Two US senators, Marco Rubio, and Ron Wyden have sent a request to the Department of Homeland Security (DHS), asking them to review the dangers that arise from US government employees using foreign Virtual Private Network (VPN) apps reports ZDNet. VPN apps encrypt and divert the traffic data of these users, channeling it through servers that are located in other countries, possibly China and Russia. The two senators fear that if the VPN services use servers in these two countries, they may as well intercept this internet traffic and spy on the US government.
While in theory VPN services offer internet anonymity and privacy to their users, it is all about how much their providers can be trusted. Multiple research studies have shown again and again that quite a few VPN service providers are tracking the user activity and sharing their data with third parties, they openly trick people to falsely believe that their browsing is secure, they store IP addresses in plain text files, or simply cover up their true ownership and infrastructural location. The letter of the two senators is highlighting these points to the head of DHS, and urge him to conduct a threat assessment on the national security risks associated with the use of VPNs by US government employees.
If DHS, and more specifically the newly formed sub-department of the Cybersecurity and Infrastructure Security Agency (CISA) find that foreign VPNs pose a national security threat, they will issue a Binding Operational Directive that will prohibit their use in federal government systems. Considering the current state of affairs, and judging by the government’s stance against Huawei, ZTE, and the Kaspersky Labs, banning VPNs in government smartphones and computers is a highly probable scenario. In the letter signed by Wyden and Rubio, the Kaspersky Labs software stripping from back in 2017 is used as a paradigm of when DHS should intervene and what the significance of this action is.
All that said, the result of the risk assessment that has been ordered by the senators is almost pre-determined. What remains to be seen is whether DHS will decide to ban all VPNs or only those that they suspect of having connections to China and Russia. With more than 60% of the most popular VPN apps being attached to China, we will definitely see the relevant market changing significantly in the US soon. For starters, the bans will apply to the government employees, but a wider coverage prohibition could follow shortly after that.
Are you using a VPN app in the US? Do you know it’s ownership background and central servers location? Feel free to share your thoughts in the comments section beneath, and don’t hesitate to do the same on our socials, on Facebook and Twitter.