Hong Kong’s VPN rush: is this really the future for a free internet?

Hong Kong’s recent rush to buy VPNs signals that businesses are losing faith in the future of the region

It’s a strange litmus of the times when the download rates of VPN companies will tell you more about the sustained confidence in an economy than just about anything else.

Last week’s rush in Hong Kong to download NordVPN’s service showed that confidence guttering.

According to the company, NordVPN, which is dedicated for personal use, saw a 120x increase in downloads. NordVPN Teams, meanwhile, a solution created for businesses and remote teams, grew by 175%, compared to the previous period. 

Another VPN company, AtlasVPN, said VPN search term interest in Hong Kong sureged 1,680% in just a few days last week, reaching a record high on May 22.

"If Hong Kong falls under the same digital restrictions as Chinese citizens in the near future, theh we can expect an even higher interest in VPN services," said Rachel Welsh, COO of Atlas VPN. "Many people are used to restricted internet access. However, that is not the case in Hong Kong."

If there’s one thing that corporates and individuals fear more than China’s new national security legislation, it seems, it’s China’s version of the internet. The number of sites blocked behind the Great Firewall of China now runs into the hundreds.

Apart from well-known blocked heavy hitters such as Google, Facebook and Twitter – now the cornerstone of even bricks and mortar businesses – other equally essential sites such as WhatsApp and Microsoft OneDrive remain, at least, partially blocked.


The Viennese economist Friedrich Hayek posited the theory that economies only work as well as the information they have to hand and how well that information is shared and distributed among various actors.

This is as true for corporations as it is for economies and many treasury operations today are only as good as their internet connection.

One corporate treasurer told CT recently that even in Australia, treasurers were still having to contend with a “Netflix factor”.

“It’s been particularly difficult during the Covid lockdown too. At 4pm children cooped up at home start using the internet which puts a huge strain on the national broadband network,” the treasurer said.

“We normally have to get all of our treasury functions and TMS operations completed before that time on any given day otherwise we simply don’t have the bandwidth to complete the task on our TMS.”

If this is the situation in a well-developed first world economy, what does it mean for multinational corporations operating out of China?


For many foreign treasurers, getting an internet strategy in China can come well ahead of the myriad licences and other assorted bureaucracy that is an essential part of setting up in China.

New entrants to China need to undertake comprehensive audits of their exposure to the Great Firewall in the early stages of their market entry studies.

While some foreign services may not be formally blocked, if they are reliant on tools, plugins, and other services that are blocked, then it leads to frustrating patchiness making it essential for businesses to identify core business functions that could be at risk.

Even if a business operating in China does not have a website, many need to use Cloud services for intra-company communications and social media services for marketing that may be blocked in China.


China’s Cybersecurity Law outlines the obligations and liabilities that all individuals and companies operating in China are subject to. Two entity types exist in China under this legislation.

The first is network users, which according to the law includes entities that require international internet access for their own business purposes. The leading obligation for network users is to maintain security measures.

The second type is critical information infrastructure operators (CII Operators) and owners and managers of networks. These entities have more serious responsibilities, including stricter controls on data collection and storage.

More tightly regulated cross-border data transfer and data localization rules are among the sensitive compliance issues for these entities.

To transfer data abroad, those subject to restrictions must undertake a security review, proof of commercial need for the data, and finally gain clearance for the transfer of data. Without clearance, all data generated within China must stay in China.

Because of these restrictions, foreign tech firms like Apple have had to set up China-based data storage facilities, which come with their own privacy and security concerns.

Penalties for not complying with the Cybersecurity Law range through a spectrum with warnings, demands to make a correction, public announcements of misconduct at one end to negative national credit recordings, closing of websites, fines and revocation of business licences at the other.


By contrast, Hong Kong’s fast and functional internet speeds make doing business in the region a relief after the unpredictability of the internet in China.

Even well-established businesses in the country’s ring-fenced free trade zones can find their VPNs either lagging or down completely during  sensitive political events and anniversaries.

Sometimes coverage can be choked off for no discernible reason making unpredictability one of the largest risks China-based MNCs have to manage.

Whether Hong Kong will, in the near future, be subject to the arcane vicissitudes of China’s internet and cybersecurity laws remains to be seen, but it seems that a large number of Hong Kong-based businesses are not taking any chances.


¬ Haymarket Media Limited. All rights reserved.
Share our publication on social media
Share our publication on social media