United Arab Emirates Makes Using A VPN A Crime... To Protect The Local Telcos From VoIP Competition

from the also-helps-with-surveillance dept

A few years ago, the United Arab Emirates (UAE) seriously clamped down on the internet, with new regulations designed to silence criticism on the internet. There have also been efforts there to ban the use of BlackBerries and other devices that offer encryption. So, perhaps it's of little surprise that the UAE has expanded a law that had originally been designed to block VoIP usage, to ban any use of a VPN or proxy that changes your IP address, and makes it all a crime that can get you jail time:
Article 1 provides for replacing the text of Article 9 of Federal Law No. 9/2012 as follows:

Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery, shall be punished by temporary imprisonment and a fine of no less than Dh500,000 and not exceeding Dh2,000,000, or either of these two penalties.
Now, you could argue that there's a condition here: that the use needs to be "for the purpose of committing a crime or preventing its discovery," but, again, remember that lots of things are a crime in the UAE, including using a VoIP provider. As the folks at Private Internet Access explain, this is a pretty big expansion of the law:
Previously, the understanding of UAE internet law was that VPN or proxy use would be prosecuted under the Telecom Law only if it was used in connection to another crime – this is now going to be set law with a set fee and mandatory jail time. Now, with President Khalifa’s newest proclaimed laws, it is OK for the UAE police to go after individual VPN users for any criminal infraction. Currently, such crimes include accessing blocked services or websites, which can only be done with a VPN or proxy, use that the UAE considers fraudulent use of an IP address. That means watching pornography (a worry for tourists) and calling home on unlicensed VoIP services (a worry for most UAE residents) such as WhatsApp, FaceTime, or SnapChat. Internet users in the UAE, especially the large masses of immigrant labor, use VPN services to get past this geographical VoIP ban to talk to relatives and friends back home.
The PIA article does point out that there is an "approved" VPN from the two state approved telcos, Etisiat and du, but that it blocks lots of services itself and is prohibitively expensive. And while the natural assumption about any attempt to ban VPNs is that it's for surveillance purposes, that may just be a side benefit here. The key focus does appear to be very much about blocking access to VoIP services to prop up the two official telcos. In other countries, the concern about net neutrality was always that telcos would do things like block VoIP. In the UAE, the government goes so far as to not just support such blocking, but actively work to criminalize the use of a VPN to get around such blocks.

Reader Comments

The First Word

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 28 Jul 2016 @ 9:49am

    I am sure that the UAE will now be applauded over this by those in Hollywood and alphabet agencies in the US and championed as a case to get the US to make it a crime to use a VPN or proxy service.

    reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 28 Jul 2016 @ 10:01am

    Sounds like the UAE is exactly the kind of place for which we need an uncompromized TOR client.

    You know, so that people inside oppressive tyrannies can talk to people outside them to let them know how bad it is.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jul 2016 @ 12:48pm

      Re: Sounds like the UAE is exactly the kind of place for which we need an uncompromized TOR client.

      We'll need one in the US soon.

      reply to this | link to this | view in chronology ]

  • icon
    Mason Wheeler (profile), 28 Jul 2016 @ 10:19am

    In other countries, the concern about net neutrality was always that telcos would do things like block VoIP. In the UAE, the government goes so far as to not just support such blocking, but actively work to criminalize the use of a VPN to get around such blocks.

    In other countries, the concern about copyright was always that the publishers would do things like install malware on your computer to block copying. In the USA, the government goes so far as to not just support such malware, but actively works to criminalize the use of circumvention techniques to get around such blocks.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jul 2016 @ 5:39pm

      Re:

      IN the USA though, the criminal provisions of section 1201 only apply if you are doing it for some kind of financial gain, so, say, cirumventing Windows Product Actviation for ones own non commercial personal use is not illegal.

      reply to this | link to this | view in chronology ]

  • icon
    timlash (profile), 28 Jul 2016 @ 10:26am

    And Finally

    reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 28 Jul 2016 @ 10:41am

    Putin might use the UAE as an example...

    ...to push criminalization of VPNs. Though Putin's not really the sort to require an excuse.

    reply to this | link to this | view in chronology ]

  • icon
    NeghVar (profile), 28 Jul 2016 @ 12:05pm

    Businesses

    What about businesses? VPNs are a standard practice for IT security for work from home and remote branches.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jul 2016 @ 12:24pm

    Networks use VPN's for traffic control; are NAT's next to be banned?

    If you want to bring *all* traffic on the internet to a halt, ban all VPN's.

    How do you think all that network traffic gets packaged up into a fiber?

    NAT's translate (and somewhat obscure) network traffic too; without them, IPV4 is toast.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jul 2016 @ 1:13pm

    When travelling abroad, just set up you own private VPN on your home server. I use Comcast businessas as my home internet connection, and I set up my own VPN server software, instead of using a subscription VPN.

    When I go into Canada or Mexico, I can still access US Netflix, just like I was at home, because the connection goes through my home computer, Netflix is never the wiser.

    Since this UAW law only applies to subscription VON services, and not to busineses, if you have business versions of Comcast, Charter, Cox or Sonic Internet, you just setup a VPN on your home computer going to the UAE.

    To the UAE authorities, it look like you are connecting to a business VPN somewhere, and the UAE authoritiss will never be the wiser.

    The SoftEther VPN server is best for this. It is free, and easy to coinfigure. You can set it up and having it running on your home computer in minutes. Just be sure to open the right TCP and UDP ports on your router, for it to work.

    reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 28 Jul 2016 @ 6:52pm

      Re:

      I run a VPN on my own server even when not traveling. It's just the most convenient way to protect the internet traffic to/from my cell phone.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 28 Jul 2016 @ 9:20pm

        Re: Re:

        Well, connecting to my own private VPN, when I am in Mexico or Canada, allows me to get US Netflix, even I am on road trips in Cnaada, or Mexico, and it will appear to Netflix, like I am coming from from my own home computer, and Netflix is never the wiser that I am travelling abroad.

        Netflix, Hulu, and the like are looking for know subscription VPNs. My VPN on my home computer will not be detected by them.

        reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 29 Jul 2016 @ 12:39am

      Re:

      "Since this UAW law only applies to subscription VON services, and not to busineses"

      Which part of the text states that? I'm not seeing it.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 29 Jul 2016 @ 5:43am

        Re: Re:

        It has to be "for the purpose of committing a crime", so business use of VPN would not be illegal, which is why, before you go, you want to have Comcast Business as your home internet provider, they set up a VPN on that. A connection to a business intenet service is going to attract a lot of suspicion.

        reply to this | link to this | view in chronology ]

        • icon
          PaulT (profile), 29 Jul 2016 @ 5:50am

          Re: Re: Re:

          So, your idea is that since businesses never do things with the purpose of committing a crime, they'll never be blocked from using VPNs under this law? What a sweet, naive world you must live in.

          In other words, no, there's nothing in the text that excludes business VPNs.

          "A connection to a business intenet service is going to attract a lot of suspicion."

          ...from the Saudi government, who would treat it with the same suspicion they would a domestic service, yes. Do you honestly think they'll just go "oh, don't worry he's connecting to a Comcast Business account, nothing can be suspicious there"?

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 29 Jul 2016 @ 4:10pm

            Re: Re: Re: Re:

            I always use a VPN on road trips anyway, whenever I go outside of California. While neither the CFAA, nor California state law make it illegal to connect to an open WiFI connection, wihtout the site owners permission, becuase you are not using a hacked, stolen, or otherse illegally obtained password, state laws in other states are not as forgiving.

            So whenver I travel outside of California, I connect to my private VPN, so that what I am doing cannot be monitored, and no evidence can be gatheed, because my connection is encrypted.

            I love taking road trips all over the North American continent, and connecting my VPN on my Comcast Business connection, keeps my activity from being monitored, should I ever uknowingly violate state laws regarding connection to an unsecured WiFi.

            Using a VPN for that purpose is currently legal in all 50 states.

            Whenever I travel outside of California, I do that, and periodically use Evidence Eliminoator and/or KillDisk, so that if my laptop should ever be seized by local police, any evidence will totally wiped clean.

            Also, before crossing the border into either Canada or the USA, I do session of Evidence Eliminator and/or KillDisk on my laptop, so that anything I don't know about that might get me put in jail is totally obliterated, and cannot be recovered be even the best forensic tools. This way if CBSA, CBE, or DHS decides to examine my laptop, they will get a big blank.

            Using a VPN for work purposes in the UAE does not violate this new law, but just to be safe, if you ever go to the UAW, I would advice running eihter Evidence Eliminator or KillDisk on your laptop, daily, to obliterate any evicence

            reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Jul 2016 @ 3:39pm

    You can bet that while the citizens of the UAE can't use a VPN there will still be government employees that get to.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jul 2016 @ 5:11pm

      Re:

      THis appears to only apply to subscriptioj VPN services. Like I said, a foreigner visiting the country can use their own private VPN on their home computers, and likely not be suspicious

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Jul 2016 @ 4:50pm

    Also, connecting to the VPN in your workplace would certainly not generate any suspicion.

    Before you go, check with your boss about using the company VPN, while in the UAE. Using your company VPN would certainly not be illegal onder this law.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Jul 2016 @ 8:01pm

    I somtimes turn on the VPNGates option on my SoftEther VPN server software, and I do see quite a few connections coming in from the UAE

    Now, I, as the server operators, with my server in California, am NOT SUBJECT to proesecution in the UAE, for someone using my California server. My server, in California, is only subject to the laws, here in the United State, and UAE law DOES NOT APPLY to my, or to my sever, even if someone from the UAE is connecting.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Jul 2016 @ 10:34pm

    There is one way that will attract as much suspiscion, which is likely why I am seeing connections from the UAE on my port 443 SSL VPM.

    An SSL connection on 443 will not attract as much suspicion asa normal PPTP or LT2P VPN.

    With SoftEther, all you have to do, before you go to the UAE, is just simply set up your VPN server on your home computer to host an SSL VPN on porrt 443. Just be sure to open port 443 on your router.

    If you need a VPN to login to your work contact,talk to your boss about having a port 443 SSL VPN.

    You can then use the SoftEther client, or any OpenVPN client to acdcess your SSL VPN.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 Aug 2016 @ 7:16pm

    Actually that's surprisingly progressive coming from the UAE. I mean where's the firing squad?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Aug 2016 @ 4:43pm

    How convenient.

    reply to this | link to this | view in chronology ]

  • identicon
    Hannah, 16 May 2017 @ 12:13am

    Voip Ippbx & Gateway From Maxincom

    Good day to you. This is Hannah from Xiamen Maxincom Technologies.co.LTD.

    We are glad to know you from the website and know you are in the market of VOIP communications products. Maxin Technologies which is focus on developing IP PBX;VOIP Gsm Gateway;Moudle and IP phone. We are Manufactory in China that will try to offer you cheap rate and quality service for your business. Any request and question just back to us, we will reply you asap.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.