VPNs face potential bans in the US and beyond — this is not a drill

We’ve grown used to the idea that VPNs (Virtual Private Networks) are freely accessible across developed countries. There are countless products on offer, all promoted openly and without hesitation. Meanwhile, people living in countries with tight restrictions on free speech have long dealt with roadblocks, intimidation, and sometimes the very real fear of fines when using one (cue China).

However, this status quo seems to be shifting. The UK and now, more recently, parts of the US has been toying with, or outright considering, the idea of restricting or even banning VPN use for certain purposes or altogether. The sudden pressure on a privacy-protecting tool that has always been taken for granted in the West is a direct by-product of the age-verification laws sprouting across the US. The Free Speech Coalition counted roughly 130 such bills since 2022, with about a quarter already enacted.

And while age-verification laws on their own are already a privacy headache (we’ve written about this extensively here and here) lawmakers in the US are now taking it a step further, floating the idea of banning VPNs entirely under the pretext of “protecting children” from using them to access adult content.

Latest bids to ban VPNs in US

The Wisconsin Bill 130, which could be found here, says:

“The bill also requires a business entity that knowingly and intentionally publishes or distributes material harmful to minors on the Internet from a website that contains a substantial portion of such material to prevent persons from accessing the website from an internet protocol address or internet protocol address range that is linked to or known to be a virtual private network system or provider.”

The bill is now moving through the Senate, having already cleared one legislative hurdle in the form of the State Assembly. According to tracking sites, SB 130 (cross-filed as AB 105) is available for scheduling in the Senate after a public hearing.

Put simply, if passed into law, it would not only require age verification for accessing “material harmful to minors,” but also force websites to block access from IP ranges tied to known VPN providers. This raises an obvious privacy issue, effectively penalizing the use of VPNs, but also potentially countless issues with implementation, from inaccurate IP-flagging that sweeps up legitimate users to the inevitable game of cat-and-mouse as VPN services rotate, mask, or redistribute their addresses faster than regulators can track them.

In practice, the burden would fall not just on the platforms but on every ordinary user who relies on a VPN for basic digital hygiene whether for security on public Wi-Fi, protection from data brokers, or simply maintaining a measure of anonymity online. Companies that use VPN for remote work are also likely to become collateral damage. The result is a policy that claims to protect minors but risks creating a clumsy, over-broad censorship tool that treats privacy itself as a red flag.

Even more damning is a proposed Michigan bill, titled — rather self-righteously — the Anticorruption of Public Morals Act. Introduced by a group of Republican senators in September 2025, the bill doesn’t stop at targeting adult content; it goes straight for VPN use as well. And the definition of “content” they want to ban… raises more than a few eyebrows.

We’re talking ASMR, adult manga, AI-generated imagery, and even depictions of transgender people. On top of this hodge-podge of “forbidden” material, the bill proposes a blanket ban on VPNs, no matter where they’re registered, domestic or abroad. Under its language, internet providers in Michigan would be required to monitor traffic to block VPN use, and the sale of VPNs in the state would become outright illegal. Penalties could soar to $500,000. Even worse, it wraps in wording so sweeping it could be used to outlaw not just VPNs, but any tool or workaround that lets people slip past a filter or firewall.

(3) An internet service provider providing internet service in this state shall implement mandatory filtering technology to prevent residents of this state from accessing prohibited material. An internet service provider providing internet service in this state shall actively monitor and block known circumvention tools.

(4) In addition to the criminal penalties provided under subsections 1 and 2, a commercial entity or internet service provider that knowingly facilitates access to prohibited material in violation of this section is subject to a civil fine of not more than $500,000.00 for each violation.

(5) The promotion or sale of circumvention tools to access prohibited material is prohibited.

The good news is that it’s widely viewed as dead on arrival. Michigan’s political landscape makes that pretty clear: the state senate and the governor’s office are both controlled by Democrats, with only the House having a Republican majority. That alone makes it hard to imagine a sweeping moral-panic bill like this getting real traction. Even beyond party lines, plenty of lawmakers, including some who’d normally sit comfortably on the conservative side, aren’t exactly eager to green-light a total porn ban or criminalize their own constituents’ browsing habits. Let’s be honest: nobody wants to explain to voters why their ASMR videos suddenly require a lawyer.

Even if this particular effort fizzles out, the mere fact that such a sweeping ban has been drafted at all is a warning sign. It shows that the idea now exists as a draft and can be dusted off, repackaged, or revived whenever politicians want to score points with a particular audience or make a bit of moral-posturing noise. Today it may be a stunt; tomorrow, someone more strategic could use the same blueprint with a lot more traction.

Our takeaway

Private platforms blocking VPNs isn’t new. Reddit has already restricted VPN access for users who aren’t logged in, and Netflix, along with pretty much every major streaming service, has turned VPN detection into a never-ending cat-and-mouse game. But that’s all happening in the private sphere, where companies are (for better or worse) enforcing their own business interests. What’s unfolding now is different. This time the push is coming from above and that top-down, government-mandated approach to policing VPN use is the part that should set off alarms.

A state telling adults they can’t use privacy tools, or worse, forcing ISPs to monitor traffic for signs of “circumvention,” doesn’t just mirror the behavior of platforms; it legitimizes it. It normalizes it. And once that door is open, the consequences are hard to roll back. If this becomes a trend, we’re looking at a cocktail of problems: erosion of online privacy, endless false positives, and the rise of sketchy underground VPN providers promising to stay “unlisted.” Those services often come with their own risks: data leaks, reselling user information, or outright malware packaged as “privacy.”

In other words, the danger isn’t just that a few bills might fail or succeed today. It’s that the idea itself is now on the table, and once governments feel comfortable dictating who gets to have privacy and who doesn’t, the slope becomes very slippery, very fast.