It seems that more and more countries are attempting to gain control of Internet infrastructure within their borders, especially in light of the “Russian Internet Law,” and more recently a test in Iran for a homemade firewall.
For Russia, from the outside, it looks like the country has been seeking to change its Internet for a number of years. In 2012, the government started to block Internet users, within its borders, from having access to a selected number of websites based on rules it had created.
By 2015, the country created a law which required every software-as-a-service (SaaS) provider, operating within Russia, to begin keeping a Russian-based copy of all data relating to the country’s citizens. Yet, not many actually followed this law and even now, non-compliance has not had any adverse effects for these companies.
Meanwhile, in 2017, the government banned all software and websites, which enabled forms of Internet filtering, such as virtual private networks (VPNs), including websites that provided instructions to bypass blocked websites from Russian soil.
Yet, Russia’s new “sovereign Internet law,” appears, on the surface, to be an extensive experiment to test how the country could isolate itself from the rest of the World Wide Web.
Considering the Russian approach to controlling its Internet, it would seem closely linked to China’s “Great Firewall,” yet differences do remain.
The colloquial name relates to what can be accurately estimated to be the biggest set of controls imposed on a country’s Internet infrastructure globally. This “Firewall” has been possible for two main reasons.
A number of state-controlled monopolies oversee a vast range of communications within the country’s border, meaning that the decision to apply controls to its Internet was accepted by Chinese telecom firms. This helped to build the biggest infrastructure for filtering Internet traffic on the globe, with not very many choke points in or out of China. Furthermore, China introduced the Firewall in 1999, which was, of course, when Internet technologies and infrastructures were beginning to develop. This enabled the country to allow a vast ecosystem to continue evolving in an authentic and organic way.
Today, this means that nearly all Internet-based traffic between the country and the world has to travel through a very finite number of fiber-optic cables that have entry to China. With controlled international entry points confined to a small number, combined with the Ministry of Industry and Information Technology licensing and controlling Internet service providers (ISPs) within its borders, this enables the authorities to control Internet traffic.
By contrast, the Internet in Russia has relied upon integration with international Internet services for it to function. With such a framework embedded already, it will be extremely hard to enforce any form of separation now.
What could “Disconnection” look like?
The quickest and most pain-free way to enforce control over what citizens can see on the Internet is Internet Protocol (IP) blocking. This can be undertaken by having a list of IP addresses deemed undesirable and routers that drop every packet destined to blocked IPs.
However, approaches to changing domain names are not the same as altering IP addresses, which is why DNS-focused tactics are often used in combination with IP blocking. This focuses on creating false responses that could be returned by the DNS server, by an intentional configuration or DNS poisoning. When used in conjunction, IP blocking and DNS tampering approaches can cordon off selected sites to be fully censored.
In addition, routers can also be used to cause disruption to unwanted communication by taking over DNS requests that contain banned keywords, and creating forged DNS replies.
However, attempts to control a country’s Internet are not just confined to the approaches mentioned. Three other main tactics are often seen in attempts to impose some form of censorship, including:
- Self-censoring: First and foremost, as in the case of China, its government has succeeded in enabling a culture of self-censoring. For example, ISPs conduct monitoring and filtering of content, while also being lawfully required to actual self-censor. If an ISP is unable to do so, it could be liable for official warnings, monetary fines and even have its Internet license being revoked.
- Filtering of keywords: Blacklisted keywords is another approach, enabling authorities to inspect content coming and going through their pathways.
- Human enforcement: Humans are still required to moderate content, with up to 50,000 employees in the Chinese Internet police force employed to perform such a function. In this role, manual moderation of online content is undertaken, with the power to directly delete content or ordering websites, content hosts and service providers to delete material.
Is the Internet becoming a “Splinternet”?
A number of countries are attempting, or have successfully created restriction of their Internet. For example, in Saudi Arabia, the DNS is restricted and the country is able to force DNS request traffic through a controlled proxy service. In the case of Russia, it is a more severe example of trying to create some sort of governmental control over flows of traffic, requests and Internet-based services.
Yet, overall, the Internet is, for the most part, open, even now. While there is some Internet fragmentation, the “Splinternet” scenario seems a long way off.