, reports Reclaim the Net.
In the United States, Senator Katie Britt of Alabama said she hopes “Australia taking this step…leads the US to actually doing something.”
Britt, a mother of two, is one of the sponsors of the bipartisan Kids Off Social Media Act, which would prevent children under thirteen from using social platforms.
Senator Josh Hawley, a Republican member of the Senate Judiciary Committee, told The Sydney Morning Herald that he supports similar limits. “I like it. I’ve supported age limits here in the US for kids on social media,” he said.
“I say this as a parent…Parents need help, and they feel like they’re swimming upstream when everybody else has social media.”
Hawley, author of The Tyranny of Big Tech, said he has spoken with Australian stakeholders about the ban, though he did not identify them.
The Starmer government’s proposed amendment to the also calls for requiring social media to use “highly-effective” age assurance measures to prevent children under 16 from using such services.
The problem is that most age assurance measures are anything but effective. While governments in the West are lauding the benefits of Australia’s age verification system and its social media ban for under-16s, the reality on the ground is that Australian teenagers, like their counterparts in the UK, are finding embarrassingly easy workarounds, including using VPNs and other people’s faces, as the report below explains.
Looks like Australia's social media ban for under 16s is a colossal failure and the laughing stock of the world. Young people are smart and have easy workarounds for the "ban". They are openly mocking Anthony Albanese and one even says straight up, "I know who I'm not voting for… pic.twitter.com/wyxxeeRUIo
— Francynancy (@FranMooMoo) December 18, 2025
After the UK implemented its similar Online Safety Act to prevent youth from accessing online adult content in July, the country’s VPN usage surged 6,430% as teens sough to skirt age checks on social media platforms and pornography websites. Perhaps with time, the restrictions will become more effective.
According to Information Age, tech companies, including SNAP, Meta and Reddit, are confident of being able to comply with the new age restrictions — failure to do so could result in eight-figure fines:
Speaking with Information Age, a spokesperson for social media company Snap confirmed using a VPN won’t change existing users’ “ability to access Snapchat”.
“Snapchat determines eligibility based on where your account has been active over the past month, not just your current network connection,” they said.
“If your account is locked because you’re under 16 in Australia, it will stay locked until you turn 16 and complete age verification.”
Social media giant Meta – which owns Facebook, Instagram and Threads – also confirmed it is prepared to adhere to the ban despite VPN usage.
“While VPNs allow users to change their IP address, we also consider signals beyond just IP when determining a user’s location,” a spokesperson said.
Reddit did not explain precisely how it plans to block underage VPN users, but a spokesperson confirmed it is “taking steps to comply with Australia’s Social Media Minimum Age Law, including suspending accounts of users confirmed to be under 16 and requiring new users to be at least 16 to create accounts”.
As other governments are looking to impose their own online age verification rules, they’re also looking at ways to close off access to the most important workaround: VPNs. A few months ago, Forbes reported that some US states are debating the merits of imposing VPN bans or restrictions. The US’ cyber defense agency, CISA, has even published a warning for Android and iPhone users: “Do not use a personal VPN”:
This reissued advice first surfaced a year ago, now it will resonate given the VPN surge seen since.
Virtual Private Networks work by tunnelling data to and from a device via third-party servers. This masks location and specific activity (sites and platform visited) from the networks and ISPs carrying the traffic. Good VPNs also provide a layer of protection when connecting via public Wi-Fi networks, albeit they’re not strictly necessary.
CISA warns that “personal VPNs simply shift residual risks from the internet service provider (ISP) to the VPN provider, often increasing the attack surface. Many free and commercial VPN providers have questionable security and privacy policies.”
As a blanket warning its not unhelpful. An unsafe VPN from an unsafe developer is much worse than no VPN at all. And while hiding your location to bypass a porn ban is straightforward, most if not all the content to/from your device is encrypted anyway.
What the Forbes article doesn’t mention is the extent to which Israeli tech companies have come to dominate the VPN market. As Alan Mcleod reports for Mint Press, “a considerable chunk of the market — including three of the six most popular VPNs — is quietly operated by an Israeli-owned company with close connections to that country’s national security state, including the elite Unit 8200 and Duvdevan Units of the Israeli Defense Forces (IDF).”
This is the same Israel whose companies and intelligence agencies have created many of the world’s most advanced online surveillance programs and hacking tools, including Cellebrite and Pegasus. The fact that it also controls many of the world’s VPNs, with which it could “create backdoors for Israeli intelligence to carry out a vast kompromat operation on users around the globe” is an obvious cause for concern, warns Mcleod.
In other words, one should be selective when choosing a VPN service, especially now that governments have them squarely in their sights — at the same time that they are intensifying their censorship efforts.
“Politicians have now discovered that people are using VPNs to protect their privacy and bypass these invasive laws,” EFF warns. “Their solution? Entirely ban the use of VPNs… And that battle is being fought by people who clearly have no idea how any of this technology actually works.”
NC reader Baron Aroxdale raised a similar point in the comments section of a previous post, noting that VPN bans are unlikely to work — at least not without causing serious damage to the internet along the way:
VPNs are a very standard part of business IT. They are simply a means to connect remote computers together on the same virtual network. Support for them is normally inbuilt into operating systems, and hardware network companies will normally provide desktop applications to support VPN setup on their routers.
VPNs are about as common as internet proxies or email. You can’t just “ban” them without breaking the backbone of modern IT systems since the late 1990s.
That didn’t prevent the Danish government from trying. However, it was forced into a retreat by the ferocity of the public backlash. This may hold an important lesson for us all in the so-called “liberal” West: if we are to have any chance of preserving any degree of privacy and anonymity online, we’re going to have to fight tooth and nail for it.
Over a decade ago, popular grassroots movements in the US were able to halt the passage of the SOPA and PIPA bills that threatened free speech, internet security and online innovation. Similarly, one of the main reasons why the EU couldn’t push through the Chat Control legislation in its original form was a one-man grassroots online campaign that brought pressure to bear on Europe’s elected representatives.
In both cases, the unparalleled network effects of the internet were used as a powerful weapon against government’s repressive designs for the internet. The problem today, however, is that governments keep learning from these failures and adopting their strategy. They are also more determined than ever to bring the internet under their control, even if it means doing so in a salami slicing way — something the EU is particularly adept at.
The peons will only take so much for so long. The Soviet Union didn’t implode because of US defense spending and star wars. The French Revolution didn’t start because of the supply of cake either.
At some point so called liberal democracies are going to get a wake-up call and it might be of an ugly kind.
Nice summary of a term most people know but few really understand. Assuming you find an honest VPN (ha!) you will find that while VPNs mask your activity, in so they doing draw attention to your account. The internet is so vast you can do almost anything but once you start doing it via VPN you stick out like a nail waiting to be hammered.
The only way to protect yourself online is to elect new politicians who respect privacy. Good luck with that.