House of Lords Votes to Ban UK Children from Using Internet VPNs
Last week saw the House of Lords pass a vote that would, if approved by the Government, introduce an amendment to the Children’s Wellbeing and Schools Bill (CWSB) that aims to “prohibit the provision” of Virtual Private Network (VPN) services to children (under 18s) in the UK. The goal is to stop children allegedly using VPNs to bypass age verification systems.
According to the details on the Conservative-led amendment (92) page: “This new clause would require the Secretary of State to take action to promote and protect children’s wellbeing, and to further support child protective measures in the Online Safety Act, by prohibiting the provision to children in the United Kingdom of VPN services which can facilitate evasion of OSA age-gating processes.”
The amendment itself passed with 207 votes in favour and 159 against (here), with the majority of yes votes coming from the Conservative Party and the majority of the no votes coming from the Labour Party. Crucially, this suggests that the amendment, at least in its current form, is currently opposed by the party of Government and so may struggle to survive once the Bill is returned to the House of Commons.
Advertisement
Part of the reason for the government’s objection is that they’re separately consulting on some of these issues and have yet to reach a conclusion. The government have previously expressed that there are “no current plans to ban the use of VPNs“, although that doesn’t mean to say they won’t try to impose age-based restrictions on them.
Amendment text
After Clause 27
insert the following new Clause—
“Action to prohibit the provision of VPN services to children in the United Kingdom(1) Within 12 months of the day on which this Act is passed the Secretary of State must, for the purpose of furthering the protection and wellbeing of children, make regulations which prohibit the provision to UK children of a relevant VPN service (the “child VPN prohibition”).
(2) Regulations under subsection (1)—
(a) may make provision for the provider of a relevant VPN service to apply to any person seeking to access its service in or from the UK age assurance which is highly effective at correctly determining whether or not that person is a child;
(b) must apply the child VPN prohibition to the provider of any relevant VPN service which is, or is likely to be—
(i) offered or marketed to persons in the United Kingdom;
(ii) provided to a significant number of persons;(c) must make provision for the monitoring and effective enforcement of the child VPN prohibition.
(3) OFCOM may produce guidance for providers of relevant VPN services to assist them in complying with the child VPN prohibition.
(4) A statutory instrument containing regulations under subsection (1) may not be made unless a draft of the instrument has been laid before and approved by a resolution of each House of Parliament.
(5) For the purposes of this section—
“child” means a person under the age of 18;
“consumer” means a person acting otherwise than in the course of a business;
“relevant VPN service” means a service of providing, in the course of a business, to a consumer, a virtual private network for accessing the internet;
“UK child” means any child who is in the United Kingdom.”
The focus on children above does however ignore that it may be mostly adults driving VPN usage to bypass age verification. Many adults do not want to have to share their private personal or financial details with unknown and unregulated third-party age verification providers, particularly when those services are associated with porn peddlers. The infamous Ashley Madison hack showed just how dangerous such information could be in the wrong hands (blackmail and suicide etc.).
The regulator’s CEO, Dame Melanie Dawes, also revealed last year (here) that, “following the 25th July deadline we saw a spike in [VPN] use – with UK daily active users of VPN apps temporarily doubling to around 1.5 million. However, usage has since plateaued, and has now fallen back to around 1 million by the end of September“.
All of this is before we touch on the potentially far-reaching and unintended consequences of enforcing age verification on VPNs, which are also legitimate tools for businesses, journalists and to help protect people (security) when abroad or on public networks etc. Many such VPNs can be deeply integrated into modern protection and network optimisation systems, often acting seamlessly in the background, thus a blanket requirement risks being extraordinarily disruptive. But some politicians do understand this.
Advertisement
Lord Knight of Weymouth (Labour)
“Children may also turn to VPNs, which would then undermine the child safety gains of the Online Safety Act. The VPN amendment of the noble Lord, Lord Nash, tries to address this, but age-gating VPNs may be extremely problematic. My phone uses a VPN, following a personal device cyber consultation offered by this Parliament. VPNs can make us more secure, and we should not rush to deprive children of that safety. A blunt, blanket ban—it is a struggle not to call it a Blunkett ban—would also deny young people the positives of some of the less addictive social media.
Young people will continue to want to connect with each other. They will want to share music, their photos and videos, and their creative content. I was of the mixtape generation, now replaced by the shareable playlist. Young entrepreneurs will want to market their products: will they have to use an adults account on an adult’s phone, and be exposed to the risks of adult content as a result?
When I speak to young people in my capacity as president of Young Citizens, I am struck by how well informed they are. They find out what is going on in the world through social media. Is it right that we lower the voting age to 16 and simultaneously prevent access to news for 15 year-olds when we want them to become well informed?
The arguments for doing something urgent and meaningful about the dangers to children of social media are compelling, but so are the arguments for doing it in a more sophisticated way.”
The reality is that, whatever the government decides, children who go seeking access such systems and content will always find a way to circumvent any measures that are introduced – just as they always have done (e.g. people can create their own VPNs). Instead, it often ends up being the innocent and harmless online services and security systems that could be hurt the most by the sledgehammer approach to age-gated internet censorship.
Please note that we won’t be able to approve any comments on this news article that appear to directly promote specific VPN services, due to the risk that this could clash with the government’s recent warnings about such promotions (here).
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and Linkedin.
« CBNG Launch UK Next Gen 5G-based Fixed Wireless Broadband Platform
Advertisement
Leave a Reply
Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message and display names can be almost anything you like (provided they do not contain offensive language or impersonate a real person's legal name). By clicking to submit a post you agree to storing your entries for comment content, display name, IP and email in our database, for as long as the post remains live.
Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.
Utter despair, these out of touch dinasours have not one clue. You can literally find porn sites within 10 seconds that don’t have age ckecks and so don’t need a VPN either. If it takes me that long kids will have no problem. There will always be sites that don’t enforce it, you can’t police the whole internet and that’s what they don’t get, it’s impossible. Education is the key, not placebo measures.
No legitimate VPN is going to be able to comply with what is being asked without going against their principles. This is a VPN ban by proxy. And that’s before we discuss the incorrectly labelled “social media” ban for under 16s which is actually a user-to-user service ban for under 16s and has wide reaching consequences.
Not so sure about that. For a start paying by credit card is enough to verify age so most of us using a paid service won’t need to do anything else. Also by using a VPN you’re putting a _lot_ of trust in the VPN provider – at least the same as you put in your ISP – they’re not just some random website you’re accessing anonymously. If you don’t trust them with your credit card you should definitely not trust them as a VPN provider at all. So from a privacy perspective I’m not too bothered about it. However what it will do is prevent the reputable providers from offering a free tier. This will drive those unable or unwilling to pay by credit card (including children) to the disreputable VPNs who may have no respect for their users’ privacy – wouldn’t be the first time. Once again the government shows it has no idea what it is doing.
We must ban anonymous internet and privacy in its entirety. If you have nothing to hide you have nothing to fear.
That is why I am happy to share the password to my email, banking apps and IP cameras: “ladyPass$1234”
Welcome to distopian ‘United Kingdom!
This is done for the sole purpose of spying.
So kids are ok to mutilate their private parts without even telling their parents but not use VPN?
How did we end up here?