Reform UK (the party currently leading in the polls by a large margin) is the only party that loudly opposed the draconian measures within the Online Safety Act and promise to repeal it
To stop it now we need a majority of MPs who are willing to take a political risk to reject it.
Which isn't going to happen.
It is an utter waste of time. MPs already know about the concerns. They don't care. I wrote to my MP about many of these concerns in the past. You either get ignored, told you are enabling pedos, told there will be protections put in place (ignoring the whole point is that I don't trust the government).
Moreover The vast majority of people (unfortunately this includes people in my own family) have been propagandised to agree with all iffy censorship, monitoring and other spooky nonsense the UK state engages with.
People tend to be a lot more reasonable in person, and also if you listen to them first.
The UK has a strong tradition of safeguarding privacy while ensuring that appropriate action can be taken against criminals, such as child sexual abusers and terrorists. I firmly believe that privacy and security are not mutually exclusive—we can and must have both. The Investigatory Powers Act governs how and when data can be requested by law enforcement and other relevant agencies. It includes robust safeguards and independent oversight to protect privacy, ensuring that data is accessed only in exceptional cases and only when necessary and proportionate. The suggestion that cybersecurity and access to data by law enforcement are at odds is false. It is possible for online platforms to have strong cybersecurity measures whilst also ensuring that criminal activities can be detected.
I can tell you that isn't entirely true. When they get a lot of messages about the same thing, or better still you meet them in person, they may keep giving you the 'party line response', but they will also be feeding back that there is discontent to the whips.
[0] maybe it is still illegal, IDK, bu likely due to other laws (eg a generic "it is illegal to use workaround for X")
So technically if you are from UK, they might come at your VPS provider if they find that you use them as a VPN (law's kinda vague from what I can gather)
Your VPS provider wouldn't really protect your privacy for 4 $ so a snitch.
My point which fucking scares me if I were a UK citizen is that they just have to do it once to scare you to your guts.
Maybe I am paranoid but I couldn't see this shit happen 2-3 years ago & UK is atleast moving at a very dystopian rate and I am not sure if other countries might move in similar direction too if UK experiment turns out to be helpful to the people in power or helps in curbing out protests/real change in any capacity.
I know the law hasn't passed but chances are unless osmething very unlikley happens, its gonna get passed
What's up with democracies trying to imprison their own citizens in such sense, whether digitally or in person. Some countries feel like prisons rather than free land now.
These were the best benefits of democracies over authoritarianism.
I genuinely question with such points if democracy actually just becomes a dual party authoritarianism. Sure people vote but just scare them for real change just once. If a person speaks online, even if they use a VPN, just catch one extreme and scare the moderates from even ever saying something different than what govt says
Say it with me, 2+2=5 (1984 reference)
So theoretically, suppose I have a vpn company on A) either such lowend niche providers who might support let's say my mission or we are aligned or B) the hyperscalers or large companies.
Now I am 99% sure that large companies would actually restrict VPN creation usage (something remarkably rare right now but still it's a gone deal now)
And I feel like even with niche lowendbox providers, suppose I am paying 4 euros or something to a provider to get an IP, they are either using hyperscaler themselves (like OVH) or part of a datacenter itself
If a server they own in some capacity runs a vps, can it be considered that they are running a vps and they can get sued by the Safety Act too? If not, then what if this happens one layer above at datacenter and now datacenters might have to comply with them
I haven't read the article but wtf.
Suppose I run a tmate instance (basically allows you to connect one ssh server to another both inside nat), theoretically this is a vpn as well.
I was calling out that they might ban vpn's when online safety act came and I realized that theoretically nothing's stopping them technologically to do so. It's a cat and mouse game but they didn't have a legal reason to do it so much. Now... You have it.
Is the end of total privacy for UK here?
I feel like even privacy oriented VPN's will move out of UK and non privacy oriented (ie. who will accept your id's) will probably have to manage it or use some third party and I am pretty sure that this basically gives govt. even more, they might now look at which IP said something, contact the now compliant VPN and block other truly private, for which user Id used a particular IP at particular time and seek their ID. I don't know how Dystopian UK's gotten but what's stopping a "reasonable cause" or some UK fbi equivalent contacting.
I feel like even one or two such extreme case of VPN providers would be enough to scare the whole country into check where if you are UK citizen and you talk against UK online, you will be screwed.
Atleast that's the direction I am seeing it heading.
Depending on the instance & how many more such dystopian laws UK adds. It's democracy gets really questionable... and I am not sure what it will be replaced by.
Both parties are kind of aligned in this from what I can tell. Just raise what "reasonable" suspicion to contact means and abuse any laws or create new dystopian laws but online safety act wasn't okay but VPN's provided a way around it.
Now that VPN's themselves are affected. It's kind of gonna wreak havoc imo of any individual privacy.
I am worried what this might mean on tor. Since tor can be considered a vpn, so will UK company sue me if I run a tor instance now?
Make the friction high enough for evading age restrictions and it will stop most kids. Not all but most. Same as most shops stop under age kids buying alcohol and most cinemas enforce age ratings.
If you want to roll your own VPN go ahead.
As far as the "dystopian" state of the UK goes. Even if the UK was a "distopia" the internet won't save you, even though people of a certain age like to think they can stop an authoritarian government from their keyboard. Take the US as a recent example, the bastion of free speech, but US citizens are being murdered by a government organisation. Posting memes from your VPN won't help.
Sure teens will still figure out a way to access when they really want to, but they won’t be be the same level of peer pressure.
I feel like this is the strongest argument in favor of the bans. I am not sure it will be effective or is the most effective way to go about it. I am curious to see the data that comes out of Australia in a few years.
Of course, we're sliding quite rapidly down that slippery slope here so I'm sure logging and easier government tracking would be next. The justifications will get weaker and even more lacking in supporting evidence for their implementation.
Yes. But I think most of the zero logs providers will remove the identifiable payments details after a certain about of time. Mullvad have a specific policy relating to what is stored and retention time (I am not affiliated with Mullvad, I just use their service).
https://mullvad.net/en/help/no-logging-data-policy#payments
> Surely savvy people can just use their existing VPN to buy a VPN from outside the UK.
Or you can use Tor. I will just use a VPN that lets me pay with Monero or some other crypto currency. None of this will stop savvy people.
The providers are structured in a way that makes forcing compliance difficult and have built their whole business model around this. NordVPN is registered in Panama for example and Mullvad lets you send cash in the mail and doesn't store any user details (even a hashed email).
It'll be interesting to see how & who reacts if it does pass.
A Labour MP foolish attended a GB News show and when pushed admitted that the Online Safety Act was also about identifying speech by adults [0].
Sorry about the quality of the link, but the video is there (higher quality is available on X) and its not like the paragon of truth that is the BBC reported on this.
https://europeanconservative.com/articles/news/uk-government...
I remain upset that they do this without building the necessary infra. They already assert identity when applying for a passport (and they do this very well). If they had extended this process by creating a OAuth compliant digital id provider first, then they could have avoided all the problems on the day the OSA dropped. Even better, they could have created a non-governmental agency to exchange tokens and urls to prevent the privacy issue of the government knowing which sites people are visiting. Instead we have this status quo of encouraging UK citizens to hand over their identity documents to dubious third-parties or shifting their traffic from the UK externally to avoid these checks.
You seem to believe they're wrong. Since they're the ones who come up with the laws of the land, I think it's important to realize that they can and do aggressively control access to the internet in their country. It sucks, but it's the reality.
The privacy issue would still exist. They can tie your online activity directly to these tokens.
Meanwhile the government and official accounts continue to use X even as they're trying to ban it. Mixed messaging.
Lead proponent of the VPN ban: https://en.wikipedia.org/wiki/John_Nash,_Baron_Nash; he's https://en.wikipedia.org/wiki/Centre_for_Policy_Studies again, the dead hand of Thatcherism.
Now imagine that the local government has a website that can only be changed by contacting a web developer, who takes 1-2 business days to reply. It might not be as bad as that, but I wouldn't be surprised if that's the ballpark.
It isn't the late 90s/2000s anymore where people are uploading HTML files over FTP.
Then we can get rid of the online safety act, no need to dox adults if we just ban the children.
Then when the government refuses to repeal the OSA, we can then have an open and honest discussion about the real reasons that act exists.
Being sarcastic, but at the same time...
If VPNs require age verification, then people will shift to running a VPN on a cheap VPS. Probably via a popular single-click setup script.
Or people will just get drawn to more seedy providers that do no KYC or have ulterior motives. If I was Russia, I'd consider operating a free VPN or VPS service that MITMs the traffic.
Can we please get a law where kids won’t just take their parents’ IDs and upload them to random places?
But in the latter case, the system is wildly open to abuse coz nobody can detect if every teenager in the country is using Auth Georg's cert. The only way for that to be possible is if the tokens let you psuedonymise Georg at which point it's no longer private.
The answer is to leave this shit to parents. It's not the government's job. It's not the government's business.
londons_explore•1h ago
And presumably also a '--webcam-to-use-for-identity'
embedding-shape•1h ago
> Amendment 92 (“Action to Prohibit the Provision of VPN Services to Children in the United Kingdom”) requires VPNs that are “offered or marketed to persons in the United Kingdom” or “provided to a significant number of persons” to implement age assurance for UK users.
londons_explore•1h ago
embedding-shape•56m ago
The host who lets you spin up the server might also need to implement those age checks though. But still, not openvpn.
Imustaskforhelp•39m ago
Another point is what prevents UK govt or UK bots to sign up for Proton Vpn say themselves and the difference between bots and humans is becoming thin especially for such Private Vpn's and then UK govt comes again knocking asking for age verification.
Honestly makes me feel like UK citizens are hostage in their own countries & we might see more UK IP's being blocked from accessing services because the idea of Virtual private network is still vague in my opinion. One can abstract a sort of VPN on top of xmpp or matrix servers too or even telegram as the intermediate. Would that mean that UK govt would come knocking onto these asking for who created the VPN (suppose I built a VPN which uses telegram to send messages/packets or uses telegram infra, so would they come to telegram asking what is the IP/detail info of my telegram user, would they go to signal or xmpp or matrix providers too? What if I use a provider who colo's on a datacenter and they go to the datacenter asking for access or the company behind datacenter
I am not saying that they would for something so niche but the fact of the matter is that nothing's stopping them from the laws from what I can gather.
They would only have to do it once to instill fear in the masses. I mean technically just this law has instilled fear and I am not even a UK citizen
Someone familiar with UK law please comment on my message but VPN is such a vague term imo. Like at this point you are just targeting private networks or people who meet online in private
VPNs LITERALLY means Virtual "PRIVATE NETWORKS"
What gives the govt right to intercept between two parties communicating in any way (enforcing a condition for one party to have Id of other for age verification etc.)
totaa•59m ago
embedding-shape•57m ago
ZiiS•55m ago
afiori•55m ago
vorticalbox•58m ago
this will be interesting to watch i just wish i weren't caught in the net.
swores•55m ago
vidarh•2m ago
elcapitan•1h ago