Security

Don't use a VPN in United Arab Emirates – unless you wanna risk jail and a $545,000 fine

Arab monarchy tries to slam door on privacy tools


A royal edict from the president of the United Arab Emirates (UAE) may have effectively made it illegal for anyone in the country to use a VPN or secure proxy service.

Those caught could face jail time and fines of between 500,000 and 2,000,000 UAE dirham (US$136,130 and $544,521). The change was announced this week by the UAE President His Highness Sheikh Khalifa bin Zayed Al Nahyan in a proclamation that amended federal laws.

The wording is ambiguous and technologically illiterate. Essentially, it seems, you are not allowed to use systems that hide the fact that you're committing a crime or covering one up. If you're routing your network traffic through a secure VPN or proxy server, you could be evading the eyes of the state while breaking a law, and that's now a big no-no.

You could claim you were using the VPN or proxy for legit reasons, and that no criminal activity was being committed or concealed, but since your packets were encrypted, you may have a hard time proving your innocence.

The tweaked law now reads as follows:

Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery, shall be punished by temporary imprisonment and a fine of no less than Dhs 500,000 and not exceeding Dhs 2,000,000, or either of these two penalties.

Less than 15 per cent of the desert kingdom's inhabitants are locals, with the rest of the population made up of expatriates, many of whom want to access private corporate networks and the internet at large without being limited by the filtering systems the country has set up. The state telco blocks anything seen as being against UAE values, any Israeli domains, and pornography sites, as well as many VoIP services for calling home.

There are two state-sanctioned VoIP services, Etisalat and Du, but they are relatively expensive. Skype was outlawed in the kingdom, but that ban was lifted in April after Microsoft and business leaders complained that the blockade was discouraging businesses from coming to the country.

In the meantime, if you're visiting the UAE, using a VPN or proxy server may be problematic. The new law is now in effect, and you may get a knock on the door by the police if you try using one of those services. ®

Send us news
61 Comments
Get our Security newsletter

Keep Reading

The Russians are at it again: Zebrocy backdoor malware is evolving, Uncle Sam warns close to eve of presidential election

Yep, it's the artists occasionally known as APT28

Russian state-sponsored hackers have been sniffing Middle East defence firms, warns Trend Micro

Artists variously known as Pawn Storm and APT28 are still at it

Data-stealing, password-harvesting, backdoor-opening QNAP NAS malware cruises along at 62,000 infections

If you're still using a vulnerable box, you ought to factory reset it before patching

Taj Mahal and SneakyPastes: Kaspersky reveals pair of attacks menacing Asia, Middle East

Fresh round of targeted operations unearthed

AWS admits to 'severely impaired' services in US-EAST-1, can't even post updates to Service Health Dashboard

Multiple services sickly after Kinesis catches a cold: CloudWatch, DynamoDB, Lambda, Managed Blockchain

Oil be damned: Iran-based crooks flinging malware at Middle Eastern energy plants again – research

ZeroCleare wipes up where Shamoon left off

Remember that backdoor in Juniper gear? Congress sure does – even if networking biz wishes it would all go away

US lawmakers demand answers in quest against Feds-only access points

Just say the 'magic password': Boffins turn up potential backdoor in SQL Server 2012, 2014

Admin rights needed to fire up the malware and – hey presto!

Heads up: A new strain of card-skimming Grelos malware is on the loose

Magecart variant has changed and you should be alert, warns RiskIQ

Gone in 120 seconds: Arianespace aims for stars, misses, as UAE satellite launch fails

Vega or bust. Bust then

Tech Resources

Navigating the New Era of Cloud Computing

Hear from Steve Sibley, VP of Offering Management for IBM Power Systems about how IBM Power Systems can enable hybrid cloud environments that support “build once, deploy anywhere” options.

Simplifying Hybrid Cloud Flash Storage

According to industry analysts, a critical element for secure hybrid multicloud environments is the storage infrastructure.

IBM and Nvidia® Solutions Power Insights with the New AI

IBM is well-positioned to help organizations incorporate high-performance solutions for AI into the enterprise landscape.

The Ransomware Hunt that Unearthed a Historic Banking Trojan

The Sophos Managed Threat Response (MTR) team provides customers with swift, human-led responses to the nastiest threats and most sophisticated adversaries.