BEIJING (Reuters) – A Chinese telecoms carrier said it had begun closing virtual private networks (VPNs) and other tools that can bypass the so-called Great Firewall, which state authorities use to filter and block traffic between Chinese and overseas servers.
A spokesman for Guangzhou Huoyun Information Technology Ltd, which operates in around 20 cities across China, told Reuters the company received a directive from authorities to start blocking services from midday on Tuesday.
Enlisting telecoms firms will extend China’s control of its cyberspace – which it believes should mimic real-world border controls and be subject to the same laws as sovereign states.
While the Great Firewall blocks access to overseas sites, much like a border control, telecoms firms can filter and censor online access at a more granular level, in the home and on smartphones.
“The telcos have methods at their disposal that the Great Firewall may not,” said Philip Molter, Chief Technology Officer at Golden Frog, which operates VyprVPN, a popular VPN in China. “Because these routers deal with far less traffic, they can block more aggressively using more resource intensive methods.”
The telecoms firms have taken up their new filtering roles under a law introduced in January, and set to come into full effect next March. Experts say this could lead to increasingly targeted attacks on VPNs, one of the few tools Chinese can use to access overseas internet services.
A member of China-based anti-censorship site GreatFire.org, who goes by the pseudonym of Charlie Smith, said the authorities were shifting the responsibility to the telecoms firms.
“This is a major step towards closing whatever windows are still left open,” he said.
The latest moves come after dozens of popular China-based VPNs have been shut down in recent weeks, and there have been rolling attacks on overseas VPNs.
This week, users also reported partial blocks and delays in the encrypted messaging app WhatsApp, the latest western social media tool to be hit. And researchers found that messages related to Liu Xiaobo, a dissident and Nobel laureate who died from cancer in custody last week, disappeared from local messaging apps.
VPN services say they are bracing for further blocks in the run-up to this autumn’s Communist Party Congress.
President Xi Jinping, who has overseen a marked sharpening of China’s cyberspace controls, including tough new data surveillance and censorship rules, is expected to consolidate his hold on power at the Congress, which takes place every five years.
The January regulations make telecoms providers and other internet service providers (ISPs) liable for filtering and blocking unlawful network tools, according to the Ministry of Information Industry and Technology (MIIT).
Beyond VPNs, experts say the telecoms firms could potentially bar a range of services, and even prevent mobile apps from being installed.
“Much of the usage we see from China is via mobile devices, so limitations on this kind of functionality would hit a large number of Chinese,” said Golden Frog’s Molter.
Yet, despite the ambitious plans, the authorities will likely struggle to put up the blanket safeguards necessary to cripple foreign VPNs by March, experts say.
“There’s been an ongoing game of cat-and-mouse with China and VPNs … we’re optimistic that VPNs will continue to be accessible from China for the foreseeable future,” said a spokesman for ExpressVPN, noting its user numbers continue to grow in China.
Small businesses hit hard
While VPNs with foreign servers, including VyprVPN and ExpressVPN, play cat-and-mouse with regulators, quickly patching blocks and developing workarounds, small business owners say they have been hard hit by the rapid loss of local VPNs.
“Our small logistics business has just imploded”, said one business owner on the Weibo microblogging site, adding she could no longer access foreign sites despite trying several new VPNs.
Large numbers of free or low-cost VPN services flourished in Chinese app stores in the 18 months or so prior to the recent blocks.
“The ministry says we must apply for a licensed [VPN] … and we have to buy Chinese services,” one person operating a small online media site told Reuters, asking not to be named. “If the website touches on social and political news, we have to hand over the platform account passwords. Of course, if we still had a VPN this wouldn’t be the case.”
The MIIT did not respond to a request for comment. It said last week that the new measures were not intended to harm business interests, and has previously said it would allow businesses to operate VPNs licensed by the government.
“These newest measures are one more hurdle for Chinese users to jump, in what is turning out to be an extremely long steeplechase,” said GreatFire.org’s Smith.
(Reporting by Cate Cadell; Editing by Ian Geoghegan)