Conceptualizing the reverse great firewall: cybersecurity and the logics of government geo-blocking in China (Journal of Cybersecurity 2026) #596
Description
Conceptualizing the reverse great firewall: cybersecurity and the logics of government geo-blocking in China
Vincent Brussee
https://academic.oup.com/cybersecurity/article-lookup/doi/10.1093/cybsec/tyag005
PDF
CSV data set of Chinese government web sites
This paper explores the fairly recent phenomenon of Chinese government web sites blocking access from outside China. The author calls it a "reverse Great Firewall" because it prevents users outside China from accessing information hosted inside. It is essentially a form of geoblocking: the server chooses whether or not to serve a client based on the client's IP address. The aims of the paper are to document and measure the prevalence of government web site geoblocking, look for patterns, and theorize about what motivations and incentives give rise to it (both technical and political).
The analysis is centered around a measurement study conducted in November 2025. The author sent HTTP/1.1 probes to 13,508 Chinese government websites from vantage points in 14 countries (CN HK TW ZA NG BR TH IT AU SG JP US DE NL). The vantage points were residential proxies from Bright Data (Luminati). Each probe resulted in either success (status 200) or one of a number of possible errors (Table 3): DNS resolution failure, server-side blocking (status 403), timeout, or other. There is a clear difference in overall success rates within and without China; and in fact the results separate into three tiers (Figure 1): China (91% success rate), Hong Kong and Taiwan (65%), and all others (50%). About 6% of probes had an HTTP 403 result, and 3% had a DNS resolution failure; manual testing showed that the majority of these are likely the result of intentional geoblocking. But the largest fraction of errors, corresponding to around 40% of probes, are simple timeouts that are not directly attributable to geoblocking. Rather, they may be caused by routing errors or congestion that affects transnational traffic after it has entered China, something like the what the "Great Bottleneck" research described. The rates of geoblocking and timeout are not uniform across the country: for example, the provinces of Anhui and Henan have generally higher rates of geoblocking, and timeouts are more common in remote areas, farther from the main Internet gateways.
The paper interprets these results, and past historical data, to attempt to infer causes and motivations. Although there is no explicit link, the practice of geoblocking aligns with public statements by the Chinese government that note the risk of data mining and open-source intelligence with regard to publicly accessible resources. (For example, 大数据格局下的保密、泄密与防范 "Confidentiality, Leakage, and Prevention in the Context of Big Data" in 2018.) Geoblocking (where it occurs) seems to have generally begun around 2022 or 2023, which coincides with a notice of the State Council, 2022年政务公开工作要点 "2022 Work Priorities for Open Government Work", that requires preventing leakage of state secrets. Geoblocking may be seen as fitting under the umbrella of "cybersecurity" in the broader sense the word has in China, which includes a notion of social stability. The fragmented and regional nature of geoblocking reflects the distributed management of government web sites, and a hierarchical system of top-down control. Higher levels of government prescribe policy, but it is up to the lower levels to choose how that policy is implemented, which leads to divergent methods, including geoblocking.
Thanks to the author for reviewing a draft of this summary.