Why the Netflix Crackdown on VPNs Will Ultimately Fail

Ads by Google

If you’re a Netflix user, the quality of the service you’ll get is entirely contingent upon where you live, as huge swathes of the company’s video library is under tight geographic restrictions.

If you live in the UK, you won’t be able to stream any Star Trek, for example, as CBS hasn’t licensed that out to Netflix in your region. On the other hand, if you live in the U.S., you won’t be able to watch as many BBC shows as someone living in the UK.

To get around this annoyance, users have taken to using VPNs (Virtual Private Networks) and proxy services like the perennially-controversial Hola Unblocker. These allow people to bounce their connections through servers and computers located in different countries, in order to disguise their real origins. For example, a user sitting in England could use an American VPN connection, appearing as though they were situated in the United States.

However, that might not be viable for much longer. According to a recent blog post by Netflix, the streaming media company will soon be cracking down on VPN users in order to satisfy the license holders from whom it sources the majority of its content. So, how will Netflix’ ban work? And exactly how effective will it be?

“Evolving Proxy Detection”

Unsurprisingly, Netflix is staying silent about the technologies and strategies it will use to identify VPN and proxy users. Its announcement (which was titled “Evolving proxy detection“, a name so bland, it could only have been intentional) only gave a vague time-frame of the introduction of these changes. Apparently, they’ll be rolled out “in the coming weeks“.

But we can make some informed assumptions about how they will work.

Ads by Google

First, let’s state the obvious. You probably connect to Netflix through a residential or business Internet connection, provided by a standard retail ISP like Cox, Comcast, AT&T, or Google Fiber.

VPN servers aren’t located on these retail networks, nor are they located in residential areas. They tend to be based in expansive data centers on rented servers, where they use a specialist ISP which can cope with high-traffic applications, and don’t have any of the traffic-shaping measures that are present on residential Internet connections. Just by looking at where the inbound connection is coming from, Netflix should be able to block VPN connections.


It could, of course, build a blacklist of known VPN servers, and deal with it that way. Given that VPN servers use static IP addresses, they’re especially vulnerable to this approach.

It’s also worth noting that VPNs are vulnerable to errors in configuration that could expose where the end user is coming from. Two months ago we talked about how one simple error in how port-forwarding andnetwork address translation (NAT) is set up could expose a VPN user’s IP address. It may be a bit of a stretch, but perhaps Netflix is privy to some common issue in VPNs that the rest of the world is not.

There are other clues that can identify VPN users. If someone is watching Netflix in the U.S., then immediately switches to watching British Netflix, before again changes to Canadian Netflix 10 minutes later, it would be safe to assume that person is using some form of VPN or proxy technology. Even Concorde wasn’t that fast.


So, what about services like Hola? These offer the same functionality as a VPN, but with one key catch: the connections aren’t being passed through servers in data centers, but rather the network connections of other Hola users.

We’re not sure how Netflix will go about dealing with this. If you have any ideas yourself, we would love to hear about them in the comments below.

If the above fails, Netflix has a silver bullet in their arsenal. The company could simply stop users from accessing Netflix in regions other than where they’re based. This will be hugely unpopular, especially with the “road warrior” demographic, but it would certainly be effective.

How Effective Will It Be?

Right now, there’s no way to be certain about how effective Netflix’ blocking system will be. It’s worth pointing out that Netflix is no fly-by-night company, nor is it an early-stage startup. It has been around for almost 20 years, it’s got some very deep pockets, and some incredibly bright engineers on staff. Therefore, we’re confident the company will be able to create a solution that blocks the vast majority of VPN users.

I’m also confident that somebody, somewhere will be able to defeat these blocks through a solution that’s both exotic and complicated, and thereby inaccessible for the vast majority of people who previously used VPNs.

It’ll be an arms race, much like the one we have seen raging over ad-blocking technology. The immediate response to AdBlock by the content and advertising industry was to release AdBlock blockers. AdBlock adapted. As did the people who built AdBlock blockers, which released more sophisticated countering tools. There’s no sign of this war ending anytime soon.

It’ll be interesting to see whether this results in a resurgence of people downloading films and TV shows illegally. The reality is that as a result of the proliferation of services like Spotify and Netflix, rates of online piracy dropped exponentially. You can tell just by looking at global percentages of network traffic.

In 2004, BitTorrent represented around one-third of global internet traffic. Another 10 years on, and that has plunged to just six percent. Netflix, on the other hand, now accounts for 36.5 percent of downstream traffic during peak hours in North America. The numbers speak for themselves.

The reason for this is that Netflix and Spotify both allow people to access the content they want through an affordable, convenient, and, above all, legitimate service. If people suddenly found themselves unable to access the content they want, it would make sense for them to revert back to piracy. Especially in regions where Netflix offers a second class service.

Doomed to Fail

OK, so this is an unwelcome turn in events. A lot of Netflix customers are deeply frustrated with the proposed change.

Despite that, I’m personally not all that concerned, because I know that any attempt to crack down on users will provoke a fierce backlash from users. There’s the technological element I mentioned earlier. It’s only a matter of time until someone releases a workaround, rendering Netflix’s VPN blocking regime redundant.

Tech lore is full of examples of this. Perhaps the most striking example can be found in the DRM wars of the early 2000s. Back then, the nascent digital media sector was being hamstrung by onerous DRM (Digital Rights Management), which ultimately crippled the user experience. DVDs were almost impossible to rip. Music downloads from iTunes, Napster, and Rhapsody couldn’t be played anywhere else. Even Steam, which is now a service beloved by gamers, had a DRM system that was inconvenient and broken.

The ensuing backlash resulted in the virtual obsolescence of DRM. Songs are now shipped in DRM-free MP3 and M4A format. You can now download a DVD ripper from the official Linux repositories. As for Steam, it’s now a more stable, less inconvenient service, which comes with a number of popular value-added extras like achievements and trading cards.

DRM failed, like VPN blocking will fail.

Add to that the fact that Netflix doesn’t even want to do this. Its official announcement drips with reticence. The company describes geographical restrictions as a “historic practice,” which implies it thinks it’s archaic and pointless. It also talks about hoping to not have to deal with them one day:

We look forward to offering all of our content everywhere and to consumers being able to enjoy all of Netflix without using a proxy. That’s the goal we will keep pushing towards.

Moreover, this is the first time since Netflix first launched its streaming service that it’s clamping down on VPNs. That’s significant when you consider that the company first launched its video-on-demand service in 2007, and as recently as 2015 its bosses denied that they would block VPN users from accessing the service. It’s transparently obvious that Netflix’ arms are being twisted by license holders.

Given Netflix’ increasing clout, it seems likely that, one day, the company will be able to persuade rights-holders to license their content worldwide on an even footing. Given that Netflix recently boosted its service to 190 countries, and have aspirations of being the world’s foremost video-on-demand platform, that will likely be sooner rather than later.

In the meantime, we can expect Netflix to place greater emphasis on original content, which it can share with all of its customers without asking for permission from anyone else.

Do you use Netflix with a VPN? Are you scared you’ll lose access to a library from another region? Do you think Netflix has a surefire way of killing VPN use? Or is the company just saying what rights-holders want to hear? Please let us know your views in the comments section below.