ICANN using PRISM as excuse to break from the US

ICANN CEO Fadi Chehade, with backing from government leaders, is using the recent revelations about the PRISM mass surveillance program to try to speed up ICANN’s split from the US.
Speaking to an American radio station, Chehade said yesterday:

I think the current role the United States has with ICANN was always envisaged to change. The timing of that was the question — not if, it was just when. I think now it is clear that we need to talk about changing that role and evolving it to become a more global role where all stakeholders, not just governments, have an equal footing in the governance of the Internet. So the timing has been put into clear focus right now, that is what’s happening.

He was speaking from the latest Internet Governance Forum in Bali, where today he reiterated his calls for “all governments and all stakeholders” to work together “on equal footing”.
Similar rhetoric has been dribbling out of ICANN for the last couple of weeks.
Earlier this month, Chehade met in Montevideo, Uruguay, with the leaders of the five Regional Internet Registries, the World Wide Web Consortium, the IETF, ISOC and the IAB to discuss “current issues affecting the future of the Internet.”
They came out with the Montevideo Declaration, which states in part:

They reinforced the importance of globally coherent Internet operations, and warned against Internet fragmentation at a national level. They expressed strong concern over the undermining of the trust and confidence of Internet users globally due to recent revelations of pervasive monitoring and surveillance.
They identified the need for ongoing effort to address Internet Governance challenges, and agreed to catalyze community-wide efforts towards the evolution of global multistakeholder Internet cooperation.
They called for accelerating the globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing.

The first and third paragraphs, taken together, suggested that ICANN was yet again ready to start talking about casting off the US government’s special oversight role, and that it would use Edward Snowden’s PRISM revelations as a way back into the conversation.
Milton Mueller of the Internet Governance Project first blogged about this, talking about ICANN “abandoning the US government”, prompting much media speculation about America’s future role in internet governance.
Chehade has been on the road, it seems, since Montevideo, first stopping off in Brazil to lend his encouragement to President Dilma Rousseff’s proposal for an April 2014 conference to discuss internet governance in light of the Snowden revelations.
Rousseff herself was targeted by the NSA and has become one of the most vocal government leaders in criticizing the US spy programs.
Lately it seems Chehade has been in India, where he told the Economic Times:

When any government decides to use a resource like the internet in ways that erodes the public trust, it is very regrettable. I feel like I’m the public trustee of the internet. All of us should be equal stewards of the public trust.
So when any one takes it away, it distresses all of us. It is not just by the recent revelations about PRISM, but there are other revelations that are coming out as well. Countries are employing millions of people to track the movements of their fellow citizens.
…
I would argue that the recent developments have emboldened people to make sure all stakeholders are participating on equal footing, including all governments.

All of this posturing raises a few basic questions, the first of which is: what does PRISM have to do with ICANN?
The answer, it seems, is “nothing”.
The PRISM revelations have implicated the likes of Google, Microsoft and Facebook — all apparently cooperating with the NSA’s mass gathering of data on civilian internet users — but no domain name players.
If the Guardian were to report tomorrow that major infrastructure players such as Verisign or Go Daddy were also involved, I would not be in the least surprised, but so far I have yet to see a connection between the domain name business and NSA spying.
In that light, if ICANN were to sever its special relationship with the US, there would be presumably no impact whatsoever on PRISM or any other surveillance program.
Chehade’s current campaign therefore seems to be politically opportunistic at best and a distraction from the underlying problem of US human rights violations at worst.
But what is meant when people speak of “splitting from the US” anyway?
It seems to me there are three important areas where the US government has undue power over ICANN: jurisdiction, the Affirmation of Commitments and the IANA contract.
ICANN is based in California and subject to US federal law. While that continues to be the case, it will always be subject to the possibility of having its work thwarted by a US court or spurious lawsuit.
It also hampers ICANN’s ability to do business with some nations unencumbered by US trade embargoes, though ICANN is usually able to secure the requisite licenses when it needs to.
It’s also always going to be at risk of being hauled over the coals by Congress every couple of years, due to lobbying by US special interest groups, which interferes with its credibility as a global organization.
ICANN has already started setting up shop in other parts of the world. New “hub” offices in Istanbul and Singapore are being characterized as being on equal footing with the LA headquarters.
But that characterization seems disingenuous.
The Affirmation of Commitments, signed by the US Department of Commerce and former ICANN CEO Rod Beckstrom in 2009 and largely negotiated under his predecessor Paul Twomey, is one of ICANN’s principal governing documents.
One of ICANN’s commitments under the AoC is to “remain a not for profit corporation, headquartered in the United States of America with offices around the world to meet the needs of a global community”.
Being US-based is baked into ICANN’s governance. If the US has to go, the AoC has to go, which means all the other accountability and review obligations in the AoC also have to go.
The third prong of US control is the IANA contract and the trilateral relationship between ICANN, Verisign and the US National Telecommunications and Information Administration.
The NTIA, essentially, controls the DNS root. Verisign actually manages the boxes it runs on, but it only makes changes — such as adding new gTLDs or redelegating ccTLDs to new registries — with NTIA authorization. That authorization, in turn, is basically a rubber stamp on an IANA/ICANN recommendation.
To the best of my knowledge, NTIA has never abused its authority to overrule an ICANN determination, or pressured ICANN into making a US-friendly recommendation.
But the process by which ICANN recommends changes to the root is pretty opaque.
I have to wonder why, for example, it took two years for Iran’s IDN ccTLD to get approved by ICANN’s board. Only the lack of any outcry from Iran suggests to me that the delay was benign.
When ICANN was founded in 1998, the original plan was for control of the root to enter ICANN’s hands before the end of the Clinton administration (ie 2000), but over the years that plan has been abandoned by the US.
The IANA contract was put up for renewal in 2011 — with a strict provision that only US-based organizations were able to apply — and then-CEO Beckstrom also pushed for more ICANN independence.
In 2011, Beckstrom was making many of the same noises Chehade is today, saying that the IANA function should be a looser “cooperative agreement” rather than a US procurement contract.
In March that year, calling for such an agreement he said at ICANN’s San Francisco meeting:

When all voices are heard, no single voice can dominate an organization – not even governments. Not even the government that facilitated its creation.

The NTIA’s response was, basically, to give Beckstrom the finger.
It said in June 2011 that it “does not have the legal authority” to do what was asked of it, then produced an IANA contract that gave itself and governments in general much greater powers to micromanage ICANN.
After delays, rejections and giving ICANN the general runaround, the NTIA finally signed off on its new IANA contract in July last year, on the final day of Beckstrom’s tenure as CEO.
It lasts until September 30, 2015, with two two-year renewals options.
If Chehade wants to unshackle ICANN from the US, the IANA contract will have to be a cornerstone of that project.
But NTIA’s past performance makes that possibility seem unlikely, unless Chehade can rally enough political pressure from the likes of Brazil and India to change his own government’s mind.
He faces an uphill battle, in other words, and at the end of the day whether breaking from the US government would be a good thing or not depends entirely on what, if anything, replaces it.
Whatever happens, let’s not pretend that ICANN’s independence has anything to do with PRISM, and let’s not allow ICANN to distract us from the wholesale violations of our rights that the US government is perpetrating.

Tweet

Tagged: aoc, iana, ICANN, igf, ntia, prism