Shabtabnews In this dark night, I have lost my way – Arise from a corner, oh you the star of guidance.
Iranhumanrights.org – A few months after the Iranian government launched the first phase of its “national information network” (NIN), many questions still surround Iran’s domestically hosted, state-controlled and censored internet.
In this article, the International Campaign for Human Rights in Iran discusses ten critical questions about NIN, the country’s most expensive internet-related project.
Progress on NIN reflects the continuation of the state’s efforts to restrict Iranians’ access to information by promoting state-approved content. First proposed ten years ago, the project remains plagued by conflicting claims regarding its purpose, its functionality, and the security it provides to users.
NIN currently coexists alongside pre-existing internet services. Today, users in Iran can still access the global internet, albeit heavily censored and filtered by state authorities—and they can bypass state filtering controls if they have censorship circumvention tools that enable unfiltered internet access.
But if all available online content in Iran were hosted on servers based inside the country in a controlled environment—as the NIN project appears geared towards—then the Iranian government would theoretically be able to monitor, restrict, and censor all online activity much more efficiently. It remains to be seen if that goal is a viable option.
1) What exactly is NIN?
NIN’s official name, like its mission, has changed over the past 10 years. What Iranian officials initially called the “national internet,” also referred to by them as “halal” (permissible in Islam) internet, has now been launched as the “national information network.” For the purposes of this report, the Campaign uses NIN to refer to Iran’s recently launched national internet project.
When NIN was first proposed, many speculated that the government aimed to cut off its population from the World Wide Web (global internet) by forcing all citizens to exclusively use NIN, but officials soon realized that achieving that goal was nearly impossible. Isolating the country from the rest of the internet would paralyze many public and private institutions that require access to websites and networks based abroad. Every user would also have to be issued an access code, which would require complicated planning and processing.
Due to its nature, no internet can be completely controlled because it always allows the possibility of a user uploading unapproved-state content in a covert way before it is quickly removed. That said, the continued development of NIN implies that—impossible or not—hardliners are still pursuing that goal.
As of today, NIN is a “closed network” wherein Iranian users can access government-approved sources of online content—including search engines, email, and financial websites—exclusively through domestic servers. These servers, and all the user data they store, can be easily accessed by security agencies, including the Intelligence Ministry, the Revolutionary Guards’ Intelligence Organization, the National Security Council, and Iran’s cyber police.
If the project could satisfy all the desires of the security establishment, NIN would be the only available internet option in Iran. Nevertheless, according to research by the Campaign, NIN does not properly function as a “national internet” or even a “national intranet” (a local or restricted communications network). The only promise the expensive project can keep so far is providing faster speeds and cheaper access rates to government-approved online content exclusively hosted on Iranian soil—while functioning as a means to further monitor and restrict user activity.
2) How much money has been spent on NIN?
First proposed during the administration of former President Mahmoud Ahmadinejad (2005-13), exactly how much money has been spent on NIN in the past 10 years remains unknown. However, according to statements from officials, the Campaign’s research indicates that at least 6 billion dollars of public and private sector funds have been put into the project.
In the budget for the Iranian year of 1384, ending March 20, 2006, the government had allocated about one billion dollars for the NIN project. But between 1386 and 1388, (March 2007 and March 2009), Iran’s Parliament only approved 566 billion tomans ($180 million USD) for the project’s infrastructure. In August 2007, the Telecommunications and Information Technology Ministry allocated an additional 350 billion tomans ($111 million USD) to the project.
In the years that followed, billions of public and private sector dollars poured into the project. “In the past three years, 20 trillion tomans ($6.3 billion USD) have been expended on this project,” said Vice President Eshagh Jahangiri in a speech at the inauguration ceremony. He added that the government had contributed 20 percent of that figure while 80 percent had come from the private sector.In January 2016, additional funds for the project were dropped from the Sixth National Development Plan in a move that was widely criticized by conservatives. To appease them, Telecommunications and Information Technology Minister Mahmoud Vaezi denied the cut on social media. The Campaign was unable to verify exactly how much the administration of Hassan Rouhani has expended on the project.
In 2013, when he was campaigning to become president, Rouhani advocated improved internet freedom. While his administration has failed to follow through on his promise, it remains engaged in an ongoing tug of war battle with political hardliners over the issue.
Despite Rouhani’s promise, hardliners maintain and enforce a robust censorship regime on all domestic internet traffic, routinely blocking and banning non-state approved content as it appears on the radars of security agencies. NIN was envisioned by hardliners as the most effective way to implement that regime.
3) Does NIN cut off users from the World Wide Web?
Iranian officials have denied that NIN would block all user access to websites hosted outside of Iran, but this is untrue. The Campaign has learned that some internet providers that offer NIN, including AsiaTech, are already explicitly telling customers that they would not be able to surf websites hosted abroad while using NIN.
In the list of services offered by Iranian internet provider AsiaTech, customers are warned in red that choosing the NIN option would block access to the World Wide Web.
4) Why did the Iranian government create NIN?
The government began developing NIN during the Ahmadinejad administration with the ambitious goal of further restricting the public’s access to web content by only offering government-approved and domestically hosted online content, and to improve the online data security of governmental agencies, the security establishment, and major institutions, such as banks. Officials also said a domestic network would decrease prices and increase access speeds.
The security establishment has put the most pressure on the government to complete NIN, but the end result is not as extensive or powerful as officials claim.
“We were working on this project, but we had to stop in the middle because there was a lot of pressure from the security forces to cleanse the network of any [religious, cultural and political] impurities,” said a former NIN project contractor, who asked the Campaign not to be identified, on August 30, 2016. “NIN is not even an Intranet. It has been reduced to a closed content-delivery network (CDN) using Cisco Caching Servers.”
A CDN is a network of proxy servers deployed in multiple data centers throughout a territory aiming to serve online content to end-users reliably and quickly. Prior to the launch of NIN, the Rouhani government was already using CDNs in various parts of the country to expedite online access if users were trying to access websites hosted within Iran (externally hosted websites could only be accessed at slower speeds) and to appease hardliners who wanted to further control online user activity. At this phase of the project’s launch, NIN only offers CDNs using Cisco servers.
5) Why did Iran’s security agencies push for NIN?
Speaking to the Campaign, the contractor said that security agencies, particularly the Revolutionary Guards, were instrumental in pushing NIN during a high-level governmental meeting in 2016, where internet policies were discussed. The Revolutionary Guards, which own the Telecommunications Company of Iran (TCI), has been a strong proponent of gaining full surveillance over online traffic.
“In most policy meetings the security agencies are represented by anonymous individuals participating under false names who believe that the internet cannot be controlled, and therefore their only solution is to close it off from within the country. This is the same policy put forward by the Ahmadinejad administration. They want their own internet,” the contractor told the Campaign.
The Campaign’s research indicates that the supreme leader, Ali Khamenei, has personally insisted on NIN’s implementation. Most recently, on August 24, 2016, shortly before NIN’s launch, Khamenei said in a speech: “The National Information Network is a very important domestic project that has not gone forward. Our friends in the government all believe in this project, but it hasn’t gotten anywhere. God Willing, we must follow up on this so that we don’t cause irreversible damage.”
6) Will NIN improve the safety of Iranian user and government data?
Even though experts unanimously agree that complete online security and privacy is impossible, Esmail Radkani, a NIN project manager, assured users in May 2006 that their data would be more secure on NIN than it would be on the World Wide Web. Radkani meant that on NIN, users would be provided with DDoS (“distributed denial-of-service”) protection and access to anti-phishing tools. But these user security measures are weak and outdated compared to the sophisticated malware, which can be introduced into any closed network, that are constantly being developed by states and criminals.
NIN is less vulnerable to a DDoS attack, a favored tactic of Iranian cyber security agencies in shutting down websites run by political or ideological opponents. However, NIN users wouldn’t need to protect themselves against those kinds of attacks because they’d be much less likely to upload non-state-approved content in the first place.
In 2010, the U.S. and Israeli intelligence agencies collaborated to infect Iranian computers with a sophisticated virus to disrupt Iran’s nuclear program. Iran’s institutions would remain vulnerable to similar attacks within NIN.
Actions taken by Iran’s security agencies strongly indicate that they wish to fully control cyberspace by all means, often by going above Iran’s own laws to more efficiently access the online accounts and restrict the activity of their targets. NIN, if it is fully developed, would bring that goal closer to reality.
If NIN reaches its final phase of development, all users would have to register and receive an identity number, according to Deputy Telecommunications and Information Technology Minister Nasrollah Jahangard. All data belonging to these unique identity numbers would be individually saved, making it easy for network administrators to conduct surveillance and restrict user activity.
7) Does NIN offer advantages to Iran’s online users?
As already mentioned, NIN offers faster speeds than internet services in Iran that allow access to the global internet, but domestically hosted servers using CDNs already offered those speeds.
NIN will be cheaper than internet options that allow access to the World Wide Web, according to officials. “The cost of using NIN should be a third of the world wide web’s cost,” said AsiaTech’s (ISP) technical vice president, Shahab Vahabzadeh. “… In other words, if a user is charged a certain amount to use Google, he/she would pay a third of the cost for using Zoomit (website hosted inside Iran) and accessing domestic websites.”
To summarize, besides exclusively providing cheaper and exclusively government-approved content based on Iranian soil, NIN offers nothing new.
8) Why does Iran want to store all online data on domestic servers?
All of Iran’s domestic content and traffic could be handled and managed by servers inside the country, but many companies and individuals avoid them in favor of more secure servers based abroad, according to Vaezi. “Company executives have told me in private that they prefer to have their servers managed abroad because if they are filtered, they won’t lose their foreign customers,” he said at a technology conference in Tehran on March 8, 2016.
User data stored on domestic servers can be controlled and monitored by state agencies. News media outlets, which are already heavily censored in Iran, also operate under the assumption that their domestically hosted website could be shut down by the government at any time. On August 31, 2016, several news websites hosted on domestic servers were blocked by security agencies for publishing an official report on corruption in Tehran.
9) How did Iran equip NIN?
Most of the hardware used for NIN was procured through the black market as international sanctions have prevented the Islamic Republic from gaining unrestricted access to the latest technologies. The former NIN project contractor who spoke to the Campaign under the condition of anonymity said that the Cisco servers used for the project were purchased from middlemen without service contracts or warrantees, which could result in technical problems in the future.
The lack of access to more reliable hardware through normal and official channels has already caused some technical impediments from the perspective of security agencies. In August 2016, when the Tehran prosecutor ordered nine websites to be shut down, some of them could still be accessed after they were blocked due to malfunctioning hardware.
10) What does online content look like on NIN?
In NIN internet content would be closely monitored by the Iranian authorities, thus reducing the government’s need to filter politically sensitive material. In this kind of environment, users would also be less likely to post content that could offend the authorities in the first place.
Those who use NIN’s domestic search engine would also not be able to access any web results located abroad. For example, if they tried to access banned sites through a Google search, a message would pop up indicating that they were blocked from accessing Google. Google search engines use secure sockets layer (SSL) cryptographic protocols for secure communications over a computer network, which Iran’s cyber army has been able to disrupt—with NIN, this ability remains in use.
The search results for the BBC Persian Service’s website on the ParssiJoo Iranian search engine.
For example, when users type “BBC Persian,” which is banned in Iran, in the ParssiJoo domestic search engine, the results show a number of propaganda sites set up by Iran’s security agencies. Other websites that provide independent news or carry political content deemed impermissible by the Islamic Republic face the same fate on NIN.
