Iran's Web Spying Aided By Western Technology

Instead, in confronting the political turmoil that has consumed the country this past week, the Iranian government appears to be engaging in a practice often called deep packet inspection, which enables authorities to not only block communication but to monitor it to gather information about individuals, as well as alter it for disinformation purposes, according to these experts.

The monitoring capability was provided, at least in part, by a joint venture of Siemens AG, the German conglomerate, and Nokia Corp., the Finnish cellphone company, in the second half of 2008, Ben Roome, a spokesman for the joint venture, confirmed.

The "monitoring center," installed within the government's telecom monopoly, was part of a larger contract with Iran that included mobile-phone networking technology, Mr. Roome said.

"If you sell networks, you also, intrinsically, sell the capability to intercept any communication that runs over them," said Mr. Roome.

The sale of the equipment to Iran by the joint venture, called Nokia Siemens Networks, was previously reported last year by the editor of an Austrian information-technology Web site called Futurezone.

The Iranian government had experimented with the equipment for brief periods in recent months, but it had not been used extensively, and therefore its capabilities weren't fully displayed -- until during the recent unrest, the Internet experts interviewed said.

"We didn't know they could do this much," said a network engineer in Tehran. "Now we know they have powerful things that allow them to do very complex tracking on the network."

Deep packet inspection involves inserting equipment into a flow of online data, from emails and Internet phone calls to images and messages on social-networking sites such as Facebook and Twitter. Every digitized packet of online data is deconstructed, examined for keywords and reconstructed within milliseconds. In Iran's case, this is done for the entire country at a single choke point, according to networking engineers familiar with the country's system. It couldn't be determined whether the equipment from Nokia Siemens Networks is used specifically for deep packet inspection.

All eyes have been on the Internet amid the crisis in Iran, and government attempts to crack down on information. The infiltration of Iranian online traffic could explain why the government has allowed the Internet to continue to function -- and also why it has been running at such slow speeds in the days since the results of the presidential vote spurred unrest.

Users in the country report the Internet having slowed to less than a tenth of normal speeds. Deep packet inspection delays the transmission of online data unless it is offset by a huge increase in processing power, according to Internet experts.