The Minister is Wrong: Using Circumvention Tools to Access Censored Websites in Iran is Legal
Iranian Telecommunications Minister Mohammad Javad Azari Jahromi was incorrect when he stated recently that using software to access censored online content in Iran is illegal. Indeed, no such law exists.
“Using circumvention tools is illegal,” he told the state broadcasting organization, abbreviated as IRIB, on September 14, 2017. “As minister of telecommunications, I have the authority to go online without them, so I don’t use circumvention tools.”
Circumvention tools, such as Virtual Private Networks (VPNs), allow users to bypass state filters that block or censor parts of websites.
Iran’s Computer Crimes Law makes no mention of punishing those who access sites that have been blocked or filtered.
Officials have pointed to Article 1 to back up their view that using circumvention tools is illegal. However, multiple Iranian lawyers have noted that Article 1 was written to combat hackers.
According to Article 1: “Anyone who illegally gains access to electronic data that has been protected by security measures may be punished with up to a year in prison and/or fined a maximum of 2 million tomans ($603 USD).”
“What the legislators were trying to do in Article 1 was protect electronic data belonging to private and public entities from hackers,” the president of the Iranian Bar Association, Bahman Keshvarz, told the the Iranian technology newspaper, Fanavaran, in November 2013. “It has nothing to do with circumvention tools.”
That same month attorney, in an interview with the semi-official Iranian Students News Agency (ISNA), Houshang Pourbabaei pointed out that no Iranian law specifies such a crime.
“We know you cannot consider something, i.e. bypassing Iran’s filtering system, a crime when legislators have not specified it,” he said. “A crime is an action that is punished by law. But if an action is not mentioned as a crime, you cannot punish or ban it.”
“Article 1 of the Computer Crimes Law makes no mention of accessing filtered sites,” he added. “In fact, this article concerns the protection of data belonging to organizations and agencies engaged in security or communication projects on national scales in the oil and gas and banking industries, and punishes those who break the security barriers and hack into them.”