Mozilla urged UK regulators not to impose age restrictions on VPN services, warning that such measures would weaken privacy protections for all users while doing little to prevent minors from bypassing online age checks.
In a submission to the UK Department for Science, Innovation and Technology (DSIT), the Firefox maker argued that VPNs are “essential privacy and security tools” relied on by millions of users for safe internet access, remote work, and protection against tracking and profiling. The filing responds to the UK government’s “Growing up in the online world” consultation, which is examining additional online safety measures for children under the Online Safety Act.
Mozilla said proposals to age-gate VPN access would force all users, not just minors, to undergo age verification checks, creating large-scale privacy and cybersecurity risks. The company also warned that mandatory age assurance systems could expose sensitive identity information to breaches or misuse, citing the Discord incident that leaked ID photos of roughly 70,000 users.
The nonprofit-backed browser developer, which serves more than 200 million Firefox users globally and around 4.25 million users in the UK, also highlighted its own VPN offerings in the filing. Mozilla VPN launched in 2020, while Firefox recently introduced a built-in IP protection feature in the UK that routes browsing traffic through a secure proxy server.
Mozilla argued that VPNs are especially important for young users because they reduce exposure to online tracking, targeted advertising, and invasive data collection practices. The company pointed to research showing that many children’s apps contain manipulative design features and “dark patterns” intended to maximize engagement and data harvesting.
The company also challenged claims that children primarily use VPNs to bypass age restrictions. According to studies cited in the submission, only 8% of children reported using a VPN in the previous year, and most said they used the tools for privacy or safety reasons. A separate May 2026 study found that just 7% used VPNs specifically to circumvent age gates.
Mozilla further argued that age-gating VPNs would be technically ineffective because encrypted VPN traffic is difficult to distinguish from ordinary internet traffic. The company warned that restricting compliant VPN providers could simply push users toward unregulated or offshore services with weaker security practices.
The filing also cautioned that limiting VPN access for minors could create a “two-tier internet” where adults retain privacy protections while younger users lose access to tools that shield them from surveillance and data collection. Mozilla said such restrictions could disproportionately impact vulnerable groups, including children in abusive households or marginalized communities.
Instead of expanding age verification systems, Mozilla urged regulators to focus on enforcing existing platform obligations under the Online Safety Act, improving parental controls, and investing in digital literacy programs.
The filing is part of a broader effort by privacy groups and technology firms opposing UK age-verification proposals. Earlier this month, Mozilla joined Mullvad, Proton, Tor Project, the Electronic Frontier Foundation, and other organizations in signing an open letter warning that mandatory age checks could normalize online surveillance and undermine the open web.
Leave a Reply