VPN users may be hit by new bill targeting online content

What the bill proposes

A Michigan proposal titled the “Anticorruption of Public Morals Act” would restrict the distribution of specified sexual content online and compel internet providers to deploy statewide filtering. It also defines “circumvention tools” to include VPNs, proxies, Tor, and encrypted tunneling.

By targeting both content and the tools that bypass blocks, the measure attempts to reshape how residents access the internet, creating one of the broadest state-level content control frameworks to date.

Why VPN users are in the crosshairs

The draft labels VPNs as “circumvention tools,” grouping everyday privacy tech with methods used to dodge filters. Because providers would be tasked with blocking those tools, ordinary behaviors, such as securing coffee-shop Wi-Fi, teleworking through an encrypted tunnel, or protecting data while traveling, could face new friction or risk.

The language is expansive, encompassing a wide range of technologies and leaving open the extent to which enforcement would be applied in practice.

How enforcement would work

Internet providers would have to implement “mandatory filtering technology” that blocks access to prohibited material and actively detects and prevents known workarounds. Courts could order specific site blocks, which providers would then implement.

This shifts heavy compliance duties to network operators and raises technical questions: how to reliably identify encrypted traffic, how to avoid overblocking lawful services, and how to resolve disputes about mistaken or excessive enforcement.

Potential penalties and fines

Consequences scale quickly. If passed in its current form, distributing prohibited material could carry felony-level consequences, including prison time and steep fines that escalate when large quantities are involved. Providers or platforms that facilitate access risk significant civil penalties for each instance of non-compliance.

The proposal also targets the marketing and sales of “circumvention tools,” thereby widening liability for software vendors, affiliates, and marketplaces that advertise privacy products, even when those tools are commonly used for legitimate security purposes.

Why LGBTQ and gender expression are implicated

According to critics, vague language in the proposal could be interpreted to treat depictions involving a perceived disconnect between biological sex and gender as prohibited, which could ensnare non-pornographic portrayals of transgender people or drag performance. Critics argue this risks viewpoint-based restrictions and overbreadth, chilling speech unrelated to explicit content.

Because enforcement occurs at the provider level, moderation systems could over-remove legitimate expressions to avoid penalties, intensifying concerns about a disproportionate impact on marginalized communities.

Comparison with other legal trends

Recent state measures have focused on age checks, parental tools, and identity verification for adult sites. Those laws do not generally outlaw privacy technologies or impose blanket bans on adults.

Michigan’s approach moves further by coupling content restrictions with a crackdown on access tools. That pairing tests how far courts will allow states to go when adult speech, privacy expectations, and commonplace security practices collide with broad public morals justifications.

What ISPs might have to do technically

Blocking VPNs and similar tools typically relies on traffic fingerprinting, DNS tampering, IP blocklists, or deep-packet inspection. These methods can mislabel benign encrypted flows, disrupt business applications, and encourage users to adopt harder-to-detect protocols.

Scaling such detection statewide increases costs and error rates, and invites disputes over false positives. The bill provides mandates, rather than detailed technical guardrails, leaving providers to improvise methods that may compromise reliability, accuracy, and customer trust.

Risks for everyday security

VPNs serve routine safety needs, including encrypting data on public Wi-Fi, masking browsing activity from opportunistic snooping, and connecting securely to school or workplace networks.

Treating them as suspects could expose residents to higher cyber risk, discourage secure remote work, and complicate telemedicine or online banking. Even if enterprise tools are not intended targets, vague detection rules and automated filters could inadvertently block legitimate encrypted tunnels people rely on for daily protection.

Where the bill stands now

The measure was introduced in September 2025 and referred to committee. It has not been enacted. Any path forward would likely include hearings, potential amendments, fiscal analysis, and possibly litigation if the proposal advances.

Residents should treat the proposal as a work in progress rather than settled law, tracking official updates for calendar notices, substitute language, and public comments that could narrow definitions, change penalties, or clarify exemptions for enterprise security tools.

Possible ripple effects for other states

If a state couples content filtering with a crackdown on access tools, lawmakers elsewhere may consider similar models. Network-level controls have appeared in other contexts, such as anti-piracy site blocks, though those typically stop short of outlawing privacy tech.

A successful test here could normalize broader expectations for filtering, while a court setback could discourage copycat efforts. Either outcome would influence how states balance safety goals with adult access and privacy.

Organized pushback is forming

Digital-rights groups, industry coalitions, and security professionals are mobilizing to highlight risks to free expression, cybersecurity, and remote work. Expect policy briefs, technical analyses, and public-education campaigns that explain how encrypted tools protect consumers and businesses.

If hearings are scheduled, stakeholders will likely offer testimony proposing narrower definitions, explicit exemptions for enterprise networks, and safeguards against overblocking. Hence, enforcement targets illegal distribution without undermining legitimate privacy and security practices.

What counts as “promotion” of circumvention tools

The draft’s ban on promoting or selling circumvention tools is broad. The draft’s broad language may be interpreted to scrutinize activities like advertising privacy apps, writing how-tos for configuring a tunnel, or publishing neutral product comparisons could be scrutinized if authorities view them as facilitating access to blocked material.

That ambiguity pressures vendors, affiliates, and publishers to self-censor marketing, documentation, and support pages, potentially depriving consumers of accurate security information used to evaluate and safely operate lawful software.

Expected constitutional and practical hurdles

Courts will examine whether definitions are too vague, whether filtering is narrowly tailored, and whether less-restrictive alternatives exist. Practically, reliably identifying encrypted traffic without sweeping in legitimate services is difficult, especially at a statewide scale.

Burdens on interstate commerce, speech, and privacy will be a prominent feature in challenges. These combined issues suggest a substantial risk of injunctions, delays, or significant rewrites before any durable enforcement model could take hold.

Worried about online privacy while using your laptop? Here’s how to set up a secure VPN on your laptop to lock down your connection and keep your data safe from prying eyes.

What Michigan residents should watch next

Key markers include committee agendas, amendment texts clarifying exemptions for business networks, and fiscal notes estimating the costs of providers. Residents should look for implementation timelines, appeals processes for mistaken blocks, and any guidance on distinguishing enterprise security tools from prohibited circumvention.

Parallel federal discussions on encryption and online safety may also shape outcomes, influencing whether statewide mandates align with national standards or face preemption and broader legal headwinds.

Want to see how national tech policy could impact your devices? Apple’s $1.1 billion tariff bill might just be the beginning, and here’s what it means for consumers, companies, and the future of encrypted tools.

If you found this interesting, give it a like and share your thoughts in the comments.

Read More From This Brand:

• How to Set Up a Secure VPN on Your Laptop
• How To Upgrade Your WiFi: A Comprehensive Guide
• Secure Your Smart Devices from Unauthorized Access

Don’t forget to follow us for more exclusive content on MSN.

If you liked this story, you’ll love our free emails. Join today and be the first to get stories like this one.

This slideshow was made with AI assistance and human editing.