Guest Column

Myanmar Junta Turns to China for Help Policing Internet Use

By Bertil Lintner 22 February 2022

Since the coup on Feb. 1 last year, Myanmar has earned the dubious distinction of being the world’s second worst jailer of journalists after China. The Committee to Protect Journalists (CPJ) stated in a December report that at least 26 journalists had been imprisoned in Myanmar for their reporting since the takeover, compared with none behind bars in 2020, adding that “the actual number of jailed journalists in Myanmar may be much higher than CPJ’s tally. Many news organizations are reluctant to identify their detained freelancers, stringers, and other non-staff reporters they rely on for news, photographs, and video, due to concerns they could face harsher penalties if they are found to be associated with their news outlets.” According to a report issued in February this year by Reporters Without Borders, as many as 60 media workers are currently held in Myanmar. Many have been tortured in custody and at least three have been murdered by junta soldiers.

Turning to China

But when those brutal measures did not halt the flow of information to people in and outside the country, the junta turned to a logical and experienced partner for censorship and surveillance assistance: China. At the end of last year, security officials in the region found out that Chinese internet technicians were helping their Myanmar counterparts develop blocking and monitoring capabilities. The aim, they say, is to establish firm and effective control over what can and cannot be accessed online in Myanmar, similar to the infamous “Great Firewall of China”, which China’s security officials have used for years to police online activities of known dissidents and even identify anonymous users.

In essence, it means that the authorities would be able to block access to selected foreign websites and to slow down internet traffic in and out of the country. Among foreign internet tools that have been blocked in China are Google Search, Facebook, Twitter and Wikipedia; that has been done by using hardware from Huawei and Semptian, two major Chinese service providers. It is unclear whether the same hardware is being used in Myanmar, but, if that is the case, it would make it possible for China’s security services to tap into the Myanmar military’s computers and collect sensitive and classified information that would have been hard to come by with only human intelligence.

China has every reason to watch not only Myanmar’s dissidents but also the often unpredictable generals, whom they do not fully trust, and that is actually not new. Technicians working for companies close to the Ministry of State Security (MSS), China’s main intelligence agency, are known to have been hacking into the computers and databases of the state-owned Myanmar Post and Telecommunications, a major internet service provider and operator of mobile phones also used by the military, and that has been going on for years.

The close relationship between Chinese hackers and the MSS was revealed when two US-based hackers, Li Xiaoyu and Dong Jiazhi, were indicted in Spokane, Washington on July 7, 2020. According to court documents, they had on behalf of the Chinese government “gained unauthorized access to computers around the world and stole terabytes of data.” Apart from collecting information from a host of Western countries, among them the US, Australia, Germany, the Netherlands, Sweden, Spain and Britain, the indictment states that they “provided the MSS with email accounts and passwords belonging to a Hong Kong community organizer, the pastor of a Chinese church in Xi’an, and a dissident and former Tiananmen Square protestor…and the office of the Dalai Lama.” Curiously, the MSS, the court document says, provided Li with malware to help him compromise “the mail server of a Burmese [Myanmar] human rights group.” The identity of that human rights group was not revealed during the hearings in Spokane, but it shows to what length MSS and its hackers are going to monitor a wide variety of governmental as well as civilian actors in countries of interest.

Alarming developments

For the Myanmar public, the most alarming aspect of these developments is that Chinese technicians have been training junta operatives to obtain information on political dissidents and protesters, including how to bypass Virtual Private Networks, or VPNs, and monitor SMS traffic on mobile phones. As The Irrawaddy reported on Jan. 24, the junta banned social media after last year’s coup, including Twitter, Instagram and Facebook, but people continued to access those sites using VPNs. Then the junta presented the draft for a new cybersecurity law that would give it the right to imprison anyone who accesses banned sites with the help of VPNs. According to a Feb. 11 Al Jazeera report, the junta has increased taxation of the telecom sector leading to prices being doubled in the past two months—and thus making it expensive and more difficult for ordinary people to use the internet altogether.

The draft law, The Irrawaddy reported, “would grant the junta unlimited power to access user data, ban content it dislikes, restrict internet providers and intercept data, and imprison those criticizing the regime online and employees of non-compliant companies.” Recent reports of random arrests in Yangon and Mandalay of people who have used VPNs also show that the Chinese-installed firewall is working. While it is difficult to see exactly what a VPN user has accessed, the firewall will reveal who is using it and if that is against the law, the user could be arrested.

If the Chinese experience is anything to go by, there are ways around all those repressive measures, there are ways users have managed to bypass the rules. In 2017, the Chinese government declared all unauthorized VPN services to be illegal and there, as in Myanmar, people have been arrested for using them. But, as writer Daniel Anderson pointed out in technology publication ACM Queue as early as 2012, the basic censorship circumvention strategy is to use proxy nodes and encrypt the data. Bypassing the firewall in China is known as fanqiang, or “climb over the wall”. Freegate, Ultrasurf, Psiphon and Lantern are free software that can be used to bypass Internet censorship firewalls using an HTTP proxy server combined with encryption protocols. Some people are using SIM cards from foreign countries to access VPNs and there are also certain VPNs which still work in China.

According to Reporters Without Borders, China may have exported Internet surveillance technology not only to Myanmar but also Cuba, Iran, Vietnam, Zimbabwe and Belarus. Roskomnadzor Agency, the Russian state’s agency for monitoring, controlling and censoring mass media, is also known to have at least in the past collaborated with Chinese firewall officials. But in none of those countries has the firewall been 100 percent effective, which goes to show that the technology is not perfect or without loopholes.

Exactly how Myanmar’s military authorities are going to use its firewall and enforce those new laws remains to be seen. But given the number of VPN users in Myanmar who would have to be identified and monitored, and the limited knowhow of the junta’s own internet technicians, it is hard to imagine that tech-savvy young people will not find their own ways of “climbing over the wall”. Recent arrests may just be attempts at intimidating the public by picking up a few unlucky users. Once a country has opened its doors to the outside world via cyberspace, it cannot close them again. And the Myanmar junta may be playing with fire when it comes to using imported technologies such as the Chinese firewall. As we have seen, China’s security agencies will be spying on them too.

You may also like these stories:

UN Contributing to Myanmar’s Drug Problem

Cambodia, ASEAN and Myanmar

UN Envoy Joins Her Predecessors in Myanmar’s ‘Graveyard of Diplomats’