Why the World Still Hasn't Given Up on VPNs

30th Jun 2026

In April 2026, police in China's Hubei province started fining ordinary citizens for using a VPN — not companies, not dissidents, just regular people. One person was fined 200 yuan (about $29) for accessing TikTok and X through a VPN. Another was fined 500 yuan for "illegally registering and using VPN software." Around the same time, authorities physically disconnected thousands of relay servers in domestic data centers, knocking out services running on Shadowsocks, V2Ray, and similar protocols overnight.

You'd think that by 2026, with HTTPS the default rather than the exception, the need for VPNs would have quietly faded away. Instead, the global VPN market is valued at roughly $86 billion this year and is projected to top $180 billion by 2030, growing at around 20% annually. Somewhere between 1.6 and 1.8 billion people use one — more than the number of native Mandarin speakers on Earth. So who's actually pushing all that traffic through an encrypted tunnel, and why?

The Splinternet Isn't Just an Authoritarian Problem

The idea of one borderless internet has been dead for a while. In authoritarian states, government firewalls simply decide what citizens get to see and say: China blocks unauthorized VPN protocols under its cybersecurity law, and as of April 2026 it has shifted from blocking infrastructure to fining individual users directly. In Russia, more than a hundred commercial VPN apps were pulled from local app stores in 2025 alone — the only ones still technically legal are licensed by the FSB, which defeats much of the point of using one in the first place.

But fragmentation isn't confined to authoritarian regimes anymore. In the UK, after stricter age-verification rules kicked in under the Online Safety Act, VPN downloads spiked more than 1,800% over a single weekend, and daily active users jumped from roughly 650,000 to 1.4 million. The House of Lords voted 207 to 159 in early 2026 to explore restricting VPN access for minors. The EU is heading down a similar path, with a new data-retention framework for VPN providers expected by the second half of 2026.

Somebody's Still Selling Your Metadata

"Everything's encrypted with HTTPS now anyway" is only half true. The protocol hides what's on the page, not the fact that you visited it. Your internet provider can still see every domain you connected to, when, and how much data moved — and in the US, providers are legally allowed to bundle that browsing metadata and sell it to data brokers and advertisers without your explicit consent. A VPN is still one of the few practical ways to close that particular loophole.

That same tracking feeds dynamic pricing. Airlines and booking platforms routinely lean on IP geolocation and other location signals to charge different users different prices for the same seat or hotel room. Switching your virtual location through a VPN is one of the few tools an ordinary consumer has to push back against that asymmetry.

Streaming Blackouts and the Quiet Death of the Corporate VPN

Streaming was supposed to unify access to content. Instead, distribution rights are still sold country by country, so catalogs stay fragmented and sports broadcasts get blacked out in their home markets. That keeps a permanent arms race going: platforms get better at detecting VPN traffic, users get better at routing around it.

Inside companies, the opposite shift is happening. The traditional remote-access VPN is steadily being replaced by Zero Trust Network Access, where no device is trusted by default. Gartner expects roughly 70% of new remote-access deployments to run on ZTNA rather than classic VPN tunnels by the end of 2025. That shift isn't cosmetic — Verizon's 2025 Data Breach Investigations Report found a 34% jump in exploited vulnerabilities tied to perimeter devices and VPNs, with edge-device breaches growing roughly eightfold year over year. Companies are moving away from VPN as the security perimeter even as VPN technology itself keeps getting baked into the broader Zero Trust stack.

So What's Actually Going On

VPNs stopped being a niche tool for IT departments and privacy nerds a while ago — the market size and the billions of users make that pretty clear. What changed isn't the technology itself; it's what people need protection from. Less hackers, more geopolitical fragmentation, commercial surveillance, and pricing algorithms working against you. None of those three pressures are going away, which is presumably why the encrypted tunnel isn't either.