Roskomnadzor, the Russian federal agency responsible for blocking hundreds of foreign websites and aggressively suppressing VPN services, is now proposing to build its own state-controlled VPN - specifically to let the country's IT specialists access the very platforms it has restricted. The plan, disclosed at a June 8 meeting between the regulator's deputy head, Oleg Terlyakov, and representatives from several Russian IT companies, was first reported by the independent outlet The Bell. It is a striking admission that Russia's internet controls have begun to damage the industries the Kremlin needs most.
A Problem Built by the Regulator Itself
The complaint that triggered the meeting was straightforward: Russian developers can no longer reliably reach essential foreign tools. GitHub, the world's dominant code-sharing platform, is periodically inaccessible. Package repositories for the Python programming language - foundational infrastructure for software development - have been disrupted. Figma, a widely used interface design tool, is effectively off-limits. These are not obscure resources. They are the basic utilities of modern software work, and cutting developers off from them is roughly equivalent to restricting an engineering firm's access to technical specifications and component suppliers.
Roskomnadzor's answer is not to lift the restrictions. Instead, the regulator is proposing a single, centralized VPN service for "those who really need it." The phrasing matters: rather than acknowledging that the restrictions themselves are the problem, the proposal frames selective access as a privilege to be administered. That framing already tells developers a great deal about how the tool would work in practice.
Why Developers Are Calling It "Shady"
The reaction from Russia's IT sector has been blunt. Multiple sources who attended or were briefed on the June 8 meeting described the proposal as "shady," and their reasoning is technically sound. A VPN, at its most basic level, is an encrypted tunnel: traffic travels from the user's device to a VPN server before reaching the open internet, shielding the connection from interception at the network level. The privacy guarantee depends entirely on who controls that server and what they do with the data passing through it.
Reputable commercial VPN services earn user trust primarily through independently audited no-logs policies - independent verification that the provider does not record which sites users visit or when. A state-run VPN operated by the same agency that enforces internet censorship offers no such assurance. Quite the opposite: routing all developer traffic through a single government-managed gateway would give Roskomnadzor detailed visibility into which international platforms Russian developers are accessing, how often, and potentially what they are retrieving. As one source told The Bell, "Cutting off Russians from international development tools will be even easier if everyone starts using the same VPN." Centralizing access also centralizes the ability to revoke it.
There are international dimensions to the risk as well. A state-operated gateway associated with a sanctioned government entity could complicate access from the other direction - foreign platforms may restrict or scrutinize connections originating from a known Roskomnadzor infrastructure node. The proposal, several commentators noted, also risks entrenching a two-tiered internet, where a privileged class of approved users gains conditional access while others remain blocked.
The Deeper Contradiction in Russia's Internet Policy
Russia has spent years trying to build a self-sufficient digital economy - an ambition the Kremlin has consistently paired with tightening control over what its citizens and professionals can see online. These two goals are structurally in conflict, and the state VPN proposal is the clearest illustration yet of where that conflict leads.
Since April, Russian internet service providers have been legally required to detect and block active VPN connections, adding a new layer of technical enforcement to years of service-level blocks. Roskomnadzor has also been accused of deploying distributed denial-of-service attacks against VPN providers to disrupt their operations - an extraordinary measure that, if accurate, marks a significant escalation. Yet Russian officials have also publicly acknowledged that a comprehensive VPN ban is "simply impossible." The technology is too distributed, too embedded in legitimate business operations, and too easy to reconfigure to be stamped out entirely.
What remains when aggressive blocking fails is not a free internet - it is an internet where access requires the regulator's permission. The state VPN proposal, whatever its stated purpose, fits that pattern precisely. It doesn't restore access; it replaces one set of restrictions with a supervised corridor. For Russia's developers, who depend on global collaboration and open-source infrastructure by the very nature of their work, a tool that solves the access problem while introducing a surveillance risk is unlikely to feel like a solution at all.
