Sovereignty, especially in its state-centric definition, can be a driver of fragmentation. It can be about privacy, innovation, and ensuring that the powerful does not overpower the weak, but it can also be about isolation and control – thus triggering fragmentation. Evidence shows that countries such as China have increased their export of deep packet inspection (DPI) and other surveillance and traffic filtering tools in countries where centralising tendencies are emerging. A recent report by the InterSecLab, based on a leak, points in this direction. The company at the center of this is Geedge Networks, linked to a research group at the Chinese Academy of Sciences. Geedge sells a suite of tools that go well beyond simple network management: deep packet inspection, real‑time tracking of mobile users, granular censorship control, blocking of VPNs and circumvention tools, and other surveillance functions. Based on leaked internal documents (over 100,000 files), Geedge has contracts to install these systems in multiple governments, including Kazakhstan, Ethiopia, Pakistan, Myanmar, and at least one other unidentified country. This example of exporting surveillance technologies is of course not isolated: one might think of the Russian company Protei exporting its surveillance and DPI technologies in Iran, and of the Canadian company Sandvine which was widely used in Belarus, Egypt, Eritreia etc.

The report highlights a critical aspect of the remote-controlled nature of these censorship and surveillance systems. The technologies developed and deployed by Geedge Networks allow for centralized management and remote operation of the Great Firewall-like infrastructure across multiple countries. This means that the governments using these systems do not necessarily need to maintain all the technical expertise in-house; instead, Geedge remotely manages and configures the censorship and surveillance tools, enabling real-time adjustments, updates, and monitoring.

This remote-control capability makes the system highly flexible and scalable, as it can be easily adapted to different political and social contexts without requiring significant on-the-ground technical interventions. Additionally, this approach allows the exporting company to maintain substantial control over the systems, potentially influencing how national internet policies evolve, all while keeping its involvement under the radar. The centralized, remote-control aspect of these systems further entrenches digital authoritarianism, as it enables external entities to influence or even dictate the degree of surveillance and censorship in foreign countries.

Of course, the case of Geedza is not isolated: the most recent example is the Russian company Protei exporting its surveillance and DPI technologies in Iran, as reported by the Citizen Lab in 2023 and by Miaan and Global Voices in 2026. This commodification of information control technologies and tight relations between authoritarian regimes and private companies should be analyzed on the global scale, in the light of underlying processes such as standardisation and circulation of policy models. 

From markets to governments and back: circulation of sovereign standards

More in general, countries seek to globalise the technology built by their domestic industry. When such technology affects surveillance and content blocking, the effort made by governments and industry to transform domestic technology into global standards is deeply political. Nevertheless, there are situations in which countries prefer to avoid international standardization and keep national standards. For example, global cellular network standards contain specifications for lawful interception. These are basic specifications to allow interception to take place. However, each country has different rules on lawful interception. While cellular networks within each country are built according to the global standard(s), lawful interception technologies and requirements are then built on top of the globally accepted specifications. While national lawful interception technology standards are usually produced locally through a government-industry collaboration, they are often kept partially untransparent for security reasons. This may explain why the Chinese industry, while strong in cellular networks standardisation globally, does not export its lawful interception standards.

Besides technologies, the models of governance can also become standardized and largely promoted on the international level. In her presentation, Grace X. Yang suggests to analyze relations between China and Russia precisely as a coordinated campaign to re-architect global internet governance. Both countries pursue the goal of normalization of a state-centric model of the internet in which governments exercise ultimate authority over infrastructure, standards, and cross-border data flows displacing the multi-stakeholder governance paradigm. 

Within this framework, Russia destabilizes existing consensus and reframes debates around sovereignty while China fills the institutional vacuum with structured alternatives: draft texts, technical proposals, standards language. The interplay produces gradual normalization of a state-centric governance paradigm. Russia acts as the “Spoiler” – disruptive, confrontational, and politically noisy. China functions as the “Architect” – institutional, technical, and procedural. Russia’s focus is regime security, information control, and destabilization of Western-led governance norms. China’s focus is standards-setting, infrastructural leverage, and long-term institutional embedding of alternative governance models. Together, they operate across two interconnected arenas: the technical front (ITU) and the legal front (UN treaty processes). These spaces allow for both normative contestation and institutional codification.

At the International Telecommunication Union (ITU), China advanced its “New IP” proposal as an alternative internet architecture premised on centralized control, top-down governance, and built-in identity and traceability features. The model contrasts sharply with the decentralized, end-to-end architecture of the current internet. Although formally rejected by the IETF/IEEE technical community, the proposal succeeded in shifting discourse within the ITU. Core principles such as centralization, stronger routing control, state oversight, remain embedded in ongoing discussions about next-generation standards. Here, China’s strategy was procedural and forward-looking: propose alternative foundations and institutionalize them incrementally. Russia’s role was overt political amplification. It supported the proposal diplomatically and rhetorically, challenging Western dominance and reframing debates around sovereign control. Even failed proposals served to normalize the idea that architectural redesign is legitimate terrain for geopolitical contestation.

A second ITU arena involved Russia’s 2022 bid to capture institutional leadership through a Secretary-General candidacy. The attempt failed, largely due to the geopolitical fallout from the invasion of Ukraine. Yet China quietly supported the effort, reinforcing the pattern of backstage coordination. Even in defeat, the episode signaled that leadership of technical bodies is itself a strategic objective.

In the UN arena, the campaign shifted from technical standards to binding legal norms. Negotiations over a global cybercrime convention exposed two blocs:

• A Rights Bloc, advocating balance between sovereignty and human rights, narrow criminal definitions, and flexible cross-border cooperation.
• A Sovereignty Bloc, prioritizing absolute state control, broad criminalization (including content-based offenses), and strict state-to-state cooperation mechanisms.

Russia’s tactic was procedural overload: submitting numerous aggressive amendments, attempting to criminalize vague categories such as “extremism” or “fake news,” and voting to remove explicit human rights safeguards. This “flood the zone” strategy destabilized consensus and expanded the scope of what could be debated.

China’s approach was structurally different. Rather than overt confrontation, it framed the architecture of the treaty: emphasizing capacity building, technical assistance for the Global South, and state-managed cooperation channels (e.g., MLAT-based processes). On key human rights provisions, China abstained rather than voting to remove protections, maintaining plausible moderation while enabling sovereignty-oriented outcomes.

The final treaty text reflects significant victories for the Sovereignty Bloc: expansive cooperation frameworks, strong state control over cross-border data access, and a model of international cooperation rooted in governmental mediation. Through this process, cyber sovereignty moved from political rhetoric into treaty language.

Yang argues that this dynamic is actively constructing the splinternet where fragmentation is not merely technical (e.g., routing or infrastructure divergence) but normative: divergent conceptions of who governs, who accesses data, and what constitutes legitimate control. Importantly, the “Spoiler + Architect” model is presented as portable. Internet governance is a proving ground and AI governance can likely become the next arena. One can expect Russia to disrupt Western ethical frameworks and China to institutionalize alternative standards emphasizing state-centric AI oversight and data governance. The Sino-Russian alignment does not operate as a symmetrical alliance but as a strategic complementarity. Through coordinated action in technical and legal arenas, cyber sovereignty is moving from ideological aspiration to embedded institutional reality. The result is not immediate bifurcation, but incremental re-architecting, where standards, treaties, and institutional leadership collectively reshape the governance logic of the global internet.

Towards bordered markets

From a fragmentation viewpoint, these dynamics create a problem of trust. As industries such as China’s are powerful in infrastructure standardisation and are known to export surveillance technology, the lack of transparency and their non-participation in standardising surveillance requirements in communication infrastructure can be construed as an attempt at preserving secrecy in surveillance infrastructure. Nonetheless, it is worth mentioning that their early attempts at creating a separate DNS have been progressively replaced by growing acceptance of the existing system and its governance mechanisms.

At the same time, as mistrust thrives in this environment, governments push towards the exclusion of selected foreign actors from their domestic infrastructure and service markets. While this does not necessarily yield breaks in the interoperability of communication infrastructures, it can yield ‘bordered’ markets where governments exercise stronger control on operators and service providers, including stronger control on online contents and communications.