A 29 year-old graduate student from China’s Jianshu province was arrested on 30 December 2019 for selling a VPN service which allowed locals to access the global internet.

By routing traffic around China’s so-called ‘Great Firewall’, a VPN allows users to connect to foreign, blocked websites like Facebook, Twitter, and Google.

China operates a substantial censorship infrastructure which is able to block most VPNs – meaning getting a VPN to work consistently in China is something very few VPN providers are able to achieve.

The man, known by the pseudonym Gao, claimed that his customers were not using the VPN software illegally.

While he has not been sentenced, Gao has confessed to the offence and is likely to face both jail time and monetary fines, having earned more than 11 million yuan since 2016 (~$1.6 million).

This is not the first time China has arrested its citizens over the distribution of VPN software.

There are several reports of such arrests from 2019 alone: in May a man named Huang was jailed for selling access to a short video app with “over the wall” capabilities. He was charged under the crime of “providing intrusion and illegally controlling computer information system programs and tools.”

On 23 December police arrested another man, named Li, for his involvement in an unlicensed commercial VPN company. Li carried out mainly customer support and marketing, but was nonetheless held criminally responsible for the company’s illegal operation.

The owner of the company, named Gong, was arrested earlier in December, but Li had managed to avoid the authorities for a period of time. He was ultimately caught “acting suspiciously” in Dongguan Railway Station.

By 2015, the Chinese Communist Party (CCP) had arrested over 150,000 people for “internet crimes” – a category which encompases much more than trying to bypass censorship – but a crackdown on VPNs had not yet begun.

It was only in 2017 when arrests for distributing VPNs became prevalent, after the CCP announced a ban on all commercial VPNs which had not received authorisation from the government.

The Ministry of Industry and Information Technology released a statement in January 2017, announcing its intention to clean up and regulate the Internet Network Access Service Market.

In the statement, the governmental department complained of the “disorderly development” of the information technology and cloud computing industries.

Primarily, the letter focused on improving network efficiency and closing up the scope for “illegal activities.”

Cross-border use is specifically addressed, and VPNs are named as an improper use of cross-border networks, which are to be used exclusively for the purposes for which they are licenced.

The scale of China’s crack-down has only escalated since then – with Apple having removed all VPN apps from its app store in China, and most VPN services without special obfuscation technology (as well as many with obfuscation protocols) being successfully blocked.

In December 2017 the arrest of a man for selling a VPN in southern China received significant international coverage.

Wu Xiangyang had been running a VPN service from southern China from 2013 to June 2017, earning around 500,000 yuan (~$70,000) in illegal profits during that time.

Wu was fined 500,000 yuan – the total value of his “illegal” earnings – and sentenced to five and a half years in jail.

With Gao’s profits significantly larger than Wu’s it is likely he will face huge fines and potentially an even longer period of jail time.

There is at least one other case of prison time being given to a VPN operator in 2017: Deng Jiewei was sentenced to nine months in jail in September 2017 for operating two VPN services since October 2015.

In October 2018 another man was sentenced to a three year prison sentence and fined 10,000 yuan.

These convictions have all taken place under the same law, which forbids “providing intrusion and illegally controlling computer information system programs and tools.”

The CCP has generally focused on those distributing VPNs, rather than those using them, but in January 2019 a man was fined the equivalent of $145 for accessing foreign, blocked websites.

Zhu Yunfeng was caught accessing websites such as Google and Twitter by using Lantern, a VPN application.

Yunfeng was charged under the 1997 public security law, which lay largely defunct until it was extended in 2017. While he did not face jail time or a significant fine, Zhu’s case suggests a growing focus on the users as well as operators of VPNs in China.

Government approved VPNs are legal in China, but they do not work as reliably as other VPNs, and significantly increase the risk of government surveillance – which is often the reason users go to a VPN in the first place.