Verisign should stay in its key role in root zone management after the IANA transition process is complete, according to ICANN CEO Fadi Chehade.
The company currently acts as “maintainer”, alongside the US government as “administrator” and ICANN/IANA as “operator”.
This means Verisign is responsible for actually making changes — adding, deleting or amending the records for TLDs — in the root zone file.
In a blog post yesterday, Chehade said that ICANN will “establish a relationship directly with the third-party Maintainer”, adding:
As a means to help ensure stability, ICANN’s recommended implementation option is to have Verisign continue its role as the Maintainer. However, we will be working closely with all relevant parties including the Root Zone Operators to ensure there are contingency options in place to meet our absolute commitment to the stability, security and resiliency of the Domain Name System.
I wholeheartedly agree that Verisign should stay in its role, or at the very least that ICANN should not take over.
As we’ve learned over the last couple of years of software glitches in the new gTLD program, some of them security-related, ICANN would be a poor choice today to maintain this critical resource.
Chehade noted that the US National Telecommunications and Information Administration would be replaced in its “administrator” role by whatever mechanism the ICANN community comes up with during the transition process.
A US House of Representatives committee has voted to de-fund the IANA transition process.
On Thursday, the House Appropriations Committee approved the fiscal year 2015 Commerce, Justice, Science Appropriations bill, which includes the $36.7 million budget for the NTIA’s running costs.
The National Telecommunications and Information Administration is the part of the Department of Commerce responsible for oversight of the IANA functions, which it plans to relinquish.
The committee noted its “concern” at this prospect, and said that no money would be made available to fund this process. Notes to the appropriations bill (pdf) include the following text:
The Committee is concerned by NTIA’s announcement of its intent to transition certain Internet domain name functions to the global multistakeholder community. Any such transition represents a significant public policy change and should be preceded by an open and transparent process. In order for this issue to be considered more fully by the Congress, the recommendation for NTIA does not include any funds to carry out a transition of these functions. The Committee expects that NTIA will maintain the existing no-cost contract with ICANN throughout fiscal year 2015.
Other bills currently up for discussion in Congress would delay the IANA transition pending further review by the Government Accountability Office.
The appropriations bill has passed a committee vote, but it still has other legislative stages to pass through before it becomes law.
ICANN has been subjected to its first wave of criticism over its handling to date of the IANA transition process, which will see oversight of the DNS root leave US government hands.
Yesterday was the deadline for comments to be submitted on ICANN’s proposal for a way to handle what some are calling the “sunsetting” of the Department of Commerce’s stewardship of the IANA function.
As DI previously reported, it’s “a proposal for a process to develop a process to develop a proposal”.
ICANN basically proposed a 22-member “Steering Group”, comprised of members of the various ICANN constituencies, that would guide the bottom-up, multistakeholder IANA transition discussion.
The group would ultimately steer the community towards creating a proposal for replacing the US government as IANA’s overseer, which would then be checked and rubber-stamped by Commerce.
As part of ICANN’s initial proposal, a “scoping document” was provided, laying out what in ICANN’s view should and should not be open for discussion.
Dozens of comments were received covering a diverse range of issues related to the make-up of the Steering Group and the range of the scoping document.
Here I’m going to attempt to cover half a dozen key themes that seemed to emerge across multiple commenters.
Note: 1) it’s not a comprehensive overview, 2) I don’t necessarily agree with all of the comments cited below, 3) that most of the links throughout this article are to PDFs.
Registries are apparently not “affected parties”
Given that one of IANA’s key roles (for DI’s purposes, it’s its primary role) is assigning TLDs to registries, you might have expected registries to be classed as “affected parties”.
But they’re not. Bafflingly, only the IAB, IETF, ISOC and NRO — none of which primarily concern themselves with domain names — get that definition in ICANN’s proposal.
Naturally enough, the ccTLD and gTLD operators are not happy about this state of affairs.
The ccNSO, proposing that gTLDs and ccTLDs get two seats each on the Steering Group, wrote:
These organizations, which also participate directly in ICANN’s multistakeholder process, are appropriate and important participants in this transition planning process, but they are not adequate substitutes for registry stakeholders with respect to processing root zone change requests and other functions that uniquely affect TLD registry operators… It is imperative that registry operators sit at the table on equal footing with those organizations and without ICANN intermediation.
The Registries Stakeholder Group of the GNSO concurred, stating:
we feel this list is incomplete as it does not include direct customers of the IANA functions, such as gTLD, nTLD and ccTLD registries, which is incomprehensible and appears to be self-serving of the convener
The GNSO is under-represented
If the registries feel badly treated, they’re not alone.
The Generic Names Supporting Organization comprises seven distinct stakeholder groups: registries, registrars, non-commercial users, non-profits, businesses, ISPs and intellectual property owners.
While there is overlap (registries and registrars often vote en bloc, as do businesses and IP owners), there are at least three camps that rarely fully agree with each other.
The ICANN proposal would provide two seats on the Steering Group between them.
The Intellectual Property Constituency, in its comments, said that each GNSO constituency should get one seat each.
The US Chamber of Commerce asked for at least one seat to be set aside for business interests.
A group of registrars, including most of the big ones, agreed, and put forward a rather more expansive proposal:
Several members of the Registrar Stakeholder Group believe that having two Steering Group representatives for the GNSO will not be sufficient in ensuring that the interests of all GNSO stakeholders are properly reflected. As the GNSO is the largest and most diverse structure within ICANN, we find that a “one size fits all” approach to delegation is not appropriate. Instead, we propose that each SO/AC submit a number of representatives that it believes to be sufficiently representative, but be encouraged to keep the number as small as possible.
The selection process is top-down
Given that this is supposed to be a community-driven process, you’d expect the community to be tasked with picking their representatives on the Steering Group. But that’s not what ICANN proposes.
ICANN instead reckons that membership should be selected by ICANN chair Steve Crocker and GAC chair Heather Dryden from the pool of people who volunteer themselves.
Unsurprisingly, there’s lots of opposition to this. Most groups commenting on this aspect of the proposal said that committee members should be selected by the groups they represent.
The Business Constituency stated:
Appointments to the Steering/Convening Committee should come from constituency groups — not as appointments made by ICANN chair and GAC chair. Nor should any stakeholder group be excluded as a result of consolidating within stakeholder organizations such as the GNSO.
The Center for Democracy and Technology agreed, saying:
The Chairs of ICANN and the GAC should not be the ones to select the Supporting Organization and Advisory Committee representatives; the SO/AC representatives should be selected within their own communities.
Inappropriate framing of the discussion
Many commenters took issue with the way ICANN has configured the discussion, accusing it of acting in the interests of its own self-preservation rather than the stability of the IANA function.
Chiefly, there’s concern that the discussion has been framed in such a way that it assumes ICANN will continue in its role as performer of the IANA functions in more or less the same way as today.
This concern appears to be extremely broad.
The RySG said it was “suspicious” of what appeared to be a “self-interested” framing of the debate:
we feel that it is premature for ICANN staff to assert that ICANN’s role is out of scope. This sentiment is not included in the NTIA announcement and we believe ICANN’s role is an issue that should be left to the bottom-up, multistakeholder process to decide. In particular, we believe whether “structural review of ICANN or its functions” should be included in the scope should be a matter for the community.
The Non-Commercial Stakeholders Group agreed that this should be open for discussion:
ICANN-controlled entities both develop and approve DNS policies and also implements the IANA functions. Only a requirement of the NTIA contract guarantees separation of policy and DNS root zone implementation activities. Because of this, we cannot currently support language in ICANN’s proposed Scoping Document which explicitly rules out any discussion of separating the IANA functions from ICANN. How or whether to separate those activities in lieu of the NTIA contract should be openly discussed.
Google said in its comments:
The role of ICANN’s Board is to oversee all of ICANN’s business and operational actions and to ensure its continued solvency as an organization. As such, the Board has a vested interest in ensuring ICANN’s continued relevancy within the Internet governance ecosystem and arguably has an interest in scoping the process to preserve ICANN’s existing role. While we are confident that ICANN’s Board would not act in a way that would harm the Internet or the IANA functions transition, the presence of a conflict of interest — even if perceived — could impact the overall integrity of the process
The Business Constituency said:
this transition should not presume that the only possible outcome is to award IANA functions to ICANN. It is possible that some other third party could replace the US government role as counterparty.
Accountability is being handled in a separate track
ICANN was initially of the view that its own accountability mechanisms — things designed to prevent capture, allow appeals of decisions etc — were out of scope for the IANA transition discussion.
It’s since backtracked, this week launching a new “Enhancing ICANN Accountability” process that will run in parallel — and be “interdependent and interrelated” — to the IANA transition debate.
If these two discussions are so interdependent, why not just lump them together in the same policy track? It’s surely a recipe for mass confusion to keep them separate.
The NCSG stated in its comments:
We do not support ICANN’s efforts to discuss the IANA transition and accountability mechanisms on separate tracks. Specifically, ICANN’s draft proposal and scoping document might prevent any discussion of options for structurally separating IANA function operations from DNS policy making activities.
The ccNSO seemed resigned to the separation, but noted:
To the extent that ICANN continues to insist on maintaining separate tracks to address each of these issues, it must ensure that the two tracks come together in advance of the transition itself.
The IPC said that the discussions need to be more closely synchronized:
The resolution of these two issues is inextricably intertwined and the processes and mechanism for doing so need to be tightly coordinated; this is impossible if the processes and mechanisms are not being developed at the same time.
There’s far from consensus on this issue, however.
The BC and Google both explicitly support the continued separation of the two tracks, while the International Trademark Association implicitly supported the parallel moves, noting:
We generally would be opposed to any approval of an IANA functions transition plan unless it is accompanied by an acceptable globalization and accountability plan that assures continued ICANN accountability at optimal levels.
Everyone only had 30 days to comment
Given that we’re talking about management of the DNS root here, you’d imagine that ICANN would take it just as if not more seriously than, I dunno, its “Future Meetings Strategy” or how much its directors are paid.
But while these and most other comment periods get 45 too 60 days of public comment, the IANA transition proposal only got 30.
ICANN is evidently in a rush to get things finalized before its next public meeting, scheduled for next month in London, rather than wait until the Los Angeles meeting in October.
Some groups, such as the Governmental Advisory Committee, couldn’t get their act together in time to provide a meaningful response given the tight deadline.
Many others, such as the Registries Stakeholder Group, complained:
it is unacceptable that an issue as critical as the transition of the IANA functions would be allowed only a short public comment period
The IPC stated that the whole timetable is out of whack:
The group is supposed to convene for the first time in London in approximately 6 weeks, yet the concept of a Steering Group is not finalized, much less its composition or how it would be chosen… The Steering Group is also supposed to “finalize the group’s charter” “in the London 50 timeframe.” Charters are critical documents, and they take a number of hours over a number of weeks to be created, much less finalized. How would the group have a draft charter before London that could be finalized in London?
In my opinion, this may be “a proposal for a process to develop a process to develop a proposal”, but it’s also a process to demonstrate the effectiveness and inclusiveness of the process.
Given the parallel focus on internet governance in the non-ICANN world (eg NetMundial), the multistakeholder model itself is under intense scrutiny.
How ICANN responds to this first wave of comments will be crucial.
While there are certainly divergent views (not half of which I’ve covered here) among the various parties, it seems to me that some clear areas of agreement have emerged, even among groups that don’t often see eye to eye.
Will ICANN bow to a clear call for its scoping document to be relaxed — putting its own neck on the chopping block in the process — because the multistakeholder community seems to be asking for it?
Republican US Congressmen today voted to advance the DOTCOM Act, which would add a delay of up to a year to the IANA transition.
The Communications and Technology Subcommittee voted 16 to 10, split directly along party lines, to advance the bill to the next stage of the US legislative process.
It would now block the National Telecommunications and Information Administration from approving ICANN’s proposal for an NTIA-free future for up to one year while the Government Accountability Office prepares an analysis.
In the first draft, that delay would begin at the moment the bill hit the statute books. Now, the clock starts when the proposal is made.
Democrats on the subcommittee, who had four amendments shot down by the Republican majority during a markup session today, said the bill makes a mockery of the multistakeholder process they all profess to endorse.
Ranking member Anna Eshoo noted that Democrats supported a GAO report, but did not want the NTIA’s hands tied.
She reminded her opponents that they had all voted for a bill in 2012 — shortly before the International Telecommunications Union met for its WCIT conference — affirming the United States government’s commitment to multistakeholder management of the internet.
“Today you are unraveling exactly what you voted for,” she said, accusing Republicans of seeing “black helicopters” and a “conspiracy” by President Obama to give the internet to authoritarian regimes.
“It’s a source of embarrassment for a committee that has for the most part operated in a very respectful bipartisan way,” he said.
Republicans in response said that it is not unreasonable to request a GAO report, to help them understand the possible consequences of the IANA transition.
Rep John Shimkus, the primary sponsor of the DOTCOM Act, said that the forced delay was needed to give the bill “teeth”. Without it, he said, the GAO report could come after the IANA transition has already taken place.
In a concurrent hearing elsewhere on Capitol Hill, ICANN CEO Fadi Chehade was busy explaining to a different committee why he could not support the bill.
The DOTCOM Act would give the impression that the US government does not take the multistakeholder model seriously and does not trust ICANN, he said.
While Republicans may feel like the bill will keep the DNS root out of the hands of Russia and China, what they’re actually doing is giving those nations fuel for their power grabs in government-led international fora such as the ITU, in other words.
The DOTCOM Act is not yet law. It still has to go through the full House (Republican-controlled) and Senate (Democrat-controlled) and be signed by President Obama (China-controlled) before it hits the statute books.
Do governments have too much potential power over ICANN, and do they need reining in before the US cuts itself loose?
It’s a question that’s emerging given the recent decision of the United States government to remove itself from stewardship of the domain name system root zone.
The US National Telecommunications and Information Administration may have no intention of allowing other governments to replace it as overseer of the IANA functions, but that doesn’t mean that governments won’t be able to abuse their powers in future under ICANN’s existing structures.
Before getting into the arguments, I should first apologize for the misleading, clickbaiting headline on this post. It’s a sarcastic response to the misleading narrative that has been set by much of the mainstream media in the US.
For the record, I don’t think Russia and China are going to take over the internet, ICANN or the DNS.
What I’d like to look at here are ways in which the Governmental Advisory Committee might need to be reformed in order to maintain balance and prevent capture by any bad government in future.
And by “bad government”, I’m not just talking about Russia, China, Iran and any other boogeyman that may pop up in future; I could just as easily mean the United States and European Union member states.
I’m basing quite a lot of this on concerns raised by NetChoice Coalition’s Steve DelBianco in a Congressional hearing last week.
While DelBianco seems to be generally pro-transition, he outlined several “stress test” scenarios that he believes need to be addressed during the stewardship transition process.
Among other things, DelBianco said: “It will be important for the transition plan to prevent any government-led organization from replacing the former U.S. role after the transition is complete.”
Everyone, from the lunatic fringe of the US media that bases its reporting on GOP talking points to the senior management of ICANN and the NTIA itself, is on the same page here.
Nobody wants the US to be replaced by an intergovernmental alternative.
Indeed, baked into the NTIA’s proposal to relinquish its stewardship powers is an explicit promise that a government-led replacement will not be approved. It ain’t going to happen.
But governments already have a powerful voice within ICANN, in the form of the Governmental Advisory Committee.
While all national governments are welcome at the GAC, it currently has around 130-odd listed members.
Typically, fewer than half actually show up to in-person ICANN meetings. DelBianco reports that there were 61 in attendance at the ICANN 49 meeting in Singapore two weeks ago.
The GAC has the ability to issue “advice” to the ICANN board of directors.
The board is free to accept or reject this advice. Rejection, which can and does happen, triggers a lengthy consultation process in which both parties attempt to reconcile their differences.
In practice, ICANN tends to bend over backwards to accommodate GAC advice, even to the point of occasionally willfully misinterpreting it in order to make it appear that it has been accepted.
Under Principle 47 of the current GAC Operating Principles it would be virtually impossible for a government or group of governments to capture the GAC. The GAC only issues advice by consensus:
The GAC works on the basis of seeking consensus among its membership. Consistent with United Nations practice, consensus is understood to mean the practice of adopting decisions by general agreement in the absence of any formal objection. Where consensus is not possible, the Chair shall convey the full range of views expressed by members to the ICANN Board.
If China and Russia managed to persuade every other GAC member to agree with a repressive policy they wanted to introduce, the United States could hold out and destroy consensus.
And, it should be said, vice versa.
How the GAC has used its power
The GAC has a track record of issuing advice, by consensus, that trickles down, via ICANN’s contracts with registrars and registries, to affect domain registrants and regular internet users.
Sometimes, the impact could be said to impact human rights issues such as free expression and privacy.
For example, when law enforcement agencies (LEA) such as the FBI and Interpol recommended that registrars should start logging their customers’ IP addresses and should suspend the domains of registrants whose contact information could not be verified, the GAC reissued those recommendations as “GAC/LEA” advice that ICANN eventually accepted.
One could argue that this has free speech and privacy implications, but it came via the consensus of a GAC that included nations with privacy rights enshrined in their constitutions and statute books.
In fact, the United States was one of the strongest advocates for the LEA recommendations becoming part of the registrar contract, as this report from the October 2011 ICANN meeting Dakar will illustrate.
Let’s be clear here: legitimate bloggers are having their web sites suspended today, right now, because of what the US did in the GAC.
I’m singling out the US unfairly here just as a counterpoint to the arguments, emerging in DI comments and elsewhere, to the effect that the US is some kind of unshakeable guardian of internet freedom. It ain’t.
All governments can be credited/blamed for this situation.
The GAC also has a track record of compelling ICANN, via its advice, to prevent certain top-level domains from entering the DNS root zone.
In the current round of new gTLD applications, two strings have so far been killed off as a direct result of GAC advice and many more at at risk.
Applications for .thai and .gcc were both thrown out by ICANN because the GAC, by consensus, did not disagree with the objections of the Thai government and the Gulf Cooperation Council.
Amazon.com’s application for .amazon is currently on hold because the GAC, again by consensus, thinks that nations such as Brazil and Peru have better rights to the term.
ICANN has still to make a formal decision on applications for .spa, which the GAC has advised (by consensus) be placed “on hold” until Belgium (unilaterally) decides whether to endorse them or not.
Several other applicants have voluntarily withdrawn their applications after receiving GAC consensus objections.
Many more face losing their deposits unless they comply with GAC advice on matters such as registrant credentialing.
If having a TLD delegated to the root zone is a free speech issue, the GAC already has the power to affect it.
What if Russia tries to ban gay?
Let’s take a hypothetical scenario: Russia wants ICANN to force registrars to suspend the domain names of web sites containing content it considers pro-homosexuality.
Today, Russia would have to get a consensus of the GAC to agree with it — that is, no government objections to its proposal — in order for full-fat GAC advice to make its way to the board.
That, clearly, would not happen. Non-homophobic nations in North America, Europe, Latin America, Asia and no doubt parts of Africa would not stand for such a thing.
There would be no shortage of governments eager to block consensus on such an appalling proposal.
Even if the GAC came to a consensus to ban the gays, ICANN’s board of directors would be able to reject the advice by going through the necessary motions.
If by some crazy turn of events the ICANN board accepted the advice, ICANN would still have to get the contractual changes past the registrars themselves, which would prove challenging.
But what if the GAC operated not by consensus but by majority rule?
What if Russia persuaded enough of its allies and client states to show up to an ICANN meeting to raise their hands at the appropriate moment? It could, conceivably swing a vote.
While the GAC does not issue advice by majority today, it would be a relatively simple matter for it to change its Operating Principles so that voting, not consensus, ruled.
In fact, the Operating Principles state that they can be amended by a simple majority. Principle 53 states:
A Member or Members may move, at a meeting, for these Operating Principles to be open to revision. If so moved, the Chair shall call for the movement to be seconded. If so seconded, then the Chair shall call for a vote to support the resolution. The deciding vote may be by ballot, by the raising or cards, or by roll call, and shall constitute a simple majority of the Members who are present at the meeting at which it was moved for these Operating Principles to be revised. If so resolved in favour of a revision of these Operating Principles, then the proposal shall sit for consultation for a period of sixty (60) days. At the next meeting following the sixty days, the Chair shall call for a vote for or against the proposal. The deciding vote may be taken by ballot, by the raising or cards, or by roll call, and shall be a simple majority of the Members who are present at the meeting at which the vote takes place.
This, the GAC’s current ability to radically change its voting procedures, is at the heart of some of DelBianco’s “stress tests”.
His example below concerns post-delegation censorship of the root itself, rather than individual web sites, but the same rules outlined above apply.
In his testimony (pdf) to Congress, DelBianco said:
a majority of governments in the GAC might advise ICANN to suspend a TLD that refuses to remove domains with content critical of governments (e.g., .corrupt ). Today, this kind of censorship routinely occurs at the edge of the Internet when governments block domestic access to websites, such as Turkey now blocking Twitter. But this scenario envisions censorship moving from the edge to the core of the internet – the root table of TLDs used by the entire world. It’s a critical stress test to examine how the new IANA mechanism could respond if a future ICANN board bowed to GAC advice for censorship at the root of the Internet.
DelBianco is not suggesting that the current ICANN board would cower over a matter of GAC censorship, but we’ve got no idea what the board is going to look like five, 10 or 20 years from now.
If the safeguard of US stewardship is going away, ICANN’s internal processes need to be tough enough to withstand a GAC that goes rogue and starts demanding things that further infringe liberties.
Does ICANN see a problem?
At a press conference during the Singapore meeting two weeks ago, I asked ICANN chair Steve Crocker and CEO Fadi Chehade if the GAC needed to be be reined in to prevent future abuse.
Crocker responded. I’m quoting my question (which wasn’t as detailed as to include references to GAC Operating Principles) so you know exactly what he’s replying to:
DI: This is about the IANA transition process. I was just wondering: the NTIA says they will not accept a multilateral or intergovernmental solution to this transition process, so does it not follow that there should be some safeguards to prevent the GAC becoming too powerful and stopping it becoming a mini-ITU within ICANN? Is that envisaged as part of this process, to put some kind of restraint on the GAC’s power?
CROCKER: As I said in my remarks this morning, the fact that the end result should not be multilateral or intergovernmental certainly did not mean that governments should not be involved. Governments have to be involved. You’ve asked about what happens if the GAC becomes too powerful.
A big problem is getting more involvement of the GAC. We’re still in the process where the GAC is a maturing organization that’s come a long way and is making ever more contributions and we’re some distance away from being worried about whether the GAC is going to take over or become all too powerful.
The way ICANN is structured is very thoroughly multistakeholder and there are a lot of checks of balances built in so that no single constituency has the ability to become dominant or to take over. I think there would be very strong reactions if that ever started to come into play. So I don’t view it as a imminent concern.
We value and encourage the involvement of governments and we understand that for many many governments it’s a novel experience to participate in an environment in which they’re not the only ones speaking.
In short, he’s saying ICANN needs more government participation via the GAC, albeit carefully counterbalanced within the multi-stakeholder environment.
With that in mind, isn’t it fair to ask whether reforms to the GAC’s Operating Principles are a necessary component of the IANA stewardship transition process?
If ICANN is going independent, its structures need to be robust enough for the long term. Maybe that needs to mean a GAC permanently handcuffed to principles of consensus, to prevent capture.