Abstract
The Chinese government uses sophisticated methods to censor the internet, from intercepting correspondence to forcing companies to prevent the ‘spread of harmful information’. Despite citizens’ attempts to circumvent barriers, it has created an robust alternative design, says cybersecurity expert
Internet pundits like to think of autocratic countries like China as ageing dinosaurs flailing about, trying to stay afloat amidst the tsunami of digital information. In truth, while the West invented the internet, gave it its original design and vision, and, latterly, assigned to it all sorts of powers and capabilities for rights and freedoms, what cyberspace will look like in the future and how it will be used will largely depend on who uses it. The internet may have been born in Silicon Valley or Cambridge, Massachusetts, but its destiny lies in Shanghai, Delhi, and the streets of Rio de Janeiro, the places where its next billion users are going to come from. China’s actions at the Internet Governance Forum (IGF) may have been ham-fisted, but they were not an accidental or ad hoc reaction. Rather, they were part of a concerted effort to control cyberspace, an effort we all need to understand in its details.
Internet cafes are routinely surveilled, and all individuals and organisations are held accountable by law for what they do and post online
‘In America, the internet was originally designed to be free of choke points, so that each packet of information could be routed quickly around any temporary obstruction,’ James Fallows wrote in the Atlantic Monthly in March 2008. ‘In China, the internet came with choke points built in.’ Fallows is referring to the Great Firewall of China (GFW), the country’s internet censorship system, subject of the IGF banner controversy, and a descriptor that is both metaphor and not.
Secrecy surrounds the GFW but it is China’s internet backbone and guardian, the country’s deepest layer of communications infrastructure through which all internet traffic must eventually pass, specifically at three international gateways that connect China’s internet to the wider world: the Beijing-Tianjin-Qingdao connection point and connections in Shanghai and Guangzhou. For a country with more than 500m internet users surfing, texting, downloading and emailing, this is a small set of funnels, but the routers automatically inspect all traffic moving in and out, acting as a kind of border patrol. Requests for content that contains banned keywords, domains or IP addresses are punted back unceremoniously. Unlike other countries that impose national internet censorship regimes and that present back to the user a ‘blocked’ or ‘forbidden’ page, the Chinese system sends a wrench into the user’s machine, a ‘reset’ packet that disables the connection and sends back a standard error message, giving the impression that the content requested doesn’t exist (‘file not found’) or that something is wrong with the internet. It’s an ingenious way to frustrate users: if you make some websites persistently inaccessible, slow, or maddeningly unreliable for long enough, most people will eventually look elsewhere. Meanwhile, certain Chinese-based content is made widely and freely available for those who want to surf a net, if not the net. What other functionalities are contained in these gateway routers – surveillance through deep packet inspection of email, for instance – is anyone’s guess, but most cyberspace analysts suspect that the gateways are designed not just to block content but also to siphon up and monitor communications.
Credit: Andrew Thomson/Sector 4 Illustration
The GFW is part of an elaborate regime of domestic cyberspace controls, one element in China’s overall information and communications strategy. It is reinforced by a thicket of laws, policies, regulations and policing up and down the ecosystem of internet communications. Contrary to principles of network neutrality, ISPs, hosting companies, websites, chat clients, and blogs operating in China are all required to police their networks. Internet cafes are routinely surveilled, and all individuals and organisations are held accountable by law for what they do and post online. According to a 2010 White Paper published by the Chinese government:
No organisation or individual may produce, duplicate, announce or disseminate information having the following contents: being against the cardinal principles set forth in the Constitution; endangering state security, divulging state secrets, subverting state power and jeopardising national unification; damaging state honour and interests; instigating ethnic hatred or discrimination and jeopardising ethnic unity; jeopardising state religious policy, propagating heretical or superstitious ideas; spreading rumours, disrupting social order and stability; disseminating obscenity, pornography, gambling, violence, brutality and terror or abetting crime; humiliating or slandering others, trespassing on the lawful rights and interests of others; and other contents forbidden by laws and administrative regulations. These regulations are the legal basis for the protection of internet information security within the territory of the People’s Republic of China. All Chinese citizens, foreign citizens, legal persons and other organisations within the territory of China must obey these provisions. If the Puritans suffered from a fear that someone, somewhere was having a good time, what can we say about the Chinese government?
If the Puritans suffered from a profound fear that someone, somewhere was having a good time, given these ‘provisions’, what can we say about the Chinese government?
China routinely downloads responsibilities to police the internet to the private sector, which must follow government regulations in order to be allowed to operate. In 2008, the Citizen Lab discovered that the Chinese version of Skype, tom-Skype, was coded in such a way that it secretly intercepted private (and encrypted) chats whenever people used any number of banned keywords –‘Tiananmen’ and ‘democracy’, to name two. Despite the outrage after the release of our report and the condemnation levelled at Skype for colluding with Chinese authorities, four years later the same system is still in place. In fact, it is now more elaborately designed and frequently updated, sometimes on a daily basis in response to current events like the ongoing dispute with Japan over islands in the South China Sea, or the controversy around disgraced Communist Party official Bo Xilai. In fact, all internet companies operating in China – Baidu, Sina, Tencent QQ, Youku, and others – are required to stop the ‘spread of harmful information’ over their networks. The policing is typically undertaken through filtering and surveillance of the type tom-Skype engages in, enforcing the use of real names in registration processes (to eliminate anonymous postings) and even direct intervention by paid officials in forums warning users not to engage in unwelcome, perhaps even illegal, discourse.
While downloading control to manufacturers of equipment and services is routine in China, occasionally there is pushback. For example, a proposal to have all new PCs manufactured in China be pre-equipped with the Green Dam censorship system met with widespread condemnation from users and was withdrawn. However, though the Green Dam was a big ‘ask’ even for the Chinese government, more often than not companies simply comply in order to do business.
The system is hardly foolproof. Researchers at Cambridge University, for instance, once demonstrated how easy it would be to disable the GFW, and even without outside meddling the gateway routers can be overwhelmed by peak usage. Also, technical means to circumvent the GFW are plentiful. Using tools like Tor, Psiphon (a circumvention tool invented in the Citizen Lab in 2006, and now a private Canadian company) and commercial virtual private networks (VPNs), many users play a cat-and-mouse game with authorities; by some estimates millions break through censorship walls on a daily basis. Chinese citizens have also proven themselves adept at outflanking and mocking the censors. Code words, metaphors, neologisms, and ingenious images circulate as internet memes are used in place of conventional terms to circumvent Skype and other companies’ filtering and surveillance regimes. So, when any reference to ‘Bo Xilai’ was censored, internet users began referring to him as ‘Gua’s Father’ instead (indicating that Bo Xilai is the father of Bo Guagua), until that term was filtered, and so on. The average Chinese user might go days without bumping into attempts of state control online, but the threat is always lurking. In this sense the system is less like 1984 and more like Jeremy Bentham’s Panopticon, a system that gives the feeling of being watched, that someone somewhere knows what you’re doing. No doubt, this creates considerable self-censorship, especially when combined with high-profile arrests of those who openly challenge the system.
It’s noteworthy that China’s cyberspace strategy – unlike, say, North Korea’s – is not aimed at completely isolating the country’s population from outside influence. Rather, it’s deliberately designed to take advantage of information and communications technologies that the Chinese see as critical to their long-term future, while maintaining political stability around one-party rule. Continued economic prosperity is essential to the legitimacy of the Chinese Communist Party, and information and communications technologies are central to a burgeoning knowledge economy. China doesn’t fear the internet; rather it embraces its own particular version of it. Indeed, the Chinese are building a robust alternative design that may actually be succeeding.