China Aims to Wash VPNs Out of Its Hair
Jan 25, 2017 5:00 AM PT
China this week announced new measures to further restrict its citizens' access to the Internet.
The 14-month campaign appears designed to crack down on the use of Web platforms and services unapproved by the government, and on virtual private networks, which can used to access those platforms and services covertly.
While China's Internet network access services market is facing many development opportunities, there are signs of "disorderly development" that show the urgent need for regulation, the country's Ministry of Industry and Information Technology explained in a notice posted to a government website.
The coming "clean-up" of China's network access services will standardize the market, strengthen network information security management, and promote the healthy and orderly development of the country's Internet industry, the ministry noted.
In order to operate legally, Internet service providers, VPN providers, data centers and content delivery networks will have to obtain a license from the government and adhere to strict limitations.
The clean-up also places severe new restrictions on cross-border business activities. It requires that government approval be obtained to create or lease lines, including VPN channels, to perform cross-border business activities.
Those restrictions essentially will block any Chinese citizen from using a VPN -- basically, hiding their IP address and rerouting their connections to servers outside their country -- in order to access websites the government doesn't want them to see.
China is famous for controlling the information its citizens can see on the Internet with its "Great Firewall," which screens Internet traffic between China and the outside world. Any requests to see information Beijing deems inappropriate are sent to an Internet graveyard.
Among the 171 of the world's top 1,000 websites the Great Firewall blocks are Google, Facebook and Twitter, according to Greatfire.org, a censorship monitoring service. VPNs offer a way to get through the firewall, which is why the government wants to block them.
China also has taken a more proactive approach to dealing with websites that it doesn't like. It crafted a Great Cannon, which it uses to launch DDoS attacks on domains critical of Beijing.
Shaping the Narrative
China's government has attempted to restrict VPN access in the past, particularly at sensitive times, such as when the national Communist party convenes. Such a meeting is scheduled for the end of this year.
The great clean-up may be a departure from the past, however.
"This new directive may be a sign that the restrictions might become more systematic," said Cynthia Wong, senior Internet researcher at Human Rights Watch.
In the past, enforcement of VPN restrictions seemed spotty. Sometimes they worked; sometimes they didn't.
"Part of the problem with censorship in China is it's often opaque," Wong told TechNewsWorld.
"Users are often left wondering why their VPN isn't working. Is it because of technical problems or is it because of the government?" she wondered. "This needs to be viewed as part of a broader crackdown on any kind of independent media by the Chinese government. In recent years, the government has doubled down on efforts to restrict any information that diverges from its official narrative."
VPNs are used for many purposes in China, though -- among them to keep companies' discussions about their intellectual property and market strategies secure.
"I would hope industry pushes back on this, because it will be much more difficult to run innovative businesses in China without full access to information," Wong said. "It's in their interest for this to be a concern for them, and they should be concerned about corporate espionage as well."
Not Good for VPN Sales
Once the great clean-up gets under way, it's going to be difficult to sell VPNs in China.
"What they're saying is they want to listen in on VPN connections," explained Glenn Chagnot, vice president of marketing for Uplevel Systems. "In order to meet that requirement, we'd have to re-architect our product."
That's because with Uplevel's product, the encryption keys reside with the user, so the VPN provider has no way of decrypting the user's traffic.
Uplevel has limited its sales to the United States because selling VPNs internationally can be challenging, Chagnot noted.
"The technical requirements vary from country to country," he told TechNewsWorld. "What works for the U.S. doesn't necessarily work for Europe and doesn't necessarily work for China."
Asked if more and more countries are seeking the power to snoop on VPNs, Chagnot replied, "Absolutely."