When Iranians revolted, their government cut them off from the world. Mobile networks degraded first. Fixed-line disruptions followed. Instead of cutting cables, the authorities interfered with routing and key protocols. As Iran shut down the Internet, Revolutionary Guards crushed the protests, killing thousands.
It’s not an isolated story. Internet shutdowns are rising fast. In 2016, digital rights groups documented some 75 shutdowns. By 2024, that figure had increased to 296 across 54 countries. Like in Iran, governments rely on a range of tools, including protocol blocking, cable disruptions, and platform bans. In many cases, authorities allow domestic services to continue, while clamping down on international traffic.
Both autocracies and democracies are increasing their grip. China has its Great Firewall, which keeps out foreign services. Russia blocks or restricts WhatsApp and YouTube, while maintaining a censored domestic network. Russia’s parliament recently granted its main domestic security and intelligence agency explicit authority to suspend mobile and fixed-line internet.
Unlike autocracies, which impose permanent controls, democracies prefer temporary shutdowns. Bangladesh cuts mobile access during elections. Pakistan blocks platforms during political unrest. India leads globally in imposing shutdowns during protests and elections.
The US and Europe do not shut down the internet to suppress criticism. Yet both do allow government access to personal data. Under the US CLOUD Act, Washington can compel platforms to hand over personal customer data even if stored abroad. In Europe, national security laws give individual governments large access to data.
Although both the US and Europe support cross-border data flows, they also impose rules that encourage data localization. Countries block health data from being stored outside their borders. Financial supervision requirements make it difficult to take bank information outside of the country. Sovereign cloud certifications often regard a vendor as “trusted” if it stores data locally.
Keeping data “at home” does not stop hacking, leaks, or abuse. Localization is sold as security, yet it mainly builds state control while doing little to prevent breaches or misuse. Storing data within national borders just makes it easier for domestic authorities to compel companies to hand over data or restrict services, often with few checks and little public scrutiny. Authorities no longer need to chase a provider across borders or wait for foreign legal help. They can go to a domestic telecom or local data center, issue one order, and force compliance. Governments can order phone companies to switch off mobile data in a city, slow connections to a crawl, or block specific apps and websites at the network level.
Internet restrictions cause economic losses. Data-localization rules hit small firms hardest because they force companies to duplicate storage and compliance country by country – costs the Paris-based OECD estimates can raise data-management expenses by 15% to 55%.
Iran’s network shutdown represented the culmination of a decade-long campaign. The authorities have been blocking websites since 2005, including Facebook and Instagram. Authorities limit the number of gateways to funnel internet traffic. Internet service providers must comply with shutdown orders without judicial review – or risk losing their operating licenses and facing criminal penalties. In June, during the 12-day war with Israel, it imposed a near-total shutdown. But the current blackout is the longest and most extensive.
During unrest, this system allows Tehran to keep domestic services running while shutting the country off from the global internet. Government services, banking systems, and approved domestic platforms remain reachable. Services located outside Iran became unreachable, limiting information about the protests.
What information did leave the country come from Starlink? Iran outlaws the satellite network, but an estimated 50,000 terminals have been smuggled into Iran, allowing protesters to bypass the Internet shutdown and send photos abroad. After the protests erupted, the US company reportedly made the service free.
The authorities have responded ferociously. They used Russian-supplied, military-grade GPS jamming technology to disrupt signals. Security forces raided suspected hideouts and announced the seizure of 108 Starlink terminals. Even without this repression, access to Starlink remained constrained: terminals are scarce, detectable, and vulnerable.
The outlook remains unclear. Recent reports suggest a partial reopening of the Internet, though government spokeswoman Fatemeh Mohajerani has indicated to media activists that international online services would not be restored before the Persian festival of Nowruz, on March 20.
The government looks set to continue to impose draconian controls on the internet. It can flick the system on and off at will. Even when open, access to the global Internet could be limited to those with security, according to the Internet monitor Filterwatch.
The founders of the Internet aimed to create a seamless global communications tool. But as the era of globalization fades, so does that dream.
Dr.Anda Bologa is a Senior Researcher with the Tech Policy Program at the Center for European Policy Analysis (CEPA).
Bandwidth is CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy. All opinions expressed on Bandwidth are those of the author alone and may not represent those of the institutions they represent or the Center for European Policy Analysis. CEPA maintains a strict intellectual independence policy across all its projects and publications.
2025 CEPA Forum Tech & Security Conference
Explore the latest from the conference.
