Using a VPN May Subject You to NSA Spying | WIREDSkip to main contentMenuSECURITYPOLITICSTHE BIG STORYBUSINESSSCIENCECULTUREREVIEWSMenuAccountAccountNewslettersSecurityPoliticsThe Big StoryBusinessScienceCultureReviewsChevronMoreExpandThe Big InterviewMagazineEventsWIRED InsiderWIRED ConsultingNewslettersPodcastsVideoLivestreamsMerchSearchSearchDell CameronSecurityMar 26, 2026 9:32 AMUsing a VPN May Subject You to NSA SpyingUS lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surveillance.Photo Illustration: WIRED Staff; Getty ImagesCommentLoaderSave StorySave this storyCommentLoaderSave StorySave this storySix Democratic lawmakers are pressing the nation's top intelligence official to publicly disclose whether Americans who use commercial VPN services risk being treated as foreigners under United States surveillance law—a classification that would strip them of constitutional protections against warrantless government spying.In a letter sent Thursday to Director of National Intelligence Tulsi Gabbard, the lawmakers say that because VPNs obscure a user's true location, and because intelligence agencies presume that communications of unknown origin are foreign, Americans may be inadvertently waiving the privacy protections they're entitled to under the law.Several federal agencies, including the FBI, the National Security Agency, and the Federal Trade Commission, have recommended that consumers use VPNs to protect their privacy. But following that advice may inadvertently cost Americans the very protections they're seeking.The letter was signed by members of the Democratic Party’s progressive flank: Senators Ron Wyden, Elizabeth Warren, Edward Markey, and Alex Padilla, along with Representatives Pramila Jayapal and Sara Jacobs.The concern centers on how intelligence agencies treat internet traffic routed through commercial VPN servers, which may be located anywhere in the world. Millions of Americans use these services routinely, whether to access region-restricted content like overseas sports broadcasts or to protect their privacy on public Wi-Fi networks. Because VPN servers commingle traffic from users in many countries, a single server—even one located in the United States—may carry communications from foreigners, potentially making it a target for surveillance under authorities that allow the government to secretly compel service from US service providers.Under a controversial warrantless surveillance program, the US government intercepts vast quantities of electronic communications belonging to people overseas. The program also sweeps in enormous volumes of private messages belonging to Americans, which the FBI may search without a warrant, even though it is authorized to target only foreigners abroad.The program, authorized under Section 702 of the Foreign Intelligence Surveillance Act, is set to expire next month and has become the subject of a fierce battle in Congress over whether it should be renewed without significant reforms to protect Americans' privacy.Thursday’s letter points to declassified intelligence community guidelines that establish a default presumption at the heart of the lawmakers' concern: Under the NSA's targeting procedures, a person whose location is unknown is presumed to be a non-US person unless there is specific information to the contrary. Department of Defense procedures governing signals intelligence activities contain the same presumption.Commercial VPN services work by routing a user's internet traffic through servers operated by the VPN company, which may be located anywhere in the world. A single server may carry traffic from thousands of users simultaneously, all of it appearing to originate from the same IP address. To an intelligence agency collecting communications in bulk, an American connected to a VPN server in, say, Amsterdam looks no different from a Dutch citizen.The letter does not assert that Americans' VPN traffic has been collected under these authorities—that information would be classified—but asks Gabbard to publicly clarify what impact, if any, VPN use has on Americans' privacy rights.Among those pressing the question is Wyden, who as a member of the Senate Intelligence Committee, has access to classified details about how these surveillance programs operate and has a well-documented history of using carefully worded public statements to draw attention to surveillance practices he is unable to discuss openly.The letter also raises concerns about a second, broader surveillance authority: Executive Order 12333, a Reagan-era directive that governs much of the intelligence community's foreign surveillance operations and permits the bulk collection of foreigners' communications with even fewer constraints than Section 702.While 702 is a statute with congressional oversight that requires approval from the Foreign Intelligence Surveillance Court, EO 12333 surveillance operates under guidelines approved by the US attorney general alone.The letter warns that the same foreignness presumption applies under both authorities, meaning Americans on foreign VPN servers could be exposed not just to targeted collection under 702 but to what the lawmakers describe as “bulk, indiscriminate surveillance of foreigners' communications.”Americans spend billions of dollars each year on commercial VPN services, many offered by foreign-headquartered companies that route traffic through servers located overseas. The letter notes that these services are widely advertised as privacy tools, including by elements of the US government itself.Despite the scale of the market, the letter suggests consumers have been given no meaningful guidance on how to protect themselves.The lawmakers urge Gabbard to “clarify what, if anything, American consumers can do to ensure they receive the privacy protections they are entitled to under the law and the US Constitution.”Updated at 12:38 pm ET, March 26, 2026: This story has been updated with additional details to clarify the scope of the potential surveillance addressed in the letter.CommentsBack to topTriangleYou Might Also LikeIn your inbox: Upgrade your life with WIRED-tested gearNvidia plans to launch an open-source AI agent platformBig Story: He built the Epstein database—it consumed his lifeShould you leave your phone charging overnight?Watch: How right wing influencers infiltrated the governmentDell Cameron is an investigative reporter from Texas covering privacy and national security. He's the recipient of multiple Society of Professional Journalists awards and is co-recipient of an Edward R. Murrow Award for Investigative Reporting. Previously, he was a senior reporter at Gizmodo and a staff writer for the Daily ... Read MoreSenior Reporter, National SecurityTopicssurveillanceprivacyNSAFBIVPNspyinglawPolicyRead MoreHow Trump’s Plot to Grab Iran's Nuclear Fuel Would Actually WorkExperts say that an American ground operation targeting nuclear sites in Iran would be incredibly complicated, put troops’ lives at great risk—and might still fail.Caroline HaskinsThe Amazon Spring Sale Isn’t Amazing, but Travel Favorite Cadence Capsules Are Worth a LookThis viral magnetic travel-toiletry system is rarely on sale, and this discount is legitimately good.Kat MerckThe Best Deals From the Amazon Spring SaleThis sale spans almost an entire week, and it’s full of fake “deals.” We hunted to find truly good prices on gear we’ve tested.Louryn StrampeMeet the Tech Reporters Using AI to Help Write and Edit Their StoriesIndependent writers are using AI agents all throughout their reporting process. What’s the value of a human journalist, anyway?Maxwell ZeffOur Favorite E-Readers Are on Sale Right NowAmazon's Spring Sale has multiple of our favorite e-readers discounted, including one that's now under $100. Nena Farrell This Premium Gaming Headset Is $80 Off on AmazonThe SteelSeries Arctis Nova Pro is feature-packed, with endless battery life, a comfortable fit, and ANC.Brad BourqueA $20 Billion Crypto Scam Market Faces a New Government CrackdownThe Telegram-based Xinbi Guarantee black market sells services that help prop up scam operations. British officials just hit the highly lucrative marketplace with sweeping sanctions.Matt BurgessThe Sony Afeela Was Doomed to FailA six-year EV rollout ends with a thud.Aarian MarshallUsing a VPN May Subject You to NSA SpyingUS lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surveillance.Dell CameronSenators Demand to Know How Much Energy Data Centers UseIn a letter sent Thursday morning, Elizabeth Warren and Josh Hawley press the Energy Information Agency to mandate annual electricity disclosure for data centers.Molly TaftHow to Buy Ethical and Eco-Friendly ElectronicsElectronic waste, conflict minerals, and poor labor conditions are just a few issues blighting the tech industry. Here’s how to shop more sustainably.Simon HillThis Groundbreaking Omega Watch’s Accuracy Is Calibrated Using SoundThanks to a novel way of testing precision using acoustics, the Constellation Observatory is the first watch with no seconds hand to achieve Master Chronometer status.Jeremy WhiteWIRED is obsessed with what comes next. Through rigorous investigations and game-changing reporting, we tell stories that don’t just reflect the moment—they help create it. When you look back in 10, 20, even 50 years, WIRED will be the publication that led the story of the present, mapped the people, products, and ideas defining it, and explained how those forces forged the future. WIRED: For Future Reference.More From WIREDSubscribeNewslettersLivestreamsTravelFAQWIRED StaffWIRED EducationEditorial StandardsArchiveRSSSite MapAccessibility HelpReviews and GuidesReviewsBuying GuidesStreaming GuidesWearablesCouponsGift GuidesAdvertiseContact UsManage AccountJobsPress CenterCondé Nast StoreUser AgreementPrivacy PolicyYour California Privacy Rights© 2026 Condé Nast. All rights reserved. WIRED may earn a portion of sales from products that are purchased through our site as part of our Affiliate Partnerships with retailers. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Condé Nast. Ad ChoicesSelect international siteUnited StatesLargeChevronItaliaJapónCzech Republic & SlovakiaFacebookXPinterestYouTubeInstagramTiktok

The use of Virtual Private Networks (VPNs), frequently employed by American consumers for privacy and access to geographically restricted content, is facing increasing scrutiny from a group of Democratic lawmakers led by Senator Ron Wyden and Representative Pramila Jayapal. This letter, addressed to Director of National Intelligence Tulsi Gabbard, raises serious concerns about the potential for VPN usage to inadvertently compromise Americans’ constitutional protections against warrantless surveillance, as mandated by US law. The core of the concern rests upon the operational mechanisms of VPNs and how intelligence agencies perceive internet traffic routed through them. VPNs, by their design, mask a user’s actual location, presenting a different IP address to the destination server. Due to this obfuscation, intelligence agencies often presume that communications originating from an unknown source – such as one connected to a VPN – are foreign, triggering a default presumption that the user is not a United States citizen. This presumption, embedded within the NSA’s targeting procedures and corroborated by Department of Defense signals intelligence operations, effectively strips the user of the protections afforded to individuals whose location is known.

The legal framework underlying these concerns is primarily rooted in Section 702 of the Foreign Intelligence Surveillance Act (FISA), which allows the US government to intercept vast quantities of electronic communications belonging to individuals overseas. Critically, this same authority is also applied to communications involving Americans, even though the FBI’s warrant requirements explicitly target foreigners abroad. The lawmakers highlight the inherent conflict within the system: the government’s ability to engage in bulk collection of foreign communications, coupled with the presumption that an unknown origin – like a US user connected via a VPN – is inherently foreign, opens the door to potential misuse of data.

Furthermore, the letter focuses on Executive Order 12333, a Reagan-era directive that significantly relaxes the constraints on intelligence gathering by permitting the indiscriminate bulk collection of foreigners’ communications. The same foreignness presumption applies under both 702 and EO 12333, creating the possibility of “bulk, indiscriminate surveillance of foreigners’ communications” extending to individuals utilizing VPN services, even if those services are located within the United States. The implications are considerable, as millions of Americans rely on VPNs for purposes ranging from accessing region-locked streaming services to safeguarding their online privacy on public Wi-Fi, unknowingly exposing their communications to potential surveillance scrutiny.

Wyden, a prominent member of the Senate Intelligence Committee with extensive knowledge of surveillance practices, emphasizes the urgent need for clarity. The letter doesn't assert that Americans’ VPN traffic has been collected under these authorities—that would undoubtedly be classified—but demands a public statement from Gabbard outlining the impact, if any, VPN use has on the privacy rights of American citizens.

The legal debate surrounding VPNs extends beyond Section 702 and EO 12333. The lawmakers acknowledge the commercial market for VPN services, many of which are operated by foreign-headquartered companies, and the lack of meaningful guidance provided to consumers regarding the protection of their privacy. The concerns revolve around the potential for intelligence agencies to target users connected through these services, particularly if the VPN servers are located in foreign jurisdictions. The widespread adoption of VPNs combined with the existing surveillance landscape creates a significant risk to individuals’ constitutional rights. The demand for a public response from Gabbard underscores the perceived fragility of privacy protections in the current surveillance environment and ignites a renewed debate regarding the balance between national security and civil liberties.