“Click here to break the firewall” is a concept whose time has passed
To defend against China online and break their censorship, you need to face them everywhere, in many ways, and secure the broader internet.
This post was written in support of the value that the Open Technology Fund has provided to oppressed people in China, exile communities and the entire world over the last 8 years. Please consider signing this letter to support their essential work.
Six years ago, I gave a talk at Harvard, entitled “The Great Firewall Inverts (video below and the presentation slides here). The summary of this talk was that the moment for “breaking down that firewall” had largely passed, with the maturation of domestic services in China, and the growing dominance of WeChat. The next generation of Chinese users is mobile messaging and apps first, and not interested in surfing the information superhighway. Even further, the interest and adoption of Chinese tools at the time was growing not only at home, but abroad, and not only with overseas Chinese, but also non-Chinese. The Great Firewall had morphed into a many-tentacled creature, growing from Beijing out to the entire planet.
Today, in 2020, that image of the Chinese internet is more true than ever. WeChat runs all facets of Chinese life, and continues its growth abroad as both messaging and payment service. It is not unusual to see “Pay with WeChat or AliPay” in major American cities. TikTok dominates the life of tweens and teens worldwide, censoring even the most subtle protest dances. Even the backbone of all global remote work, learning and education during the pandemic, Zoom, has Chinese ties, and recently disabled a user’s account after they organized an online Tienanmen Square vigil. It isn’t just the good people of China who are in peril from Chinese technology, it is everyone, everywhere that is opting-in to be behind the Great Firewall, whether they realize it or not, by choosing to use its software, services and hardware. As we have seen with the adoption of Huawei infrastructure, China is moving fast, into many places, across Asia, to Africa and Latin America, often offering better products for lower prices. Focusing on one “wall” is missing the point and growing dominance of China-originated, privacy-eroding services worldwide.
While it is always a useful and noble effort to research, design and implement proxy technology that can evade network censorship and filtering, that one trick hammer will no longer help Chinese people protect themselves from censorship and surveillance. Solely focusing on funding technology to break through firewalls is a mentality that is over ten years old. It ignores all we have learned since then about all of the possible threats users face in a mobile-first world. Users are more likely to seek and share news and knowledge through messages and groups than by searching the web. The inability to protect these communications is more pressing of an issue, then whether one search engine can be reached or not. From malware-infected apps they might download that track all taps and take pictures without permission, to imposter text messages used to completely take over their phone’s low-level radio — the threats are direct and persistent, not at some invisible line on the internet.
Having a proxy tool provides no knowledge to Chinese advocates and lawyers on how to capture, secure and share photos and videos that could be used to gather evidence and fight corruption in towns, cities, or even the Chinese Communist Party. It does nothing to help understand what millions of Muslim Uighurs are at risk for by being forced to use police-state apps that track their every move, every app they use on their device, every person they call, both in the country and outside. It does nothing to stop the next-generation cyber attacks that exile groups, like the Tibetans, have been facing for twenty years (Thanks, in part to OTF, TibCERT now exists as a critical “firefighting” group to combat these). Simple proxies do nothing to support independent researchers around the world, working to understand and measure how these attacks, censorship and surveillance is happening, so they and others can build countermeasures.
This broader view and set of essential research, development, teaching and training, is precisely what the Open Technology Fund has been supporting for the last eight years. It is exactly what not only the people of China need, including Uighurs, Tibetans, Christians, Falun Gong practitioners, environmental activists, lawyers, and yes, even journalists, but what we all need globally to defend from attacks on many fronts. In fact, it is these attacks that China has taken on exile groups abroad, as documented by Citizen Lab’s impeccable research, that has provided deeper understanding to the true threat potential of China-backed cyber warfare worldwide. This includes on governments and military targets, as well.
Single-hop proxy technology is a simple hammer for a perceived simple problem. Freedom in China is not simple. To empower those that seek it, you need many tools, from a global toolbox, to fight on many fronts. We need the diverse, deeply researched, audited, and open-source brain trust that OTF has been nurturing and building for this last decade to win. Through this, the Chinese people, along with Tibetans, Uighurs, Falun Gong and their large diaspora of exile communities, will choose their path, tools and methods to safeguarding, organizing and liberation. That path will surely not fit into the simple model of “click here to break the great firewall”.
Nathan Freitas leads the Guardian Project, an open-source mobile security software project. Guardian Project has been a proud recipient of funding from OTF since 2012, with funding applied to the development of mobile privacy, security and circumvention tools that have benefited users in China and the world. He also co-founded and directs technology strategy at the Tibet Action Institute. His work as an affiliate fellow at the Berkman-Klein Center at Harvard focuses on tracking the legality and prosecution risks for mobile security apps users worldwide.