this post was submitted on 19 Nov 2025
155 points (99.4% liked)

Privacy

2932 readers
335 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
155
Wisconsin VPN bill is 'going to be a disaster for everyone,' says online privacy nonprofit (www.pcgamer.com)
submitted 5 days ago by cm0002@toast.ooo to c/privacy@programming.dev
23 comments fedilink hide all child comments
 

Due to the UK's Online Safety Act implemented earlier this year, accessing my Bluesky DM's now means I need to allow a third-party service to scan my face, ID, or bank card. Understandably, that gives me the willies. So I can either simply never look at my messages again, whip out the likeness of Norman Reedus, OR I can log on via a VPN. However, the days of this vastly preferable third option may be numbered.

US states Wisconsin and Michigan have already proposed VPN crackdown bills aiming to close off this workaround—and the UK may be looking to follow suit. Online privacy nonprofit the Electronic Frontier Foundation recently criticised this strategy, taking aim at Wisconsin's bill in particular, saying that blocking the use of VPNs is "going to be a disaster for everyone."

you are viewing a single comment's thread
view the rest of the comments
[–] Rivalarrival@lemmy.today 10 points 5 days ago (2 children)

If they block major providers then you can just setup your own

The major providers have "no logging" policies. They generate no data linking your payment information to your activity, so they have no data to turn over if requested. Your activity is traceable from the sites you visit back to the VPN's endpoint, but the no-logging policy prevents further tracing back to you.

Any VPN you setup on your own is going to be tied to you just as closely as a facial scan, ID, or bank card.

[–] apex32@lemmy.world 4 points 5 days ago (2 children)

It depends on how the law is implemented.

If simply connecting to a VPN is illegal, then your ISP could rat you out. They can't tell what you are doing, but they can see a bunch of encrypted traffic between you and a VPN server.

[–] Rivalarrival@lemmy.today 4 points 5 days ago (1 children)

If simply connecting to a VPN is illegal,

Such a law would prohibit Cloudflare's entire business model. That interpretation will never survive the courts.

[–] Scoopta@programming.dev 3 points 5 days ago (1 children)

You good sir underestimate the stupidity of courts

[–] Rivalarrival@lemmy.today 3 points 4 days ago

The courts understand money. A handful of state legislators can't throw nearly as much money at such a case as the big names in tech. Therefore, big tech wins.

[–] Jason2357@lemmy.ca 1 points 5 days ago (1 children)

Wrong end for most of us. It's not that we live in a backward-state where VPNs are illegal, it's that companies that want to do business in the state will have to block ALL users coming in through a VPN, regardless of where you live. They know which users are using a VPN because the IP blocks are well known, and they will just have to block those users. That's why this one state is trying to f- over everyone.

[–] Scoopta@programming.dev 2 points 4 days ago

That makes more sense and is...even worse tbh because that's actually enforceable and so obvious I don't know how I missed it. That would also probably impact Tor since those IPs are already heavily reputation damaged. The stuff governments have been pulling recently is just insane

[–] Scoopta@programming.dev 2 points 5 days ago (1 children)

As apex32 pointed out, it isn't about logging, it's about your ISP either ratting you out or outright blocking the domains and IP blocks of major providers and that's why I said you can setup your own. Ofc even hosting one yourself your ISP can probably still determine you're using a VPN through traffic analysis even if you're using TCP 443 to blend in but it makes it harder.

[–] Rivalarrival@lemmy.today 2 points 5 days ago (1 children)

My point is that setting up your own, you have a second ISP for the VPN endpoint. Traffic from/to that endpoint is traceable to the operator of that VPN, but now that operator is you, rather than a major provider.

The no-logging feature of the major ISPs provides anonymity by leaving them unable to correlate traffic on the endpoint to an actual person. That feature is the core function of a VPN, but it is not something that you can setup for yourself.

[–] Scoopta@programming.dev 2 points 5 days ago

So what do you propose? Just not using a VPN? If you're that worried you can run a second public VPN on top of your private one. The point of the private one is to avoid ISPs outright blocking known major providers.