It's also worth stating that the worst part of that proposed amendment [1] isn't even necessarily the VPN ban, it's the next clause, on page 20:
"The “CSAM requirement” is that any relevant device supplied for use in the UK
must have installed tamper-proof system software which is highly effective at
preventing the recording, transmitting (by any means, including livestreaming)
and viewing of CSAM using that device."
"Regulations under subsection (1) must enable the Secretary of State, by further
regulations, to expand the definition of ‘relevant devices’ to include other
categories of device which may be used to record, transmit or view CSAM"
I know what you're thinking: these restrictions are easy to work around. But don't worry, we can just layer more restrictions on top. Eventually the children will be safe! The government just needs to...
- require proof of age (ID) to install apps from unofficial sources on your phone or PC. Probably best to block this at both the OS and also popular VPN downloading sites like github.com and debian.org.
- require proof of age (ID) to unblock DNS provider IP addresses like 8.8.8.8 and 1.1.1.1 at your ISP.
- make sure children aren't using any other "privacy" tools that might be a slippery slope to installing a VPN.
This makes it so much easier for the parents too! The internet will be so safe that they won't even need to talk to their children about internet safety.
It's so organic and grass roots and good for democracy™ that every single Western country suddenly decided that eliminating privacy online in lockstep was the top priority despite none of the ruling parties running on it as a platform or with any meaningful referendums from the voting public. But to what end?
On a related note, they built their digital ID so that third parties could verify attributes (it's NOT just a single-service login across government + a linking ID across government services, which is how it was sold by the BBC).
They're pretty close to completely de-anonymising the internet for UK citizens. Say they introduce an Australian-style social media ban for under 16s, then requires all social media to link their accounts to digital IDs for this verification.
Naturally the only remaining loophole is if a UK citizen manages to avoid being flagged as British ever by using a VPN, so I expect they will focus on that going forwards. Keep in mind the UK already arrests and imprisons vast numbers of people for speech offences, there's no slippery-slope argument here because the UK is already at the bottom of the slope as an ultra-authoratitarian anti-speech nation.
This is one of dozens of amendments proposed by members, so it's more accurate to say "three members of the House of Lords attempting to ban the use of VPNs".
So lemme guess - in order to prove one's age, one needs to obtain a digital ID and use said ID to gain access to the internet thereby creating a perfect system to monitor one's internet activity.
Gotta hand it to them - "protecting the children" is a pretty good pretext.
Blacklists are an inherently terrible, rights infringing approach to this sort of issue vs whitelists. It would be a lot better if the internet by default was simply considered 18+ (or 16+ or whatever a country wants). Instead, the tld system could be easily used to have age based domains where anyone who wanted one had to meet some set of requirements for content standards, accountability and content vetting, didn't allow user contributed content at all without review or whatever was needed.
At that point all the technical components exist to make this an ultra easy UI for parents. Require ISP WiFi routers at least to support VLANs and PPSKs, which ultra cheap gear can do nowadays no problem, and have an easy to GUI to "generate child password, restrict to [age bracket]", heck to even just put in a birthday and by default have it auto-increment access if a parent wants. Add some easy options for time-of-day restrictions etc, done. Now parents are in charge and no adult needs anything ever.
Now I highly doubt politicians are all being honest about full motivations here, clearly there are plenty of forces trying to use this issue as a wedge to go after rights in general. But at the same time parental concern is real, and non-technical people find it overwhelming. It'd be good if industries and community could proactively offer a working solution, that'd reduce the political salience a great deal. It's unfortunate the entire narrative has been allowed to go 100% backwards in approach.
The way this, and various other proposals/actions in other countries, are all popping up at the same time, seemingly independently though obviously not, has to be one of the biggest warning signs of trouble in my lifetime. Not helped by various European states deciding they want national service again all of a sudden.
Our governments have turned into the very thing they claimed to be opposing for decades. It's disgraceful.
I'm relatively confident this was the entire end goal of the Online Safety Act. Get the (relatively) easy law passed, then "oh no platforms are only requiring this for UK-based IPs and there are too many VPNs/proxies, I guess we need to de-anonymize everyone".
Does anybody have a sense of whether this is best seen as "a proposal by the UK House of Lords", or "a proposal by three fringe whackjobs in the UK House of Lords"? I honestly don't have any idea. How influential are the proposers? Who else has made noise about such things?
The amendment from the same three people about requiring all phones to "have installed tamper-proof system software which is highly effective at preventing the recording, transmitting (by any means, including livestreaming) and viewing of CSAM using that device" strikes me as in the fringe whackjob range.
This is a clearly terrible idea. It's clear to us, at least, not to them. As is on the public record, there are three proponents behind this amendment. They and their contact details are:
LORD NASH [Tory, contactholmember@parliament.uk]
BARONESS CASS [Crossbench / 'independent', rivisn@parliament.uk ("staff")]
BARONESS BENJAMIN [Liberal Democrat - which particularly disappoints me – benjaminf@parliament.uk]
If you're reading this website and are either living in the UK or are a British citizen I strongly urge you to write a personalised and above all polite email stating with evidence why they are misguided. The "think of the children" brigade is strong – you may well be able to persuade these individuals why it is a bad idea.
I've been waiting for this for some time. It's an obvious loophole in the current rules.
So how long will we have to wait before it dawns on them that VPNs are also used to circumvent IP address blocks in the UK, and other countries of course.
Serious question: What's the gold standard in blocking certain content for an age group, without tracking ones identity?
My initial thought would it would be just making it super easy for their guardians to distribute and control device content. But let the control end at that echelon of power; Not even the local councils or schools should be given the power to regulate social media for kids to this extent IMO, let alone the govt
If we as humans take full responsibility for the world we inhabit.
It's really clear that we live inside of systems that we both control and feel that we don't.
Exploitation of children is (as strange as it sounds) a design issue.
We've designed systems that encourage and rationalize the exploitation of children as a feature of fear.
The encouraging part is that we are in control and it's easier to navigate with a system than to resist it,
so the question becomes.
- How do we modify the incentives that are already in place to not result in the exploitation of children?
Because people generally make decisions for their best interest, we're in a dangerous situation where the incentives are for child exploitation.
An example would be:
I need to feed my family
I need to work to live
I need to appease my boss to continue to work
The boss has goals to meet
We need to perform these actions to meet the goals
There isn't time or space to consider the full consequences of this action
When the impact to children is not considered by a change to a system, they inevitably reap the consequences of living in a system that never considered their welfare.
The children that grew up feeling out of control, and in a system not designed for them then seek to control the very system that formed them - not knowing that they're replicating the same harm that got them there.
This is a design cycle as I see it, if we don't look at it and understand it - then we will continue feeling powerless - while holding the reigns of our future in our hands.
I believe so much in the power of humanity - so I share this not with the idea that I have the answers, but that I am part of the collective that does.
Remember how the morons, at the early stage, were saying "come on, don't be excessive, it's not China here", and now we are reaching a similar or worse civil rights point in most western countries...
The UK has turned into the worst parts of 1984. The politicians are absolutely stark raving mad at this point, what a horrible country to be living in.
To protect children we must install malware on their computers! Let's just hope those authorities don't use malware to peep on them through webcams ... Again
or look at their personal data
or use behavior analytics to target minority groups as
"risks" sending law enforcement to harass or kill them.
or store all their personal data on a 3rd party companies insecure servers
You have to start surveillance young, get them used to it early so they don't realize how bad it is!
“If Parliament enacts that smoking in the streets of Paris is an offence, then it is an offence”
This is not an enforceable law. It seems predicated on the notion that VPNs can only exist as a commercial product, but all you need is two computers connected to the internet.
Worse than China. They are absolutely obsessed, fanatics.
But it's not just bigotry, unfortunately. They are trying to ban free usage of computers for the general public. They want to establish authoritarianism, at least some form of it.
It is worse than you think. The country is on its knees. I go outside and no one looks happy and no one is shopping or eating out unless it is McDonalds or Lidl. No one is working, children are calling sick for school and everyone is wondering how the hell so many random people suddenly got in. The next few decades will be a story of decline.
i've long held a view that what CCP is doing is cancer to all citizens in previously free countries, our democratic leaders are quick to show disgust and disdain, but the actual owners of the country, actual powers that be are enamored and mesmerised by what they're doing to the Chinese populace especially when it comes to messaging/propaganda. block and track everyone then just tiktok your way high heavens. it's not even what aldous huxley meant by the pleasure essay anymore it's deeper and more manipulative
I get regularly downvoted for this, but oh well. I don't post for votes:
I think the research consensus is that the internet is a dangerous place for kids. And pragmatic life experience shows that as a parent, you can't control well what your kids have access to. While I think many of these laws are poorly implemented and unnecessarily endanger the free Internet, I think they are coming from a good place.
I think arguing that there should be no restrictions whatsoever is completely ignoring the negative societal impact of modern technology and is actually unpragmatic and counterproductive, because that impact is very real and people want to control it. They won't care about arguments about freedom that seem far fetched to them.
To me a much more fruitful discussion would be on how to control these things and how to ensure it doesn't become a creeping censorship mechanism. Simply saying "no" will mean people who care about free internet will be left on the side.
Because actually there is a lot one could do to reconcile these two standpoints:
- ensure privacy-preserving mechanisms are used for age verification
- ensure laws proactively proscribe freedom of internet outside of selected (age restricted) areas
- provide transparency laws that enable citizens to see all data collected on them, GDPR-style.
- pathways for citizens to appeal or request compensation for violations of privacy
- and crucially, prevent other terrible things in this area, like the demand I saw on a related thread that all mobile devices have an unremovable black-box software that censors all internet access.
Would I mind a provably privacy-preserving age check? Not really. And it's actually achievable, as opposed to simply attempting to veto this whole wave. Hackers like us no longer own the web, it has become a common good.
As a postscriptum, there's a ton of cynicism about "think of the children" and CSAM. I can well believe it's BS when politicians say it. Equally I don't take it as a given. I feel uncomfortable when my freedom to browse innocuous stuff shelters predators and gives 12 year olds access to SM porn. You're free to disagree, but it seems the world is moving on. You can shout at the clouds or try to find a compromise.
As someone fully supportive of the social media ban for Australian kids, I think As someone fully supportive of the social media ban for Australian kids, I think we need to teach UK kids to vibecode their own VPNs with OSS models at this point so they can save what's left of their future civil liberties.
We all know where this is going, they're going to ban the one mathematical tool we have that gives us control over machines, encryption.
UK House of Lords are a buncha of Jimmy Savile pal types, if you get my drift. The same blackmail and bribery networks that exist in the US largely were learned from the Brits, who of course gave Palestine to the zionists on behalf of dragging America into a war they mostly engineered via Edward the 7ths diplomatic intrigues and the pre-war formation of the entangling alliances.
So for a long time, I traced most roads in the US back to London... (for example Star Chamber origins)...
After a while though, as I dug into the real history of banking, I realized when William of Orange was installed it was shortly after that the Bank of England was established to take them over the same way they later influenced us (Jekyll Island) to establish the Fed, the main trojan horse for a country being monetary countrol.
So I now understand just like the masons, or intel dudes, etc, many of them are just so compartmentalized they don't know what they are a part of. I now view the UK the same way.
So lets keep following the strings up the chain...
"You win battles by knowing the enemy's timing, and using a timing which the enemy does not expect." - Miyamoto Musashi
UK House of Lords attempting to ban use of VPNs by anyone under 16
(alecmuffett.com)391 points by nvarsj 11 December 2025 | 428 comments
Comments
"The “CSAM requirement” is that any relevant device supplied for use in the UK must have installed tamper-proof system software which is highly effective at preventing the recording, transmitting (by any means, including livestreaming) and viewing of CSAM using that device."
"Regulations under subsection (1) must enable the Secretary of State, by further regulations, to expand the definition of ‘relevant devices’ to include other categories of device which may be used to record, transmit or view CSAM"
Apple, what did you start?
[1] https://bills.parliament.uk/publications/63901/documents/746...
- require proof of age (ID) to install apps from unofficial sources on your phone or PC. Probably best to block this at both the OS and also popular VPN downloading sites like github.com and debian.org.
- require proof of age (ID) to unblock DNS provider IP addresses like 8.8.8.8 and 1.1.1.1 at your ISP.
- make sure children aren't using any other "privacy" tools that might be a slippery slope to installing a VPN.
This makes it so much easier for the parents too! The internet will be so safe that they won't even need to talk to their children about internet safety.
They're pretty close to completely de-anonymising the internet for UK citizens. Say they introduce an Australian-style social media ban for under 16s, then requires all social media to link their accounts to digital IDs for this verification.
Naturally the only remaining loophole is if a UK citizen manages to avoid being flagged as British ever by using a VPN, so I expect they will focus on that going forwards. Keep in mind the UK already arrests and imprisons vast numbers of people for speech offences, there's no slippery-slope argument here because the UK is already at the bottom of the slope as an ultra-authoratitarian anti-speech nation.
Gotta hand it to them - "protecting the children" is a pretty good pretext.
At that point all the technical components exist to make this an ultra easy UI for parents. Require ISP WiFi routers at least to support VLANs and PPSKs, which ultra cheap gear can do nowadays no problem, and have an easy to GUI to "generate child password, restrict to [age bracket]", heck to even just put in a birthday and by default have it auto-increment access if a parent wants. Add some easy options for time-of-day restrictions etc, done. Now parents are in charge and no adult needs anything ever.
Now I highly doubt politicians are all being honest about full motivations here, clearly there are plenty of forces trying to use this issue as a wedge to go after rights in general. But at the same time parental concern is real, and non-technical people find it overwhelming. It'd be good if industries and community could proactively offer a working solution, that'd reduce the political salience a great deal. It's unfortunate the entire narrative has been allowed to go 100% backwards in approach.
Our governments have turned into the very thing they claimed to be opposing for decades. It's disgraceful.
The amendment from the same three people about requiring all phones to "have installed tamper-proof system software which is highly effective at preventing the recording, transmitting (by any means, including livestreaming) and viewing of CSAM using that device" strikes me as in the fringe whackjob range.
LORD NASH [Tory, contactholmember@parliament.uk] BARONESS CASS [Crossbench / 'independent', rivisn@parliament.uk ("staff")] BARONESS BENJAMIN [Liberal Democrat - which particularly disappoints me – benjaminf@parliament.uk]
All three can be contacted by sending an email to contactholmember@parliament.uk using the proper form of address as detailed in https://members.parliament.uk/member/4270/contact
If you're reading this website and are either living in the UK or are a British citizen I strongly urge you to write a personalised and above all polite email stating with evidence why they are misguided. The "think of the children" brigade is strong – you may well be able to persuade these individuals why it is a bad idea.
So how long will we have to wait before it dawns on them that VPNs are also used to circumvent IP address blocks in the UK, and other countries of course.
My initial thought would it would be just making it super easy for their guardians to distribute and control device content. But let the control end at that echelon of power; Not even the local councils or schools should be given the power to regulate social media for kids to this extent IMO, let alone the govt
The encouraging part is that we are in control and it's easier to navigate with a system than to resist it, so the question becomes.
- How do we modify the incentives that are already in place to not result in the exploitation of children?
Because people generally make decisions for their best interest, we're in a dangerous situation where the incentives are for child exploitation.
An example would be: I need to feed my family I need to work to live I need to appease my boss to continue to work The boss has goals to meet We need to perform these actions to meet the goals There isn't time or space to consider the full consequences of this action When the impact to children is not considered by a change to a system, they inevitably reap the consequences of living in a system that never considered their welfare.
The children that grew up feeling out of control, and in a system not designed for them then seek to control the very system that formed them - not knowing that they're replicating the same harm that got them there.
This is a design cycle as I see it, if we don't look at it and understand it - then we will continue feeling powerless - while holding the reigns of our future in our hands.
I believe so much in the power of humanity - so I share this not with the idea that I have the answers, but that I am part of the collective that does.
I really don't get their reasoning here.
or look at their personal data
or use behavior analytics to target minority groups as "risks" sending law enforcement to harass or kill them.
or store all their personal data on a 3rd party companies insecure servers
You have to start surveillance young, get them used to it early so they don't realize how bad it is!
This is not an enforceable law. It seems predicated on the notion that VPNs can only exist as a commercial product, but all you need is two computers connected to the internet.
But it's not just bigotry, unfortunately. They are trying to ban free usage of computers for the general public. They want to establish authoritarianism, at least some form of it.
Economy: https://www.bbc.co.uk/news/articles/cwyp7v7r28yo
Youth unemployment: https://www.telegraph.co.uk/business/2025/12/11/britains-you...
Health care: https://www.theguardian.com/society/2025/dec/11/nhs-bracing-...
https://www.bbc.co.uk/news/articles/crrkervnxvqo
(That is, none at all)
What the heck media are these folks consuming to have such a warped view of this country?
I think the research consensus is that the internet is a dangerous place for kids. And pragmatic life experience shows that as a parent, you can't control well what your kids have access to. While I think many of these laws are poorly implemented and unnecessarily endanger the free Internet, I think they are coming from a good place.
I think arguing that there should be no restrictions whatsoever is completely ignoring the negative societal impact of modern technology and is actually unpragmatic and counterproductive, because that impact is very real and people want to control it. They won't care about arguments about freedom that seem far fetched to them.
To me a much more fruitful discussion would be on how to control these things and how to ensure it doesn't become a creeping censorship mechanism. Simply saying "no" will mean people who care about free internet will be left on the side.
Because actually there is a lot one could do to reconcile these two standpoints:
- ensure privacy-preserving mechanisms are used for age verification
- ensure laws proactively proscribe freedom of internet outside of selected (age restricted) areas
- provide transparency laws that enable citizens to see all data collected on them, GDPR-style.
- pathways for citizens to appeal or request compensation for violations of privacy
- and crucially, prevent other terrible things in this area, like the demand I saw on a related thread that all mobile devices have an unremovable black-box software that censors all internet access.
Would I mind a provably privacy-preserving age check? Not really. And it's actually achievable, as opposed to simply attempting to veto this whole wave. Hackers like us no longer own the web, it has become a common good.
As a postscriptum, there's a ton of cynicism about "think of the children" and CSAM. I can well believe it's BS when politicians say it. Equally I don't take it as a given. I feel uncomfortable when my freedom to browse innocuous stuff shelters predators and gives 12 year olds access to SM porn. You're free to disagree, but it seems the world is moving on. You can shout at the clouds or try to find a compromise.
"They're too stupid to have a say"
Same shit used against women in some countries.
We all know where this is going, they're going to ban the one mathematical tool we have that gives us control over machines, encryption.
So for a long time, I traced most roads in the US back to London... (for example Star Chamber origins)...
After a while though, as I dug into the real history of banking, I realized when William of Orange was installed it was shortly after that the Bank of England was established to take them over the same way they later influenced us (Jekyll Island) to establish the Fed, the main trojan horse for a country being monetary countrol.
So I now understand just like the masons, or intel dudes, etc, many of them are just so compartmentalized they don't know what they are a part of. I now view the UK the same way.
So lets keep following the strings up the chain...
"You win battles by knowing the enemy's timing, and using a timing which the enemy does not expect." - Miyamoto Musashi