alt Hacker NewsMozilla to UK regulators: VPNs are essential privacy and security tools
Comments
Something I learned just recently—the Australian government (surprisingly!) actually recommends VPN usage, they even provide a bit of a guide and how to; https://beconnected.esafety.gov.au/topic-library/advanced-on...
Here is my beef. I'm pro-VPN. The ability to gain more control over who can track your online communication is a net-positive to me, personally and philosophically. However, I can't justify their existence from a utilitarian perspective.
Practically speaking, when I look at the actual number of people affected by VPN I estimate that:
- Very low: Protecting political activists and dissidents
- Low: Circumvention of overzealous blocking and surveillance
- Low-to-Medium: Hiding abusive and malicious behavior
- Medium: Additional layers of trust and network security (mostly business related, which makes it tangental to the consumer VPN market)
- VERY High: Enabling piracy and avoiding geo-content restrictions (no judgment on good-vs-bad, just asserting magnitude)
So... conundrum! If I take the position that piracy-related stuff isn't a net drag and that business VPN use is fundamentally a separate beast, VPNs in this context are hard to justify.
1984 was meant to be a warning, not the UK’s digital infrastructure roadmap
While their arguments are sound, Perhaps Mozilla should disclose in this document that they are also a VPN reseller.
That's why the government wants to get rid of them.
I have seen some of the inside of this and it's not quite as clear cut.
One side of this is driven by a bunch of not too reputable think tanks behind the scenes who persuaded a couple of fringe academics to agree with them and push for it via the civil service. The government is taking bad, paid for advice. I don't know what the agenda is there but there is one and I reckon it's commercial. Probably a consortium of businesses wanting to create a market they can get into.
However the security services do not agree with the government or the think tanks and actually promote advice contrary to the regulators. They will ultimately win.
Attacking the regulators and revealing who is behind all this is what we should be doing.
I love how the comments miss that the problem these laws address deserve addressing, but from the producers side: making safe products for the public. This specific solution is fashioned after tobacco and alcohol regulation, which was never primarily about parental supervision, it's about what can be sold and how. And in public health we'd want everyone moving away from both not just kids. The boneheadness of age verification is that unlike tobacco and alcohol, where the best we can do is restrict access, online harm can actually be fixed at the root by regulating what these services are allowed to do to users in the first place.
USA entities tend to think that terms like "privacy", "security" have same meanings and assumptions across the globe, and that the USA laws are universal. Maybe they also think that entire world is just as dumb or dumber than USA.
For a start, you should consider this fact: Privacy for a bad actor goes directly against the security for citizens and good actors.
So when you talk about privacy you are making an assumption that it is contributing to safety. But for whom? Bad actors or good actors? Without such qualification, you are just talking lofy-sounding but meaningless ideals.
And also VPNs are tools to open doors in the minefield of legislations that they need to create to improve the incoming of some business, not of the people that voted for them.
It is unclear to me what VPNs have to do with the conversation with respect to age gating.
If a government has the ability to fine content providers for providing content to its citizens, why accept IP verification is good enough to determine the user’s jurisdiction and not fine them anyway for providing the content?
Interesting that they mention the UK but forget that the EU also wants to protect the kids by banning VPNs
Is the charitable reading of whatever’s going on in Europe right now that European states don’t believe they can hold American tech giants accountable to their laws? I genuinely don’t see why a law banning under-14 year olds from social media wouldn’t be the first step.
I think this is a genuinely difficult problem that happens to look exactly like what you’d need for extended surveillance. When I think about it seriously, I end up coming up with the idea of a whitelist enforced on device for local accounts used by children.
This would probably block most of the internet, and allow access only to sites that are validated as being safe. This would put a lot of pressure on sites and service providers to ensure safety, such as children-only walled gardens within their broader services.
We already have piecemeal attempts at something like this through on device private age restriction software, but it’s not organised at the state level, and I think it’s not effective enough as a result.
If legally enforced it could be made into a pretty effective system that would give adults freedom and anonymity and provide safety for children, while pushing the costs of child safety onto the platforms, which is where it belongs. If you want to cater to children, prove that you can make it on to the whitelist. Otherwise that’s an audience you’re just not able to access.
User to Mozilla: Cannot read your statement with a variant of your own browser because you have it "protected" by an internet gatekeeper.
The regulators don't want you to have neither privacy nor security (from them).
Actually with data fusion VPN does not fix privacy. Ad networks does data fusion of Javascript browser finger print. So you are de cloaked any way on a VPN
Didn't people make kinda that huge and broad movement too terminate PIPA and SOPA?
Could you, my wonderful Western friends, do that again?
I mean, all of it is even on video and largely on YouTube.
It's worth pointing out that some people under some circumstances need to use VPNs. For example, timestamp.apple.com stalls when I call it from my machine, so I cannot sign any executables for macOS. When I use a VPN that changes my IP number, signing and notarizing works perfectly fine. My CI chain would literally not work without a VPN.
UK regulators are just hearing another excuse for a loicense.
It should be possible for VPNs to only give UK customers UK exit nodes so that sites can still properly enforce the law. Same thing with having VPNs that ban explicit sites. It's not an all or nothing thing.
The UK government does whatever Meta tells them to do. We tax cigarettes because they’re bad for you. Let’s tax algorithmic news feeds.
UK is not and has never been a free society, UK elites have an authoritarian streak.
Historically they were fairly smart at doing it subtly but the mask slipped during Covid and they never really put it back on.
Also - outside the HN bubble this stuff isn’t even unpopular. Normies supported covid lockdowns and they don’t want their kids watching porn either.
The people yearn to be ruled and nannied
The UK gov needs to sod off with all this 1984 BS
> VPNs are essential privacy tools
Does Mozilla not understand that this is the exact reason why the UK wants to forbid them?
[flagged]
[dead]
I hear the UK regulator did want to respond but Mozilla office doesn't have a fax machine. So the grandpas in charge of regulating modern tech just took a nap instead
[dead]
This is a fairly difficult problem. I think the internet should be for adults only, like many other things. But we've fucked up by giving children internet access and it's going to be hard to undo it. I think rather than fighting these measures we need to work on alternatives because keeping children off the internet is a good idea, we just need to implement it in a good way.
What about just banning phones for children? Could we ever make that work? It would be like cigarette bans except we now have 5 year olds addicted to tobacco and addict parents who don't want to make them go cold turkey.
Public libraries and schools can be used for genuine research purposes, but not addictive shit. And implemented ad blockers at the network level.
Individualistic societies alienating child-parent relationships and reducing parents to sperm/egg/money donors are slowly starting to fall apart.
Do you know who's responsible to make sure children are safe online? Their parents. Not big tech, not the government, and not me by way of giving up my freedoms.