OpenVPN Security Advisory: Dec 14, 2018
Action needed: Important update for OpenVPN Access Server

OpenVPN Will Not Comply with Russian Content Censorship

Why OpenVPN Will Not Assent to Roskomnadzor Blacklist Demands

In late March, Russia’s Roskomnadzor issued formal notices to ten VPN providers — including OpenVPN — demanding that the providers make changes that would negatively impact users’ security, privacy, and free access to the internet.

Roskomnadzor (RKN) is the Russian federal service responsible for censorship in media and telecommunications. The organization has compiled what is known as the Roskomnadzor blacklist: a list of certain websites that contain what the government has deemed risky content — much of which is simply information that contradicts the Russian government. Russian communication providers were instructed to block users from accessing the websites on the blacklist, or else be subject to serious legal repercussions.

Now Roskomnadzor is demanding that VPN providers also adopt and enforce their blacklist of blocked websites, and has threatened to block any VPN services that refuse. However, if Russia blocks VPN services — and especially the OpenVPN protocol — it could negatively impact the Russian people. Like Meduza wrote, “Blocking the OpenVPN protocol might lead to broader disruptions in third-party services. If Russian censors enforce their VPN blockage plan to the letter, areas from the banking system to the cellular service industry could experience unexpected technical issues.”

We have received a lot of questions about our stance on this topic, and we want to make it clear that we will not comply with Russian content censorship demands. OpenVPN is committed to providing private, secure access to the internet for everyone — and we’ll never support censorship in any way. Our CEO, Francis Dinha, provided a few more in-depth responses to some crucial questions, to better clarify the situation and OpenVPN’s stance:

Francis Dinha quote on russian censorship

1) What do you think about this request in general?

Francis Dinha: We’re disappointed to see this request from Russia’s Roskomnadzor. It is the government's job to regulate harmful content, but that’s as far as their reach should extend. The people, not the government, should ultimately determine what content is accessible — otherwise it crosses the line into censorship. OpenVPN cannot in good conscience support censorship; I’ve personally experienced it in Iraq and know the damage it can cause. We stand by our belief that open, secure access to the internet is a human right.

2) Can RKN block your protocol or technology in Russia?

FD: OpenVPN is both a protocol and technology, and we don't believe this is going to impact our B2B product Access Server — unless Russia decides to block our OpenVPN protocol, and we don't think that will be the case. While we have a consumer VPN service, Private Tunnel, we do not have any servers in Russia. OpenVPN is committed to our users and customers by protecting them against cyber threats and providing secure and private access to their information from anywhere in the world. State governments and institutions may have the right to create policies and restrict their citizens from accessing certain content. However, OpenVPN will continue to provide access to our software and services to people no matter where they live or travel to. OpenVPN can’t compromise and must protect the security and privacy of those we serve.

3) What would you recommend for your users from Russia?

FD: I know our Russian users have had to deal with this kind of censorship for a while. I’ve been in that position, too. We’ll keep providing our software and services as long as we’re able, and we’ll continue to speak out against government overreach. I wish we could do more or recommend more, but we’re not there — and if we’re blocked by RKN, we won’t be able to stop that. In the end, only they can decide how they’re going to respond to this.

4) What do you think about Roskomnadzor's actions against VPNs in general?

FD: It’s an act to support censorship. RKN wants to block VPNs who won’t comply with their demands — because VPNs allow users to access typically censored or blocked content. We don’t do that to allow for illegal activity; instead, we do that to protect the privacy of our users, and we can’t compromise that. We can't speculate what capabilities Russia has in terms of blocking VPN providers, but there are many ways they could go about it. They could use DNS poisoning, or IP based blocking in conjunction with deep packet inspection. However, even if Russia used any of those methods, there are still ways VPN providers can circumvent being blocked, and we intend to do whatever it takes to protect our users’ privacy.

5) Did you work in a similar situation in any other countries? Or is Russia a pioneer in censorship?

FD: We do face these problems in a few other countries, and our stance is always the same: We will not compromise the privacy of our users. If that means we’re blocked, so be it. We obviously never want that, but again: our users and our integrity matter more to us than that. Plus, just on a practical level, what Roskomnadzor is asking simply isn’t possible. We don’t have servers in Russia, and to sort through every user in Russia and block certain sites only for those users is — outside of being unconscionable — simply unrealistic. Asking us to block websites on our servers that we’re sharing with users all over the world would be a foolhardy task. We can’t differentiate, and we don’t discriminate. Freedom of information requires security; that’s what we provide. When you’re in the business of cybersecurity, you can’t compromise your integrity.

6) Why have you chosen not to comply, especially when you could be blocked?

FD: It’s possible that Russia will block our consumer VPN, and continue to get away with this policy of censorship. By simply refusing to comply, we realize we’re not necessarily going to change their minds. But we hope that by standing together with our fellow VPN providers and speaking up about this issue with a community of voices, we’ll at least slow the spread of this kind of authoritarianism. We can’t stand by and turn away. Speaking up about why this is wrong can show the world we won’t tolerate it, and perhaps the world will eventually realize: nothing good ever comes from limiting freedom of speech or information.

OpenVPN will not give in to censorship pressure from any government — and that includes the Russian VPN blacklist demands. We will continue to provide full access to our software and services regardless of where our users are located. Regardless of what Russia’s Roskomnadzor chooses to do, OpenVPN will not compromise the privacy and security of our users.

Resources for further information on the Russian VPN blacklist demands:

Meduza: Russia’s censorship agency has threatened to block OpenVPN.

TechNadu: Russian VPN Ban – What Happens Next?

techdirt: Russia Expands Site Blocking To VPNs

Share