They’re starting to the bridge the topic of VPNs with the goal of outlawing them. They can’t really yet, as you can disguise VPN use as HTTPS traffic like you’re accessing a secure website with data obfuscation so they can’t fingerprint your traffic patterns and what sites you’re visiting. Which is why they’re building towards AI agents that will be required on your computers who can spy on your activity rendering encryption, VPNs and Tor useless for protecting your privacy from the tech megacorps and governments.
https://reclaimthenet.org/uk-online-safety-act-privacy-surveillance-vpn-anonymity-regulation
Could Britain’s online censorship push be drifting toward a point where using a VPN could be seen as an act of resistance?
By Dan Frieth
It began as a plan to “keep children safe online.” It has become a national realization about how far the government can reach into the digital lives of its citizens.
The UK’s Online Safety Act has turned into a case study in how a law written for protection can give no protection and end up with mass surveillance.
When peers in the House of Lords met this week to examine its effects, they sounded little like guardians of youth safety, and it was easy to tell they don’t have enough self-awareness to realize they’ve helped unleash a monster.
Lord Clement-Jones, the Liberal Democrat technology spokesperson, noted that young people are already avoiding the law’s controls.
VPNs, he said, are now used on a “widespread” scale, which “risks rendering age-assurance measures ineffective.”
The statement revealed a central problem: the people being protected are already finding their way around the digital ID rules. They always will.
Wikipedia founder Jimmy Wales expressed the issue plainly. Calling the Act “very poorly thought-out legislation,” he told The House magazine: “We will not be age-gating Wikipedia under any circumstances, so, if it comes to that, it’s going to be an interesting showdown, because we’re going to just refuse to do it. Politically, what are they going to do? They could block Wikipedia. Good luck with that.”
Wales’s refusal is part of a natural broader discomfort with the idea of regulating access to information through identification.
Under the new law, platforms must verify users’ ages through ID checks or similar systems. Millions of users will have to prove their identity before they can post or browse. Privacy groups describe this as a national identity program introduced without open debate.
With data breaches still frequent across both government and corporate systems, the setup creates an environment where every login carries potential exposure.
VPN use has increased in response. These tools, once associated with cybersecurity professionals, now serve anyone who prefers to maintain privacy online. They allow people to move through the internet without revealing personal data.
Baroness Liz Lloyd, speaking for the government, said there was “limited evidence on children’s use of VPNs,” while assuring the Lords that the issue was being monitored. “There are no current plans to ban the use of VPNs, as there are legitimate reasons for using VPNs,” she said. She also added, “The Government has made it clear that nothing is off the table when it comes to keeping children safe.”
Her statement aimed to settle the discussion but left open the possibility of future restrictions.
While lawmakers debated, Ofcom, the communications regulator, began broadening its authority into artificial intelligence and algorithmic oversight.
Its chief executive, Melanie Dawes, told the Financial Times: “Have they changed the way the algorithms work so that children don’t get that material shown to them? That’s a big focus for us.”
Platforms such as YouTube, Roblox, and Facebook must now demonstrate that their recommendation systems comply with Ofcom’s standards. “You may see some enforcement action from us in the next few months if we don’t start to get the answers that we’re looking for on the algorithmic side of things,” Dawes said.
Dawes confirmed that ChatGPT falls within the Act’s scope, as does X’s chatbot, Grok. “X is a service that we regulate, and chatbots will often be user-to-user services and therefore caught under the act,” she said.
This interpretation grants regulators power to supervise not only what users post, but how the underlying systems organize and deliver content. It marks a move from moderating speech to moderating design, something that a couple of US states are also trying to do.
Dawes described this change as a correction for the early period of social media. “Safety needs to be considered up front,” she said, because “the industry did not get this right 20 years ago when social media was first launched.”
Every “safeguard” written into the Act reduces the possibility of anonymous participation online. Anonymity, once normal, is increasingly treated as a problem.
People who prefer privacy must rely on VPNs or encryption and hope those tools remain permitted.