Security

Don't use a VPN in United Arab Emirates – unless you wanna risk jail and a $545,000 fine

Arab monarchy tries to slam door on privacy tools

By Iain Thomson in San Francisco

61 SHARE

A royal edict from the president of the United Arab Emirates (UAE) may have effectively made it illegal for anyone in the country to use a VPN or secure proxy service.

Those caught could face jail time and fines of between 500,000 and 2,000,000 UAE dirham (US$136,130 and $544,521). The change was announced this week by the UAE President His Highness Sheikh Khalifa bin Zayed Al Nahyan in a proclamation that amended federal laws.

The wording is ambiguous and technologically illiterate. Essentially, it seems, you are not allowed to use systems that hide the fact that you're committing a crime or covering one up. If you're routing your network traffic through a secure VPN or proxy server, you could be evading the eyes of the state while breaking a law, and that's now a big no-no.

You could claim you were using the VPN or proxy for legit reasons, and that no criminal activity was being committed or concealed, but since your packets were encrypted, you may have a hard time proving your innocence.

The tweaked law now reads as follows:

Whoever uses a fraudulent computer network protocol address (IP address) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery, shall be punished by temporary imprisonment and a fine of no less than Dhs 500,000 and not exceeding Dhs 2,000,000, or either of these two penalties.

Less than 15 per cent of the desert kingdom's inhabitants are locals, with the rest of the population made up of expatriates, many of whom want to access private corporate networks and the internet at large without being limited by the filtering systems the country has set up. The state telco blocks anything seen as being against UAE values, any Israeli domains, and pornography sites, as well as many VoIP services for calling home.

There are two state-sanctioned VoIP services, Etisalat and Du, but they are relatively expensive. Skype was outlawed in the kingdom, but that ban was lifted in April after Microsoft and business leaders complained that the blockade was discouraging businesses from coming to the country.

In the meantime, if you're visiting the UAE, using a VPN or proxy server may be problematic. The new law is now in effect, and you may get a knock on the door by the police if you try using one of those services. ®

Sign up to our NewsletterGet IT in your inbox daily

61 Comments

Keep Reading

Russian state-sponsored hackers have been sniffing Middle East defence firms, warns Trend Micro

Artists variously known as Pawn Storm and APT28 are still at it

Taj Mahal and SneakyPastes: Kaspersky reveals pair of attacks menacing Asia, Middle East

Fresh round of targeted operations unearthed

Oil be damned: Iran-based crooks flinging malware at Middle Eastern energy plants again – research

ZeroCleare wipes up where Shamoon left off

Just say the 'magic password': Boffins turn up potential backdoor in SQL Server 2012, 2014

Admin rights needed to fire up the malware and – hey presto!

Gone in 120 seconds: Arianespace aims for stars, misses, as UAE satellite launch fails

Vega or bust. Bust then

There's fraud, and then there's backdoor routers, fenced logins, malware, and bribing AT&T staff seven figures to unlock 2m phones

Pakistani bloke extradited to US, accused of masterminding telco hack caper

In a desperate bid to stay relevant in 2020's geopolitical upheaval, N. Korea upgrades its Apple Jeus macOS malware

Nork cash grab nasty gets stealthier

Guess who's addicted to GitHub, busy on Slack, stuck in 2015? No, not another hipster: It's the Slub backdoor malware

Panic, flee, cry – or just update Windows for fsck's sake

Arabian, sorry, Amazon Web Services to land in Bahrain and UAE

Full region coming in 2019. Keeping it cold should be fun!

Mozilla boots alleged snoop troupe from its root cert coop: UAE-based DarkMatter thrown onto CA blocklist

Maker of Firefox fires fox from hen house guard duty

Tech Resources

A Step-by-Step Guide to Building a Scalable Vendor Onboarding Process

Vendors are at the heart of many companies’ processes and activities, and their numbers are increasing. In fact, according to a recent study by the Ponemon Institute, the average number of third parties employed by companies rose from 378 in 2016 to 588 in 2018.

A Definitive Guide to Understanding and Meeting the CIS Critical Security Controls

The CIS Critical Security Controls are the industry standard for good security. Are you up to par?

Who Needs Malware?

Learn how fileless techniques work and why they present such a complex challenge.

The Data-Driven Case for CI

What does a high performing technology delivery team look like? How do you know if your team is doing well?