PM, Minister Leghari Launch IESCO Multilingual Complaint Platform
December 2, 2025
Authorities in Pakistan have urged a ban on free and unregistered VPNs, warning they pose a serious threat to national security. The proposal would restrict VPN access to licensed providers regulated by the Pakistan Telecommunications Authority (PTA).
Read more: PTA Starts Licensing VPN Providers Under CVAS-Data Regime
Officials and cybersecurity experts have described free, unregistered VPN services as a “major cybersecurity threat”, arguing they expose citizens to hacking, data theft, foreign surveillance, and online crime. They warn that such VPNs are increasingly exploited by hackers, scammers, and anti-state actors to operate anonymously across social media platforms.
In light of growing concerns about cyber-crime networks and foreign intelligence exploiting loopholes in Pakistan’s digital infrastructure, there are calls for a complete ban on all unsafe VPN services. Only licensed, security-vetted providers should be permitted under this proposal similar to those part of the national security policies of India, UAE, Saudi Arabia and Bangladesh.
Since November 13, the Pakistan Telecommunication Authority (PTA) has already begun issuing licenses under the reinstated Class Value Added Services (CVAS-Data) framework, authorising a number of VPN providers to operate legally. The PTA have granted Class Licenses to several companies, including Alpha 3 Cubic (Pvt.) Ltd (Steer Lucid). Zettabyte (Pvt.) Ltd. (Crest VPN), Nexilium Tech (SMC-Pvt.) Ltd. (Kestrel VPN) and more.
Supporters argue the ban would strengthen national security, protect public, privacy, and safeguard financial and online infrastructures. Critics, however, have are concerned that sweeping VPN restrictions could harm IT businesses, freelancers, and legitimate users relying on VPNs for privacy, secure remote access, and international work.
As the debate intensifies, Pakistan stands at a crossroads: whether to prioritise digital security by restricting VPN usage or to preserve open internet access for lawful users and broader IT sector.
