[nradov]

Companies can ask the federal agencies responsible for enforcing sanctions in advance whether particular actions are compliant or not. If you make a good faith effort to work with them they won't come down hard on you. Bureaucrats prefer cooperation rather than dealing with the hassle of enforcement; it's just less work for them.

[mehrdada]

This.

Similarly, Google Cloud Platform blocks IPs from Iran, because I suspect they don't have a big-enough customer that pushes them to enable it. Some lazy-ass product counsel at Google does not have the balls to do the right thing and just decides to ban entire countries from accessing their customers' services because it's easier to be conservative.

Amazon, for example, operates in the same country and decides to interpret the law differently, despite being a bigger player. One more reason to not use Google Cloud.

(The irony is that the Iranian government is also fully aligned and likes to block things, so the poor people have to deal with the mess and circumvent blocking from both sides.)

[baroffoos]

I'd expect most of the population is using a VPN to access the internet now.

[mehrdada]

I haven't visited in about a decade so don't have a full picture. I'd say a lot of people have access to a VPN, but would not go as far as to say they are always connected to a VPN.

[sandworm101]

But enforcement actions at this level always have a political twist to them. You can get permission one year, then a new person is appointed to head the agency or the sanctioned country does something. Now the permission you got last year isn't worth the paper it is printed on.

[nradov]

That's just not how it works. I defy you to show us a single case where a company was punished for a sanctions violation based on an action for which they previously received written approval. Federal judges don't tolerate that nonsense.