Wall Street Journal
June 22, 2009Iran's Web Spying Aided By Western Technology European Gear Used in Vast Effort to Monitor Communications
By CHRISTOPHER RHOADS in New York and LORETTA CHAO in Beijing
The Iranian regime has developed, with the assistance of European telecommunications companies, one of the world's most sophisticated mechanisms for controlling and censoring the Internet, allowing it to examine the content of individual online communications on a massive scale.
Interviews with technology experts in Iran and outside the country say Iranian efforts at monitoring Internet information go well beyond blocking access to Web sites or severing Internet connections.
Instead, in confronting the political turmoil that has consumed the country this past week, the Iranian government appears to be engaging in a practice often called deep packet inspection, which enables authorities to not only block communication but to monitor it to gather information about individuals, as well as alter it for disinformation purposes, according to these experts.
The monitoring capability was provided, at least in part, by a joint venture of Siemens AG, the German conglomerate, and Nokia Corp., the Finnish cellphone company, in the second half of 2008, Ben Roome, a spokesman for the joint venture, confirmed.
The "monitoring center," installed within the government's telecom monopoly, was part of a larger contract with Iran that included mobile-phone networking technology, Mr. Roome said.
"If you sell networks, you also, intrinsically, sell the capability to intercept any communication that runs over them," said Mr. Roome.
The sale of the equipment to Iran by the joint venture, called Nokia Siemens Networks, was previously reported last year by the editor of an Austrian information-technology Web site called Futurezone.
The Iranian government had experimented with the equipment for brief periods in recent months, but it had not been used extensively, and therefore its capabilities weren't fully displayed -- until during the recent unrest, the Internet experts interviewed said.
"We didn't know they could do this much," said a network engineer in Tehran. "Now we know they have powerful things that allow them to do very complex tracking on the network."
Deep packet inspection involves inserting equipment into a flow of online data, from emails and Internet phone calls to images and messages on social-networking sites such as Facebook and Twitter. Every digitized packet of online data is deconstructed, examined for keywords and reconstructed within milliseconds. In Iran's case, this is done for the entire country at a single choke point, according to networking engineers familiar with the country's system. It couldn't be determined whether the equipment from Nokia Siemens Networks is used specifically for deep packet inspection.
All eyes have been on the Internet amid the crisis in Iran, and government attempts to crack down on information. The infiltration of Iranian online traffic could explain why the government has allowed the Internet to continue to function -- and also why it has been running at such slow speeds in the days since the results of the presidential vote spurred unrest.