Iran

Iran has more than 150 Internet Service Providers or companies advertising themselves as such. Many of these services have been privatized since 2009 but that does not mean they have become fully independent of the government. The leading ones are still linked to the government and all are accountable to it. This biggest one, DCI, is owned by the Revolutionary Guards. .Novinnet,Shatel,Asretelecom,Pardis,Persian-net,Tehrandat,Neda,Askiran and Tavana are the other leading ISPs.

Figures[1]:

  • Population: 77 million
  • Number of Internet users: 25.2 million
  • Internet penetration rate: 32.8%
  • Journalists in prison : 26
  • Netizens in prison: 20
  • Netizen killed in past year: 1

Iranian Internet – fact and fiction

Iran has been connected to the Internet since the mid-1990s. For economic and political reasons, the authorities have developed the communications infrastructure to the point that Iran has the biggest number of Internet users[2] in the region. Iran’s Internet depends on the Mullah regime, which controls infrastructure, technology and regulatory bodies, and has imposed repressive legislation.

While most Iranians get their news from television[3], the Internet plays a key role in circulating news and information thanks to dissidents and independent news providers. They report developments or views ignored by the traditional media, and cover government repression. The authorities often accuse social networks of being tools in the pay of western powers that are plotting against the government.

Internet connection speed has become an indicator of the political situation and the government alert level. On the eve of dates or anniversaries that could give rise to demonstrations, the connection speed is slowed right down to prevent the circulation of photos and videos. The Iranian Internet is not more politicized than in other countries, but it is definitely more closely watched. What marks it out is the fact that anything straying from the official line is automatically deemed to be “political” and subject to filtering or surveillance. Fashion, cuisine and music websites are often blocked just as opposition and independent news websites are.

“Halal Internet”

For the past decade, the government media have talked intermittently about the apparently insane project of creating “Our Own Internet” in Iran but it is finally beginning to take shape. The regime accelerated implementation in September 2012 on the grounds of a series of cyber-attacks on Iran’s nuclear installations[4].

The construction of this parallel Internet, with a high connection speed but fully monitored and censored, is supposed to be completed in the very near future. It is intended that all Iranian websites will be hosted on local servers. Applications and services such as email, search engines and social networks are to be developed under government control[5]. This Intranet’s imminent nationwide launch is disturbing. It will allow large-scale surveillance and the systematic elimination of dissent.

For the time being, only government offices are connected to the national Internet but it seems that the general public will eventually have no choice but to use it too. According to the information obtained by Reporters Without Borders, the government plans to reduce the international Internet’s connection speed (which is already limited to 128Kb/s[6]) and to increase the cost of subscribing to it, in order to make subscribing to the faster national Internet much more attractive.

Technical surveillance

“In reference to the Cyber Crimes Law, access to the requested website is not possible.”

“In reference to the Cyber Crimes Law, access to the requested website is not possible.”

The Islamic Republic of Iran possesses a technological and legislative arsenal that allows it to keep its Internet under close surveillance. Filtering, control of Internet Service Providers, prohibitions, and monitoring of email content, chats and VoIP conversations are all legal.

The complexity of Iran’s internal politics and the approaching elections lend an additional opaque, unpredictable and at times apparently illogical character to the “legal” surveillance. Theblocking of pro-regime websites and the outcry from government officials that followed the blocking of Google in Iran are examples of this.

“Official” surveillance and political infighting

The current political situation is such that it is almost impossible to determine the criteria for blocking content. The number of authorities, institutions, commissions and committees with responsibility for Internet management has grown ever since Mahmoud Ahmadinejad became president. They subject the Iranian Internet to an illogical and uncoordinated rollercoaster on the basis of often divergent political interests.

Internet Service Providers must register with the government and websites must get a licence from the Telecommunication Company of Iran (TCI). Blogs must also “register” with the Ministry of Culture and Islamic Guidance before being carefully scrutinized by the Working Group for Determining Criminal Content[7] and the Supreme Council for Cyberspace,” which is headed by President Ahmadinejad and consists of government ministers, Revolutionary Guards and supporters of the Supreme Leader[8].

To ensure that online content does not contravene the spirit and “values of the Revolution,” filtering is carried out at all levels by such means as blacklists, keywords, URLs [9] and IP addresses that are often shaped by internal political tension. Conservative opinion websites (such as Amir Hassan Sagha’s blog and Mehdi Khazali’s blog[10]) and pro-Ahmadinejad sites (such as the Shomanews website) are among those that have been blocked. Several pro-Ahmadinejad bloggers were prosecuted by the Tehran prosecutor’s office in 2012 for criticizing supporters of Ayatollah Ali Khamenei. More and more journalists with conservative media are falling victim to the infighting between Khamenei and Ahmadinejad factions.

Censorship also affects less controversial subjects such as fashion or certain online games such as Travian[11]. And it goes without saying that keywords related to pornography are banned from search engines.

The Iranian authorities monitor access to both sites hosted abroad and those hosted in Iran. The sites of foreign media (both English and Persian-language media) are often blocked, or even copied or hijacked. The BBC, for example, discovered in January 2013 that Iranian Internet users trying to visit the bbcpersian.com website were being redirected to persianbbc.ir, whose content was much more in line with the values of the Revolution[12]. Similarly, the sites of Voice of America,Kaleme and Jaras can only  be accessed with circumvention tools.

Targeting social media

The head of the Iranian police, Esmaeil Ahmadi Moghadam, announced[13] in January 2013 that the government was developing technology that would enable better surveillance of social networks, above all Twitter and Facebook. By means of “intelligent control,” it would be possible to “avoid the evils of social networks” while “benefitting from their useful applications,” he said, presumably meaning that the Supreme Leader’s Twitter account will be accessible but not those of government opponents or western journalists. Since government officials have a presence of social networks, Moghadam clearly thinks controlling them would be “more effective” than blocking them outright.

Although there are reasons for doubting Iran’s ability to create the necessary infrastructure[14], the project is nonetheless disturbing, especially as the long blocked leading social networks such as Facebook and Twitter have been accessible again since 20 February 2013[15]. Far from being a positive development, this probably signifies a new form of user surveillance.

Technical tools

The tools used by the Iranian authorities to monitor and control the Internet include not only filtering mechanisms but also, sources told Reporters Without Borders, data interception tools of the DPI (Deep Packet Inspection) type. Reports[16] and research have found Chinese products being used to monitor the Iranian population, products implicating leading Chinese companies such as ZTE[17] and Huawei[18]. The DPI provided by Huawei to Mobin Net, the leading national provider of mobile broadband, can be used to analyse email content, track browsing history and block access to sites. The products that ZTA sold to the Telecommunication Company of Iran (TCI) offer similar services plus the possibility of monitoring the mobile network[19].

European companies are the source of other spying and data analysis tools. Products designed byEricsson[20] and Nokia Siemens Networks[21] (later Trovicor) have been detected. These companies sold SMS interception and user location products to Mobile Communication Company of Iran and Irancell, lran’s two biggest mobile phone companies, in 2009[22]. They were used to identify Iranian citizens during the post-election uprising in 2009.

More astonishingly, the use of Israeli surveillance devices has also been detected in Iran. The network traffic management and surveillance device NetEnforcer was provided by Israel to Denmark and then resold to Iran[23]. Similarly, US equipment has found its way to Iran via the Chinese company ZTE[24]. As well assurveillance tools, the Iranian authorities use man-in-the-middle attacks. These are designed to intercept data meant to be sent to secure (https) sites [25].

Powerful institutional apparatus

The government runs or controls almost all of the country’s institutions for regulating, managing or legislating on telecommunications. The creation of theSupreme Council for Cyberspace in March 2012 showed how the government centralizes authority for Internet surveillance. This council now determines digital policy. The Supreme Leader appointed President Ahmadinejad to head it. The council has authority over Internet Service Providers. According to its general secretary, Mehdi Akhavan Behabadi, it is responsible for taking major decisions and coordinating Internet-related bodies.

When the sector was privatized in 2009, it was no surprise that the Revolutionary Guards’ bid for the Telecommunication Company of Iran (TCI) was successful. The TCI owns the country’s leading Internet Service Provider. The Revolutionary Guards also run the Centre for the Surveillance of Organized Crime and its official websiteGerdab. The site has actively participated in tracking down netizens, calling on the public to denounce them[26]. The Revolutionary Guards also control the powerful Working Group for Determining Criminal Content and have thereby been responsible for a great deal of online censorship and arrests of independent news providers.

The Ministry of Culture and Islamic Guidance (MCIG), the Ministry of Intelligence and the Ministry of Information Technology and Communication also have a say in Internet surveillance and control but their decisions are affected by internal political rivalry. The MCIG, which is close to Ahmadinejad, recently asked mobile phone operators to screen for inappropriate text messages regarding the next elections[27]. This did not please all of the country’s leaders because the Communication Regulation Authority qualified the announcement, saying that only “commercial” messages would be screened.

On February 26th Ahmadinejad named one of his lieutenants, Mohamed Hassan Nami[28], who has a doctorate in state management from the University of Pyongyang, in charge of the Ministry of Information Technology and Communication[29]. A North Korean-trained military officer is clearly unlikely to relax IT and communication legislation.

As well as these regulatory bodies, there is also a cyber-police force called the FETA. This body was responsible for a January 2012 decree imposing new regulations on Internet cafés, under which customers have to show ID and agree to being filmed by surveillance cameras, and managers are required keep the video recordings, full identity details and browsing history of customers for six months.

Increasingly repressive legislation

The 1979 Iranian constitution enshrines freedom of expression and prohibits surveillance except when provided for by the law. Article 25 says. “Examination of (the contents of), and non-delivery of, letters; recording and divulging of telephone conversations; disclosure of telegraphic or telex communications; censorship, pruning or non-transmission of messages; tapping and bugging and any kind of investigation are all forbidden, unless when so ordered by the law.” Article 24 says: “Publications and the press have freedom of expression except when there is infringement of the basic tenets of Islam or public rights[30].”

The exceptions allowed by these two articles have been exploited to the hilt by the authorities. The 1986 press law, (amended in 2000 and 2009 to include online publications) allows the authorities to ensure that news providers do not “attack the Islamic Republic,” “insult the Supreme Leader” or “disseminate false information.” The amendments require online publications to obtain a licence.

The Islamic Republic crossed a new threshold in 2009, two weeks after President Ahmadinejad’s disputed reelection, when it promulgated the Computer Crime Law (CCL). It provided for the creation of the Working Group for Determining Criminal Content, which now decides what does or does not comply with the Islamic Republic’s laws (and therefore what may or may not be published). The CCL requires all ISPs to keep a record all data uploaded or downloaded by users, with severe penalties for failing to comply. Posting illegal content or using roundabout methods to access blocked content is punishable by long jail terms. The working group’s members nonetheless do not agree on the illegal nature of circumvention tools such asVPN[31], and the Islamic Republic produces and sells its own so-called “halal” VPNs.

Main violations of freedom of information

The combination of these powerful technological arsenals, a legislative straitjacket and political infighting is an explosive mixture that demolishes the Iranian people’s right to freedom of information. The start of 2013 has seen a wave of “preventive” arrests ahead of the June 2013 election. The regime clearly wants to head off widespread protests – relayed by the media and Internet – of the kind that accompanied the June 2009 election.

On 27 January 2013, now known as “Black Sunday,” the authorities searched the offices of five Tehran-based newspapers (Etemad, Arman, Shargh, Bahar and Aseman), arrested 15 journalists (on or around that day), and announced that many other journalists would be summoned before tribunals[32]. Following surveillance by the Iranian intelligence agencies, these journalists are being accused of “collaborating with the West and counter-revolutionaries based abroad.” Another dozen or so journalists, netizens, political activists and civil society representatives were summoned or arrested in the provinces three weeks later[33]. During interrogation, they were warned that any activities in connection with next June’s presidential election would be met with reprisals. They were also asked to name their Facebook and Twitter contacts and give the reason for their relationships with them.

Ahmad Bakshaysh, a member of parliament’s National Security Committee, told Roozonline on 18 February that the head of cultural affairs at the intelligence ministry had told him: “These arrests are preventive. Their aim is to prevent the activities of a network inside and outside the country in the run-up to the June 2013 presidential election (…) This network encourages journalists to interview various government officials in order to highlight their differences (…) Since their arrest, some of them have understood their errors and are ready to testify to this (…) I think he was referring to televised confessions.” Reza Tajik, an Iranian journalist who is now a refugee in France, explained that, as well as spying on journalists and intimidating them, “investigators subject journalists to psychological pressure during questioning so that they confess to espionage activities.” Tajik added: “These confessions are filmed and then broadcast on TV.”

Mahmoud Ahmadinejad’s second term as president has been marked by the surveillance and censorship of journalists and bloggers, in which many have been arrested. One blogger, Sattar Beheshti, who was jailed on 32 October 2012, died in detention in still unknown circumstances. The information available indicates that he died from blows received during interrogation. No one has been arrested for his death and no independent investigation has been carried out.

The regime tries to infiltrate journalist networks both inside and outside the country. Saeid Pourheydar, a journalist who was arrested in 2010 and mistreated during interrogation, said the intelligence officers who questioned him brandished transcripts of his phone conversations and printouts of his emails and SMS messages[34]. Fellow inmates told him they had had similar experiences. Such interrogation methods are widespread and are indicative of the degree to which journalists are spied on in Iran.

Journalists who have gone into exile or who are working abroad, especially those working for Radio Free Europe or the BBC, often receive emails containing malware. Some phishing attempts have been successful. When foreign journalists are allowed to visit Iran, their movements and their online activities are closely monitored. When they connect to the Iranian Internet, their data is immediately spied on if they fail to use secure communication and anonymization tools.

The repression will almost certainly keep on growing in the run-up to the June 2013 election.

Technical Solutions

- Virtual Private Network (VPN)

Virtual Private Network technology (VPN) can be used to circumvent content blocking and censorship in Iran. The Iranian state sells this kind of technology in order to profit from the growing demand and to discourage netizens from getting it from abroad. Despite the Computer Crime Law (see above), it is legal to use an IranianVPN in Iran. But foreign VPNs are forbidden. Nonetheless, they are the only ones that should be used. The Iranian state is not gullibly providing people with technology to circumvent its own censorship. The VPN provider is in a position to monitor and analyse all traffic through the VPN. While traffic is encrypted from the client’s computer to the VPN server, it ceases to be encrypted between the server and the Internet. Those who control the VPN server (the Iranian authorities in the case of Iranian state VPNs) are completely free to observe and analyse traffic.

- The Onion Router (Tor)

Tor is an anonymization tool that protects the user’s private data while browsing. In Iran,Tor can be used when access to VPNs is blocked, but its use slows the browsing speed right down. Internet users prefer VPNs and regardTor as a temporary alternative. UsingTor is banned and the Iranian authorities can ask Internet Service Providers to identifyTor traffic, which is easy to recognize and see where it is coming from. There is nonetheless a way to disguiseTor traffic:Obfsproxy. According to its developers, ISPs cannot detectTor traffic when Obfsproxy is running.

Tips

The Iranian government’s surveillance resources are changing all the time so the advice given below should be used with care because, while valid today, it may not be tomorrow. Keeping abreast of developments and the dangers to which you are exposed is therefore essential in order to adopt appropriate solutions.

  • Do not use Iranian VPNs. Using a VPN controlled by the Iranian authorities is not a good idea. Soon or later it will be like throwing yourself into the lion’s jaws.
  • The regime does not yet have the resources for keeping millions of Internet users under surveillance. You should be able to fend off most threats if you adopt basic precautions such as regularly updating your operating system and software applications, using antivirus and VPN software, and systematically using the https protocol whenever possible.
  • Basic “electronic hygiene” should prevent your computer from being infected by spyware: do not clinks on links from an unknown sender; do not download software when you do not know the sources; do not accept contact requests from strangers on social networks; and always identify the sender of an email before opening any attachment.
  • When long blocked websites such as Facebook, YouTube or Twitter are suddenly accessible again, it will often be because the authorities are trying to use a man-in-the-middle attack to capture users’ names and passwords. Using a VPN not only allows you to circumvent censorship; it also and above all allows you to elude network surveillance by encrypting all communication between you and the VPN server.