- Doda, a district of India’s Jammu and Kashmir region, issued a 2-month VPN ban on national security concerns
- The ban was enforced on May 2, 2025, with some VPN users reportedly withheld after that date
- Experts warn against the attack on people’s digital rights while questioning the legality of the ban
Doda, a District of India’s Jammu and Kashmir region, enforced a 2-month VPN ban on May 2, 2025 over the national security concerns.
The authorities issued the prohibition under section 163 of the new BNSS law (equivalent to the Indian Criminal Code) with reference to individuals and groups that abuse Virtual Private Network (VPN) tools “to bypass legal cyber restrictions and access prohibited applications,” the order reads.
Digital rights and legal experts have so far criticized this decision. They warn against the attack on people’s digital rights and security while questioning its legality.
Is Doda’s VPN ban legal?
Doda’s VPN Prohibition aims to “limit the use of VPNs in the interest in public security” and it has been expanded to all individuals, institutions, ISPs and cyber cafes operating in the district.
This means that all residents are cut off from using one of the best VPN services or similar tools for two months to avoid being responsible for litigation.
Consequences for allegedly using VPNs appear to have already begun. In a report published on May 18, the Indian publication reported The Wire accusations that an unspecified number of Doda residents under “Technical Monitoring” has already been arrested as shown to use VPNs.
Two days before, Doda’s authorities had already confirmed to have “detained several individuals throughout the district of violating the directive.”
This is why many experts have raised concerns about how the ban can affect people’s rights, such as free expression, free access to information and privacy.
When we talk to Techradar, senior policy adviser and encryption policy leader at Access Now, Namrata Maheshwari explains that the right to the Internet and the right to privacy are protected fundamental rights under the Indian Constitution.
Maheshwari also pointed out how the Indian government has already implemented “a stressful mandate” for VPN providers when it enforced a new law on data storage in 2022.
A number of online services are now required to store users’ data for up to five years and share them with the authorities on request, in fact, something that led to an emigration of larger VPN companies from the country.
VPNs are not illegal. “
Namrata maheshwari, access now
Still, “VPNs are not illegal,” Maheshwari said, adding that a carpet ban on all VPNs for two months is “unnecessary and disproportionate.”
“People have a fundamental right to information and freedom of expression, and restrictions on these rights should be legal, necessary and proportionate – a standard that this ban does not meet,” she added.
However, the prohibition affects not only individual users, but also companies and institutions that regularly use these services for security purposes.
According to Maheshwari, the ban could then end up increasing the vulnerabilities of the country’s cyberspace, which ultimately weakens security as opposed to strengthening it.
She said, “Even in an emergency, preventative measures may not be this vague and overreaction, especially where less intrusive funds are available.”
