The Great Firewall of China

One quarter of a century after the concrete wall in Berlin was torn down, new walls arise daily. These new 21st century walls are virtual in nature, yet their effect is quite real. So-called ‘firewalls’ or filters can protect information technology systems as well as censor the flow of information, thereby denying everyone on the other side the unfiltered access to one of the greatest inventions: the Internet.

 About (Fire-)Walls

Walls are meant to protect—against storms, tides, wild animals or human aggressors. There have always been walls at the centre of political debates. The Hadrian’s Wall, the Mauer, which divided East and West Germany or the Great Wall of China—which is probably the most well-known wall still in existence. It was built to guard the Chinese kingdoms and later on combined to serve as protection for the Chinese Empire Following this historical precedent, the People’s Republic of China transferred the idea of a wall protecting its geographical borders to the digital domain. The virtuality of such walls does not make them less of a political issue.

The Golden Shield Project

Nowadays, walls can even consist of 1’s and 0’s, code fragments in a digital world, referred to as firewalls. However, firewalls even existed before they became part of our 21st century defences against dark corners of the Internet. They are devices commonly found in cars or planes with the purpose of stopping fires from spreading, thus increasing safety. Similar, computer firewalls serve as protection from malicious activities spreading towards personal devices and business networks. These firewalls can be installed on individual devices, on the edges of corporate or government networks and, with reference to the Great Firewall, even as divider between one nation-state’s networks and the rest of the worldwide Internet.

The Great Firewall, also known as the Golden Shield Project, was initially designed as a database project, interconnecting various networks such as law enforcement agencies and close circuit television (Lyons, 2009). It has since then been developed into the “world’s most sophisticated information barrier, a semi-permeable membrane that lets in what the government wants and blocks what it doesn’t” (Goldsmith and Wu, 2008: 92). The Great Firewall makes for a potent technical platform which could potentially protect Chinese business systems, personal devices and government’s networks in addition to its destined purpose. If it were used as such, it could do what walls do best: protect its government’s interests.

In a way, the Great Firewall of today serves its purpose to defend the government’s best interests. Instead of achieving this goal by protecting the people from harm, it does so by surveying them and tampering with their free access to information. The Great Firewall is “in effect a giant distributed firewall connected to all of the edge routers in China. All border routers in China route through the Great Shield. A major function of the Great Shield is to block access to content by preventing IP addresses from being routed through the Shield. This portion of the Great Shield consists of conventional firewalls, DNS Servers and Proxy Servers. The proxy servers map undesired foreign IP address to an internal server in China (transparently)” (Singh, 2012). To put it simply, information leaves and reaches China only through certain Internet gateways, which are equipped with tools to block and track information flow. It is comparable to a destination which can only be reached through a certain number of highways. All of these highways have border control in place, checking every single vehicle traveling on it in either direction. It can also block all the traffic, look into (most of ) the cars and paint the top of a car with fluorescent colour to track it later on. The border control follows instructions from the government no matter what they are.

In a way, the Great Firewall of today serves its purpose to defend the government’s best interests. Instead of achieving this goal by protecting the people from harm, it does so by surveying them and tampering with their free access to information.


Walls are meant to protect. However, they can and always have been perverted for political purposes. In that sense, the [ab]use of the Great Firewall is not inherently unheard of. This firewall ‘protects’ the Chinese netizens from unfiltered access to information and free speech and facilitates prosecution of those who seek it. There might be advantages for the Chinese government to use the Great Firewall as a tool for censorship and surveillance but it comes with a number of drawbacks as well. It’s in the best interest of the government’s decision-makers to carefully examine those detriments and change the project accordingly.

There are three major disadvantages and potential problems for the Chinese government with the current setup of the Great Firewall. First, the most crucial issue is the Chinese business interest. Globalisation is progressing fast-paced and leaves rarely a business completely disconnected from worldwide interaction and connection. Thus, an unfiltered access to data and information on the Internet is crucial for businesses around the world—even those located in China (Mozur and Tejada, 2013). If the government appreciates its companies to be efficient, it has to allow them unfiltered access to information, even outside of the special economic zones. The same goes for attracting foreign investments. If the government wants international companies to set up in China, restrictions on Internet access are counterproductive. Economic interests can potentially exert a lot of pressure on the government. Second, the firewall creates social pressure. Though not as vital as economic pressure, social pressure is still something that the Chinese government has to take into account. People who are tech savvy can penetrate the Great Firewall without too much of a hassle, even though it is a constant cat-and-mouse game in which getting caught on the grounds of subversion is an unfavourable outcome for every citizen. The not-so-tech savvy citizens, on the other hand, might not be too happy about the restrictions either. Maybe they are not able to communicate with friends or relatives outside China or they would simply like to access content on the Internet which is blocked. Third, there is also the political dimension, especially within the international arena. Censorship and spying on citizens make international negotiations more difficult for a stakeholder—at least with countries officially valuing freedom of speech. Thus, keeping censorship in place might agitate international partners—especially in connection with economic interests. Taking all these points into account, the current setup is not going to be a successful long-term strategy.


From social, economic and political points of view, changing the setup of the Great Firewall seems prudent. This does not however mean that the Great Firewall should be abandoned, the opposite is true. It should be maintained and upgraded to serve the original purpose of walls: to protect. With the revelation of the Olympic Games cyber sabotage campaign and subsequent countless espionage campaigns, (fire-)walls in the virtual domain might now be needed more than ever. Having this unique infrastructure in place puts the PRC at a competitive advantage when it comes to cyber security. While hardening the firewall to resist attacks from the outside, it should make it easier for Chinese netizens to travel back and forth through it without restrictions. If the Great Firewall of China is adapted to serve as real protection, it might truly be following in the historical footsteps of its predecessor.



Sven HerpigSven Herpig wrote a Ph.D. thesis entitled “Strategic Implications of Cyber Security and Warfare for the Nation-State” at the University of Hull. He regularly participates in conferences and has presented inter alia at the Royal Military Academy of Sandhurst and the EU forum on Trust in Digital Life & Cyber Security. He recently published a work entitled “Anti-War Era: The Need for Proactive Security” in the Springer series on Communications in Computer and Information Science (CSIS).

This article originally appeared in the “Walls” Edition of Schlossplatz3 in Winter 2014. From 2006 to 2014 Schlossplatz3 was the official student magazine of the Hertie School of Governance.