Skip to main content

Deciphering China’s VPN Ban

DEEPLINKS BLOG
August 2, 2017

This weekend Apple took a dispiriting step in the policing of its Chinese mainland App store: the company removed several Virtual Private Network (VPN) applications that allowed users to circumvent the China’s extensive internet censorship apparatus. In effect, the company has once again aided the Chinese government in its censorship campaign against its own citizens.

A commercial VPN is a private service that offers to securely relay your internet communications via their own network. The advantage of using a VPN is that all of the data you send and receive is hidden from local networks. VPNs may be hosted in a foreign country, which is useful both for protecting communications from a local government, and bypassing national censorship. It is primarily the VPNs’ censorship circumvention properties that make them threatening to the Chinese government.

Apple’s iOS has VPN capabilities built-in, but in recent years China has blocked such standard VPN protocols across their network. This has led to an explosion of applications that use their own unique methods for wrapping and encrypting iOS data. There’s only one way to provide such tools on Apple’s mobile devices, which is via the company’s centralized App Store: once removed by Apple, iPhones and iPads have no way to reach blocked foreign sites (including Google services, Facebook, and independent sources from the New York Times to Human Rights Watch).

Apple’s CEO, Tim Cook, said that he was hopeful that the restrictions would be lessened over time. But how reasonable is that hope? Is China’s recent crackdown on VPNs a foreshadowing of an even more restricted domestic internet for Chinese users and businesses, or a temporary blip that companies like Apple and independent VPN providers might expect to be able to ride out?

Enforcement of China’s internet censorship policies has historically waxed and waned, depending on the authorities’ concerns over domestic political unrest. Crackdowns can be triggered by concerns over a one-time event, such as the Beijing Olympics in 2008, or regularly-occurring events such as the Communist Party Congress or the June 4 anniversary of the Tiananmen Square protests. Crackdowns have usually been followed by an easing of restrictions after the politically-sensitive event has passed. However, since the beginning of Xi Jinping’s presidency, there have been indications that the Great Firewall as a technology, and its surrounding regulatory prohibitions, have changed in emphasis from a filter that was relatively easy for businesses, academics, and dedicated netizens to evade, into a far more draconian censorship and surveillance system.

The regulation most often cited as the grounds for the current crackdown on App Store VPNs is a temporary one, promulgated by the The Ministry of Industry and Information Technology (MIIT) in February of this year as part of a “cleansing” of the Internet. Its order, which forbids the use of unauthorized VPNs for “cross-border activities,” expires in March 2018. That period would cover the 20th anniversary of the handing over of Hong Kong to China in July, as well as the meeting of China’s 19th Communist Party Congress in November. Chinese citizens have blamed both events as the reason for the tightening of China’s internet rules.

VPNs have always been the bellwether for shifts in these firewall policies. The implementation and unlicensed use of VPNs to bypass local censorship has been prohibited in China since at least 2002. Nonetheless, for many years, individual users, private companies, and even tourist-friendly hotel chains were permitted to use them with little consequence. From 2011 onwards, however, the Great Firewall was upgraded to block VPNs by detecting their protocol, rather than on a per server basis.

This escalation crossed a line that Chinese censorship had previously avoided: rather than being a road bump to prevent popular access to forbidden foreign content, the pervasive blocking of VPNs affects small businesses, university researchers, and high-up Party members.

China’s pressure on Apple to remove consumer VPNs will ratchet up that disruption. Just as their filtering of VPN protocols shepherded users to non-standard VPN implementations in the app store, iOS users will have to seek alternative solutions, including, perhaps, switching to Android and taking advantage of VPNs sold in the over four hundred unofficial Android marketplaces, many of which sprang up after Google’s Play store was blocked in October of 2011.

By locking down their devices, Apple can be forced to strip a feature—access to the full, global internet—from its own products. When the manufacturer controls what kind of software you can have on your devices, it creates a single chokepoint for free expression and privacy.  It is Apple’s pursuit of a “Crystal Prison” model for its hardware that has led to the unpleasant compromise it’s making.

Ultimately, both Apple and the Chinese censors face a barrage of pressures, from each other, and from Chinese technology users. If Apple makes too great a stand against the China’s laws, it could be thrown out of the country. But if China pushes its censorship system too hard, it will have to face the growing frustrations of its own elite. No matter how large China’s internal net is, the country is not yet an information autarky. There’s still some hope that this crackdown will recede when the political climate improves.

How will we know which way the wind is blowing? The best indication will probably come from the Apple App Store at the end of the year, once the 19th Communist Party Congress is over. If commercial VPNs are quietly added back to the store, this move may be part of the regular ebb and flow of censorship in China. If the VPNs remain absent, it may signal an even darker turn for Chinese internet censorship, one in which Apple may find itself permanently complicit.

JavaScript license information