Ten years ago, a Senate bill proposed by Sens. John Rockefeller and Olympia Snowe spurred considerable controversy. The bill, which never even came up for a vote, would have made it possible for the U.S. government to build an “internet kill switch” that would allow it to shut off the internet in the event of an emergency. The proposal drew significant criticism, and U.S. politicians backed off relatively quickly, but in other countries around the world, the kill switch model was—and is—very real, as Iran’s government has just demonstrated. On Nov. 16, amid widespread political protest, most of the country was cut off from the global internet. After five days of isolation, the government announced Thursday that access would be “gradually restored.”
Iran is not the first country to disconnect itself from the global internet as a means of quelling civil unrest—Egypt did a very similar thing back in 2011. Sudan cut off online access just this summer, as did Ethiopia. In fact, in 2019, the internet kill switch seems to be having a bit of a moment. Russia, apparently, has plans to test its own ability to cut its internal internet infrastructure off from the outside world, as part of a new internet law passed this year.
With so many governments shutting off the internet at will—sometimes ostensibly to prevent cheating on school exams—it can start to look easy, but oftentimes it’s a decidedly slow and unwieldy process. For instance, NetBlocks, an organization that monitors internet shutdowns around the world, estimated that the recent Iranian shutdown took 24 hours to implement. That’s because cutting off internet access to the outside world isn’t as simple as flipping a switch. Rather, it involves isolating connections to the outside internet at a small number of designated transit points within a country and then either blocking traffic at those points or announcing to outside routers that pass traffic from international servers into the country in question that that traffic can no longer be delivered to the intended recipients.
Any individual government’s ability to cut off internet access depends on the particular architecture of the network infrastructure within their borders.
In Iran, the government appeared to use a combination of these tactics to prevent outside traffic from entering the country. Some of Iran’s internet service providers simply blocked incoming traffic while others stopped announcing to outside servers that they could deliver traffic to Iranian IP addresses. The latter strategy is also a very effective means of preventing incoming traffic because the different networks that make up the internet are run by thousands of different internet service provider companies (like Verizon, Time Warner, and Level 3). Those companies rely on announcements by other companies to know which ones can deliver traffic to certain destinations so they can pass off packets to the appropriate partner networks. So when an Iranian internet service provider announces that it can no longer deliver traffic to Iranian destination addresses, the other networks that interconnect with that service provider take those announcements at face value and stop passing traffic to that company. But updating all those announcements and propagating them across all the different companies that operate the networks that make up the global internet can take quite a while—hence the 24-hour delay.
Iran doesn’t have a huge number of service providers, so cutting off internet access took some time but, ultimately, was doable. For other countries, with fewer providers and fewer connections to the global internet, a kill switch can be even simpler to implement. A 2012 analysis by Renesys founder and former CTO Jim Cowie categorized countries according to how difficult it would be to disconnect them from the internet, based primarily on how many internet service providers in these countries had connections to international, external networks. Iran and Egypt both fell in the second category of countries with more than two but fewer than 10 internationally connected service providers and were therefore classified as having a “significant risk” of being cut off from the global internet. (By comparison, Ethiopia and Syria, with only one or two such providers, fell into the “severe risk” category, and both the United States and Russia, with more than 40 providers each, were deemed resistant to internet shutdowns.)
That analysis is now 7 years old. Since then, the quantity of internet providers in many countries and overall architecture of the global internet has developed considerably, largely in the direction of more global interconnection and therefore greater resistance to shutdowns. For a country like the United States, in which there are many, many internet connections to other countries controlled by a variety of different companies, a nationwide government shutdown of the internet remains a daunting and unlikely prospect for both technical and legal reasons.
Russia’s efforts to reengineer its internal internet infrastructure to make disconnection from the outside world easier will serve as an interesting case study in whether it’s feasible for countries to roll back the clock and turn a relatively decentralized, resilient internet architecture into a more centralized, controllable one. That will first require Russia to consolidate the networks within its country so that all incoming and outbound international traffic flows through a more limited number of interconnection points, and then require the government to figure out how to restrict access to those interconnection points through routing announcements and traffic blocks. In other words, there’s a reason Russia is looking to test this capability—it’s almost certain to be a slow and complicated process that requires considerable fine-tuning and practice to get right.
The efforts of Iran, Russia, and other countries to isolate and disconnect their portion of the internet from the rest of the world highlight just how much any individual government’s ability to cut off internet access depends on the particular architecture of the network infrastructure within its borders. We should absolutely be concerned about the political environments that give rise to these attempts to exercise control over the internet, but we should not ignore the many ways that the underlying design of the internet itself can be used both to facilitate this type of control and undermine it. In the decade since the United States entered the kill switch debate, shutting off the internet has only gotten harder.