'Banning VPNs for kids is the dumbest possible fix' – Windscribe CEO

• Windscribe CEO says House of Lords proposal "won't work"
• Cross-party support suggests interest in VPN regulation is rising
• There's no guarantee the amendment will become law

Windscribe CEO Yegor Sak says that the UK House of Lords proposal to ban VPNs for children is the "dumbest possible fix."

His comments follow reports that members of the UK House of Lords have tabled an amendment to the Children's Wellbeing and Schools Bill that would ban VPNs for under-18s and force VPN providers to introduce age verification measures to access their services.

The amendment is designed "to promote and protect children’s wellbeing" by restricting access to software that allows people to evade the Online Safety Act's age verification provisions, according to its explanatory note.

The proposal – which was tabled by cross-bench, Conservative, and Liberal Democrat Peers – faces an uncertain future and must be approved by both the House of Lords and the House of Commons before becoming law.

What about the legitimate use of VPNs?

Sak argues the amendment reveals a fundamental misunderstanding about the technology.

"A VPN is a privacy tool, not contraband, and it’s used by journalists, activists, abuse victims, and ordinary people who don’t want to be tracked," he told TechRadar.

The amendment's current text doesn't acknowledge the many legitimate reasons a young person might use a VPN, such as protecting their personal data on public WiFi or to help minimize their risk of being doxxed.

It also makes no reference to the importance of protecting young people's security and privacy online more generally. Instead, VPNs are referred to solely as tools capable of facilitating the "evasion of OSA [Online Safety Act] age-gating processes".

Age verification for VPN access

If adopted, the amendment's impact would extend well beyond children. To comply with the rules, VPN providers would need to verify the age of every user or face penalties.

In practice, it would force adults to hand over personally identifiable information (PII) – such as credit card details or biometric data – to use a service designed specifically to minimize data collection.

"If lawmakers force VPN providers to age-gate, what they are really doing is normalizing identity checks just to get basic privacy online, and that’s a terrible precedent," Sak said.

The industry has previously rejected similar overreach. When India introduced invasive data logging policies in 2022, major providers – including best VPNs ExpressVPN, Surfshark, and NordVPN – removed their physical servers from the country rather than compromise their security standards.

And if the UK enforces age-gating measures, a similar mass exodus of privacy-focused companies could follow.

Would a VPN ban for children even work in practice?

Beyond the privacy implications, there are also significant questions around the feasibility of the amendment.

"This also won’t work, said Sak. "Kids who want to get around restrictions will find a workaround in minutes, and the only people who get punished are everyone else who uses VPNs for legitimate reasons."

In its current form, the amendment only targets consumer VPNs but says nothing about "legitimate" business VPNs that use the same underlying technology.

The narrow definition also ignores the "do-it-yourself" alternatives. Tech-savvy minors could easily bypass restrictions by renting cloud servers to host their own private VPNs, which would likely fall outside the amendment's legal definitions.

"Governments and Lords should not be trying to regulate things they do not understand," Sak concluded.

What's next for the legislation?

While the amendment is still a long way from becoming law, its existence signals a significant interest in regulating VPNs and growing tension between online safety and personal privacy considerations.

The broad backing from cross-bench, Conservative, and Liberal Democrat Peers highlights that the desire to clamp down on circumvention tools cuts across party lines.

It is unlikely the amendment will survive the legislative process unscathed. However, as long as policymakers view VPNs as loopholes to be closed rather than useful security tools, the industry can expect continued scrutiny and perhaps more attempts to regulate their use.