By Risa Chubinsky
Two weeks ago, an anonymous federal source stated that an upcoming meeting of the Security Council was planning to discuss whether or not to develop the internal capabilities to temporarily disconnect Russia from the worldwide web (Vedomosti, September 19). President Putin seemingly settled the question at the meeting on Wednesday, October 1, stating, “We do not intend to limit access to the Internet, to put it under total control, to nationalize the Internet… Media freedoms, the right of people to receive and disseminate information—these are basic principles of any democratic state and society… We are not even considering [limiting access to the Internet]” (kremlin.ru, October 1).
However, Putin also discussed the “significant” increase in cyber attacks in the last six months, directly correlating them to political circumstances, and reiterated Russia’s need to, “…secure the stability and security of the Russian segment of the Internet” (kremlin.ru, October 1). According to somewhat contradictory statements made before and after the meeting by Russian Press-Secretary Dmitry Peskov, the original impetus for the discussion was to ensure that the Russian segment of the Internet, or “Runet”, would be sufficiently protected in case of an unexpected external shutoff (Rossiiskaya Gazeta, September 19; forbes.ru, October 1).
While research ordered by the Ministry of Communications and Mass Media (Minkomsviaz) in July supported the view that the Runet is indeed vulnerable, recently enacted Internet laws suggest that the Russian government, despite what it says, is not just trying to improve Internet security but also is incrementally increasing control over online infrastructure and access. These laws will require all email and social media services, like Twitter, Facebook, and Google, to register with the Federal Service for Supervision of Communications, Information Technology, and Mass Media (Roskomnadzor) (Rossiiskaya Gazeta, September 29), and to store user information on domestically located services (TASS, July 22; see EDM, October 2).
Additionally, the government mandated in August that public wi-fi users must identify themselves before gaining online access (Interfax, August 8). For anyone without a Russian cell phone number (which can only be purchased by registering a passport), this means keying in passport information directly to the hotspot (Izvestia, August 21). Furthermore, extremism laws meant to block sites pertaining to themes like child pornography, suicide, terrorism and narcotics are often applied in unrelated political circumstances (newsru.com, March 14).
Given the increasing governmental restrictions on cyberspace, it seems that federal discussions over Internet control will continue in the foreseeable future. In light of this, questions remain regarding how much control the Kremlin can feasibly exert over the Runet. So far, the answers are far from conclusive. The government claims that its concern regarding external cyber attacks currently stems from Russia’s inability to control Internet domains (which, in fact, it currently can—specifically over the .ru and .рф domains through an independent body known as the Coordination Center), as well as IP address assignments (which are currently controlled by the US-based Internet Association for Assigned Names and Numbers—ICANN). To date, this fear appears to be unfounded, since ICANN has never restricted access to IP addresses, even for heavily sanctioned countries like Iran. It is more likely that these voiced concerns are a response not to any credible threat to external Russian Internet access, but rather to the increasing need to foster nationalistic sentiment in a country that has been hard-hit by Western sanctions. (Gazeta.ru, October 2)
Interestingly, the Russian government has all but ignored a small but active segment of its own Internet, the domain .su, originally created for the former Soviet Union. The .su domain is operated by a separate organization, the Fund for Internet Development, from the .ru and .рф domains. In recent years, the domain has become popular for its lack of registration requirements. Although this has made .su a popular domain for hackers (RT, May 31, 2013), the government has done little to address these obvious cyber transgressions, an obvious logical contradiction in the government’s stated mission to improve Internet security.
Yet as was evidenced in Egypt in 2011 and Syria in 2012, Internet service providers (ISP) are a far more influential target in terms of wide-scale Internet control on a national level than domain control. Unlike Egypt, a country with less than ten such providers, or Syria, which has two, Russia is a physically enormous country with hundreds of ISPs (Azzatyq, October 3). However, 77 percent of the providers are controlled by just six companies; state-controlled Rostelekom, alone, controls 38 percent of all broadband Internet in Russia, with access to nine million users (LookAtMe, September 16). Therefore, while it would be nearly impossible to control each and every remote ISP, the government could restrict access to a majority of users with relative ease.
Yet, just because the government could pull off such a feat does not mean that it would necessarily want to. Unlike the acts of online filtration that the government already engages in, a broad disconnect from the global net could result in an administrative nightmare. According to Internet Ombudsman Dmitry Marinichev, the Russian Internet was developed using pre-existing international structures. Cutting the Runet off from the worldwide web, aside from posing technical challenges, could also present a host of administrative and organizational problems (Vedomosti, September 19). It is expected that Marinichev will elaborate on these issues in a letter to Putin on Tuesday (October 7) (Birzhevoi Lider, October 3). Additionally, the financial costs associated with such an endeavor would be tremendous and a potential drain on government resources (snob.ru, October 1; Ekho Moskvy, September 30).
Lastly, one must also consider timing. Coordinating an Internet shutdown across the country could be difficult, but building the infrastructure to control online information will take much longer (Radio Svoboda, September 22). Since the Kremlin is currently short on funds but with time to spare, this seems to be the more prudent approach. So for the time being, it appears that the Russian government will continue to quietly increase control over domestic information (forbes.ru, October 3) while everyone else watches and waits for the next big debate.