The month of April coincided with the first month of the Iranian Calendar year 1401 and its national holidays, as a result, policymaking in Iran followed a slower pace. However, one important development in April has been a significant vote in the Iranian parliament, indicating a major delay in passing the dangerous “User Protection” Bill.
In the early days of the new year, Iranians faced devastating internet price hikes, which will inevitably price many out of access to the internet.
In addition, this month Iranians experienced large-scale and prolonged internet disruptions, sometimes lasting days, with users in Tehran, Ardabil, and Fars province experiencing the greatest impact. Our Network Monitor has more details about these disruptions.
Uncertain future for “User Protection” Bill
On April 11 during a private session of the Iranian Parliament, deputies voted to halt the process which gave authority to a committee of 19 deputies to decide the future of the “User Protection” Bill.
Previously, based on Article 85 of the constitution, the Iranian parliament voted to give full authority to a joint committee of Iranian parliamentarians to discuss, amend, and pass the bill, without having to consult the rest of the parliament. As Filterwatch previously reported, the joint committee of 19 deputies on February 22 approved an initial draft of the bill.
However, the motion passed on April 11, which gained the support of 120 of the deputies, will dissolve this committee and leave the discussion about the future of the bill to the Iranian parliament as a whole.
Over the last year, the bill and its proposed vision of the internet in Iran have provoked significant amounts of anger and online protests among the Iranian public. It is unclear how the Iranian parliament will seek to discuss the bill now, as no definite timetable has been given. However, one thing is clear – deputies in parliament are fully aware of public backlash against the bill and hope to prevent the bill from passing in its current form.
Supreme Council for Cyberspace’s meeting
On April 19 Supreme Council for Cyberspace held its first meeting of the Iranian calendar year 1401. Iranian news agencies or SSC’s website have not reported any details of what was discussed during this meeting.
Prior to the meeting, there were a number of media reports claiming that the speaker of the Iranian Parliament Mohammad Baqer Qalibaf has sent the latest draft of the user protection bill to SCC for review. However, on April 18 an official statement by SCC denied this.
It appears that the speaker of parliament is actively seeking a path for the parliament not to be responsible for the passing of the bill, and would prefer that the bill was approved by the SCC to avoid political backlash against the parliament and its deputies.
Threats of a no-confidence vote against the ICT minister
On 13 April Zabiollah Azami Member of Parliament from Jiroft announced that 30 members of parliament have registered their support for a motion of no confidence in the ICT minister Zarepour. According to Azami, the motion is currently halted as the minister has promised to improve rural areas’ access to the internet during the current Iranian calendar year.
At this stage, there appears to be no real momentum behind a vote of no confidence in the parliament. However, with the growing unhappiness about the slow speeds and increase in internet cost, parliament might choose to consider this more seriously in the coming months.
Teachers Union Activists and targeted internet disconnection
On 23 April Emtedad Telegram channel reported that during the protest of teachers’ unions which took place across the country on April 21, a number of activists were disconnected from the internet while they took part in the gatherings. According to Emtedad’s report, activists were individually targeted and the internet access on mobile phones registered to their names was disrupted.
Although localised shutdowns are now regularly implemented by the authorities in Iran, disrupting individuals’ access to the internet has not been identified as a tool used by Iranian authorities. This is a worrying development which puts activists and public figures in notable danger.
State continues to force Iranians to use domestic messaging apps
On April 25 Zoomit reported that mobile phone users inside Iran need to use a domestic messaging app called “We” for registering and activating any new mobile phones. All mobile phones in Iran need to be registered with authorities before they can use active sim cards and access mobile services.
Forcing Iranians to download and use a domestic messaging app to access mobile services is a policy designed to increase the download and usage of domestic messaging apps which are still not trusted by the general public in Iran due to security and privacy concerns.
Internet users hit by price hike
On April 8, the Iranian website Zoomit reported that the price of accessing the internet has increased by 100% for some internet providers. Given the poor quality of the internet connection in recent months, the devastating price hike was met with anger by consumers. Initially, Iranian ICT officials claimed that they would investigate the rise in prices but on April 14 the ICT Minister declared that the rise in prices is legal and in line with regulations.
Meta takes action against two cyber-espionage networks
On April 7 Meta published its Adversarial Threat Report for the first quarter of 2022. The report states that the company has taken action against two cyber-espionage networks originating inside Iran. According to the report, the first network was linked to a group of hackers known in the security industry as UNC788 and the second was a separate, previously unreported group that targets industries like energy corporations. According to Meta’s report, both networks have been using social engineering, malware, and spoofed pages to target their victims.
Iran claims Cyber attack foiled
On April 25 AFTA Strategic Management Center, an Iranian cyber security institution claimed that Iran has foiled a large scale cyber-attack against Iranian infrastructure. According to the announcement the attack originated from IP addresses based in the Netherlands, United States, and the United Kingdom. “The hackers were planning to exploit the security hole in one of the widely used applications at [Iranian] organizations to get access to the infrastructures and their data, inject them their own malware, and give them their desired commands.” Iranians claimed that they stopped the attack before it succeeded in targeting hundreds of servers within Iranian infrastructure.
