The modern trend of implementing digital technologies to change and improve business processes, services and products, as well as to create new opportunities and value, has, in one way or another, simplified state control over citizens. Let us trace the evolution of this process through the example of China’s Great Firewall, which has now become an industry standard: a sophisticated commercial product, ready for deployment in any country.
A Chronology of its Evolution
Imagine 1994: the internet, that wild horse of global freedom, bursts onto Chinese soil, bringing with it a whirlwind of ‘dangerous’ ideas for its 1.2 billion citizens. The authorities of the People’s Republic quickly recognise the threat: how to tame this flow of information? The first barriers go up swiftly, but they are modest: blocking individual foreign websites through DNS (Domain Name System) filtering. Thus, IP (Internet Protocol) blocking denies access to undesirable sites via their numerical identifiers, as if locking forbidden doors.
By 1997–1998, the PRC’s Ministry of Public Security and the China Internet Information Center were launching still-imperfect filters, created under the leadership of Fang Binxing, whose name is forever inscribed in the annals as the ‘father of the Great Firewall’. This visionary, chancellor of the Beijing University of Posts and Telecommunications (BUPT), did not merely invent a system—he embodied a philosophy of control, where every bit of data is subordinated to the will of the state.
In the 2000s, the internet blossomed in China and the filters operated at full capacity, but so too did the methods of circumventing them multiply: proxy servers and VPNs (Virtual Private Networks, which tunnel traffic through encrypted channels for anonymity) became a shield for dissidents. Simple filters were no longer enough; more precise tools were needed. DPI (Deep Packet Inspection)—a technology for real-time analysis of not only data packet headers but also their content, the ‘payload’—was introduced. In those years, when the unsecure HTTP web communication standard predominated over its secure, encrypted version, HTTPS, DPI could easily detect forbidden content in users’ open traffic. From 2002–2003, DPI systems were placed with key internet providers: China Telecom, China Unicom and China Mobile—three giants whose networks enmesh the country like a spider’s web.
2003–2008 was the era of the ‘Golden Shield’. The Gold Shield Project (GSP) was a large-scale project to create a surveillance infrastructure, integrated into all internet gateways. This was not merely an add-on to the GFW; it was a web that ensnared internet cafés, providers and border nodes. DPI evolved: it could now recognise the connection-establishment process and keywords such as ‘Tiananmen’ (the square in Beijing, a symbol of the 1989 uprising) or ‘Hu Yaobang’ (the reformer whose death provoked the protests). The system was integrated with the Social Credit system (a national database that rates the ‘reliability’ of citizens using points that affect their lives). If you were caught searching for the keyword ‘independence’, your points would drop, and you could no longer count on getting a prestigious job.
A further refinement was the emergence of Management Centres, which allowed filters to be changed in real time according to the situation—much like a conductor who, with a wave of his baton, instantly muffles the notes of freedom.
After 2008—following the Beijing Olympics and unrest in Xinjiang and Tibet—the GFW merged with the state security apparatus. The following measures were put into practice:
-
Monitoring social networks (Weibo—China’s Twitter; WeChat—a multimedia messenger; QQ—Tencent’s chat platform)
-
Tracking via IP and MAC addresses.
-
Throttling. Traffic slowing—the artificial reduction of speed for ‘unfavoured’ sites.
-
The complete blocking of VPNs and Tor (The Onion Router—an anonymising network with multi-layered encryption).
2015–2020: The consolidation of Xi Jinping’s power brought the GFW new budgets and resources. Regional versions emerged, with each province having its own ‘shield’. AI and machine learning began to be implemented within the GFW to recognise ‘dangerous content’, and it was integrated with the social credit system—people started to be punished for certain internet activities. The capability to block an individual user without blocking an entire website appeared. The GFW transformed from a tool of a single department into a fundamental system of control over the citizenry.
2020–2024. The GFW is an export success. China realised the value of its system and began to actively export not only the technology itself, but also its model of state control. This became known from a 2025 leak of 500 GB of GFW-related documents from Geedge Networks, the main company involved in the research and development (R&D) of technologies for the GFW. The GFW model then became a commodity, sold to countries in Central Asia, Africa, South-East Asia and other regions. From the Ministry of Education’s state MESA Lab and from universities such as the Harbin Institute of Technology, teams of developers flowed into Geedge, creating a symbiosis in which the state is the originator of the product concept, and Geedge polishes it for export.
Thus, the GFW has evolved from a local gatekeeper into a global export: Geedge has packaged it into modules, ready for deployment in a matter of weeks. The use of intermediaries makes it possible to conceal the direct link between the Chinese state and the system of control in a client country. Geedge does not present itself as ‘a Chinese company that sells censorship’, but rather positions its products as ‘cybersecurity solutions’ or ‘network traffic management’. This is not merely technology—it is a model where freedom of the internet is traded for ‘stability’.
Undoubtedly, technologies analogous to the Great Firewall of China are being developed and implemented in countries other than China. There are customers for such systems in many countries: authoritarian or hybrid regimes that seek total control over information see them as a powerful tool for suppressing dissent. If a state possesses sufficient intellectual and financial resources, it can create its own ‘national firewall’—as Russia has done with its ‘sovereign internet’, or Iran with its National Information Network. If resources are insufficient, one can always purchase a ready-made solution ‘in Chinese packaging’—Beijing actively exports its censorship technologies to countries in Africa, the Middle East and Latin America, often as part of the ‘Digital Silk Road’ initiative.
With the rapid development of digital technologies—artificial intelligence, big data and recognition systems—the expansion of such tools is becoming inevitable. States will use them not only for ‘combating extremism’ or ‘protecting national security’ but also to solve everyday tasks, from monitoring social networks to the pre-emptive suppression of protests. This also creates a global threat: the erosion of privacy, freedom of speech and the right to access information.
For this reason, an urgent and serious international discussion is needed on the degree of digital interaction between the state and its citizens—with an emphasis on protecting fundamental human rights.
Why is this a human rights issue?
- The right to freedom of expression (Article 19 of the Universal Declaration of Human Rights): Digital firewalls block not only ‘harmful’ content, but also independent media, human rights reports and opposition views. In China, the ‘Golden Shield’ system filters billions of requests daily; in Turkey, the Russian Federation or Egypt, similar tools are used for arrests over ‘likes’ on social media.
- The right to privacy (Article 12 of the UDHR): Mass collection of data without citizens’ consent turns everyone into a potential suspect. AI algorithms analyse correspondence, geolocation and even biometrics, creating a ‘social credit’ system in which a low rating denies access to education, work or travel.
- The right of access to information and education: Blocking the internet during protests (as happened in Iran from 2019–2022 or in Myanmar after the 2021 coup) isolates citizens from the world, preventing them from obtaining objective knowledge and international assistance.
What can be done to protect these rights?
-
International standards should be developed and conventions on ‘digital rights’ adopted that prohibit the export of dual-use technologies without an assessment of their impact on human rights (analogous to UN General Assembly Resolution 68/167 on the right to privacy in the digital age).
-
At a national level, constitutional courts must recognise digital censorship as a violation of fundamental law. Citizens should have the right to demand algorithmic transparency and judicial oversight of blocking measures.
-
Technologically—the development of decentralised networks (Tor, IPFS), open-source VPNs and end-to-end encryption—is not a method of ‘circumvention’, but a legitimate means of self-protection. Human rights organisations such as Amnesty International and Human Rights Watch are already providing training for activists in vulnerable countries.
-
Independent audits of state systems, the participation of NGOs (non-governmental organisations) in policy development and education in digital literacy are all needed so that citizens understand how their data is used against them.
Without such measures, digital control will become a global norm, where the state is ‘Big Brother’ by default. Protecting human rights in the digital age is not a technical issue, but an ethical and political one. Only through open dialogue and international pressure can we prevent the internet from being transformed from a space for freedom into an instrument of totalitarianism.