The Kremlin moves to control the Internet
Russian parliamentarians passed legislation that will, among other changes, establish a central register of banned websites. The new laws are ostensibly designed for child protection; but the real aim is to take control over the country’s burgeoning social networks.
On 11 June the State Duma passed amendments to the laws ‘On the protection of children from information deemed harmful to their health and development’, ‘On information’, ‘On communications’ and the Code of Administrative Offences at the second and third readings. The main gist of the draft law is that from 1 November 2012 Russia will have a Single Register of sites and web pages to be blocked (‘Single Register of domain names, internet page selectors and URLs identifying sites in the internet containing information banned in the Russian Federation’). For the first time the Kremlin will have at its disposal the facilities for blocking access to internet resources across the whole of Russia.
The principle of Internet censorship is, of course, not a new one to the Russian authorities. For some five years now, regional and city prosecutors have been busy implementing regional court decisions that required providers to block access to forbidden sites. Up until now this has been done unsystematically, so that sites blocked in one region remained accessible in others. The Register, which is to be compiled by a special federal organisation, will remove this problem.
It seems that the new system will be modelled on the one that is currently used to block extremist bank accounts. In this process, the Office of the Prosecutor General, the Ministry of Justice, the Investigative Committee and the Ministry of the Interior submit data to a central agency (in this case: Rosfinmonitoring, the Federal Financial Monitoring Service). The agency compiles and updates a central database of ‘organisations and physical entities known to be involved in extremist activities or terrorism.’ The List is sent to all organisations operating in the areas of finance and property and is available for downloading via a password-encrypted area of the Rosfinmonitoring site. People in charge of internal monitoring in banks are in their turn obliged to check that a given client is not on the black list. If he is, the bank has 24 hours to submit data about him and his company to Rosfinmonitoring, who are then able to close down his operations.
The same principle will apply for the Register of banned websites: as soon as a website appears in the Register, the service provider will have 24 hours to block access to it.
After the Arab Spring, the Kremlin gave serious thought to developing facilities for averting 'enemy activity' on the Russian Internet. The problem has been under discussion since the summer of 2011 at various levels: the heads of state of the Collective Security Treaty Organisation members, prosecutors general and the security services. The growth of political activism in Russia and the role of social networking in mobilising protestors only increased the paranoia. It seemed, however, that the security services were unable to devise an effective strategy to deal with the problem.
In March, Irina Borogan and I wrote that immediately after the Arab Spring the security services started developing a strategy for the blogosphere and social networking sites, but had not managed to come up with anything before the December protests. They were used to dealing with threats of a more traditional nature and were confused when faced with a protest organisation with no centre, but instead worked through the social networking sites. Our sources in the secret services said then that they were powerless to deal with these sites, especially any that were based on servers outside of the country such as on Facebook and Twitter ('What can we do if [the pro-Chechen] Kavkazcenter opens a page on Facebook?' was their rhetorical question).
On 27 March of this year, this failure was indirectly recognised by the First Deputy Director of the FSB, Sergei Smirnov. At a meeting of the Regional Anti-Terrorist Structure within the Shanghai Cooperation Organisation, Smirnov referred directly to the relevance the Arab Spring has in terms of current thinking. He said: ‘New technologies used by Western special services to create and maintain a level of continual tension in society with serious intentions extending even to regime change…Our elections, especially the presidential election and the situation in the preceding period, revealed the potential of the blogosphere.' Smirnov stated that it was essential to develop ways of reacting adequately to the use of such technologies and confessed openly that 'this has not yet happened.'
The Register of banned websites is clearly one of the measures devised in the subsequent months.
The Register is ostensibly for the protection of children, but from the very beginning it was clear that this was no more than a pretext. Apart from references to child pornography and paedophilia, the draft law contains a paragraph to the effect that those compiling the Register will also draw on court decisions involving the banning of websites. These decisions currently refer mainly to radical sites or opposition sites accused of extremism. This paragraph is an obvious attempt to impose a system on the hitherto un-coordinated efforts of provincial prosecutors to block banned sites in their own regions. There will now be a special state organisation responsible for ensuring that within 24 hours sites become inaccessible throughout the whole of Russia.
Filtering on a nationwide basis will be supported organisationally by ministries; there will also be technological backup.
The text of the draft law states that the Register will list not only domain names and URLs, but individual page selectors too. To block sites, providers will have to buy expensive DPI (deep packet inspection) equipment, which enables the provider to split the traffic into separate streams, dividing up audio, video, images, spam etc. With this equipment a provider will be able to block requests for, and from, specific addresses; the provider will also be able to turn off individual services – for example, to completely block internet-telephony i.e. Skype, which has so far been difficult to monitor.
DPI will address the problem of Facebook, which is a source of such irritation for officers of the Russian security services. Special services in Uzbekistan, for example, compel local providers to use DPI to change the URLs of discussion groups in social networks.
Once it has been set up, this nationwide system for filtering Internet traffic will always be available, ready for use against anyone deemed dangerous by the authorities. Until recently, Russian security officials were always impeded by their technological backwardness.
Up till now, the best the St Petersburg division of the FSB could do was to send a fax to Pavel Durov, founder of the social network Vkontakte [Rn. ‘in contact’], requiring him to close down protest groups. This was 20th century technology, but the Register, with its essential DPI component, will put Russian security officials at the vanguard of countries with web censorship. The world's leading manufacturers of telecommunications equipment are more than happy to provide DPI equipment (including China's Huawei, the US company CISCO, Canada's Sandvine or Israel's Narus, now owned by Boeing), and it is already in operation in Pakistan, China, Iran and the Middle East. According to Infonetics Research data, the world market for DPI products is already worth 470 million USD a year and the projected growth by 2016 is 2 billion USD.
Our State Duma is making sure that the Russian share of this market will be extremely significant.
Published on OpenDemocracy 12.07.2012