On June 30, 2020, the Chinese government passed a controversial security law on the special administrative region of Hong Kong, threatening digital safety and freedom of expression.
In the following weeks, some VPN providers have decided to leave the region.
But because we can fully protect our Ghosties’ digital privacy and security, our approach is different, and we’re keeping our server fleet in Hong Kong.
The national security law of Hong Kong
To understand this situation, you may need a bit of context. Especially since China and Hong Kong have a long, complicated history.
Learn more about internet privacy in the wake of the Hong Kong protests
The gist of it is that Hong Kong has been a British colony from 1842 up until 1997.
In 1997, the UK agreed to let capitalist Hong Kong return to Chinese sovereignty. The same China that’s a socialist state under the people’s democratic dictatorship.
Ever since then, Beijing has been asking Hong Kong to pass a national security law to little avail. And it looks like they finally ran out of patience in 2020.
The four vaguely defined crimes laid out in the new law are:
- Terrorist activities,
- Subversion against the central Chinese government,
- Collusion with foreign forces to endanger national security.
For the first time, mainland Chinese officials can now operate in Hong Kong. And Beijing may override local laws.
Privacy and human rights activists fear this opens the door for the Chinese government to force Internet Service Providers in Hong Kong to hand over user data and limit free speech.
Our Hong Kong servers stay in place
Here at CyberGhost VPN, we’re keeping a close eye on the situation in Hong Kong. We’re worried about the effects this vexed national security law might have, and it’s more important than ever to make sure the people of Hong Kong have a VPN they can rely on.
However, our servers are as safe in Hong Kong as they are anywhere in the world. That’s because we have a strict no-logs policy and rigorous procedures for maintaining our server fleet.
For example, we are the only ones who can access our servers in the data centers. From deployment to retirement, we handle everything ourselves, including the installation of our operating system. There’s no 3rd party involvement.
Our servers run on RAM-only; they are fully encrypted and have no ties to our databases or management infrastructure. Every reboot wipes them down, and even if they’re removed for the rack, they’re completely useless and can’t be accessed.
Tudor Fulga, Head of Infrastructure, CyberGhost VPN
Furthermore, we have additional server authenticity tests in place to eliminate the risk of man-in-the-middle attacks. We also use self-managed DNS servers to ensure the end-to-end protection of all online activity.
There is a risk that, in the future, we won’t be able to find data centers in Hong Kong willing to work with us and comply with our strict terms. Rest assured, if that’s the case, we’ll implement new solutions to continue serving you all in the region.
Until next time, stay safe and secure!