Skip to main content

Eurasianet

Main Menu

  • Regions
  • Topics
  • Media
  • About
  • Search
  • Newsletter
  • русский
  • Support us
X

Caucasus

Armenia
Azerbaijan
Georgia

Central Asia

Kazakhstan
Kyrgyzstan
Tajikistan
Turkmenistan
Uzbekistan

Conflict Zones

Abkhazia
Nagorno Karabakh
South Ossetia

Eastern Europe

Belarus
Moldova
Russia
The Baltics
Ukraine

Eurasian Fringe

Afghanistan
China
EU
Iran
Mongolia
Turkey
United Kingdom
United States
X

Environment

Economy

Politics

Kazakhstan's Bloody January 2022
Kyrgyzstan 2020 unrest

Security

Society

American diplomats in Central Asia
Arts and Culture
Coronavirus
Student spotlight
X

Visual Stories

Podcast
Video

Blogs

Tamada Tales
The Bug Pit

Podcasts

EurasiaChat
Expert Opinions
The Central Asianist
X
You can search using keywords to narrow down the list.
Kazakhstan, Central Asia

Is Kazakhstan snooping agenda that serious?

Despite the alarm among tech specialists, it is unclear if the government's surveillance plans will take hold.

Chris Rickleton Jul 25, 2019
No entry: Kazakhstan's government wants to know what people are up to online. (Photo: Kazakhstan Information Ministry) No entry: Kazakhstan's government wants to know what people are up to online. (Photo: Kazakhstan Information Ministry)

A digital security certificate devised by authorities in Kazakhstan to generate detailed logs of what people are doing online is the talk of the internet. But it may never get off the ground.  

This past week, tech websites and media watchdogs have been sounding the alarm over Qaznet, an initiative that the government says is intended to protect personal data and limit access to banned content.

Critics, however, describe the proposed gateway as a sly attempt to enable universal snooping and prying state agents access to that same personal data. 

So what exactly is Qaznet?

That question was on many people’s lips last week, when mobile internet users in the capital, Nur-Sultan (formerly Astana), began to report that they were being redirected to a website from which they were told they could download the security certificate. 

There is considerable misunderstanding about quite how mandatory this actually is. Tech websites talked about all Kazakhs being “forced” to download the certificate, but the ultimatum is not so clear-cut.

One major mobile service provider, Kcell, limited itself to describing the certificate as “a necessity” on its website.

Qaznet is “an effective tool for protecting the country’s information space from hackers, internet fraudsters and other types of cyber threats,” the provider said.

The certificate has been cast as a panacea to two genuinely recurrent problems for Kazakhstan – the theft of personal data and of bank funds.

Providers have said that users who fail to install the certificate may experience “technical limitations” in accessing “certain internet resources.”

With providers in the role of would-be enforcers, the government is playing the good cop.

Speaking to journalists on July 24, Digital Development Minister Askar Zhumagaliyev compared the root certificate to “parental control” and stressed that downloading Qaznet was the user’s choice.

He would certainly download the certificate, he said, “because I worry about my children.”

Zhumagaliyev did not say whether or not Qaznet would eventually become compulsory.  

Kazakhstan's battle to control user traffic is not new. 

At the end of 2016, there was a similar wave of online furore when state-owned Kazakhtelecom said it had been obliged by law to make access dependent on users attaching their devices to a certificate. 

The Register, a British tech-focused website, fumed at the crudeness of the surveillance attempt.

The certificate would “trick web browsers and other apps into trusting the telco's systems that masquerade as legit websites, such as Google.com or Facebook.com,” the website said.

“Rather than connect directly to those sites, browsers will really be talking to malicious man-in-the-middle servers,” The Register cautioned.

In the event though, that effort fell flat.  

As did, seemingly, a separate provider-led drive to get all citizens to register their SIM cards and devices together at the end of last year. (This too was characterized as a crime-busting initiative).

Users received repeated SMS messages that their “connections could be limited” if they did not obey the summons to register by sending in their ID details.

Plenty of customers complied, but those that did not found that they were able to continue using their SIM cards without interruption anyway. By the following spring, the threatening SMS messages had tailed off.

Motivating people to download Qaznet without cutting access as punishment for not doing so is only part of the problem. 

If companies like Google that run major browsers reject the certificate, Kazakh users that use it will lose access to those browsers.

This would be an unpopular move in a place which has, like the rest of the world, embraced the online world with such fervor.

MIT Technology Review, another tech website, reported that one well-known browser developer, Mozilla, is already considering that step.  

A final consideration is the security of Qaznet itself, given that any hack would potentially give a third party access to millions of users’ personal data. 

So far, little is known about the certificate’s developer.

Independent news outlet Vlast.kz found that the website from which users are being invited to download the certificate was registered just a month ago, to a government address and an individual called Askar Dyussekayev.

When journalists asked Zhumagaliyev, the minister, about these details, he admitted he did not know too much.

“You should ask the owners of the website,” he was quoted as saying by Forbes.kz.

Chris Rickleton is a journalist based in Almaty.

Sign up for Eurasianet's free weekly newsletter. Support Eurasianet: Help keep our journalism open to all, and influenced by none.

Related

Kazakhstan: Swathes of land confiscated from Nazarbayev’s brother ahead of vote
New parties, old rules in Kazakhstan’s parliament-to-be
With temperatures rising, Uzbekistan braces for flooding

Popular

Kazakhstan: Swathes of land confiscated from Nazarbayev’s brother ahead of vote
Georgian authorities face backlash over Russian purchases
Nini Gabritchidze
Armenian banks record mega profits, but the economy doesn't feel it
Arshaluis Mgdesyan

Eurasianet

  • About
  • Team
  • Contribute
  • Republishing
  • Privacy Policy
  • Corrections
  • Contact
Eurasianet © 2023