Co-authored by Pari Esfandiari, President at Global TechnoPolitics Forum and Imad Payande, Internet Governance Researcher and Policy Analyst.

In January 2026, Iran did not simply face an interruption in internet service. It experienced a structured and intentional separation from the global digital sphere. This event exposed both the depth of society’s reliance on connectivity and the ease with which that reliance can be redirected toward instruments of state authority.

This episode, lasting nearly three weeks, cannot be read as a technical malfunction or an emergency measure that slipped beyond its original purpose. Rather, it functioned as a controlled trial of a new template for digital sovereignty. In this template, the organizing principles shift: state control overrides the basic expectation of open communication; surveillance is prioritized over systemic resilience; and the suppression of public voice becomes an operational substitute for legitimacy.

A Shutdown That Began Before It Was Announced

The blackout did not begin on January 8, when traffic collapsed across the country. Its origins were visible days earlier in subtle but measurable distortions. Starting January 1, Cloudflare data showed that nearly one-third of Iran’s available bandwidth had quietly disappeared. Users still had nominal access, but the network behaved erratically: pages loaded slowly, latency fluctuated, and speeds dropped to levels incompatible with normal use.

By early January, Cloudflare Radar detected unusual waves of cyber activity originating from domestic mobile networks, where millions of compromised devices had effectively become part of a botnet. To engineers and infrastructure observers, this suggested a system destabilizing from within; a precursor to something far more systemic.

This “pre-blackout” phase functioned as a form of digital gaslighting. By the time connectivity collapsed completely, people had already been conditioned to accept failure as natural rather than imposed. After years of recurring nationwide and provincial outages, a kind of offline preparedness had taken root: as soon as the early disruptions appeared, people rushed to download movies and documents, back up passwords, sync cloud drives, and secure whatever digital assets they could before the next collapse.

What made this episode even more disorienting was that, for nearly a week, even domestic instant messaging and social media platforms were unable to deliver messages, a breakdown that was unprecedented and that deepened the sense of isolation. The shift from “almost offline” to “completely offline” unfolded in a social environment already primed for disruption, which made the final cutoff feel less like a sudden event and more like the predictable culmination of a controlled, security-driven escalation.

The Moment of Collapse and the Myth of Control

On January 8, national traffic began to fall rapidly around 16:00 local time. Provinces went offline in sequence, starting with Tehran, followed by Kermanshah, Hamedan, Bushehr, Fars, and East Azerbaijan. By early evening, the country was effectively dark.

The first 24 hours exposed how deeply the Internet has become embedded in basic functionality. One-time passwords stopped arriving, locking users out of banking and government platforms. ATMs and card readers failed nationwide. High-traffic domestic websites collapsed under load as people searched desperately for information. Municipal portals, land registries, healthcare systems, and student platforms all went offline. SMS services nearly vanished. Newsrooms reverted to publishing emergency phone numbers.

The institutional response was chaotic. The government not only failed to present a coordinated response, but it also made clear, almost inadvertently, that even the Supreme Council of Cyberspace bore no operational responsibility for the shutdown. Decisions on national connectivity were made directly by the Supreme National Security Council, leaving technical ministries and regulatory bodies, including Iran’s Ministry of ICT, sidelined and unable to offer a coherent plan for maintaining essential services. The outcome exposed the deeper illusion at play: the belief that a state can deactivate the Internet at scale while its governance apparatus remains functional and society continues unaffected.

Lived Silence: When Connectivity Becomes a Privilege

While traffic graphs captured the collapse technically, testimonies from “Offline Iran” documented its human cost.

Freelancers working with foreign clients, developers, designers, translators, marketers, lost access to GitHub, cloud tools, payment platforms, and communications overnight. Years of accumulated trust evaporated in hours. Content creators lost audiences and income. Startups nearing profitability stalled indefinitely.

The shock quickly spread beyond digital professions. Importers incurred penalties because they could not issue instructions abroad. Manufacturers lost contact with clients. Home-based businesses disappeared from view. Travel agencies suspended operations. Doctors lost access to clinical databases. Therapists could no longer meet patients online. Students missed scholarship deadlines and exams. Teachers in rural areas lost both instructional tools and personal communication channels.

Unexpected dependencies surfaced everywhere: parents lost access to cloud-connected cameras monitoring vulnerable family members; patients dependent on telemedicine were cut off; even recreational digital routines, gaming, browsing, and short videos vanished, removing coping mechanisms for stress and isolation.

Across hundreds of testimonies, the same words recurred: hopeless, exhausted, broken, starting from zero. Many described spending years building fragile stability that disappeared overnight.

Silence itself became a form of control. For days, millions could receive state broadcasts but could not transmit outward. Smartphones became televisions, devices for watching, not speaking. Connectivity, once a public utility, had become a rationed privilege.

Digital Sovereignty, Rewritten

The Iranian government justified the blackout as a proportionate security measure and framed it as an exercise of digital sovereignty, presenting the right of the state to manage its networks as the central rationale. But what unfolded was not sovereignty in the sense once advocated by indigenous communities or postcolonial states seeking autonomy. It was sovereignty directed against the population.

While ordinary citizens were cut off, the state retained selective “whitelist” access to international platforms. Officials continued posting on X and Telegram, broadcasting narratives to the world. Connectivity became stratified. This produced a digital caste system: sovereignty for the state, subjection for the individual.

The long-promoted National Information Network (NIN), a domestically controlled “internet”, was meant to ensure resilience. Instead, it failed catastrophically. OTP systems relied on global SMS gateways and collapsed. Pharmacies could not verify prescriptions. Hospitals lost access to cloud-based records. The promise of continuity proved illusory.

When citizens turned to satellite connectivity as a last resort, the state adopted a more assertive spectrum-management posture. Mobile interference units were activated to disrupt Starlink terminals, and signal-suppression activity extended into residential zones, a shift from previous practice, where such measures were typically confined to controlled or military environments. Under these conditions, connectivity was treated as a channel requiring active security regulation.

The Economic Aftershock: Restoration Is Not Recovery

After nearly two weeks, signs of reconnection appeared. Google.com became reachable for some users, but Drive, Gmail, GitHub, Wikipedia, and AI platforms remained blocked. VPNs flickered for minutes, then collapsed. Businesses were granted supervised “emergency terminals” for brief access under observation. IXPs reopened, then shut again. Traffic rose to 30—50 percent of baseline, driven largely by organizational channels rather than public access. Even after official announcements, Cloudflare data showed sustained underperformance. When the network finally reopened after roughly 470 hours, the damage was already embedded.

International clients who lost contact with Iranian developers did not return. Contracts moved elsewhere. Supply chains remained jammed. Educational schedules collapsed. Psychological harm lingered. A black market for connectivity emerged during the blackout, with short bursts of access sold at crisis prices. The second illusion was exposed: the idea that “switching the Internet back on” resolves the crisis. Restoration is technical. Recovery is social, economic, and psychological, and far slower.

With nearly a month now passed since the start of the unrest, the everyday experience of users shows how incomplete the recovery remains. The market for VPNs has surged to levels not seen in years, and many users are effectively forced to maintain multiple VPNs in parallel, one for Irancell, another for MCI, and separate configurations for fixed-line ISPs, because each network behaves differently under filtering and intermittent routing resets. This fragmentation has become part of daily digital life, reinforcing the sense that connectivity has returned only in appearance, while in practice, access remains unstable, conditional, and costly.

The Global Stakes: Sovereignty vs. the Internet Commons

Iran’s blackout exposes a growing legitimacy gap in Internet governance. The Internet was built as a bottom-up system, legitimized by the engineers, operators, and users who maintained it. Today, authoritarian states increasingly bypass that community, appealing instead to intergovernmental bodies to legitimize shutdowns and surveillance under the banner of sovereignty.

By framing disconnection as a sovereign right, states rewrite the social contract of the digital age without consent. This marks a shift from content regulation to infrastructural violence, where control is exercised by amputating connectivity itself. If this model is normalized, the global Internet becomes a patchwork of national kill switches. The “open web” survives only where politics allow it.

A Warning, Not an Anomaly

The lesson of January 2026 is not only that the Internet remains structurally fragile. It also shows that the system of global governance meant to safeguard it is increasingly misaligned with current realities. When political authority operates without effective institutional constraints, essential digital infrastructure can assume a coercive function rather than a connective one. A nation that goes offline does not simply forfeit data or economic activity. It loses trust, agency, and its effective position within the global commons.

The question now extends beyond the situation of dissidents or the concerns of a single national public. What is being contested is the future configuration of the Internet itself. As more governments invoke the language of digital sovereignty to justify broad shutdowns, the underlying shift becomes clear. A system built on shared standards and global interoperability is giving way to a landscape where discrete, state-managed internets operate according to domestic security priorities rather than collective global interest. If sovereignty is permitted to supersede connectivity without meaningful constraint, the Internet loses its character as a universal infrastructure and collapses into a set of national kill switches.

The nationwide shutdown in Iran in January 2026, therefore, represents more than a domestic crisis. It is effectively a test of the broader international order that continues to portray the Internet as an open, unified public commons. In practice, much of what is termed “global” depends on standards and ecosystems shaped by actors in the United States, from IPv4, HTTP, QUIC, and BGP to the dominant DNS resolvers, browsers, and platforms that structure ordinary access. Yet the model of state control does not offer a coherent alternative. Governments increasingly employ their authority over networks to construct fragmented and selectively restored internets, calibrated to political pressures and security calculations, as evidenced by the recent reliance on whitelist-based reconnection. The result is a deeper dilemma. The issue is no longer solely about preserving an open Internet, but rather who possesses the authority to define its structure and govern its boundaries.