The strategy the Kremlin soon came up with was based on intimidation rather than technology. Accustomed to dealing with a defined hierarchy and organizations that can be coerced by targeting bosses, the Kremlin chose to put pressure on companies rather than users. While the Internet filtering system introduced in 2012 remained porous and the number of government censors limited, every pretext was used to lure Internet giants into a private dialogue with the authorities. Frightened by the constantly updated repressive legislation, top-level officials of companies like Yandex and Google rushed to the Kremlin to talk and come to terms.
This strategy was initially pretty effective. As Irina Borogan and I wrote in our book, “It didn’t take long for the Internet companies to abandon the uncensored Internet and cross the line into accepting a censored Internet in Russia. Facing a fait accompli, they focused on specifics.”
This approach started losing its edge by the fall of 2015. There were two reasons for that.
First, the Kremlin’s biggest bet was made on the data localization law that went into effect on Sept. 1, 2015 under the pretext of protecting Russians’ data against spying by the U.S. National Security Agency. According to the law, Internet companies that collect personal information from Russian users must store their data on servers within the country. The main targets of the initiative were Google, Facebook and Twitter. The goal was not only to make servers of the companies accessible to the Russian national system of online surveillance, SORM, but also to get the three Internet giants effectively landed in Russia.
In short, the Kremlin wanted to force the global Internet giants into a situation where they would be treated just like domestic ones — ready to get a call from the Kremlin, open for cooperation in removing and blocking content, with the servers directly connected to the security services and with no way to know what is intercepted by SORM.
Somehow, this offensive stalled from the very beginning. In late September 2015, the Russian authorities said that they would not check the three giants for compliance until January; the rumor was that they weren’t certain that any of the companies would obey.
Autumn passed with contradictory comments made by officials. January came and went, then February. The top Russian Internet censor, Alexander Zharov, was forced to admit that talks were still ongoing with the three companies over relocation.
Second, Russian censors insisted that the porousness of the national filtering system was not an issue because very few Russian users used circumvention tools like Tor. Privately, they believed they could crack Tor the moment they need to.
In the fall of 2015 this concept got two major blows. The research institute hired to crack Tor admitted it could not. And then in November, Zharov’s agency blocked Rutracker.org, the largest Russian-language torrents website, and immediately Russia skyrocketed to second position in the number of users of the Tor network.
A year earlier, Facebook had announced support for TOR users — people trying to access its website using TOR will no longer be impeded by the company’s security policies. This made the option of blackmailing Facebook with a possible ban and loss of all its Russian users even more distant.
By spring 2015, the Kremlin found itself desperate for a solution. The authorities made some erratic moves — some bloggers were sent to jail for writing posts critical of the Kremlin, and the idea was voiced to fine those who promote circumvention tools. Being short of options, the authorities turned east.
On April 18, Alexander Bastrykin, the head of the Investigative Committee of Russia, the equivalent of the FBI, published an op-ed urging Russia to learn from China’s Internet censorship. Ten days later, Moscow hosted the first Russia-China cyber security forum with top Internet officials from both countries in attendance. Zharov and Putin’s assistant in charge of the Internet, Igor Shchyogolev, opened the meeting. They were visibly pleased to have Lu Wei, the head of China’s State Internet Information Office, and Fang Binxing, the father of the country’s “Great Firewall,” in the conference hall of the giant concrete building of Russia Today, Russia’s major government propaganda agency.
The message conveyed by Russian and Chinese officials was strikingly identical: the buzzword of the conference was “digital sovereignty.” What they meant was made abundantly clear by Fang Binxing: the Internet is governed by American companies and the U.S. government can control these companies; thus, the Internet is under U.S. government control and other countries should guard their online space. Shchegolev was equally outspoken: “the dominance of multinational Internet companies leads to monopolization of the markets, with the state borders yet to be defined.”
But the Russian strategy to deal with this dominance failed. It was made clear by Zharov’s account of his censorship agency’s achievements — he praised Chinese companies who had moved their servers to Russia but didn’t mention any Western ones who had done the same, which was the whole point.
So what could come next?
A new battlefront just opened by both countries seems to be domain names. On March 25, China’s Ministry of Industry and Information Technology published a draft for new regulations that require companies to register Internet domain names domestically. According to experts, the new rules go further than just blocking sites — the authorities could even take the domain name. With the requirement to register a domestic domain name, the management of websites becomes more like how authorities in China regulate the media.
It also means a realization of the “white list” of websites approved by the authorities, the concept the Russians were toying with for years. Hardly accidentally, a working group was formed in Russia in February to draft plans for a nationwide white list. Most of the members of the group turned out to be the speakers of the Russia-China cybersecurity forum.
The organizers of the forum reported that the participants came up with a joint Russia-China roadmap. Remarkably, it provides for a “joint action to ensure the safety and sustainability of the national domain zones of Russia and China.”
Can the nationalization of domain names help the Kremlin and Beijing solve the problem of control over the Internet? I very much doubt it. This is an age of social networks and messengers. Today’s hottest thing on the Russian Internet, for example, are bots on Telegram, the encrypted messenger based out of the country with a good record of refusing to cooperate with the Russian authorities.
But the idea would surely have some nostalgic appeal for Putin. In 1999, Putin, who was then prime minister, had his very first meeting with the Russian Internet — a motley group of entrepreneurs, activists, bloggers and scientists — to talk about a draft law that proposed to hand over the distribution of domain names to the government. Back then, Putin wanted to impress the public with his liberalism and the draft was effectively killed off.
It was a rather different country then. In 1999, Putin didn’t fear the power of the Web. Now he does. But it seems he is still short of a solution.
Author: Andrei Soldatov