The bill on cooperation between the Iranian regime and the Russian government in the field of information security, currently under review in the Majlis (parliament), has raised concerns about the potential escalation of digital repression in Iran.
As reported by Tejarat News, the bill, approved by the Parliament’s Security Commission in late November and presently under public scrutiny, could bolster the country’s internet filtering infrastructure, potentially jeopardizing the security of individuals’ online information.
Given the historical approval process of similar bills, like the privacy protection plan within the 7th development plan, it is anticipated that this bill will pass smoothly. However, observers are expressing heightened concerns regarding its content and the implications of increased collaboration in the field of information security between the two nations.
The ‘Zoomit’ technology website has disclosed that the Iran-Russia information security agreement is already being implemented, despite not having parliamentary approval. It is reported that cooperation documents have been signed, and both parties have been actively promoting collaboration by operating in each other’s countries.
The information security agreement between Iran and Russia, signed in Moscow in 2019 during the tenure of the 12th government’s foreign minister, Mohammad Javad Zarif, was submitted to the parliament in July 2023 by the 13th government as a cooperation bill for approval.
This bill, containing interpretable and multifaceted articles such as ‘main threats in the field of information security,’ ‘information protection,’ and ‘main areas of bilateral cooperation,’ formalizes the presence of Russian technology in digital access control, causing discontent among users.
Critics argue that the bill incorporates literature reminiscent of the Cold War era and, with its focus on the internet, may lead to the ‘expansion of Russian platforms’ and the ‘strengthening of censorship infrastructure.’
Legal expert and university professor Mohammad Jaafar Nanakar expressed concerns that Russia might gain control over Iran’s communication and information engineering. He emphasized the need for equitable agreements between countries, cautioning against information exchange that could empower Russia to manipulate Iranian affairs.
Nanakar highlighted that the memorandum’s protocols could be broadly interpreted, potentially resulting in the leakage of valuable information from within the country in the future. Given the recent surge in cyberattacks, he criticized the signing of such contracts as incorrect and worrisome.
Cybersecurity expert Saeed Suzangar voiced concerns about the security risks of the agreement, noting that Russia has not preserved the structure of a free internet. He warned that, apart from the Iranian government’s potential use of this structure for control, the Russian government could also exert similar control over the people.
Suzangar, comparing the scale of Russia’s market and economy to Iran’s, emphasized the unequal position of the two countries. He argued that even if cooperation with Russia aims to implement restrictions, Iran cannot replicate tools like the Yandex search engine.
Suzangar predicted that the bill’s implementation would introduce restrictions without bringing in facilities, economic opportunities, or knowledge to the country, resulting in suffocation.
Experts caution that the Iranian regime’s information security measures, as outlined in this bill, may translate to increased control over citizens, potentially placing their security in the less secure hands of the East, as a measure to prevent information from reaching the West.
The bill consists of nine articles and an appendix. Some key titles include ‘main threats in the field of information security,’ ‘main areas of bilateral cooperation,’ ‘general principles of cooperation,’ ‘forms and mechanisms of cooperation,’ ‘information protection,’ and ‘financing.’
The bill outlines various areas of cooperation, such as the ‘exchange of information and cooperation in law enforcement to prevent, discover, combat, investigate, and prosecute crimes related to the use of information and communication technologies for terrorist and criminal purposes.’
Experts criticize certain aspects of the bill, including ‘exchange of information between competent institutions of the governments in the field of information security’ and ‘assistance in knowledge transfer, information technology, capacity building, and the development of capacities, as well as exploring the possibility of investing in information security infrastructures based on the laws of the involved governments.’
As the draft of the cooperation bill between the Iranian regime and the government of Russia in the field of information security progresses through the parliament, it is expected that criticism from various quarters will intensify.
