Tag Archives: vpn

Commodity Futures Trading (Wink Wink) and Virtual Private Networks

This post begins with an image of a gambler and a commodity futures trader. But if you think the two people are identical, you are sadly mistaken.

Because commodity futures trading is obviously NOT gambling.

And anyone who says “Polymarket and Kalshi are gambling apps” is clearly misinformed.

Google Gemini.

The two referenced apps are part of the prediction market. People buy particular predictions that either make or lose money.

The fact that these predictions are not tangible commodities, but instead relate to future events such as sports games, is entirely coincidental and immaterial to how these apps should be regulated.

Despite what several states claim, regulation of prediction apps properly falls under the Commodity Futures Trading Commission (CFTC), as explained by the President of the United States in a statement.

“It is critically important that the CFTC’s exclusive authority over Prediction Markets is maintained, and that they will thrive. Under my leadership, we are setting “rules of the road” that are the Gold Standard for the States. We cannot have SCUM like Chris Christie, Letitia James, Tim Walz, and JB Pritzker setting the rules! Other Countries are after this new form of Financial Market, and we want to remain at the top.”

Under current federal law (state law is a different issue), markets regulated by the CFTC are legal in all 50 states.

Google Gemini.

Mere gambling apps use geolocation to determine whether a user can legally place a bet. For example, if an app is only legal in Nevada, you technically shouldn’t be able to use it if you and your smartphone are in Bullhead City, Arizona, or anywhere else outside Nevada.

People in CFTC markets don’t have to worry about geolocation, since they can be used in Alabama, or Oregon, or Illinois.

Or do they need to worry?

Polymarket and Virtual Private Networks (VPNs)

Anthony Kimery of Biometric Update wrote an article about “Polymarket’s VPN Crackdown.” Reportedly Polymarket is implementing “tighter enforcement against VPN use.”

“But wait, John,” you’re asking. “Who would use a VPN if Polymarket is legal in all 50 states?”

People located in any of 200 or so other countries.

Google Gemini.

“Polymarket is reportedly blocked or restricted in dozens of countries.

“And this makes VPN detection a central compliance issue. A platform can say it does not allow access from restricted jurisdictions, but that policy is only as strong as its ability to detect users who mask their location.”

Of course any restrictions to prevent illegitimate users also cause adverse friction for legitimate users. In the long term:

“The larger takeaway is that prediction markets are being pushed toward a compliance architecture that looks much more like financial services than the open, permissionless model associated with decentralized crypto platforms.”

So prediction markets, like crypto, are becoming less of a “wild West” and more of a regulated area where everybody, including federal regulators, knows your name.

Google Gemini.

Unintended Consequences of Age Assurance…and What Happens Next (VPNs vs. Zero Trust)

More and more jurisdictions are mandating age assurance (either age verification or age estimation) to access online services. Perhaps racy content, perhaps gambling content, or in some cases even plain old social media. But in a technical sense these age assurance mechanisms are a network problem…and you can just route yourself around a problem.

Your jurisdiction doesn’t allow you to visit the Sensuous Wildebeests website? Just install a virtual private network (VPN) to pretend that you’re in a different jurisdiction that allows access.

Problem solved…for now.

But Secrets of Privacy indicates what’s next:

“After the Online Safety Act triggered a 6,000+% surge in VPN usage, the House of Lords tabled an amendment to ban children from using VPNs. Under the proposal, VPN providers would have to verify the age of all UK users. The government has said it will “look very closely” at VPN usage.”

For more information on this proposal, see TechRadar.

Google Gemini.

And this is just one of many examples of government examination, and perhaps regulation, of VPN use.

But as Secrets of Privacy points out, there’s one big problem. VPN users aren’t only kids trying to dodge the law, or individuals trying to protect their privacy. There’s one very big class of VPN users who would NOT appreciate government regulation.

“VPNs are fundamental to modern business IT, which makes a “ban” hard to envision. Every corporation with remote workers uses them. Diverse industries, such as banking, law, finance, and ecom giants all depend on VPN technology. You can’t ban VPNs without breaking the backbone of modern IT systems.”

Google Gemini.

Of course, some argue that VPNs are an outmoded security mechanism. Here’s what Fortinet says:

“VPNs were developed when networks were different than they are now. Before the advent of cloud applications, resources were isolated within a secure corporate network perimeter. Now, modern networking infrastructures are being deployed that can quickly adapt and scale to new business requirements, which means applications and data are no longer contained within the corporate data center. Instead they reside across distributed multi-cloud and hybrid data center networks.

“This change has led to a rapid expansion of the attack surface, and in the face of this changing cybersecurity environment, Zero Trust Network Access (ZTNA) has received more attention as an alternative to VPNs for remote access.”

Of course, VPNs will fade away at the same time the password dies…in other words, not any time soon. And while Secrets of Privacy speculates about a two-tier solution in which corporations can use VPNs but individuals cannot…we’ll see.

Do you have trust, or zero trust, that VPNs will be regulated in ALL jurisdictions in the future?

Ask questions.