China's Solution To The VPN Quandary: Only Authorized, And Presumably Backdoored, Crypto Links Allowed

from the will-Russia-follow-suit? dept

Two of the most important developments in China's clampdown on the digital world took place last year, when the country's Ministry of Industry and Information Technology declared that all VPN providers needed prior government approval to operate, and then apps stores were forced to remove the many VPNs on offer there. In some parts of China, VPNs were banned completely, but such a total shutdown is not really an option for cities with many businesses that require secure overseas communication channels. That put the Chinese authorities in something of a quandary: how could they reconcile their desire to prevent VPNs being used to circumvent online controls, while ensuring that the country's increasingly important corporate sector had access to the encryption tools it needed for operating globally? An article in the FT provides us with the answer (paywall). In recent months, international companies and organizations have found their VPNs blocked more frequently:

regulators have been pushing multinationals to buy and use state-approved VPNs. The state-approved versions can cost tens of thousands of dollars a month and expose users' communications to Beijing's scrutiny. "China's intention is to control the flow of information entirely, making people use only government-approved VPNs by making it difficult, if not impossible, to use alternatives," said Lester Ross, partner at legal firm WilmerHale in Beijing.

The great thing about state-approved VPNs is that they can include backdoors for the government to use, and can be to shut down quickly if really serious problems arise that require even more stringent controls.

Backdoored crypto is inherently vulnerable to attacks against those built-in weaknesses, but the Chinese authorities are doubtless willing to let companies run that risk for the sake of maintaining overall control. Since Russia's views on VPNs are closely aligned with those of China, it will be interesting to see if it decides to adopt Beijing's solution to the VPN dilemma to tidy up its own rather clumsy approach.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: backdoors, china, encryption, vpn