Internet Censorship in Iran: Findings from 2014-2017 agrabeli September 28, 2017 This post is part of a series that highlights OONI reports which examine internet censorship in various countries around the world. Today, in collaboration with ASL19, ARTICLE 19 and Small Media, the Tor Project’s Open Observatory of Network Interference (OONI) team published a research report on internet censorship in Iran. This study reveals and confirms censorship events through the analysis of thousands of network measurements collected from 60 networks across Iran over the last three years. OONI’s network measurement data clearly shows evidence of information controls across Iranian ISPs. This post provides an overview of key findings. Read the full report here. Pervasive internet censorship We confirm the blocking of 886 domains (and 1,019 URLs in total) in Iran over the last three years, most of which include news outlets and human rights sites. A wide range of different types of sites were blocked, with blocking extending beyond a simple definition of legality. Both the breadth and scale of internet censorship in Iran is remarkable. Notable blocked domains include: News websites: bbc.co.uk, voanews.com, dw-world.de, arabtimes.com, cbc.ca, reddit.com, russia.tv, aawsat.com, iranshahrnewsagency.com, iranpressnews.com, iranntv.com, tehranreview.net. Opposition sites: People’s Mojahedin Organization of Iran, Worker-Communist Party, Labour Party (Toufan), Komala Party of Iranian Kurdistan, National Council of Resistance of Iran (NCRI). Pro-democracy sites: National Democratic Institute (NDI), National Endowment for Democracy (NED). Blogs of Iranian political activists: Ali Afshari and Ahmad Batebi. Human rights sites: Center for Human Rights in Iran, Human Rights & Democracy for Iran, Iran Human Rights, Human Rights Watch, Human Rights Campaign, Human Rights First. Kurdish sites: kurdistanpress.com, kurdistanmedia.com, Kurdish Human Rights Project. Baha’i sites: bahai.org, bahai.com, bahai-education.org, bahai-library.com, bahairadio.org. Women’s rights sites: feminist.com, feminist.org, AWID. LGBTQI sites: Grindr, lesbian.org, transsexual.org, ILGA. Sites promoting freedom of expression: Free Expression Network (FEN), Free Speech TV, Committee to Protect Journalists, Freedom House, Reporters Without Borders, ARTICLE 19. Digital rights groups: ASL19, The Citizen Lab, Herdict, Global Voices, Electronic Frontier Foundation (EFF), The Centre for Democracy and Technology (CDT). Blogging platforms: wordpress.com, blogger.com, blogspot.com, persianblog.com. Search engines: google.com, duckduckgo.com. Communication tools: viber.com, paltalk.com. Social networks: twitter.com, facebook.com, pinterest.com, myspace.com, 4chan.org. Media sharing platforms: youtube.com, vimeo.com, instagram.com, netflix.com, flickr.com, metacafe.com. Anonymity and censorship circumvention tool sites: torproject.org, psiphon.ca, openvpn.net, freenetproject.org, anonymouse.org, anonymizer.com, megaproxy.com, ultrasurf.us, hotspotshield.com. The full list of observed blocked domains is available here. Internet censorship in Iran is quite sophisticated. ISPs were found to serve block pages through DNS injection and through the use of HTTP transparent proxies. Most ISPs not only blocked the same sites, but they also used a standardized set of censorship techniques, suggesting a centralized censorship apparatus. We find that Iran regularly blocks both encrypted (HTTPS) and unencrypted (HTTP) access to sites, making censorship circumvention harder. In the past, when sites like Instagram did not support HTTPS, it was reported that Iranian ISPs would selectively censor content, rather than block access to entire domains. Today, we primarily see blocking of domains, including HTTPS access, since it’s not possible for the censor to tailor censorship to specific content of encrypted sites. This indicates that Iranian ISPs may have shifted their practices from applying “smart filters” (only censoring specific web pages) to “blanket censorship” (censoring entire services). Censorship in Iran is not limited to websites. Facebook Messenger was blocked through DNS tampering. Other popular communications apps, like WhatsApp and Telegram, remained accessible during the testing period. Internet censorship in Iran is reinforced through the extensive blocking of multiple censorship circumvention tools. OONI tests revealed blocking of the Tor network in many networks across Iran. Some Tor bridges, which are offered to help circumvent censorship, remained partially accessible. Iranian ISPs also appear to be taking extra steps to limit censorship circumvention. We found online translators, such as SYSTRAN and Babylon Translation, to be blocked. Pasting a URL into an online translator will provide access to the site’s content, even if that site is blocked. Online translators can therefore provide a form of censorship circumvention, possibly explaining why we found them to be blocked. Non-deterministic internet censorship Iranian ISPs do not appear to block sites consistently over time. Rather, they were found to flip between blocking and unblocking sites, possibly in an attempt to create uncertainty on whether a site is actually censored or to make the censorship more subtle. The example below shows how an ISP blocked and unblocked access to google.com. probe_asn domain calc_blockpage count AS31549 google.com not-blocked 15 AS31549 google.com not-blocked 18 AS31549 google.com not-blocked 19 AS31549 google.com ir-iframe-1 18 AS31549 google.com not-blocked 18 AS31549 google.com not-blocked 17 AS31549 google.com ir-iframe-1 19 AS31549 google.com not-blocked 16 AS31549 google.com not-blocked 18 AS31549 google.com ir-iframe-1 19 AS31549 google.com not-blocked 17 AS31549 google.com not-blocked 19 AS31549 google.com not-blocked 18 AS31549 google.com not-blocked 17 AS31549 google.com not-blocked 18 AS31549 google.com not-blocked 18 AS31549 google.com not-blocked 18 AS31549 google.com ir-iframe-1 19 AS31549 google.com not-blocked 18 AS31549 google.com not-blocked 17 AS31549 google.com ir-iframe-1 18 We also found ISPs to be blocking the same sites with different techniques. probe_asn domain calc_blockpage count AS31549 bbc.com dns-blk-0 2 AS31549 bbc.com ir-iframe-1 1 AS31549 bbc.com dns-blk-0 2 AS31549 bbc.com ir-iframe-1 16 AS31549 bbc.com ir-iframe-1 15 AS31549 bbc.com not-blocked 1 Most ISPs in Iran implemented non-deterministic internet censorship during the testing period. A database of these observations is available here. National and international politics are influential Political relations appear to influence how information controls are implemented in Iran. Multiple Israeli domains were found to be blocked. These include government sites, news outlets (haaretz.com), sports sites (basket.co.il), and a mail provider (mail.walla.co.il) among others. Blocking of Israeli domains is not limited to those expressing criticism towards the Iranian government or which host illegal content, suggesting that Iranian ISPs likely block Israeli domains indiscriminately, regardless of their content. The breadth of Israeli domain blocking also indicates that politics influence how information controls are implemented in Iran. The blocking of usaid.gov and cia.gov likewise suggests that political tensions between Iran and the U.S. have led to internet censorship actions in the country. U.S. export laws and regulations, on the other hand, restrict the use of services in Iran. Norton (a popular antivirus program) and GraphicRiver (a site for graphic designers and illustrators) were inaccessible because they block access from Iran. Virus Total, a site that enables its users to upload and scan files and URLs for malware, was also inaccessible. Virus Total uses Google App Engine (GAE), a web framework and cloud computing platform, commonly used for hosting sites and for domain fronting (a technique for censorship circumvention). We found that IP addresses originating from Iran were blocked by Google from accessing these services. This has been known since (at least) 2010 and, like Norton and GraphicRiver, Google blocks access to GAE from Iran in compliance with U.S. export laws. Internet censorship in Iran also appears to serve as a tool for the reinforcement of geopolitical power dynamics. Over the last century, there has been an ongoing separatist dispute between the Kurdish opposition in western Iran and the Iranian government. According to Amnesty International, many Kurdish human rights defenders, community activists and journalists have faced arbitrary arrests and prosecution. The blocking of numerous Kurdish sites, including news outlets and human rights sites, appear to be politically motivated. Reproduce our research This study is part of an ongoing effort to monitor internet censorship in Iran and around the world. Since this research was carried out through the use of free and open source software, open methodologies and open data, it can be reproduced. Anyone can run ooniprobe on Android, iOS, macOS, Linux, and on Raspberry Pis. Tens of thousands of ooniprobe users from more than 200 countries have already done so. Thanks to their testing, millions of networks measurements have been published, shedding light on information controls worldwide. But censorship findings are only as interesting as the types of sites and services that are tested. We therefore encourage you to contribute to the review and creation of test lists, to help advance future research in Iran and beyond. To learn more about this study, read the full report here. Continue reading...
