Mozilla Warns UK Regulators Against Age-Gating VPNs, Citing Privacy Risks
Table of Contents
The Clash Over Digital Borders
Mozilla is stepping into a brewing regulatory battle in the United Kingdom, warning that efforts to restrict young people’s access to Virtual Private Networks (VPNs) could do more harm than good. The non-profit organization, best known for the Firefox browser, has issued a formal response to the Department for Science, Innovation and Technology (DSIT) regarding a consultation on how to better protect minors in an increasingly complex digital landscape.
The tension stems from the implementation of the UK’s Online Safety Act. As platforms struggle to enforce age-assurance systems—designed to keep children off adult sites or high-risk social media—many users are simply using VPNs to bypass these geographic and age-based filters. In response, UK regulators are considering “age-gating” VPN services, effectively requiring users to prove their age before they can download or subscribe to a tool that masks their IP address.
Privacy as a Fundamental Right
In its submission, Mozilla argues that viewing VPNs solely as a tool for evasion misses the broader point of digital security. The organization maintains that privacy and security online are not luxuries or “loopholes,” but fundamental human rights that should be available to all users, regardless of age.
By masking IP addresses, VPNs prevent the kind of invasive profiling and location tracking that has become the default for much of the modern web. Mozilla points out that this protection is arguably most critical for young people, who are frequently targeted by aggressive advertising networks and data-harvesting algorithms that operate without transparent consent.
Beyond Bypassing Filters
The editorial pushback from Mozilla highlights that VPNs are used for a variety of legitimate, non-malicious reasons. While the government sees a teenager bypassing a school firewall or a social media age-gate, Mozilla sees a tool that allows remote access to professional networks and protects journalists, dissidents, and activists from surveillance.
Moreover, the organization suggests that restricting access to these tools creates a paradoxical situation: the government claims to want to equip young people to navigate the internet safely, yet it proposes removing the very tools that enable that safety. Restricting privacy software, Mozilla argues, prevents teenagers from developing a sophisticated understanding of digital agency and responsible online habits.
The ‘Blunt Instrument’ Problem
Mozilla’s critique centers on what it calls “blunt interventions.” The organization argues that mandatory age assurance and the restriction of VPNs are superficial fixes that do not address the root causes of online harm. Instead of policing the tools used to access the web, Mozilla suggests the regulatory focus should remain on the platforms themselves.
The proposal suggests a shift in strategy: holding tech platforms accountable for the content they serve and the way they handle data, rather than trying to lock down the infrastructure of the internet. They also advocate for a greater emphasis on digital literacy and the responsible use of parental controls, which allows for a nuanced approach to safety rather than a sweeping ban on privacy software.
This move by the UK government reflects a global trend toward tighter control over the “open web,” but it faces significant headwinds from privacy advocates who argue that the precedent of age-gating utility software could lead to broader censorship and a decline in overall cybersecurity for the general population.
