VPN Users Risk 20-Year Jail Sentences in the US Under New Restrict Act
beincrypto.comWhich specific part of the bill allows "VPN users" to be punished with "20 year jail sentences"? Does the bill even ban VPNs? I skimmed the article and the linked tweet and can't find anything to that effect. The closest I can find is this
>This could include VPNs if they are used to access banned websites such as TikTok.
which seems like a standard anti-evasion provision. They're not going after your VPNs, people. While it (edit: might) technically be the case that you could face 20 years in jail if you were using a VPN and you were using it to evade tiktok bans, it's hugely misleading to characterize it as "VPN Users Risk 20-Year Jail Sentences". It would be like if the government was trying to pass a bill to ban people from smuggling explosives across the border, and that bill being characterized as "Drivers risk 20-year jail sentences under new law", because driving can be used to smuggle explosives and therefore some forms of driving could land you in jail.
You can't be prosecuted under S.686 for accessing TikTok, with or without a VPN; the Act deals specifically with financial and contractual relations between foreign entities and US entities. So, sure, you could face up to twenty years if you, say, take knowing and affirmative steps to evade a specific Treasury declaration regarding your business (say, by concealing the fact that the People's Liberation Army has been funding your cybersecurity company, or that you're buying suspiciously-inexpensive 5G radios for your telecom company from Iran), but that's the sort of thing you'd expect to face jail time for regardless.
I'm skeptical about the RESTRICT Act -- treating TikTok as a one-off case rather than putting meaningful federal restrictions around the use of personal data tells you where Congress' mind is here -- but the OP's fearmongering is just ridiculous.
>by concealing the fact that the People's Liberation Army has been funding your cybersecurity company, or that you're buying suspiciously-inexpensive 5G radios for your telecom company from Iran)
What if a VPN service like Mullvad is partially or fully purchased by an "adversary" and added to a banned list unbeknownst to you, could continuing to buy VPN services using crypto or cash get you up to 20 years in jail by your reading?
I came to the same conclusion. I feel like people are just scrolling to the punishment section without actually having read anything above it.
While I agree it is a bit of a clickbait headline, it is all about the precedent when it comes to this kind of thing. I think you are severely downplaying the risk here. Using vague language like that opens the door for them to crack down even harder.
The government wants to monitor everything people do online and VPNs give people a way to opt out of that surveillance. It is a typical legislative move to add extra provisions all in the name of “banning the evil, Chinese spy app”. There is no reason to believe this will stop at TikTok. What if people use VPNs to get around other censorship that may or may not exist now? What if people use VPNs to access content using BitTorrent? Who is to say they won’t crack down on that that stuff next?
Governments love to take advantage of situations to expand their control think about what happened after 9/11.
Apparently this is exactly what is going on here: https://twitter.com/Fynnderella1/status/1640016692305711105
This is about using VPNs to avoid financial controls on transactions with a banned organization.
That's a different concern to monitoring communications. It's more like the Bianance thing where they were "we can't have US customers but we only ban you based on your IP address. Here's a link about how VPNs let you change your IP address".
>I think you are severely downplaying the risk here. Using vague language like that opens the door for them to crack down even harder.
>The government wants to monitor everything people do online and VPNs give people a way to opt out of that surveillance. It is a typical legislative move to add extra provisions all in the name of “banning the evil, Chinese spy app”. There is no reason to believe this will stop at TikTok. What if people use VPNs to get around other censorship? What if people use VPNs to access copyrighted content using BitTorrent? Who is to say that they won’t crack down on that that stuff next?
I'm not downplaying the risk of the bill, only pointing out the rhetoric is false and misleading. Based on the tweets and the article there aren't any anti-VPN or anti-anti-censorship tool provisions in the bill. Now, you can still argue that passing this bill sets us on a slippery slope to get encrypted chats banned or whatever, but it's dishonest to say that people are facing "20 year jail sentences" for using VPNs when they're not. Pointing that out isn't "severely downplaying the risk ".
>Whhich specific part of the bill allows "VPN users" to be punished with "20 year jail sentences"? Does the bill even ban VPNs
The bill allows communication technology to be investigated for vague security concerns, and then allows punishing those that are deemed threats.
This means they could investigate and punish some VPN provider, and someone could wake up one day and suddenly be committing a crime by connecting to the same VPN as the day before (I think? They may need their subscription to renew before a crime, I only skimmed the law). Sure there'd be an announcement, but it could still end in a potential 20 year sentence for connecting to a VPN.
It could even be a vague connection, like Russia is using this third party VPN provider to undermine democracy, so despite really doing nothing wrong we're banning the VPN.
You can certainly argue it's unlikely the law would be applied this way, or that users aren't at great risk of being targeted. But the headline claim is broadly true.
you think it’s reasonable to put someone in jail for 20 years for logging into a social media website?
also: how are they going to determine that you did? what if you have malware on one of your devices and it accesses something banned?
Jeez they said nothing of the sort. They were pointing out the bill was not about vpns.
If there was a bill about preventing access to child porn. Including using a vpn. Imagine there was a headline ‘vpn users risk 20 years…’. The point is applicable in that fictional case and this case.
>also: how are they going to determine that you did?
Same as any crime. They have to prove that you did it (both that you did the act, and that you intended to do the act) to a judge or a jury beyond a reasonable doubt.
> what if you have malware on one of your devices and it accesses something banned?
If your concern is about being framed via malware, there are plenty of existing ways of doing so. eg. laws against CSAM or laws against funding terrorists (hope that the malware doesn't use your paypal session to send money to ISIS!).
>>also: how are they going to determine that you did?
>Same as any crime. They have to prove that you did it (both that you did the act, and that you intended to do the act) to a judge or a jury beyond a reasonable doubt.
...after taking your hardware and placing you under house arrest for a time, then putting you under a gag order (national security) while simultaneously setting up preventative monitoring of future VPN use, until the case resolves.
Don’t worry, enforcement will be highly selective.
Hahahahahaha tell it to the judge!
It would still be more productive to criticise the bill instead of the article.
We need to ban TikTok because they might be spying on you.
Solution: a bill that allows us to spy on you unconditionally for all activities, anywhere, anytime for any reason.
Also, we will be immune to FOIA or any kind of oversight.
If we don't spy on you, we won't be sure they aren't spying on you?!
Who TF cares if they're spying on us. The real issue is that our biggest foreign adversary has push-button access to influence the minds of our kids. If TikTok were Russia-owned, we would have banned it already.
A bill to ban specific apps is stupid. Should have banned advertisers to trade with specific companies instead.
The government kinda already spys on you anywhere,anytime for any reason
Earlier threads:
"The next Patriot Act, but so much worse: Bill S.686, the RESTRICT Act" (6 comments) https://news.ycombinator.com/item?id=35336366
"The Patriot Act on steroids: anti-TikTok Trojan horse for censorship and surveillance" (156 comments) https://news.ycombinator.com/item?id=35334851
Tiktok hired ex-gov people, how did they try to address natsec concerns? https://www.mintpressnews.com/nato-tiktok-pipeline-why-tikto...
> the threat to completely shut down its platform, subsided only after TikTok began appointing Western officials to important positions within its organization, thereby giving the state considerable influence over the content and direction of the app.
On the perennial topic of poorly conceived legislation, let's not forget US (CA, UT) and UK laws which mandate age-verification, https://www.techdirt.com/tag/ab-2273/ and "Utah is first US state to limit teen social media access" (600+ comments), https://news.ycombinator.com/item?id=35307647 and UK Online Safety Bill, https://www.techradar.com/features/uk-online-safety-bill
Basically turns the department of commerce into the equivalent of the DHS, which already does the key aspects of the act, with some NEW special powers. If they think your company is a threat, they can close you down. But only foreign threats, just like the Patriot Act was sold to ya.
It will be interesting to see the new rules the commerce department puts in place to monitor and control the internet. For your safety of course.
"Foreign" here isn't necessarily tied to citizenship. They can reclassify US citizens as "foreign threats" as they see fit.
So much concern over TikTok and America's personal data, yet no action from congress when half the nation's personal data is leaked every other week by dozens of other companies. Do they not think China is buying access to all these leaks?
Last time I checked haveibeenpwned my email address had appeared in about 3,000 separate data breaches.
Summary and text of S686
https://www.congress.gov/bill/118th-congress/senate-bill/686
I wonder if any of TikTok’s competitors helped create the bill and are now regretting it.
Big tech doesn't care about your rights. They (along with most others in power) care about suppressing competitors and dissent, and an obedient populace which is not going to hinder their continued rent extraction from society. Using censorship-circumvention tools is a form of dissent, and they would be happy to see the people doing it go to jail.
Meta hired a firm last year (Targeted Victory) to malign TikTok: https://arstechnica.com/tech-policy/2022/03/meta-cant-buy-ti...
Business travelers use VPNs out of China, from behind the Great Firewall. This is just too paranoid.
This is wildly hyperbolic as far as I can see.
The bill (which I do not endorse) is focused on threats to critical infrastructure and other natsec considerations from designated foreign enemies. Also, it's just been introduced and might not go anywhere.
How to pass horrible bills:
1. Stuff them with truly horrible ideas. 2. Wait for public to scream. 3. Remove half of the horrible ideas (keeping the core crap, like no FOIAs, privacy violations etc.) hidden and spread amongst hundreds of subparagraphs. 4. Present this is as "fair compromise". Convince idiots from both sides of the aisle that this is good for national security. 5. Pass the law. 6. Profit?
Competitive LLM reviewers, trained on opinionated data and case law, will change the denial-of-Congress landscape of legislative complexity.
"We're disregarding public comment over the matter after discovering the majority of the comments were from Russian bots."
But we've seen hyperbole become the status quo oh too often. Abuse will happen, and to the extent and beyond the limits of any new bills. Give them the power, and they will assuredly misuse it.
I'm saying the description of it is wildly hyperbolic, to the point of being deceptive. Again, this is not an endorsement of the bill.
> Also, it's just been introduced and might not go anywhere.
The way to prevent it from going somewhere is by raising the alarm loudly. Possibly also by lobbying for legislation that enshrines existing rights.
I haven't read the bill.
But, "critical infrastructure", "natsec considerations", "foreign enemies", are such vague terms, that could be stretched to cover all sorts of unforeseen circumstances.
Go read it then, instead of judging it by a few phrases I wrote. I didn't have time to write an explainer essay today.