from the good-but-not-perfect-tools dept
Virtual Private Networks (VPNs) are not a privacy panacea, but they do empower Internet users in important ways. Proof of that can be found in the constant attempts by governments around the world to control who can use VPNs and for what purpose, most recently in Italy and Brazil. Hackread reports on another such move to bring a VPN operator to heel:
Windscribe, a globally used privacy-first VPN service, announced today that its founder, Yegor Sak, has been fully acquitted by a court in Athens, Greece, following a two-year legal battle in which Sak was personally charged in connection with an alleged internet offence by an unknown user of the service.
The case centred around a Windscribe-owned server in Finland that was allegedly used to breach a system in Greece. Greek authorities, in cooperation with INTERPOL, traced the IP address to Windscribe’s infrastructure and, unlike standard international procedures, proceeded to initiate criminal proceedings against Sak himself, rather than pursuing information through standard corporate channels.
The issue here is that the Greek authorities chose to prosecute Windscribe’s founder, Yegor Sak, rather than making an official request to the company for information about the alleged breach of the Greek system by a Windscribe user. That approach not only ignored established procedures for investigating such cases, it put a great deal of pressure on Sak — doubtless intentionally — in an attempt to force him to hand over information. Fortunately, the charges against Sak were dismissed last month, as the Greek court “did not find sufficient evidence to implicate Sak or Windscribe in any wrongdoing” according to Hackread.
If Greece had made VPN owners personally responsible for everything their users did online it would have set a terrible precedent, even if it would not have been legally binding elsewhere. In the face of such risks, some VPNs would doubtless have shut down, while others would have been forced to monitor closely what their users were up to. The Greek case was particularly important, because it involved a VPN provider that does not log user activity, and was therefore incapable of providing any information about the alleged abuse, even if ordered to do so.
It’s great news that the charges against Sak were dropped, albeit after a two-year legal battle, probably thanks in part to Windscribe’s no-logging policy. But the fear has to be that more governments will bring in laws that compel VPN services to keep logs in order to allow their users to be tracked and later identified. This is already the case in countries with repressive Internet laws, for example Russia, China, Iran, Vietnam and the United Arab Emirates. Moreover, as that article on Comparitech notes, even in countries that nominally protect privacy, like the US, UK, Canada and Australia, there are laws that could be used to force VPN services to log users or build in backdoors. It’s another reason why VPNs, useful as they are, should not be regarded as cast-iron protection against surreptitious surveillance by governments and others.
Follow me @glynmoody on Mastodon and on Bluesky.
Filed Under: australia, backdoors, brazil, canada, china, finland, greece, interpol, iran, italy, logging, russia, surveillance, uk, united arab emirates, us, vietnam, vpn, Yegor Sak
Companies: Windscribe
