In a significant move underscoring the growing tension between regulations and online freedoms, Roskomnadzor, Russia's federal executive body responsible for media and telecommunications, has requested the removal of 47 VPN services from Google Play. This development marks the most substantial wave of such requests from the regulator in the past six months, as reported by the outlet Rusbase.
The shift comes amid widespread access issues experienced across Russia, particularly affecting services reliant on Cloudflare's infrastructure. In the last week ending March 21, 2025, Roskomnadzor directed numerous requests to Google to eliminate these VPN applications, which include well-known services like 1.1.1.1 + WARP, HideMyNetVPN, VPN4TV, and Secure VPN, among others.
The basis for Roskomnadzor's demands lies in the law No. 149-FZ “On Information, Information Technologies and Information Protection.” The regulator claims that these VPN services supposedly facilitate access to restricted online resources, thus breaching Russian laws on internet usage. The various requests to Google are documented within the Lumen Database, a platform where authorized parties record removal requests for online content.
Interestingly, this uptick in requests aligns with a recent incident on March 19, where users across the Urals and Siberia found their access to both domestic and international web services disrupted. Notable platforms affected included TikTok, Twitch, Epic Games, and Duolingo, prompting a wave of complaints.
In its defense, Roskomnadzor stated, "The inoperability of some Russian services is related to the use of foreign server infrastructure where failures are recorded." Users on the forum ntc.party, a platform noted for its discussions among tech specialists, indicated that the root of these disturbances resulted from the blocking of access to Cloudflare infrastructure in Russia. According to the Telegram channel Tech Talk, around 1.5 million IP addresses associated with Cloudflare were blocked during that period, severely impacting internet connectivity.
Indeed, the implications of these regulatory moves are profound. Cloudflare, an American company renowned for its content delivery network (CDN) and web protection services, has faced scrutiny in Russia due to its default use of the Encrypted Client Hello (TLS ECH) technology. This technology, while enhancing user privacy by hiding metadata, is perceived by Roskomnadzor as a means to circumvent restrictions on accessing banned information.
The tension has escalated to the point where, as early as November 2024, Roskomnadzor's affiliated Center for Monitoring and Network Management recommended that Russian entities move away from utilizing Cloudflare's services, due to these technological implications.
This latest wave of removal requests suggests a more aggressive approach from Roskomnadzor in controlling internet access within Russia, sparking fears among users about dwindling online freedoms. It is noteworthy that while authorities claim these actions aim to safeguard compliance with national laws, many users express concerns over diminished access to tools essential for online privacy and security.
The situation remains dynamic, with both Roskomnadzor and Google yet to officially comment on this substantial influx of removal requests and the broader implications of Cloudflare's blocking. As the landscape of internet regulation continues to evolve, stakeholders—ranging from tech companies to everyday users—remain watchful of the developments in Russia's digital policies.
This is a crucial period that highlights the ongoing battles over digital sovereignty, censorship, and the right to access information freely on the internet, with Roskomnadzor's stringent measures presenting significant challenges for Russian internet users.
