Following the introduction of a new cybersecurity law on 1 January 2024, soldiers at junta checkpoints in Palaw and Tanintharyi townships in Tanintharyi Region, are searching pedestrians’ mobile phones for virtual private network (VPN) apps.

If they find any such apps on people’s phones they are extorting money from them.

According to residents of Palaw and Tanintharyi townships in Myeik District, the junta has revived its practice of checking mobile phones for VPN apps following the junta's official enactment of Cybersecurity Law No. 1/2025, on 1 January 2025.

Previously, in the early days after the February 2021 coup, when the junta first declared VPN apps illegal, phones were checked for VPN apps by junta soldiers and police throughout Myanmar and they would extort money from anyone found with a VPN app on their phone. But, the junta’s searching of phones for VPN apps had largely subsided until these recent inspections started again in Myeik District.

A driver in his 40s recounted having to pay soldiers at the Tanintharyi Bridge checkpoint in Tanintharyi Township after they discovered a VPN app installed on his phone.

He said: “Actually, I was quite familiar with them, but during the check, they found a VPN app on my phone, so I had to pay the amount they demanded.”

According to bus drivers, since 1 January checkpoints at Tanintharyi Bridge, the General Aung San Statue in Tanintharyi Township, and in Magyikone Village in Palaw Township have been conducting targeted checks for VPN apps.

If junta soldiers find VPN apps on people’s phones they often demand payments of between 10,000 and 30,000 MMK from the phone’s owner to not prosecute them.

Some bus passengers caught with VPN apps on their phones said that the junta soldiers warned them that if VPN apps were again found on their phones they would be prosecuted under the new cybersecurity law.

The new law, Cybersecurity Law No. 1/2025 under Article 419 of the Constitution, mandates penalties of up to six months in prison and/or fines of up to 2 million MMK for those caught using VPNs without approval.

Also under the law, anyone who sets up a VPN or provides VPN services without obtaining permission from the relevant ministry shall be imprisoned for between one month and six months and/or pay a fine of between one million and ten million MMK.

The new law also covers online gambling. Under the law, anyone who establishes an online gambling system without permission will be imprisoned for between six months and one year and/or pay a fine of at least five million MMK up to a maximum of twenty million MMK.

The law also includes provisions for confiscating devices and materials used in alleged cybercrimes.