On 4 November 2025, the United Nations in New York published the new report of the Special Rapporteur, Mai Sato, on the situation of human rights in the Islamic Republic of Iran; a report that was formally presented to the General Assembly and a part of which is also dedicated to digital surveillance and internet control.
General Assembly, A/C.3/80/L.30, 4 November 2025 (Download)
General Assembly, A/HRC/RES/58/21, 4 April 2025 (Download)
Human Rights Council, Situation of human rights in the Islamic Republic of Iran, 12 March 2025 (Download)
The new report of the UN Special Rapporteur on the situation of human rights in the Islamic Republic of Iran offers a coherent picture of the transformation of digital surveillance and internet control into a structural mechanism in the country's security governance. This report, prepared by Mai Sato based on official documents, open data, and the testimony of dozens of independent sources, emphasizes that internet shutdowns, organized censorship, arbitrary surveillance of online activities, and patterns of transnational repression against opponents and human rights activists are no longer temporary phenomena but have become a fixed part of the security strategy of the Islamic Republic of Iran. Sato, in her assessments, shows how intentional internet disruptions, digital surveillance of citizens, and the use of technology to intimidate and discredit human rights defenders have directly limited freedom of expression, freedom of assembly, and the right of access to information.
What do we read in Sato's report?
The legal backbone of the special report on human rights in the Islamic Republic relies on two main texts: the report on the vision and priorities of Sato's mission to the General Assembly in 2024 under number A/79/371 and her thematic report to the Human Rights Council in March 2025 under number A/HRC/58/62. Sato herself explicitly states in paragraph 4 of report A/HRC/58/62 that in her report to the General Assembly, she defined three axes: transparency, gender, and the right to life, as the priorities of the mission. In the introduction to this same report, she explains that she has been the recipient of a mass of reports and data from civil organizations and individuals emphasizing "severe media censorship" and the "risk of reprisal against those who report human rights violations." This framework defines the issue of controlling the flow of information and repression in the information environment as a structural axis from the outset, even if the word internet does not appear frequently in the report.
The central point for linking digital rights and women's rights is the "Law on Support for the Family through the Promotion of the Culture of Chastity and Hijab." This law criminalizes "non-observance of hijab" for all individuals over 12 years of age both in physical spaces and in the online environment, and predicts punishments of up to 15 years in prison and even the possibility of issuing a death sentence under the charge of "corruption on earth." She shows that this law is not merely a behavioral regulation, but a "comprehensive strategy for social control" resting on three pillars: a) significant intensification of punishments, b) injection of government-approved values into education and public discourse, and c) creation of an "extensive surveillance network" through mandatory reporting requirements for citizens and businesses. Sato clarifies that this mechanism turns citizens into "law enforcement agents" and specifically imposes double economic and social pressure on vulnerable groups, including youth and social media users. This description practically portrays the hijab law as part of the digital surveillance infrastructure that stands in direct conflict with freedom of expression, the right to privacy, and the principle of non-discrimination in the Covenant on Civil and Political Rights.
The resolution of the Third Committee of the General Assembly under number A/C.3/80/L.30 continues exactly this axis and in paragraph 15 (p 4), mentions the "temporary suspension" of this law, but simultaneously expresses "serious concern" regarding the possibility of its future implementation; especially since this law makes compliance mandatory both "online and offline." The text of the resolution goes further and refers to "coercion to comply" and "surveillance" of mandatory hijab laws, including "harassment of women and girls for non-compliance" and "use of facial recognition technology and surveillance technologies in universities," which has led to denial of entry, course deletion, and expulsion due to non-observance of hijab or human rights activities. This direct juxtaposition of the terms hijab, facial recognition, and the academic environment in one paragraph, for the first time at the General Assembly level, documents the structural relationship between the mandatory hijab policy and the use of surveillance technologies on the internet and in educational spaces.
At the broader level of civil liberties, the most important section of the resolution for the internet discussion is paragraph 19. In this paragraph (p 5), the General Assembly calls on the Islamic Republic of Iran to end violations of the rights to freedom of opinion and expression "whether online or offline" and immediately lists a comprehensive catalog of internet disruption methods: "total or partial internet shutdown," "blocking of social media platforms and applications," "shutting down networks," and "slowing down access to the internet, applications, and mobile data services," as well as "online censorship to intentionally prevent access to or dissemination of information on the internet." The text then, while "acknowledging" the lifting of the ban on access to certain platforms as a positive step, emphasizes "concern" regarding "existing measures that limit online access," "use of digital technologies to harass and discredit the work of human rights defenders," "arbitrary or unlawful surveillance on online and digital platforms," and other "widespread restrictions on access to the internet or dissemination of information on the internet," and finally explicitly calls for the abandonment of the bill known as "Protection of Users' Rights in Cyberspace," because its implementation "undermines the fundamental rights and freedoms of individuals in the online environment." This paragraph, with explicit language, reinterprets almost all tools of internet governance in the Islamic Republic of Iran within the form of a single pattern of systematic human rights violation and places it in contradiction with the standards governing permissible restrictions under Article 19 of the Covenant on Civil and Political Rights, which must be legal, necessary, proportionate, and non-discriminatory.
Another dimension of Sato's report, which directly relates to digital security and the media space, is transnational repression and the targeting of journalists and activists in exile. In paragraph 42 of report A/HRC/58/62, she explains that the efforts of Iranian authorities to "suppress critical voices and limit civic engagement" have gone beyond borders and affected Iranian communities worldwide. She refers to a data mapping tool launched in December 2024 that has documented at least 452 cases of targeting Iranians abroad from 1979 to the present, including assassination, death threats, and other acts committed with the aim of "silencing dissent and suppressing fundamental rights" (paragraph 42, p. 10 A/HRC/58/62). Sato then specifically highlights the situation of journalists and staff of BBC Persian and Iran International, including the knife attack on Pouria Zeraati in the UK, and refers to the "pattern of gender-based and sexual harassment against female journalists." Although the text of the report does not explicitly use the term cyber attack, when we place this description alongside the resolution's reference to "digital tools" to harass and discredit human rights defenders and "transnational repression through digital, physical, and other means," a complete picture is formed of a chain connecting threats, online attacks, surveillance of families inside the country, and physical operations abroad (paragraph 21, p. 5).
The resolution subsequently, in paragraphs 23 and 25, recalls the role of an "independent, diverse, and pluralistic civil society" and calls on the Islamic Republic of Iran to create a safe and enabling environment, "online and offline," for the activities of human rights defenders, journalists, writers, and artists, and to end threats and intimidation against them inside and outside. These paragraphs, alongside Sato's report on threats against exiled media staff, show that digital surveillance and intimidation are not limited only to inside the country, but are part of a pattern of transnational repression that violates the right to freedom of expression, freedom of assembly, and personal security for Iranians abroad as well.
In sum, what is obtained from putting together A/79/371, report A/HRC/58/62, and resolution A/C.3/80/L.30 is not a picture of internet surveillance and censorship as a case-specific or temporary policy, but as a governance architecture: an architecture that, on one hand, with the hijab law and the use of facial recognition and reporting networks, places the bodies and behavior of women and social media users under permanent surveillance; on the other hand, by cutting off and disrupting the internet, blocking platforms, and passing restrictive bills, closes the information space; and finally, by utilizing digital tools and monitoring families inside, targets the media space abroad and activists in exile. These three layers, together, mean a structural violation of Iran's obligations under the Covenant on Civil and Political Rights in the areas of freedom of expression, access to information, freedom of assembly, and personal security, the very thing Sato attempts to show in her reports with documented language based on concrete examples.
OSINT Findings: Iran’s Digital Surveillance Architecture
Independent network measurements and security analyses show consistent patterns of deliberate internet disruptions, regional shutdowns and broad-based monitoring of user communications. NetBlocks, Access Now and Citizen Lab have repeatedly documented platform blocking, bandwidth degradation and state-directed censorship, while phishing and spyware campaigns attributed to groups such as Charming Kitten and MuddyWater continue to target journalists, activists and ordinary users. Although the UN report avoids naming companies, its references to arbitrary monitoring and digital harassment align closely with OSINT evidence on Iran’s deployment of surveillance technologies, filtering infrastructure and mandatory reporting systems.
Conclusion
Sato’s report provides a structured, evidence-based overview of how the Islamic Republic of Iran’s digital surveillance, internet censorship and transnational repression form an integrated system. The findings offer researchers, journalists and civil society a clear framework for documenting violations, mapping attacks and advancing rights-based advocacy. For Raznet’s international audience, this analysis demonstrates that internet restrictions in Iran are not episodic responses but part of an entrenched security architecture targeting both domestic and diaspora communities.