- Doda, a district in the Jammu and Kashmir region of India, issued a 2 -month VPN prohibition about national security concerns
- The ban was applied on May 2, 2025, with some VPN users detained after that date
- Experts warn against the attack on the digital rights of people, while questioning legality of the prohibition
Doda, a district in the Jammu and Kashmir region of India, enforced a 2 -month VPN ban on May 2, 2025 about national security concerns.
The authorities issued the prohibition under section 163 of the new BNSS Law (the equivalent of the Criminal Code of India), citing people and groups misuse of virtual private networks (VPN) “to avoid legal cyber restrictions and access to prohibited applications,” says the order.
Digital rights and legal experts so far have strongly criticized this decision. They warn against the attack on people’s digital rights and security, while questioning their legality.
Is the VPN prohibition of Doda legal?
The prohibition of VPN of the DODA aims to “reduce the use of VPN in the interest of public safety”, and extends to all people, institutions, internet service providers and cyber coffees that operate in the district.
This means that all residents are prohibited from using one of the best VPN services or similar tools for two months, to avoid being responsible for legal actions.
The repercussions for supposedly using VPN seem to have begun. In a report published on May 18, the Indian publication The Wire reported accusations that an un specified number of residents of Doda under “technical surveillance” has already been arrested as discovered that they are using VPN.
Two days before, Doda’s authorities had already confirmed having “arrested several people throughout the district for violating the directive.”
This is why many experts have been raising concerns about how prohibition can affect people’s rights, such as freedom of expression, free access to information and privacy.
Speaking with Techradar, the senior policy advisor and the leadership of encryption policy at Access Now, Namrata Maheshwari, explains that the right to the Internet and the right to privacy are fundamental rights protected under the Indian Constitution.
Mahehwari also pointed out how the Indian government has already implemented “an onerous mandate” for VPN suppliers when enforcing a new data retention law in 2022.
Now a lot of online services is required to store user data for up to five years and share them with the authorities at the request, in fact, something that led to an exodus of the main VPN companies in the country.
VPNs are not illegal. “
Namrata Maheshwari, access now
However, “the VPNs are not illegal,” said Maheshwari, adding that a general prohibition of all VPN for two months is “unnecessary and disproportionate.”
“People have a fundamental right to information and freedom of expression, and restrictions on these rights must be legal, necessary and provided, a standard that this prohibition does not comply,” he added.
However, the prohibition does not only affect individual users, but also companies and institutions that regularly use these services for security purposes.
According to Maheshwari, the prohibition could end up increasing vulnerabilities in the cyberspace of the country, ultimately weakening security instead of strengthening it.
She said: “Even in an emergency, preventive measures cannot be so vague and extralimitative, particularly when there are less intrusive means available.”
