Myanmar's military junta seeks ban on VPNs and digital currency

People would no longer be able to rely on VPNs for their preferred communication tool, Facebook


Myanmar's military junta has floated a cyber security law that would ban the use of virtual private networks, under penalty of imprisonment and/or fines, leaving digital rights organisations concerned about the effects of further closing the country off digitally to the outside world.

The draft bill, dated January 13 is signed by Soe Thein, permanent secretary of the military's transport and communications ministry and is undergoing request for comments until January 28. Upon adoption, it will subject VPN users to between one and three years inside, and fines of up to five million Myanmar Kyats ($2,800).

The bill also bans the use of digital currency, under penalty of imprisonment for six months to a year, and the same fine used to deter VPN use.

Furthermore, it obligates service providers to provide the personal information of users – like name, address and access history – to authorities if requested. Similar stipulations have caused telcos to leave the region in the past. Norwegian mobile carrier Telenor left in September 2021 when the ruling junta wanted to intercept calls carried on its network.

For many in Myanmar, Facebook is synonymous with the internet. As the country faced a military coup in February 2021, the newly installed Tatmadaw banned Facebook, Instagram, and Twitter, prompting users in the country to rely on VPNs to retain access to their preferred online communication services.

Around the same time as the prohibition on social media, a proposed VPN ban hit strong objections from both tech and commerce advocate organisations, thus allowing the country's internet users to continue to communicate without changing platforms.

BBC Myanmar reported that the January 13 bill and its 115 clauses is stronger than the Junta's efforts in 2021.

VPNs have long been a restricted technology in China, which also seeks to limit the material its citizens can access.

Digital and human rights advocates fear a VPN ban will damage pro-democracy organisations, like the National Unity Government, and benefit the military junta.

"The proposed bill is draconian, even by the standards of the Burmese military. The first version of the bill proposed in February 2021 was dropped after industry and civil society united to push back, but the military has been set on getting its way," Alp Toker, director of NetBlocks, told The Register.

NetBlocks describes itself as "a global internet monitor working at the intersection of digital rights, cybersecurity and internet governance."

Toker said VPN services were "requisite to connect with the outside world from Myanmar since the coup, due to restrictions on social media and international platforms imposed by the post-coup authority," as well as "essential for business and international trade, particularly in the digital services sector."

"These are certain to have a chilling effect on political speech and human rights, but ultimately this is only going to turn public sentiment further against military rule," added Toker. ®


Other stories you might like

  • Verizon: Ransomware sees biggest jump in five years
    We're only here for DBIRs

    The cybersecurity landscape continues to expand and evolve rapidly, fueled in large part by the cat-and-mouse game between miscreants trying to get into corporate IT environments and those hired by enterprises and security vendors to keep them out.

    Despite all that, Verizon's annual security breach report is again showing that there are constants in the field, including that ransomware continues to be a fast-growing threat and that the "human element" still plays a central role in most security breaches, whether it's through social engineering, bad decisions, or similar.

    According to the US carrier's 2022 Data Breach Investigations Report (DBIR) released this week [PDF], ransomware accounted for 25 percent of the observed security incidents that occurred between November 1, 2020, and October 31, 2021, and was present in 70 percent of all malware infections. Ransomware outbreaks increased 13 percent year-over-year, a larger increase than the previous five years combined.

    Continue reading
  • Slack-for-engineers Mattermost on open source and data sovereignty
    Control and access are becoming a hot button for orgs

    Interview "It's our data, it's our intellectual property. Being able to migrate it out those systems is near impossible... It was a real frustration for us."

    These were the words of communication and collaboration platform Mattermost's founder and CTO, Corey Hulen, speaking to The Register about open source, sovereignty and audio bridges.

    "Some of the history of Mattermost is exactly that problem," says Hulen of the issue of closed source software. "We were using proprietary tools – we were not a collaboration platform before, we were a games company before – [and] we were extremely frustrated because we couldn't get our intellectual property out of those systems..."

    Continue reading
  • UK government having hard time complying with its own IR35 tax rules
    This shouldn't come as much of a surprise if you've been reading the headlines at all

    Government departments are guilty of high levels of non-compliance with the UK's off-payroll tax regime, according to a report by MPs.

    Difficulties meeting the IR35 rules, which apply to many IT contractors, in central government reflect poor implementation by Her Majesty's Revenue & Customs (HMRC) and other government bodies, the Public Accounts Committee (PAC) said.

    "Central government is spending hundreds of millions of pounds to cover tax owed for individuals wrongly assessed as self-employed. Government departments and agencies owed, or expected to owe, HMRC £263 million in 2020–21 due to incorrect administration of the rules," the report said.

    Continue reading
  • Internet went offline in Pakistan as protestors marched for ousted prime minister
    Two hour outage 'consistent with an intentional disruption to service' said NetBlocks

    Internet interruption-watcher NetBlocks has reported internet outages across Pakistan on Wednesday, perhaps timed to coincide with large public protests over the ousting of Prime Minister Imran Khan.

    The watchdog organisation asserted that outages started after 5:00PM and lasted for about two hours. NetBlocks referred to them as “consistent with an intentional disruption to service.”

    Continue reading
  • Suspected phishing email crime boss cuffed in Nigeria
    Interpol, cops swoop with intel from cybersecurity bods

    Interpol and cops in Africa have arrested a Nigerian man suspected of running a multi-continent cybercrime ring that specialized in phishing emails targeting businesses.

    His alleged operation was responsible for so-called business email compromise (BEC), a mix of fraud and social engineering in which staff at targeted companies are hoodwinked into, for example, wiring funds to scammers or sending out sensitive information. This can be done by sending messages that impersonate executives or suppliers, with instructions on where to send payments or data, sometimes by breaking into an employee's work email account to do so.

    The 37-year-old's detention is part of a year-long, counter-BEC initiative code-named Operation Delilah that involved international law enforcement, and started with intelligence from cybersecurity companies Group-IB, Palo Alto Networks Unit 42, and Trend Micro.

    Continue reading

Biting the hand that feeds IT © 1998–2022