China is pushing for the adoption of a new worldwide Internet Protocol that could make the internet bigger and faster, but also potentially less anonymous. The technology, called IPv6, is an upgrade of the internet’s architecture that would allow trillions more electronic devices to have unique addresses online.
At a global summit held in Guangdong, China, July 30-31, the country’s top internet agencies called for a new IP-only Internet. “The initiative proposed that 2020 be the first year for the global large-scale acceleration of the deployment of pure IPv6,” the state-run Xinhua news agency reported last Friday.
Designed to replace the version 4 protocol that the current internet mostly depends on, IPv6 is an upgraded version of the architecture that creates the unique “addresses” that allow computer networks around the world to communicate with one another.
A larger and faster internet, but at what cost?
As the first widely deployed Internet Protocol, IPv4 has been in use for decades. It also has been running out of space. In the 1990s as the Web rapidly grew, technologists warned that there were only about 4.3 billion addresses available, and eventually the number of online devices like PCs, smartphones, tablets, gaming systems and “smart” appliances would exceed that, preventing new devices from going online.
By 1998, engineers came up with a proposal to rebuild the system under a new protocol. The Internet Engineering Task Force (IETF), an organization responsible for establishing internet standards, developed the new IPv6 communications protocol, which uses a 128-bit address versus IPv4’s 32-bit address, dramatically expanding the number of devices that can go online.
“There are more than enough IPv6 addresses for every piece of dust on the face of the Earth,” Wu Hequan, chairman of the Internet Society of China, told Xinhua in 2017 when the general offices of the Communist Party of China Central Committee and the State Council first unveiled the country’s action plan on the deployment of IPv6.
The system also promises that by using improved routing techniques, the new internet will not only be larger, but faster. In a technical presentation at a technology conference last month, Apple shared some internal statistics in the hope of convincing app developers to adopt IPv6. “And when IPv6 is in use, the median connection setup is 1.4 times faster than IPv4,” said Jiten Mehta, internet technologies engineer at Apple.
More unique IDs may mean “real-name” IP system
Because IPv6 can provide a virtually unlimited number of unique addresses, the Chinese government is considering creating globally unique IP addresses that would be assigned to each citizen as a sort of online identification. Proponents say a previously unattainable goal under IPv4 is now within the reach: a true internet real name system.
China already requires that people prove their identity with government documentation when opening a phone account or registering for home internet service. Once they go online, using different devices, however, the current IP system makes it difficult or impossible to tie people’s real identities to the online devices. IPv6 would change that.
“With IPv6, we would know where every piece of data is from, which machine it was sent from, and who received it,” said Wu Jianmin, chair of computer science and technology at Tsinghua University, according to Xinhua.
Wu Hequan, who also served as director of China Next Generation Internet, said in the same report that would mean China would succeed in pinning online users to real-world identities. “The traceability of IPv6 can also support online applications to established real name authentication systems.”
Outside analysts say this elimination of anonymity online is one of the main reasons China’s leaders are attracted to the system.
“The communist party has been sold on the idea that because of the transparency of the network’s addresses under IPv6, they think it would make it easier to identify people,” said Milton Mueller, a professor at the Georgia Institute of Technology School of Public Policy.
But that is true everywhere, not just China, emphasized Mueller, who is the co-founder and director of the Internet Governance Project (IGP), a policy analysis center for global internet governance. “It is supported by law enforcement authorities in Europe and in the U.S. as well because it is easier to track people down.”
Efforts to improve privacy in IPv6
In 2007, a group called the Internet Engineering Task Force, or IETF, created a feature called “Privacy Extensions” that is designed to prevent the kind of surveillance to which IPv6 would be susceptible.
Dan York, project leader for Open Standards Everywhere at the Internet Society, told VOA that critics of the new system seem to miss that when IPv6 is implemented, the privacy extensions are also implemented to prevent this kind of surveillance.
“For a good number of years now all major operating systems (Windows, Mac OS, IOS, Android, Linux) provide new, randomized IPv6 addresses on a regular basis,” said York, whose organization is a strong proponent for IPv6. “So, on an iPhone, you are repeatedly getting a new IPv6 address throughout any given day.”
The problem is that while those extensions are installed and enabled by default, they may make the system slower and could be turned off entirely. A 2007 IETF document suggests that such a feature could be disabled. The U.S. Department of Commerce’s National Institute of Standards and Technology released guidelines for IPv6 deployment that say organizations only “generally” should use privacy extensions for external communications but not for internal communications.
“With internal IT systems, privacy extensions affect logging and prevent administrators from properly tracking which systems are accessing which services. Many internal resources require the ability to track the end user’s use of services for correct operations,” the guidelines said.
A study by Helsinki University of Technology, titled “IPv6 is Bad for Your Privacy,” also found that the privacy extensions themselves could pose security vulnerabilities if they are used to create a “covert channel” that could violate a user’s privacy.
Impact on VPNs
Many internet users now go online with the help of a virtual private network (VPN), which allows them to circumvent censorship and internet controls. For a variety of technical reasons, the majority of VPNs do not support the IPv6, possibly exposing an internet user’s web activity to their internet service provider.
That is one of the reasons the Chinese government has made migrating to IPv6 a national priority, said Ross Darrell Feingold, a lawyer and political risk analyst who advises clients on doing business in China. “With the use of VPNs common in China, despite being illegal, it is no surprise that the Chinese government and companies have put significant resources into arming themselves with as much knowledge as possible about IPv6,” Feingold said in an email to VOA.
An organization that tracks Chinese censorship, iyouport.org, recommends users not use IPv6 in the VPN application settings to prevent these leaks. “The vast majority of the internet still uses IPv4, but sometimes IPv6 address is used. When it does, your VPN may not be able to protect this address.”
The use of VPNs has become more popular in the United States in recent years as well. A study released in June by Security.org, a security company, reported that 68% of American internet users (142 million) claim to use some type of free or paid VPN.
With IPv6, however, the internet is evolving quickly, and so is online privacy. In 2008, just 0.14% of internet users accessed Google over IPv6. Today, more than 30% do. One of the top U.S. authorities on the issue, the federal chief information officer, has advised federal agencies to anticipate as much as 80% of their traffic could be on IPv6 systems by 2025.