The J&K Govt cannot ban Virtual Private Networks (VPNs) #KeepUsOnline

Internet Freedom Foundation wrote to the Home Department of Jammu and Kashmir and key central government departments about the unlawful blocking of access to virtual private networks (VPNs) in J&K.

27 February, 2020
3 min read


Our commitment to our Keep Us Online campaign remains steadfast. On 22nd February 2020, IFF wrote to the Home Department of Jammu and Kashmir (J&K) and key central government departments about the unlawful blocking of access to virtual private networks (VPNs) in J&K. We have demanded immediately revoking the same and restoring complete access to all internet content in the region.


The internet shutdown in J&K is soon approaching 210 days. In the midst of this, however, internet was partially restored on 18th January 2020 after the Supreme Court’s directions in the Anuradha Bhasin v. Union of India judgment. However, the restoration came with restrictions on the use of VPNs and permission to access only a narrow list of whitelisted websites (excluding social media websites). There have been reported instances of people using VPNs getting beaten up by law enforcement authorities. Subsequently, an FIR was lodged against people for using social media platforms via VPNs. The orders blocking VPN access were passed under the Telecom Suspension Rules. However, the FIR has been registered under laws like the Unlawful Activities Prevention Act, the Indian Penal Code and, notably section 66A of the Information Technology Act. Section 66A was struck down as unconstitutional by the Supreme Court in 2015.

As a response we have sent a letter to the Home Department of J&K regarding their move to block access to VPNs. First, we think the blocking is unlawful. Second, the punishment itself is disproportionate. Third, prohibiting the use of VPNs is harmful from a security, privacy and economic perspective. VPNs allow individuals to exchange information at a peer to peer level; protect proprietary secrets; and enable remote business to business collaboration. In particular, even if network traffic is sniffed VPN security models ensure confidentiality of the traffic. They are an essential component of internet browsing as they provide a safe user experience and blocking them actually facilitates censorship.

Therefore, we have demanded an immediate roll back of this measure and have written to not only the Home Department of J&K but also important Central Ministries, such as Law & Justice; Communications; Electronics & Information Technology; Home Affairs; Electronics & Information Technology (MeitY); and Department of Telecommunications (DoT).

Our Representation

Our representation was centred on the fact that applications like VPNs and social media websites are over-the-top (OTT) services and therefore fall outside the remit of the Telegraph Act, 1885 and similar frameworks which were used by the J&K Home Department to prohibit public access.

To summarise, our representation challenged this measure on the following grounds:

  • The parent statute providing legislative backing to the Telecom Suspension Rules and the Unified License Agreement (i.e. the Telegraph Act, 1885) clearly conveys that the framework is meant to regulate the activities of TSPs, ISPs and other backbone infrastructure providers. It does not apply to internet users or OTT content application providers.
  • The IT Act provides for a clear code of offences and remedies for unlawful activity by internet users.
  • Moreover, the IT Act has a specific provision under Section 69-A which allows the Central Government to block OTT applications and specific websites.
  • Since the IT Act provides a modern specialised framework to regulate access to online content applications, the application of a more general law like the Telegraph Act is inappropriate.
  • The current orders in Kashmir which provide a blanket ban on VPNs are arguably violative of the right to privacy and requirements for restrictions of lawfulness, necessity and proportionality.

The Government should stop any future action under the Telegraph Act, 1885 and frameworks thereunder to prohibit access to OTT applications i.e. specific websites and internet content. We also urged the Government of India to take immediate action and restore complete access to all internet content in the region.

Next Steps

For this stage, we encourage you to read our representation and please feel free to shoot us an email on [email protected] if you feel we may have missed something or if you wish to provide any inputs.

You could pledge support for the KeepUsOnline campaign: You can strengthen our effort by endorsing this campaign! Read more about it on KeepUsOnline.

Important Documents

  1. Link to our Representation on Legality of VPNs in Indian Law sent to the Home Department of Jammu and Kashmir (click here)
  2. Temporary Suspension of Telecom Services. Government Order no. Home--  16 (TSTS) of 2020 dated 24 February, 2020 (click here)
  3. Temporary Suspension of Telecom Services. Government Order no. Home--  13 (TSTS) of 2020 dated 15 February, 2020 (click here)
  4. Medianama, Crackdown against VPN usage in Kashmir (click here)
  5. Medianama, J&K police lodge FIR against people for using social media via VPNs (click here)
  6. Response to our RTIs to MeitY and DoT (click here)

People should not be imprisoned for protecting their privacy. We make sure it doesn't get worse, help us today!

Subscribe to our newsletter, and don't miss out on our latest updates.

Similar Posts

Your personal data, their political campaign? Beneficiary politics and the lack of law

As the 2024 elections inch closer, we look into how political parties can access personal data of welfare scheme beneficiaries and other potential voters through indirect and often illicit means, to create voter profiles for targeted campaigning, and what the law has to say about it.

6 min read

Press Release: Civil society organisations express urgent concerns over the integrity of the 2024 general elections to the Lok Sabha

11 civil society organisations wrote to the ECI, highlighting the role of technology in affecting electoral outcomes. The letter includes an urgent appeal to the ECI to uphold the integrity of the upcoming elections and hold political actors and digital platforms accountable to the voters. 

2 min read

IFF Explains: How a vulnerability in a government cloud service could have exposed the sensitive personal data of 2,50,000 Indian citizens

In January 2022, we informed CERT-In about a vulnerability in S3WaaS, a platform developed for hosting government websites, which could expose sensitive personal data of 2,50,000 Indians. The security researcher who identified the vulnerability confirmed its resolution in March 2024.

5 min read

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!