A 29 year-old graduate student from China’s Jianshu province was arrested on 30 December 2019 for selling VPN software, which allowed Chinese locals to access the ‘free’ internet.

The man, known by the pseudonym Gao, claimed that his customers were not using the VPN software illegally. While he has not been sentenced, Gao has confessed to the offence and is likely to face both jail time and monetary fines, having earned more than 11 million yuan since 2016 (~$1.6 million).

By routing web traffic around China’s so-called ‘Great Firewall’ (GFW), a VPN allows users to circumvent web censorship and visit blocked web platforms like Facebook, Instagram, Twitter, and Google.

Since the early 2000s, China has operated an aggressive censorship infrastructure, which is now able to block most VPNs. Very few services are capable of beating the GFW and only the top VPNs work consistently in China.

Sadly, this is not the first time China has arrested its citizens over the distribution of VPN software.

There are several reports of such arrests from 2019 alone: in May a man named Huang was jailed for selling access to a short video app with “over the wall” capabilities. He was charged under the crime of “providing intrusion and illegally controlling computer information system programs and tools.”

On 23 December police arrested another man named Li for his involvement in an unlicensed commercial VPN company. Li carried out mainly customer support and marketing tasks, but was nonetheless held criminally responsible for the company’s illegal operation.

The owner of the company, named Gong, was arrested earlier in December, but Li had managed to avoid the Chinese authorities for a period of time. He was ultimately caught “acting suspiciously” in Dongguan Railway Station.

Arresting people over ‘internet crimes’ is nothing new in China. By 2015, the Chinese Communist Party (CCP) had arrested over 150,000 people for “internet crimes” – a category which encompasses much more than trying to bypass censorship – but a crackdown on VPNs had not yet begun.

Arrests for distributing VPNs became prevalent in 2017, after the CCP announced a ban on all commercial VPNs that had not received authorisation from the government.

The Ministry of Industry and Information Technology released a statement in January 2017 announcing its intention to clean up and regulate the Internet Network Access Service Market.

In the statement, the governmental department complained of the “disorderly development” of the information technology and cloud computing industries. The letter focused on improving network efficiency and closing up the scope for “illegal activities.”

Cross-border use is specifically addressed, and VPNs are named as an improper use of cross-border networks, which are to be used exclusively for the purposes for which they are licenced.

The scale of China’s crack-down has only escalated since then – with Apple having removed all VPN apps from its app store in China, and most VPN services without special obfuscation technology (as well as many with obfuscation protocols) being successfully blocked.

In December 2017 the arrest of a man for selling a VPN in southern China received significant international coverage.

Wu Xiangyang had been running a VPN service from southern China from 2013 to June 2017, earning around 500,000 yuan (~$70,000) in illegal profits during that time.

Wu was fined 500,000 yuan – the total value of his “illegal” earnings – and sentenced to five and a half years in jail.

With Gao’s profits significantly larger than Wu’s it is likely he will face huge fines and potentially an even longer period of jail time.

There is at least one other case of prison time being given to a VPN operator in 2017: Deng Jiewei was sentenced to nine months in jail in September 2017 for operating two VPN services since October 2015.

In October 2018, another man was sentenced to a three year prison sentence and fined 10,000 yuan.

These convictions have all taken place under the same law, which forbids “providing intrusion and illegally controlling computer information system programs and tools.”

The CCP has generally focused on those distributing VPNs, rather than those using them, but in January 2019 a man was fined the equivalent of $145 for accessing foreign, blocked websites.

Zhu Yunfeng was caught visiting websites such as Google and Twitter using Lantern, a P2P anti-censorship application.

Yunfeng was charged under the 1997 public security law, which lay largely defunct until it was extended in 2017. While he did not face jail time or a significant fine, Zhu’s case suggests a growing focus on VPN users, as well as VPN service providers, in China.

Government approved VPNs are legal in China, but they do not work as reliably as other VPNs, and significantly increase the risk of government surveillance – which is often the reason for using a VPN in the first place.