According to The Verge, the UK’s Online Safety Act took effect in July 2025 with strict age verification requirements for accessing everything from porn sites to Bluesky, leading to an immediate VPN explosion. Within days, five of the top ten free iOS apps were VPNs, with NordVPN reporting a 1,000% purchase increase that weekend and ProtonVPN seeing an 1,800% UK signup surge. Children’s Commissioner Rachel de Souza immediately called VPNs an “absolutely a loophole that needs closing,” while Ofcom confirmed it’s monitoring VPN usage through a third-party provider. The government insists it has “no current plans to ban VPNs,” but Baroness Lloyd of Effra recently told Parliament that “nothing is off the table” regarding potential restrictions.
So what happens next?
Here’s the thing: a full VPN ban seems incredibly unlikely. The government itself admits there are legitimate uses for VPNs, and technically blocking them would be a nightmare. But that doesn’t mean they’re safe. The most probable outcome? Age-gating the VPNs themselves.
Basically, they could require VPN providers to implement the same age verification systems that people are using VPNs to avoid. It’s technically the easiest solution, and the Online Safety Act already prohibits platforms from promoting VPNs to kids as workarounds. But this creates its own problems – paid VPNs require credit cards, which would push younger users toward sketchy free alternatives that might sell their data.
The technical reality check
Let’s be real: banning VPNs entirely would be like trying to hold back the ocean with a sieve. As Nord Security’s Laura Tyrylyte told The Verge, “Blocking VPN usage is technically complex and largely ineffective.” The Open Rights Group’s James Baker put it even more bluntly: “It’s very hard to stop people from using VPNs.”
Another option floating around? Requiring age-restricted sites to block all VPN traffic, like streaming services do. But that creates an impossible choice for websites – either block all UK users or block all VPN users globally. Neither option makes much business sense.
This isn’t just a UK problem
Look, the UK was just the first domino to fall. Australia recently banned social media for under-16s, the EU is testing its own restrictions, and multiple US states have implemented internet age limits. Michigan Republicans have proposed ISP-level VPN bans, while Wisconsin debates requiring adult sites to block VPN traffic entirely.
The pattern is clear: as more governments implement online age restrictions, VPNs become the obvious workaround. And as VPN usage spikes, governments start looking at restrictions. We’re seeing the beginning of a global regulatory dance that’s probably going to get much more complicated.
privacy-tradeoffs-nobody-s-talking-about”>The privacy tradeoffs nobody’s talking about
What worries me most is the security fallout. When you push people away from reputable paid VPNs, they’ll find alternatives – whether that’s sketchy free VPNs with questionable privacy practices or even reverting to offline methods like USB sticks. Both options introduce new risks that might be worse than the original “problem.”
And let’s not forget Ofcom’s “anonymous” data collection. As privacy advocates have repeatedly shown, anonymized data often isn’t truly anonymous. We don’t know what Ofcom’s third-party provider is collecting, but the mere fact they’re monitoring VPN usage at all should give everyone pause.
So where does this leave us? The VPN panic is real, it’s global, and it’s only beginning. Governments want control, users want privacy, and VPN providers are caught in the middle. One thing’s for sure – this conversation isn’t going away anytime soon.
