How Russia and China could take over the internet!

Kevin Murphy, April 7, 2014, Domain Policy

Do governments have too much potential power over ICANN, and do they need reining in before the US cuts itself loose?

It’s a question that’s emerging given the recent decision of the United States government to remove itself from stewardship of the domain name system root zone.

The US National Telecommunications and Information Administration may have no intention of allowing other governments to replace it as overseer of the IANA functions, but that doesn’t mean that governments won’t be able to abuse their powers in future under ICANN’s existing structures.

Before getting into the arguments, I should first apologize for the misleading, clickbaiting headline on this post. It’s a sarcastic response to the misleading narrative that has been set by much of the mainstream media in the US.

For the record, I don’t think Russia and China are going to take over the internet, ICANN or the DNS.

What I’d like to look at here are ways in which the Governmental Advisory Committee might need to be reformed in order to maintain balance and prevent capture by any bad government in future.

And by “bad government”, I’m not just talking about Russia, China, Iran and any other boogeyman that may pop up in future; I could just as easily mean the United States and European Union member states.

I’m basing quite a lot of this on concerns raised by NetChoice Coalition’s Steve DelBianco in a Congressional hearing last week.

While DelBianco seems to be generally pro-transition, he outlined several “stress test” scenarios that he believes need to be addressed during the stewardship transition process.

Among other things, DelBianco said: “It will be important for the transition plan to prevent any government-led organization from replacing the former U.S. role after the transition is complete.”

Everyone, from the lunatic fringe of the US media that bases its reporting on GOP talking points to the senior management of ICANN and the NTIA itself, is on the same page here.

Nobody wants the US to be replaced by an intergovernmental alternative.

Indeed, baked into the NTIA’s proposal to relinquish its stewardship powers is an explicit promise that a government-led replacement will not be approved. It ain’t going to happen.

But governments already have a powerful voice within ICANN, in the form of the Governmental Advisory Committee.

The GAC

While all national governments are welcome at the GAC, it currently has around 130-odd listed members.

Typically, fewer than half actually show up to in-person ICANN meetings. DelBianco reports that there were 61 in attendance at the ICANN 49 meeting in Singapore two weeks ago.

The GAC has the ability to issue “advice” to the ICANN board of directors.

The board is free to accept or reject this advice. Rejection, which can and does happen, triggers a lengthy consultation process in which both parties attempt to reconcile their differences.

In practice, ICANN tends to bend over backwards to accommodate GAC advice, even to the point of occasionally willfully misinterpreting it in order to make it appear that it has been accepted.

Under Principle 47 of the current GAC Operating Principles it would be virtually impossible for a government or group of governments to capture the GAC. The GAC only issues advice by consensus:

The GAC works on the basis of seeking consensus among its membership. Consistent with United Nations practice, consensus is understood to mean the practice of adopting decisions by general agreement in the absence of any formal objection. Where consensus is not possible, the Chair shall convey the full range of views expressed by members to the ICANN Board.

If China and Russia managed to persuade every other GAC member to agree with a repressive policy they wanted to introduce, the United States could hold out and destroy consensus.

And, it should be said, vice versa.

How the GAC has used its power

The GAC has a track record of issuing advice, by consensus, that trickles down, via ICANN’s contracts with registrars and registries, to affect domain registrants and regular internet users.

Sometimes, the impact could be said to impact human rights issues such as free expression and privacy.

For example, when law enforcement agencies (LEA) such as the FBI and Interpol recommended that registrars should start logging their customers’ IP addresses and should suspend the domains of registrants whose contact information could not be verified, the GAC reissued those recommendations as “GAC/LEA” advice that ICANN eventually accepted.

One could argue that this has free speech and privacy implications, but it came via the consensus of a GAC that included nations with privacy rights enshrined in their constitutions and statute books.

In fact, the United States was one of the strongest advocates for the LEA recommendations becoming part of the registrar contract, as this report from the October 2011 ICANN meeting Dakar will illustrate.

Let’s be clear here: legitimate bloggers are having their web sites suspended today, right now, because of what the US did in the GAC.

I’m singling out the US unfairly here just as a counterpoint to the arguments, emerging in DI comments and elsewhere, to the effect that the US is some kind of unshakeable guardian of internet freedom. It ain’t.

In truth, the GAC’s pro-LEA position at first had majority support (pdf) then, after its Operating Principles were amended in 2011 to clarify what “consensus” means, consensus support (pdf).

All governments can be credited/blamed for this situation.

Blocking TLDs

The GAC also has a track record of compelling ICANN, via its advice, to prevent certain top-level domains from entering the DNS root zone.

In the current round of new gTLD applications, two strings have so far been killed off as a direct result of GAC advice and many more at at risk.

Applications for .thai and .gcc were both thrown out by ICANN because the GAC, by consensus, did not disagree with the objections of the Thai government and the Gulf Cooperation Council.

Amazon.com’s application for .amazon is currently on hold because the GAC, again by consensus, thinks that nations such as Brazil and Peru have better rights to the term.

ICANN has still to make a formal decision on applications for .spa, which the GAC has advised (by consensus) be placed “on hold” until Belgium (unilaterally) decides whether to endorse them or not.

Several other applicants have voluntarily withdrawn their applications after receiving GAC consensus objections.

Many more face losing their deposits unless they comply with GAC advice on matters such as registrant credentialing.

If having a TLD delegated to the root zone is a free speech issue, the GAC already has the power to affect it.

What if Russia tries to ban gay?

Let’s take a hypothetical scenario: Russia wants ICANN to force registrars to suspend the domain names of web sites containing content it considers pro-homosexuality.

Today, Russia would have to get a consensus of the GAC to agree with it — that is, no government objections to its proposal — in order for full-fat GAC advice to make its way to the board.

That, clearly, would not happen. Non-homophobic nations in North America, Europe, Latin America, Asia and no doubt parts of Africa would not stand for such a thing.

There would be no shortage of governments eager to block consensus on such an appalling proposal.

Even if the GAC came to a consensus to ban the gays, ICANN’s board of directors would be able to reject the advice by going through the necessary motions.

If by some crazy turn of events the ICANN board accepted the advice, ICANN would still have to get the contractual changes past the registrars themselves, which would prove challenging.

But what if the GAC operated not by consensus but by majority rule?

What if Russia persuaded enough of its allies and client states to show up to an ICANN meeting to raise their hands at the appropriate moment? It could, conceivably swing a vote.

While the GAC does not issue advice by majority today, it would be a relatively simple matter for it to change its Operating Principles so that voting, not consensus, ruled.

In fact, the Operating Principles state that they can be amended by a simple majority. Principle 53 states:

A Member or Members may move, at a meeting, for these Operating Principles to be open to revision. If so moved, the Chair shall call for the movement to be seconded. If so seconded, then the Chair shall call for a vote to support the resolution. The deciding vote may be by ballot, by the raising or cards, or by roll call, and shall constitute a simple majority of the Members who are present at the meeting at which it was moved for these Operating Principles to be revised. If so resolved in favour of a revision of these Operating Principles, then the proposal shall sit for consultation for a period of sixty (60) days. At the next meeting following the sixty days, the Chair shall call for a vote for or against the proposal. The deciding vote may be taken by ballot, by the raising or cards, or by roll call, and shall be a simple majority of the Members who are present at the meeting at which the vote takes place.

This, the GAC’s current ability to radically change its voting procedures, is at the heart of some of DelBianco’s “stress tests”.

His example below concerns post-delegation censorship of the root itself, rather than individual web sites, but the same rules outlined above apply.

In his testimony (pdf) to Congress, DelBianco said:

a majority of governments in the GAC might advise ICANN to suspend a TLD that refuses to remove domains with content critical of governments (e.g., .corrupt ). Today, this kind of censorship routinely occurs at the edge of the Internet when governments block domestic access to websites, such as Turkey now blocking Twitter. But this scenario envisions censorship moving from the edge to the core of the internet – the root table of TLDs used by the entire world. It’s a critical stress test to examine how the new IANA mechanism could respond if a future ICANN board bowed to GAC advice for censorship at the root of the Internet.

DelBianco is not suggesting that the current ICANN board would cower over a matter of GAC censorship, but we’ve got no idea what the board is going to look like five, 10 or 20 years from now.

If the safeguard of US stewardship is going away, ICANN’s internal processes need to be tough enough to withstand a GAC that goes rogue and starts demanding things that further infringe liberties.

Does ICANN see a problem?

At a press conference during the Singapore meeting two weeks ago, I asked ICANN chair Steve Crocker and CEO Fadi Chehade if the GAC needed to be be reined in to prevent future abuse.

Crocker responded. I’m quoting my question (which wasn’t as detailed as to include references to GAC Operating Principles) so you know exactly what he’s replying to:

DI: This is about the IANA transition process. I was just wondering: the NTIA says they will not accept a multilateral or intergovernmental solution to this transition process, so does it not follow that there should be some safeguards to prevent the GAC becoming too powerful and stopping it becoming a mini-ITU within ICANN? Is that envisaged as part of this process, to put some kind of restraint on the GAC’s power?

CROCKER: As I said in my remarks this morning, the fact that the end result should not be multilateral or intergovernmental certainly did not mean that governments should not be involved. Governments have to be involved. You’ve asked about what happens if the GAC becomes too powerful.

A big problem is getting more involvement of the GAC. We’re still in the process where the GAC is a maturing organization that’s come a long way and is making ever more contributions and we’re some distance away from being worried about whether the GAC is going to take over or become all too powerful.

The way ICANN is structured is very thoroughly multistakeholder and there are a lot of checks of balances built in so that no single constituency has the ability to become dominant or to take over. I think there would be very strong reactions if that ever started to come into play. So I don’t view it as a imminent concern.

We value and encourage the involvement of governments and we understand that for many many governments it’s a novel experience to participate in an environment in which they’re not the only ones speaking.

In short, he’s saying ICANN needs more government participation via the GAC, albeit carefully counterbalanced within the multi-stakeholder environment.

With that in mind, isn’t it fair to ask whether reforms to the GAC’s Operating Principles are a necessary component of the IANA stewardship transition process?

If ICANN is going independent, its structures need to be robust enough for the long term. Maybe that needs to mean a GAC permanently handcuffed to principles of consensus, to prevent capture.

11 Comments Tagged: , , , , ,

Euro winemakers talk .wine boycott, EU block

Kevin Murphy, April 7, 2014, Domain Policy

European wineries are threatening to boycott .wine and .vin and may lobby for the two new gTLDs to be “blocked” in the EU.

The news follows ICANN’s decision to allow .wine and .vin applications to proceed over the objections of the EU, and its decision a few days later to put both strings on hold for 60 days.

The European Federation of Origin Wines said it was “sceptical” about the 60-day freeze, which was designed to give those who want protection for “geographic indicators” a chance for more talks with applicants.

The EFOW represents geographic indicator interests in France, Italy, Hungary, Portugal and Spain. It said in a press release:

EFOW announces that it envisages “appealing against ICANN’s two successive decisions”. The federation also recalls it “threatens to organise a boycott if the decision to delegate is taken without according GI protection. Moreover, it will also ask for the blocking of these sites in the EU”.

While “asking” is not “getting”, a EU-wide block on a top-level domain would certainly be unprecedented — exactly the kind of Balkanization of the DNS that every rational government strives to avoid.

I doubt the EU would go for it, in other words.

But EU bodies are fighting tooth and nail to get the GI protections that many of their winemakers are asking for.

The European Commission tried to frame the the .wine controversy as a test of the “multistakeholder” process in a press release Friday:

The new gTLDs “.wine” and “.vin” cannot be opened until the rights and interests of wine producers and consumers worldwide are duly protected. If ICANN wants to demonstrate that the multi-stakeholder approach to Internet Governance can work for all, its decisions have to protect the common good and not simply favour purely commercial decisions or the highest bidders.

The alternative argument would be that to bow to the demands of certain governments where the Governmental Advisory Committee cannot find consensus would be to make a mockery of the ICANN process.

The United States, Canada and Australia are among those disagreeing about the need for GI protections, making a GAC consensus impossible. Where the GAC does not have a consensus, ICANN does not have mandate to act.

Let’s not kid ourselves here: every government with an opinion here is just looking out for the commercial interests of its local businesses, so they’re all just as bad as each other in that regard.

7 Comments Tagged: , , , , ,

.wine frozen after EU complaint

Kevin Murphy, April 5, 2014, Domain Policy

ICANN has frozen the applications for .wine and .vin new gTLDs, again, following a complaint about process violations from the Governmental Advisory Committee.

The New gTLD Program Committee of the ICANN board on Thursday voted to prevent any of the four affected applicants signing Registry Agreements for at least 60 days.

But the NGPC found that there had been “no process violation or procedural error” when it decided to take the .wine and .vin applications off hold status during the Singapore meeting last month.

The 60-day freeze is “to provide additional time for the relevant impacted parties to negotiate”, the resolution states.

The GAC advise in its Singapore communique stated that it had not had time to comment upon “external advice” — believed to be an opinion of a French lawyer (pdf) — that the NGPC had used in its deliberations.

That would have been a violation of ICANN’s bylaws.

The GAC said that ICANN should “reconsider” its decision to allow the applications to proceed and should give the applicants more time to negotiate a truce with the governments opposed to their proposed gTLDs.

The European Union wants .wine and .vin blocked unless the applicants promise to implement special protections for “geographic indicators” such as “Champagne” and “Bordeaux”.

But other nations, including the US, Canada and Australia, don’t want these protections. The GAC has therefore been unable to provide consensus advice against either string.

Essentially, the NGPC this week has found none of the bylaws violations alleged by the GAC, but has nevertheless given the GAC what it asked for in its Singapore communique. ICANN explained:

In sum, the NGPC has accepted the GAC advice and has carefully reviewed and evaluated whether there was a procedure or process violation under the Bylaws. The NGPC has determined that there was not because, among other reasons, ICANN did not seek the Independent Legal Analysis as External Expert Advice pursuant to Article XI-A, or any other portion of the Bylaws.

It’s not “policy”, it’s “implementation”, in other words.

The NGPC also, despairingly I imagine, has suggested that the full ICANN board might want to take a look at the broader issues in play here, resolving:

the NGPC recommends that the full Board consider the larger implications of legally complex and politically sensitive issues such as those raised by GAC members, including whether ICANN is the proper venue in which to resolve these issues, or whether there are venues or forums better suited to address concerns such as those raised by GAC members in relation to the .WINE and .VIN applications.

While I’m sure 60 days won’t be too much of a burden for these long-delayed applicants, this rather vague promise for more talks about “larger implications” may prove a cause for concern.

3 Comments Tagged: , , , , , ,

Chehade rules out move to Geneva

Kevin Murphy, April 5, 2014, Domain Policy

ICANN CEO Fadi Chehade yesterday called for an end to “speculation” about plans to move the organization’s headquarters out of US jurisdiction to Geneva, Switzerland.

Responding to a reporter’s question during a panel discussion at the Hudson Institute in Washington DC, Chehade said:

I did not say that I’m moving ICANN to Geneva. This is speculation because we opened an office in Geneva… People conflate things because they’d like to. If you can find a statement saying we’re moving to Geneva I’d like to see it.

I can’t even make that decision. I told you, I can’t even change the coffee, so the board will have to make this decision and the board can’t make this decision without community agreement. And do you think our community will agree to move thousands of contracts we have today that are working marvelously in California to another place? Why would we do that? So let’s stop the speculation on this, I have no plans to move ICANN to Geneva. We have an office in Geneva, that’s the end of it.

The speculation, which DI indulged in following a Swiss newspaper report in February, was not of course only rooted in the fact that ICANN had opened an office in Geneva.

On February 17, ICANN’s board of directors approved the creation of several “President’s Globalization Advisory Groups”, one of which was tasked with looking at ways to:

Establish complementary parallel international structure to enhance ICANN’s global legitimacy. Consider complementary parallel international structure within scope of ICANN’s mandate.

That seemed to indicate pretty clearly that ICANN was looking outside of the US for a “parallel international structure”. Geneva, home of many international organizations, seemed like a prime candidate.

However, just six weeks later, March 27, ICANN’s board dissolved these committees, stating that they were no longer needed in light of the process to transition stewardship of the DNS root away from the US government.

Chehade’s statement, coupled with the board’s resolution, means Geneva appears to be off the cards for now.

1 Comment Tagged: , ,

Second US bill would block IANA transition

Kevin Murphy, April 3, 2014, Domain Policy

Another bill has been introduced into the US Congress related to the IANA transition process, and this one would actually be dangerous if passed.

Rep Mike Kelly introduced the Internet Stewardship Act (pdf) to make the IANA transition a matter that requires Congressional legislation.

The press release announcing the bill is longer than the bill itself, which says just this:

NTIA PROHIBITED FROM RELINQUISHING DNS RESPONSIBILITIES.

The Assistant Secretary of Commerce for Communications and Information may not relinquish or agree to relinquish the responsibilities of the National Telecommunications and Information Administration with respect to Internet domain name functions, including responsibility with respect to the authoritative root zone file, the Internet Assigned Numbers Authority functions, or the related root zone management functions, unless such relinquishment is permitted by a statute enacted after the date of the enactment of this Act.

In other words, if this bill is enacted then another bill would be required in order for the NTIA to remove itself from root zone oversight.

Try to imagine a bill relinquishing control over the “critical internet functions” getting majority support in any national legislature.

Try to imagine it getting support in a national legislature that has more than its fair share of flag-waving nationalists and gung-ho xenophobes.

Try to imagine the Republican party in Congress allowing the Obama administration, which it despises, to ‘give away the internet’ to Vladimir Putin and theocratic Arab states, which is what a lot of commentators irrationally seem to think is happening.

It Kelly’s bill is passed, ICANN may as well kiss goodbye to ideas of independence from US oversight for the foreseeable future.

Fortunately, the bill is just a bill right now.

28 Comments Tagged: , , , ,