- Doda, a district of the Jammu-Jammu-et-Cachemire region in India, has issued a 2-month VPN ban compared to national security problems
- The ban was applied on May 2, 2025, some VPN users were reportedly held after this date
- Experts warn against the attack on people’s digital rights, while questioning legality ban
Doda, a district of the Jammu-et-Cachemire region in India, imposed a 2-month VPN ban on May 2, 2025 for national security problems.
The authorities issued the prohibition under article 163 of the new BNSS law (the equivalent of the Indian Criminal Code), citing individuals and groups abusing virtual private network tools (VPN) “to bypass lawful cyber-restrictions and prohibited access applications” reads the order.
Digital rights and legal experts have so far criticized this decision. They warn against the attack on the digital rights and security of people, while questioning its legality.
Is Doda’s VPN ban legal?
The prohibition of DODA VPN aims to “limit the use of VPNs in the interest of public security”, and it is extended to all individuals, institutions, internet service providers and cyber-cafes operating in the district.
This means that all residents cannot use one of the best VPN services or similar tools for two months, to avoid being responsible for legal action.
The repercussions for the alleged use of VPNs seem to have already started. In a report published on May 18, the Indian publication The Wire reported allegations according to which an undeveloped number of Doda residents in the context of “technical surveillance” has already been arrested, as was found that VPNs.
Two days earlier, the authorities of Doda had already confirmed that they had “detained several people in the district for having violated the directive”.
This is why many experts have raised concerns about how the ban can have an impact on people’s rights, such as freedom of expression, free access to information and privacy.
Speaking of Techradar, a main policy lawyer and a leader in encryption policy at Access Now, Namrata Maheshwari, explains that the right to the Internet and the right to privacy are fundamental rights protected under the Indian Constitution.
Maheshwari also underlined how the Indian government has already implemented “an expensive mandate” for VPN suppliers when it applied a new data retention law in 2022.
A multitude of online services are now necessary to store user data up to five years and share it with the authorities on request, in fact, something that led to an exodus of large VPN companies in the country.
VPNs are not illegal. “”
Namrata Maheshwari, now access
However, “VPNs are not illegal,” said Maheshwari, adding that a general ban on all VPNs for two months is “useless and disproportionate”.
“People have a fundamental right to information and freedom of expression, and restrictions on these rights should be legal, necessary and proportionate-a standard that this prohibition does not respond,” she added.
However, the ban does not affect individual users, but also companies and institutions that regularly use these services for safety purposes.
According to Maheshwari, the ban could then eventually increase vulnerabilities in the country’s cyberspace, ultimately weakening security instead of strengthening it.
She said: “Even in an emergency, preventive measures cannot be as vague and excessive, especially when less intrusive means are available”.
