Under the new law, all citizens must install a “national security certificate” on all Internet-connected devices, which will “intercept requests to and from foreign websites.” This is effectively the low-cost version of China’s monitoring strategy, which involves a much more complicated (and expensive) digital infrastructure that filters traffic itself. Beginning January 1, officials will not only be able to see Internet users’ content, but also block this data entirely.
While the government claims that this new mandate will prevent “man in the middle attacks” involving foreign servers, many worry that this is simply a thinly veiled ploy aimed at installing citizen surveillance. Kazakhtelecom JSC, the largest telecommunications company in the country, claimed that the backdoors would “secure protection of Kazakhstan users” who are using “foreign Internet resources,” but several experts have expressed skepticism at the notion, especially given the country’s seedy history with media surveillance.
“Given the style of government of Kazakhstan, I think we can assume that this is simply part of their censorship apparatus,” Steven M. Bellovin, a professor of computer science at Columbia University, told the New York Times. “It’s a serious security risk for Kazakh users both technically and in their inability to send and receive private communications.”
Major Internet companies like Google, Facebook, and Microsoft could also choose to blacklist Kazakhstan’s national security certificate altogether, making their content inaccessible to people within the country. “There are obvious, myriad ethical issues with this sort of mandated state surveillance,” security expert Kenneth White told ZDNet. “But I suspect that the political forces pushing these measures have grossly underestimated the technical hurdles and moral backlash that lay before them.”
Further details have yet to be released about the country’s plan, but if history is any indication, going through with this sort of protocol won’t result in a particularly happy ending.
Editors' Recommendations
- Yes, data is the new oil and the fight to reclaim it from tech giants starts now
- San Francisco could be the first city in the U.S. to ban facial recognition
- Google hit with another fine by the EU, this time for $1.7 billion
- Forget police helicopters, California cops are using drones to spot suspects
- Decades-old Apple IIe computer found in dad’s attic, and it still works
