Watching the UK try to age-gate VPNs is like watching a cat chase a laser pointer they are trying to regulate the one tool specifically designed to ignore their regulations.
Most VPNs charge anyways and the ones that don’t are insecure and have the speed of dialup.
Just seems a waste on resources to put in age verification when we have platforms like Facebook and Twitter who are much more dangerous to kids.
If they truly cared about kids or Internet safety and had at least some knowledge of the Internet then Roblox would be banned.
The UK already has age verification on many broadband suppliers, especially mobile broadband. You need it switched off.
The “Baroness” who wants VPNs wants the UK firewalled effectively. She wants the state to control not the person.
What happens when you have a VPN direct on your router? Is that to be banned? How about VPNs that take bitcoins? Are we banning entry points now also? A game of whack-a-mole with the state banning DNS entries for new entry points for VPNs?
I imagine Tor DNS entry points will be blocked also.
This is the UK moving towards state sanctioned sites at an alarming rate.
**Six months after the Online Safety Act took effect, the honeymoon is well over**
The VPN question has been an albatross for the age assurance ecosystem, held up as an easy workaround to digital age checks – and, therefore, as proof that age assurance laws as designed don’t work to fulfil their purpose.
“Some argue that because VPNs exist, any [age assurance](https://www.biometricupdate.com/2025-online-biometric-age-assurance-market-report-buyers-guide) system will fail,” AVPA says. “This leads to the mistaken belief that age-restricted sites are exempt from compliance if users connect through a VPN. Legislation we have reviewed globally, including the UK’s Online Safety Act and similar measures in Australia or U.S. states, offers no such exemption. In practice, there are ways to detect and address circumvention and there is no need to even consider banning VPNs outright.”
# Age assurance debate chases its own tail with more checks
The text of the Lords’ amendment inserts “action to prohibit the provision of VPN services to children in the United Kingdom,” ostensibly “for the purpose of furthering the protection and wellbeing of children.
The regulations “may make provision for the provider of a relevant VPN service to apply to any person seeking to access its service in or from the UK age assurance which is highly effective at correctly determining whether or not that person is a child.”
They must apply to any VPN service provided to users in the UK. Ofcom, it says, “may produce guidance for providers of relevant VPN services to assist them in complying with the child VPN prohibition.”
There is a circular logic at play: age checks prompt minors to find workarounds, so put age checks on the workarounds, too. It is symptomatic of a pattern that has seen regulators apply a whac-a-mole approach to enforcement, while adult content firms try and shift responsibility away from the platform level and onto Google, Apple and Microsoft, and the age assurance industry navigates multiple shifts in tone and messaging from the Labour government.
This isn’t gonna solve anything. Who is coming up with such policies?
“The Age Verification Providers Association”… Well there’s your problem. This shit is getting driven by business interests using “but think of the children” fearmongering.
How can they be so wrong about this? Accessing a site through a VPN usually means accessing it in a foreign country, where UK law has no practical or legal power.
This is totalitarianism, non-negotiable.
Can this sub stop posting crazy policy ideas from the House of Lords (unelected)? They could propose a swimming pool on the moon if they wanted, it’s a million steps from happening (and won’t).
It’s not government policy.
The House of Commons (elected) would need to vote for this, the gov would then need to implement it.
Can I use the VPN to confirm my age to use VPN?
This also seems like the same problem will arise – people will just use shittier and less regulated services that laugh off the checks.
12 comments
https://www.techradar.com/vpn/vpn-privacy-security/not-just-censorship-its-digital-isolation-iran-plans-to-cut-ties-with-the-global-internet-and-vpns-may-not-help-this-time
Watching the UK try to age-gate VPNs is like watching a cat chase a laser pointer they are trying to regulate the one tool specifically designed to ignore their regulations.
Most VPNs charge anyways and the ones that don’t are insecure and have the speed of dialup.
Just seems a waste on resources to put in age verification when we have platforms like Facebook and Twitter who are much more dangerous to kids.
If they truly cared about kids or Internet safety and had at least some knowledge of the Internet then Roblox would be banned.
The UK already has age verification on many broadband suppliers, especially mobile broadband. You need it switched off.
The “Baroness” who wants VPNs wants the UK firewalled effectively. She wants the state to control not the person.
What happens when you have a VPN direct on your router? Is that to be banned? How about VPNs that take bitcoins? Are we banning entry points now also? A game of whack-a-mole with the state banning DNS entries for new entry points for VPNs?
I imagine Tor DNS entry points will be blocked also.
This is the UK moving towards state sanctioned sites at an alarming rate.
**Six months after the Online Safety Act took effect, the honeymoon is well over**
**Jan 27, 2026, 1:44 pm EST |** [**Joel R. McConvey**](https://www.biometricupdate.com/author/joelrmcconvey)
In a move that has already stirred controversy, the UK House of Lords has voted to allow an [amendment](https://www.biometricupdate.com/202512/uk-bill-amendments-propose-highly-effective-age-assurance-for-social-media-vpns) to the Children’s Wellbeing and Schools Bill (CWSB), which would put age assurance restrictions on Virtual Private Networks (VPNs).
The VPN question has been an albatross for the age assurance ecosystem, held up as an easy workaround to digital age checks – and, therefore, as proof that age assurance laws as designed don’t work to fulfil their purpose.
The age assurance industry’s response has been to note that online safety laws don’t allow for loopholes. The Age Verification Providers Association (AVPA) has described what it calls the “[VPN fallacy](https://www.biometricupdate.com/202508/vpns-a-navigable-challenge-for-age-assurance-sector-says-avpa)”:
“Some argue that because VPNs exist, any [age assurance](https://www.biometricupdate.com/2025-online-biometric-age-assurance-market-report-buyers-guide) system will fail,” AVPA says. “This leads to the mistaken belief that age-restricted sites are exempt from compliance if users connect through a VPN. Legislation we have reviewed globally, including the UK’s Online Safety Act and similar measures in Australia or U.S. states, offers no such exemption. In practice, there are ways to detect and address circumvention and there is no need to even consider banning VPNs outright.”
While the UK government is not (yet) considering banning VPNs, its proposed law would mean requiring every VPN user to prove their age. There is an echo of the realization that set in once the Online Safety Act (OSA) imposed [age check requirements](https://www.biometricupdate.com/202507/uk-age-verification-is-here-ofcom-set-to-begin-enforcing-online-safety-act) on porn sites: to make sure users aren’t kids, age assurance has to apply to everyone.
# Age assurance debate chases its own tail with more checks
The text of the Lords’ amendment inserts “action to prohibit the provision of VPN services to children in the United Kingdom,” ostensibly “for the purpose of furthering the protection and wellbeing of children.
The regulations “may make provision for the provider of a relevant VPN service to apply to any person seeking to access its service in or from the UK age assurance which is highly effective at correctly determining whether or not that person is a child.”
They must apply to any VPN service provided to users in the UK. Ofcom, it says, “may produce guidance for providers of relevant VPN services to assist them in complying with the child VPN prohibition.”
There is a circular logic at play: age checks prompt minors to find workarounds, so put age checks on the workarounds, too. It is symptomatic of a pattern that has seen regulators apply a whac-a-mole approach to enforcement, while adult content firms try and shift responsibility away from the platform level and onto Google, Apple and Microsoft, and the age assurance industry navigates multiple shifts in tone and messaging from the Labour government.
This isn’t gonna solve anything. Who is coming up with such policies?
“The Age Verification Providers Association”… Well there’s your problem. This shit is getting driven by business interests using “but think of the children” fearmongering.
>The Age Verification Providers Association (AVPA) has described what it calls the “[VPN fallacy](https://www.biometricupdate.com/202508/vpns-a-navigable-challenge-for-age-assurance-sector-says-avpa)”:
>“Some argue that because VPNs exist, any [age assurance](https://www.biometricupdate.com/2025-online-biometric-age-assurance-market-report-buyers-guide) system will fail,” AVPA says. “This leads to the mistaken belief that age-restricted sites are exempt from compliance if users connect through a VPN.
How can they be so wrong about this? Accessing a site through a VPN usually means accessing it in a foreign country, where UK law has no practical or legal power.
This is totalitarianism, non-negotiable.
Can this sub stop posting crazy policy ideas from the House of Lords (unelected)? They could propose a swimming pool on the moon if they wanted, it’s a million steps from happening (and won’t).
It’s not government policy.
The House of Commons (elected) would need to vote for this, the gov would then need to implement it.
Can I use the VPN to confirm my age to use VPN?
This also seems like the same problem will arise – people will just use shittier and less regulated services that laugh off the checks.