Cam's Cyberspace

Recent Notes

Cyber Sovereignty

7 min read

Intuition

The internet was designed as a decentralized, borderless network. But states are territorial by nature. Cyber sovereignty is the assertion that a government has the right - and increasingly the technical means - to control the flow of data within and across its borders.

The result is a growing tension between the original architecture of the internet and the political reality of a world organized into sovereign states, each with different values around speech, privacy, security, and economic protectionism.

The tension is not abstract. It is implemented in routing tables, DNS configurations, deep packet inspection hardware, and data localization laws. The internet’s physical layer has always been territorial - cables cross borders, servers sit in jurisdictions, ISPs hold licenses. Cyber sovereignty is the project of making the logical layer match the physical one.

Core Idea

The sovereignty spectrum. Cyber sovereignty is not binary. It ranges from light-touch regulation (content moderation requirements, lawful intercept mandates) to comprehensive national control over internet topology, content, and identity.

Most states sit somewhere between the American model (relatively open, private-sector-led, First Amendment constraints on government censorship) and the Chinese model (state-controlled, extensively filtered, no presumption of free expression online). The European model occupies a middle ground: strong privacy regulation, content moderation mandates (the Digital Services Act), but no Great Firewall.

China’s Great Firewall (GFW). The most technically sophisticated national censorship system, the GFW operates at multiple layers:

  • DNS poisoning - returning incorrect IP addresses for blocked domains.
  • IP blacklisting - dropping packets destined for known foreign service IPs.
  • Deep packet inspection (DPI) - analyzing packet contents and headers to detect and block VPN protocols, Tor traffic, and specific keywords.
  • SNI filtering - inspecting the Server Name Indication field in TLS handshakes to block access to specific hostnames even over HTTPS.
  • Active probing - the GFW probes suspected circumvention servers, sending protocol-specific handshakes to confirm and then block them.

The GFW is paired with a domestic ecosystem of substitutes - WeChat for messaging, Baidu for search, Alibaba for commerce, Douyin for short video - that reduce demand for access to blocked foreign services. This combination of technical restriction and market substitution is more effective than either alone. Users do not merely lack access to Google; they have a functional alternative in Baidu that is optimized for Chinese-language content and integrated with domestic payment and identity systems.

Russia’s sovereign internet (RuNet). Russia’s 2019 Sovereign Internet Law mandated deep packet inspection at internet exchange points, centralized traffic routing through Roskomnadzor-controlled nodes, and the theoretical ability to disconnect Russia from the global internet.

Implementation has been uneven - the 2022 invasion of Ukraine accelerated enforcement, with blocking of Facebook, Instagram, and major Western news outlets - but full disconnection has not been attempted. Russia has also pursued DNS independence through a national DNS system. The Russian approach is less technically refined than the Chinese model but reflects similar ambitions.

Data localization. A growing number of states require that data about their citizens be stored on servers within national borders:

  • Russia’s Federal Law No. 242-FZ (2015) - led to LinkedIn’s block in Russia when it refused to comply.
  • China’s Cybersecurity Law (2017) and Data Security Law (2021) - comprehensive data residency and cross-border transfer restrictions.
  • India’s evolving data protection frameworks - balancing localization demands with the interests of its massive IT services sector.
  • The EU’s cloud sovereignty initiatives (Gaia-X) - driven by privacy and industrial-policy concerns rather than censorship, but creating similar infrastructure requirements.

These regimes serve different purposes - surveillance access, economic protectionism, genuine privacy protection - but the technical infrastructure they require (domestic data centers, cross-border transfer controls, local compliance systems) is similar regardless of motivation.

The splinternet. The cumulative effect of divergent national regimes is a fragmentation of the internet into regulatory and technical blocs. A user in Beijing, Moscow, Brussels, and San Francisco increasingly experiences a different internet - different services available, different content visible, different data rules in force, different algorithmic curation.

Whether this fragmentation is reversible or structural is an open question. The trend since 2015 has been consistently toward more fragmentation, not less. Each new data localization law, each new content regulation, each new censorship system raises the cost of operating a truly global internet service.

Circumvention and counter-circumvention. As censorship grows more sophisticated, so do the tools to evade it:

  • Domain fronting - making censored traffic look like traffic to an allowed service.
  • Pluggable transports (obfs4, Snowflake) - disguising Tor traffic as ordinary web browsing.
  • Encrypted DNS (DoH, DoT) - preventing DNS-level blocking.
  • Decentralized protocols and mesh networks - reducing single points of control.

States respond with active probing, traffic analysis, machine-learning-based protocol classification, and legal penalties for circumvention. This is a continuous arms race with no stable equilibrium. Each side’s advances drive the other’s innovation.

Technical standards as sovereignty. Control over technical standards is a subtler but significant vector. China’s “New IP” proposal at the ITU would have added identity verification and top-down control mechanisms to the internet protocol itself. Huawei’s outsized role in 5G standard-setting (the company holds more essential 5G patents than any other firm) gives China influence over the infrastructure that most of the world’s mobile data will traverse.

Debates over internet governance at ICANN, the allocation of IPv6 address space, and the distribution of DNS root servers all reflect state interest in shaping the foundational protocols of the internet. If a state can influence the standards, it can build sovereignty into the architecture from the ground up - a far more durable approach than filtering traffic after the fact.

The economic cost of sovereignty. Digital sovereignty is not free. The Great Firewall imposes costs on Chinese businesses that need to access global services. Data localization mandates increase infrastructure costs and reduce economies of scale. Internet shutdowns destroy economic activity. Russia’s restrictions on Western platforms cost Russian businesses access to advertising tools and cloud services.

States that pursue aggressive cyber sovereignty are making an implicit calculation: that the political and security benefits of digital control outweigh the economic costs of fragmentation. Whether this calculation is correct depends on the state’s priorities, its domestic market size, and the availability of domestic substitutes for blocked foreign services.

Implications for global technology companies. Companies operating across jurisdictions face an increasingly complex compliance landscape. A cloud provider must navigate data localization requirements in dozens of countries, content moderation mandates that differ by jurisdiction, and the possibility of being blocked or restricted at any time. The cost of compliance is rising, and the risk of conflicting legal obligations - where complying with one country’s demands means violating another’s laws - is becoming routine rather than exceptional.

Example

In November 2019, the Iranian government shut down internet access for approximately 95% of the population for nearly a week during fuel-price protests. The shutdown was technically feasible because Iran had already centralized internet traffic through a small number of state-controlled gateways.

Mobile data was cut first, then fixed-line broadband. International connectivity was severed almost entirely. Domestic services continued to function on Iran’s National Information Network (NIN), an intranet-like system that operates independently of global routing.

The episode demonstrated that states which invest in centralized internet architecture gain a kill-switch capability - blunt, economically costly (estimated at $1.5 billion in lost economic activity), but effective for information control during domestic crises. At least 40 countries have implemented full or partial internet shutdowns since 2016, according to Access Now. The capability exists wherever the architecture permits it.

  • Surveillance & Privacy - data localization enables state surveillance; censorship infrastructure doubles as monitoring infrastructure
  • Semiconductor Supply Chains - domestic chip production is part of broader technological sovereignty ambitions
  • AI Governance - AI regulation is the newest front in the contest over how states govern digital technology

Graph View

Backlinks