Elon University

Internet Governance Forum – USA, 2009: The day before IGF-USA, historic decision regarding management of critical Internet resources

IGF USA Banner Logo

Briefing on AoC and post-JPA ICANN on Capitol Hill

The Congressional Internet Caucus hosted a briefing titled “The Future of the U.S. Government’s Role in ICANN, Internet Addressing and Internet Governance” on Capitol Hill at noon Oct. 1. Participants included moderator Tim Lordan of the Internet Caucus Advisory Committee; John Kneur, former assistant secretary for communications and information administrator of the National Telecommunications and Information Administration of the U.S. Department of Commerce; Brenden Kuerbis, of the Internet Governance Project; Steve Metalitz of Mitchell Silberberg & Knupp LLP; and Steve DelBianco of NetChoice.

Following is a brief rundown on what was said in reflection on the U.S. decision not to renew the JPA Sept. 30, instead releasing a document titled “Affirmation of Commitments by the United States Department of Commerce and the Internet Corporation for Assigned Names and Numbers.” (See the “Affirmation of Commitments document that was released Sept. 30 here)

Jon Kneur
Bottom-up is the right model for assuring ICANN is balancing the interests of its constituencies. The private sector – with an organization like ICANN – is the way that this should be done. The United States retains a certain stewardship role in collaboration with other governments through the Affirmation of Commitments. ICANN’s primary responsibility is to retain the stability of the domain name system… Take no action adopt no policy that will have an adverse effect on the stability and security of the Internet. This should be a successful outcome of a long process.

Steve DelBianco
If you take a complex problem and look at it just the right way, it becomes more complex. In 2006, John was able to engineer a three-year extension of the JPA. Over 2007, 2008 and 2009 there were building tensions when we extended the agreement. At the Internet Governance Forum in Rio in 2007, the Russian government expressed concerns about U.S. influence. There was resentment about the U.S. role. Over the past few months the International Telecommunications Union began to overtly express an interest in filling the shoes of the U.S. as overseers of the Internet. This caused some concerns. There is also concern over plans to expand the domain name system right now. Some people said we should extend the JPA to protect the Internet from “capture” by the United Nations or some other organization. Several people in Congress expressed the desire to address this. The Energy and Commerce Committee held a hearing, and the House Judiciary Committee sent a letter to ICANN and held a hearing as well about ICANN’s accountability to its principles. China said, “we aren’t going to wait for ICANN to come up with a system for domain names,” so they came up with their own internal network using their own language. This all stirred things to a boil. It came to a head, and now ICANN’s independence day will be known as Sept. 30, 2009. But it is not an accountability independence day. It balances some of the forces, though. The Government Advisory Committee at ICANN now has a role. The way we relieved the pressure was to give governments more say, we took pressure off internationalized domain names, GAC has more responsibility.

Brenden Kuerbis
We have both praise and criticism for what happened. It is a new phase for ICANN, stepping away from U.S. oversight. We commend the Obama administration, NTIA and ICANN for this decision. (See the Internet Governance Project blog on this topic, written by Milton Mueller)

They engaged governments, business and others in the decision. The JPA subjected ICANN to the DC lobbying scene and failed to make ICANN sufficiently internationalized. We believe there are some design flaws in the AoC – the five-page commitment paper – with regard to accountability. We argue that ICANN’s problems do not derive from a lack of oversight but from a lack of specific well-defined rules by which ICANN can be judged. If these do not exist, a review panel can just become another layer of politics and second-guessing.

Some key points: 1) The review panels are not external to ICANN – they are selected by the people responsible for what ICANN does. 2) The review panels’ composition will represent ICANN’s current policymaking organs. 3) The AoC conflates procedure and policy issues with decisions ICANN makes. Are they going to second-guess policy decisions and make judgments about the processes followed? Top-down review panels can short-circuit the bottom-up process that exists in ICANN. Where should you commit your resources? You are going to see some increased lobbying of the ICANN board and the GAC. The GAC is infamously opaque, and it will be hard to determine how decisions will be made in the composition of these review panels. The AoC is a set of guidelines that still have to be implemented and that is left to the Internet community to work through together, and hopefully it will go well and things will be improved.

Steve Metalitz
I have served many terms with the intellectual property constituency in ICANN. In regard to the AOC, I can raise two questions briefly. What has changed? – especially from the perspective of Congress. And how does it affect the average Internet user? Perhaps less has changed than meets the eye. The U.S. engagement in ICANN once appeared larger than it really was and the change is probably less than what it appears. Most people don’t pay attention to plumbing unless something goes horribly wrong and then they pay a great deal of attention to it. I think that’s the way Congress has been about the Internet.

It has changed now that the U.S. no longer has an exclusive role in ICANN – it continues to have a pre-eminent role, but not exclusive. The United States government is still going to be playing an important role, and there are still going to be opportunities for Congress to exercise oversight if something goes wrong with the plumbing. The United States can still exercise a fail-safe role for want of a better term – the United States is still exercising the IANA role. And Congress still has its legislative role in the United States – for instance doing things like passing legislation on cybersquatting and trademark concerns.

Many people outside the United States were provoked by the JPA. I don’t agree they were justified, but that provocation has been removed and that is a positive.

There are three examples of things that could go wrong with the plumbing that Congress should still pay attention to. 1) The plan to roll out hundreds of new generic top-level domain names. We now have about 20 that are not the country codes. We could wind up with 100 of these in just a year or two. For consumers there is a huge risk for confusion and a risk that it won’t be functional and a question of whether this is really going to deliver positives for the public. ICANN has said it won’t move ahead until some questions have been resolved, but… 2) The second has to do with Whois, which allows you to find out who is working under a domain name online. There have been attempts in ICANN to make this information less accessible, in the Affirmation of Commitment ICANN said we will continue that policy but we will review it in a year. That is an extremely important question. This is a key tool for accountability in law enforcement, children online, intellectual property and other areas. 3) The third thing that can go wrong with the plumbing is in the security area. The domain name system is source for many serious vulnerabilities. ICANN has become more active in this but they may also have other priorities and be pushed in other directions. For instance, we have been told that technically it will not be difficult to add hundreds of new gTLDs and we have been told that it is not technically difficult to improve security, but it will be difficult to accomplish both simultaneously. It would be much more lucrative for ICANN to pay attention to rolling out the gTLDs. Security is important.

Tim Lordan
Did we just give away control of the Internet – something we shouldn’t have given up? Is GAC in charge of everything?

John Kneur
We didn’t have oversight over the Internet before. The JPA did not say, “ICANN can’t do X unless the United States government has a say.” We had a stewardship function that came out of the fact that we developed the Internet. We are not giving up anything that we didn’t previously have. ICANN reviews are now going to be delivered to and judged by the community instead of being delivered to and judged by the Department of Commerce.

ICANN has a higher burden with a broader audience they need to satisfy to assure that they are doing the things they are supposed to do. The Government Advisory Committee is not made up of people who are typically empowered to speak for their governments. It does have a significant authority in the ICANN bylaws. If ICANN proposes a decision and GAC says it questions it, ICANN has to step back and republish an articulation of the decision. The GAC has had a significant role, but this upped the level of participation for GAC members. ICANN review panels will be constituted by chair of GAC and board of ICANN. The makeup of GAC is decided by individual governments – they decide who to send. The public will have a right to comment on the selections of ICANN review panels, and GAC and ICANN can change makeup of proposed panels.

Steve DelBianco
Only 40 percent of the nations on the planet send representatives to participate in GAC. Very few governments send people. Well, the AoC has given the green light to countries to participate that perhaps were not doing it before because of perceived United States influence.

Steve Metalitz
The GAC does have a bigger role than before. For those of us who have been observing GAC the past few years it has not been an effective actor and it’s going to have to step up its game.

John Kneur
This all ties back to the members of ICANN and decisions that have to be made around the domain name system. All of those actors who are all called out in this AoC – the empowering part of it is not captured in the document per se but everyone is going to be evaluating ICANN. The World Summit on the Information Society and the Internet Governance Forum will take on some discussion of other non-DNS issues. The Internet Governance Forum is an opportunity for countries to address the problems around the Internet, and there are multiple forums where interested countries around the world can gather – whether it is a privacy, security an intellectual property issue.

ICANN has to remain a private organization because the technical issues should be immune from the politics of other concerns. It is important that in the AoC document security issues should take preeminence.

Steve DelBianco
What does all this mean for fraud, cyberattacks? The answer is you rely on your government for dealing with these things. None of that changes. ICANN has nothing to do with that. The domain name system can be used as a tool to fight and shield for bad guys to hide behind, but those local problems are dealt with locally. There’s a billion and a half people online and about 7 billion on the planet and we want to make it work for all of them. We have to have a mechanism to know who’s behind a website if we are trying to track down bad behavior.

Steve Metalitz
We have security issues that spring from the domain name system. They are clearly in ICANN’s remit and they should be doing something about them. ICANN can make it harder or easier for security agencies to deal with these problems. It is hard to draw that distinction with a fine line. ICANN is constitutionally incapable of determining that one of its decisions was wrong. One thing they have gotten better at is its public relations activities. ICANN has a tendency to give itself straight A’s.

Steve DelBianco
ICANN is trying to fast-track the internationalized domain names and might possibly get one going this year. By this time next year they should be in use in many languages, so when you are in China you can type in all Chinese characters and it will work on the global domain name system.

John Kneur
All parties need to get ICANN to make DNSSEC a priority. The longer that gets delayed, the less confidence in the world community to support the private sector model. First do no harm. Your first priority is to look after the issues tied to security.

-Janna Anderson

* To return to the homepage for Imagining the Internet’s coverage of IGF-USA 2009 click here.

MORE From IGF-USA in different formats

–  TheWordPress blog includes comprehensive details from every session, written by Colin Donohue, Morgan Little and Janna Anderson, documentary journalists of the Imagining the Internet Center

– The real-time Twittertweets reported by Imagining the Internet documentary journalists are here

– The main site used by the organizers of the 2009 IGF-USA can be found here.