US and EU call for Whois to stay alive
Government officials from both sides of the Atlantic have this week called on ICANN to preserve Whois as it currently is, in the face of incoming EU privacy law, at least for a select few users.
The European Commission wrote to ICANN to ask for a “pragmatic and workable solution” to the apparent conflict between the General Data Protection Regulation and the desire of some folks to continue to access Whois as usual.
Three commissioners said in a letter (pdf) that special consideration should be given to “public interests” including “ensuring cybersecurity and the stability of the internet, preventing and fighting crime, protecting intellectual property and copyright, or enforcing consumer protection measures”.
David Redl, the new head of the US National Telecommunications and Information Administration, echoed these concerns in a speech at the State of the Net conference in Washington DC on Monday.
Redl said that the “preservation of the Whois service” is one of NTIA’s top two priorities at the moment. The other priority is pressing for US interests in the International Telecommunications Union, he said.
Calling Whois “a cornerstone of trust and accountability for the Internet”, Redl said the service “can, and should, retain its essential character while complying with national privacy laws, including the GDPR.”
“It is in the interests of all Internet stakeholders that it does,” he said. “And for anyone here in the US who may be persuaded by arguments calling for drastic change, please know that the US government expects this information to continue to be made easily available through the Whois service.”
He directly referred to the ability of regular internet users to access Whois for consumer protection purposes in his speech.
The European Commission appears to be looking at a more restrictive approach, but it did offer some concrete suggestions as to how GDPR compliance might be achieved.
For example, the commissioners’ letter appears to give tacit approval to the idea of “gated” access to Whois, but called for access by law enforcement to be streamlined and centralized.
It also suggests throttling as a mechanism to reduce abuse of Whois data, and makes it clear that registrants should always be clearly informed how their personal data will be used.
The deadline for GDPR compliance is May this year. That’s when the ability of EU countries to start to levy fines against non-compliant companies, which could run into millions of euros, kicks in.
While ICANN has been criticized by registries and registrars for moving too slowly to give them clarity on how to be GDPR-compliant while also sticking to the Whois provisions of their contracts, its pace has been picking up recently.
Two weeks ago it called for comments on three possible Whois models that could be used from May.
That comment period ended on Monday, and ICANN is expected to publish the model upon which further discussions will be based today.
Is the Trump administration really trying to reverse the IANA transition?
Questions have been raised about the US government’s commitment to an independent ICANN, following the release of letters sent by two top Trump appointees.
In the letters, new NTIA head David Redl and Secretary of Commerce Wilbur Ross expressed an interest in looking at ways to “unwind” the IANA transition, which in 2016 severed the formal ties between ICANN and the US in DNS root zone management.
Responding to questions from senators during his lengthy confirmation process, now National Telecommunications and Information Administration assistant secretary Redl wrote:
I am not aware of any specific proposals to reverse the IANA transition, but I am interested in exploring ways to achieve this goal. To that end, if I am confirmed I will recommend to Secretary Ross that we begin the process by convening a panel of experts to investigate options for unwinding the transition.
The letters were first obtained by Politico under the Freedom of Information Act. We’re publishing them here (pdf).
They were sent last August, when Redl’s confirmation to the NTIA role was being held up by Senator Ted Cruz, who vehemently opposed the transition because he said he thought it would give more power over online speech to the likes of Russia and China.
He was confirmed in November.
The question is whether Redl was serious about unwinding the transition, or whether he was just bullshitting Cruz in order to remove a roadblock to his confirmation.
Technically, he only promised to “recommend” convening a panel of experts to his boss, Ross.
NTIA declined to comment last week when DI asked whether the department still supports the IANA transition, whether any efforts are underway to unwind it, and whether the panel of experts has already been convened.
Redl’s statements on ICANN since his confirmation have been more or less consistent with his Obama-era predecessor, Larry Strickling, in terms of expressing support for multi-stakeholder models, but with perhaps some causes for concern.
During his first public speech, delivered at the CES show in Las Vegas earlier this month, Redl expressed support for multi-stakeholder internet governance amid pushes for more multi-lateral control within venues such as the International Telecommunications Union.
However, he added:
I’ll also focus on being a strong advocate for U.S. interests within ICANN. We need to ensure transparency and accountability in ICANN’s work. And in light of the implementation of the European General Data Privacy Regulation, or GDPR, we need to preserve lawful access to WHOIS data, which is a vital tool for the public.
In the coming weeks, I’ll be seeking out the views of stakeholders to understand how else NTIA can best serve American interests in these global Internet fora.
Could this be an allusion to the “panel of experts”? It’s unclear at this stage.
One of Redl’s first moves as NTIA chief was to slam ICANN for its lack of accountability concerning the shutdown of a review working group, but that was hardly a controversial point of view.
And in a letter to Senator Brian Schatz, the Democrat ranking member of the Senate Commerce Subcommittee on Communications, Technology, Innovation, and the Internet, sent earlier this month, Redl expressed support for the multi-stakeholder model and wrote:
NTIA will be a strong advocate for US interests with the Governmental Advisory Committee of the Internet Cooperation [sic] for Assigned Names and Numbers (ICANN) in the existing post-transition IANA phase. NTIA will also monitor the [IANA operator] Public Technical Identifiers (PTI) and take action as necessary to ensure the security and stability of the DNS root.
That certainly suggests NTIA is happy to work in the new paradigm, while the promise to “take action as necessary” against PTI may raise eyebrows.
While a lot of this may seem ambiguous, my hunch is that there’s not really much appetite to reverse the IANA transition. Apart from appeasing Cruz’s demons, what could possibly be gained?
Ross, quizzed by Cruz at his own confirmation hearing a year ago, seemed reluctant to commit to such a move.
New Trump appointee slams ICANN after security group shutdown
Not even a month into the job, the US official with most direct responsibility over domain name policy has criticized ICANN for shutting down a security working group.
David Redl, the new assistant secretary at the National Telecommunications and Information Administration, wrote to ICANN (pdf) last week to complain about its board unilaterally shutting down, temporarily, its supposedly independent Security, Stability and Resiliency of the DNS Review team.
He wrote that the action “calls into question” ICANN’s commitment to transparency and accountability, writing:
Everything documented to date about these reviews stresses the importance of openness, transparency and community consultation. Unfortunately, it seems that with the October 28th action, the ICANN Board violated these principles by substituting its judgement for that of the community.
SSR-2, as it is known, is one of the reviews previously mandated by ICANN’s Affirmation of Commitments with the US government (via the NTIA) but which can now be found instead embedded in its bylaws.
The ICANN board of directors temporarily suspended it in October, something like a soft reboot, after growing concerned that it was stepping outside of its mandate and that its members lacked expertise.
The move attracted broad criticism and it would be disingenuous of me to suggest that Redl’s position is a controversial one — you’d be hard pressed to find any section of the community that wholeheartedly supports the board’s action.
Indeed, the US representative to the Governmental Advisory Committee voiced similar concerns at the ICANN meeting in Abu Dhabi in late October, prior to Redl’s confirmation to the NTIA job.
Redl took the post November 21, having been nominated by Donald Trump back in May, replacing Obama appointee Larry Strickling, who left the agency in January.
He’s the first NTIA chief since ICANN’s inception not to enjoy the special position of power over ICANN granted by the old IANA contract, which was scrapped in September 2016.
US “threatens” Costa Rica over Pirate Bay domains
The US government has been threatening to “close down” Costa Rica’s .cr registry over its refusal to take down a Pirate Bay domain name, according to the registry.
Representatives of the US embassy in Costa Rica have been badgering NIC.cr to take down thepiratebay.cr since 2015, according to a letter from Pedro León Azofeifa, president of Academia Nacional de Ciencias, which runs the registry.
The letter claims:
These interactions with the United States Embassy have escalated with time and include great pressure since 2016 that is exemplified by several phone calls, emails and meetings urging our ccTLD to take down the domain, even though this would go against our domain name policies
According to the letter, a US official “has mentioned threats to close our registry, with repeated harassment regarding our practices and operation policies and even personal negative comments directed to our Executive Director”.
The letter was sent to the chair of ICANN’s Governmental Advisory Committee 10 days ago, CC’d to senior ICANN, Costa Rican and US governmental figures, and has been circulated this week in the Latin American domain name community.
The form of the alleged threats to close the registry is not clear, but it should be noted that prior to October 1 last year the US Department of Commerce, via its now-relinquished oversight of ICANN, played a key role in the administration of the DNS root zone.
The Pirate Bay is of course a popular directory of BitTorrent links largely used to disseminate pirated copies of movies and music, much of it American-made.
The site has been TLD-hopping for years, as registries around the world shut down its domains for violations of their own local rules. It has been live on thepiratebay.cr since December 2014, when its Swedish operation was shut down by authorities.
The NIC.cr letter says that its own policies follow international “best practices” and allow it to take down domains when presented with a Costa Rican court order, but that “the pressure and harassment [from the US] to take down the domain name without its proper process and local court order persists”.
The US Department of Commerce even pressured its Costa Rican counterpart to investigate NIC.cr, but that probe concluded that the registry was acting within its procedures, according to the letter.
It’s not the first attempt to get rid of the Pirate Bay this year.
Public Interest Registry in February announced a “UDRP for copyright” proposal that would allow copyright holders to have piracy disputes heard by independent arbitrators. It looked like a way to get unloved thepiratebay.org domain taken down without PIR having to take unilateral action.
That proposal was shelved after an outcry from the industry and civil rights watchdogs.
In April, one of the Pirate Bay’s founders launched a piracy-friendly domain registration service.
Just this week, the European Court of Justice ruled, after seven years of legal fights, that the Pirate Bay infringes copyright, raising the possibility of the site being blocked in more European countries.
The NIC.cr letter is dated June 6. It has not yet been published by ICANN or the GAC.
Trump nominee open to retaking ICANN oversight role
The incoming head of the US Department of Commerce has indicated that it is unlikely he’ll try to reestablish the US government’s unique oversight of ICANN, at least in the short term.
But at his confirmation hearing in Congress yesterday, Trump nominee for secretary of commerce Wilbur Ross said he’d be open to ideas about how the US could increase its power over ICANN.
He was responding to a question from Ted Cruz, the Texas senator who made halting the IANA transition one of his key concerns last year.
Cruz, framing the question in such a way as to suggest ICANN is now in the hands of an intergovernmental consortium (which it is not) asked Ross whether he was committed to preventing censorious regimes using ICANN to hinder Americans’ freedom of speech.
Ross replied:
As such a big market and really as the inventors of the Internet, I’m a little surprised that we seem to be essentially voiceless in the governance of that activity. That strikes me as an intellectually incorrect solution. But I’m not aware of what it is that we actually can do right now to deal with that. If it exists, if some realistic alternative comes up, I’d be very interested.
His response also mischaracterizes the power balance post-transition.
The US is not “essentially voiceless”. Rather, it has the same voice as every other government as a member of the Governmental Advisory Committee.
Its role is arguably still a lot more powerful than other nations, given that ICANN is now bylaws-bound to remain headquartered in California and under US jurisdiction.
As head of Commerce, Ross will have authority over the National Telecommunications and Information Administration, the agency most directly responsible for dealing with ICANN and domain name issues in general.
NTIA itself will to the best of my knowledge still be headed by assistant secretary Larry Strickling, who handled the IANA transition from the US government side. (UPDATE: this may not be correct)
Ross, 79, is a billionaire investor who made most of his estimated $2.5 billion fortune restructuring bankrupt companies in the coal and steel industries.
ICANN retires Affirmation of Commitments with US gov
ICANN has terminated its last formal oversight link with the US government.
Late last week, ICANN chair Steve Crocker and Larry Strickling, assistant secretary at the US National Telecommunications and Information Administration mutually agreed to retire the seven-year-old Affirmation of Commitments.
The AoC, negotiated during the tail end of Paul Twomey’s leadership of ICANN and signed by successor Rod Beckstrom, laid out ICANN’s responsibilities to the US government and, to a lesser extent, vice versa.
It included, for example, ICANN’s commitments to openness and transparency, its promise to remain headquartered in California, and its agreement to ongoing reviews of the impact of its actions.
Ongoing projects such as the Competition and Consumer Trust Review originate in the AoC.
The rationale for concluding the deal now is that most of significant provisions of the AoC have been grandfathered into ICANN’s revised bylaws and other foundational documents following the IANA transition, which concluded in October.
Reviews such as the CCT and the lock on its California HQ are now in the bylaws and elsewhere, ICANN said in a blog post.
It’s worth mentioning that the US gets a new administration led by Donald Trump in a little over a week, so it probably made sense to get the AoC out of the way now, lest the new president do something insane with it.
The letters from Crocker and Strickling terminating the deal can be read together here (pdf).
States drop IANA transition block lawsuit
Four US states attorneys general have quietly thrown in the towel in their attempt to have the IANA transition blocked.
The AGs of Texas, Nevada, Arizona and Oklahoma unilaterally dropped their Texas lawsuit against the US government on Friday, court records show.
A filing (pdf) signed by all four reads simply:
Plaintiffs hereby provide notice that they are voluntarily dismissing this action pursuant to Federal Rule of Civil Procedure 41(a)(1)(A)(i).
That basically means the case is over.
The AGs had sued the US National Telecommunications and Information Administration, seeking an eleventh-hour restraining order preventing the IANA transition going ahead.
The TRO demand was comprehensively rejected, after ICANN and organizations representing numerous big-name technology companies let their support for the transition be known in court.
The plaintiffs had said they were considering their options, but now appear to have abandoned the case.
It was widely believed that the suit was politically motivated, an attempt by four Republican officials to stir up anti-Obama sentiment in the run-up to the US presidential election.
Judge says IANA transition suit unlikely to succeed
A Texas judge refused demands for a temporary restraining order preventing the IANA transition going ahead last weekend because the suing state attorneys general were unlikely to succeed at trial.
That was one of several reasons Judge George Hanks refused the TRO, which had been requested by the Republican AGs of Texas, Arizona, Oklahoma and Nevada.
Hanks’ order on the motion, which was published last night (pdf), said the AGs:
have not shown that there is a substantial likelihood that they will prevail on the merits of this case. Nor have they shown that there is a substantial threat that an irreparable injury will be suffered. Nor have they shown that the threated injury outweighs the threatened harm to the United States. Finally, they have not shown that granting the injunction will not disserve the public interest.
The lawsuit claims that the IANA transition, which involves the US government removing itself from its oversight roles of ICANN and DNS root zone management, represents a threat to free speech and to the stability of the .mil and .gov TLDs.
The eleventh-hour complaint was filed on Thursday, after attempts by Senator Ted Cruz and his allies to block the transition via a Congressional funding bill failed.
But Hanks ruled that the AGs claims about potential future harms amounted to no more than “speculation” and “hearsay”.
He wrote: “counsel’s statements of what ‘might’ or ‘could’ happen are insufficient to support the extraordinary relief sought in this case.”
He also pointed to one significant logical inconsistency in their argument:
Even if the Court were to find that some past harm or bad acts by the Internet Corporation for Assigned Names and Numbers (“ICANN”) impacted the interests of the States in their respective websites and alleged rights at interest, the Court notes that these past harms happened under the exact regulatory and oversight scheme that the States now seek to preserve. This, along with the lack of evidence regarding any predictable or substantially likely events, greatly undermines the States’ request for they relief they seek.
The AGs are reportedly considering their options following the ruling, and may appeal.
But another school of thought holds that the suit was largely a political gesture designed to creating talking points for the Republican party ahead of next month’s presidential election, and could be allowed to fade away.
Root hits 1,500 live TLDs as US oversight ends
The DNS root saw its 1,500th concurrent live TLD come into existence on Friday, just hours before the US relinquished its oversight powers.
Amazon received its delegation for .通販 (.xn--gk3at1e, Japanese for “online shopping”) and satellite TV company Hughes got .dvr, meaning “digital video recorder”.
That took the number of TLDs in the root to exactly 1,500, which is where it still stands today.
Both went live September 30, which was the final day of ICANN’s IANA contract with the US National Telecommunications and Information Administration, which expired that night.
An ICANN spokesperson confirmed that the two new gTLDs “were the last ones requiring NTIA’s approval.”
From now on, the small clerical role NTIA had when ICANN wanted to make changes to the root is no more.
The fact that it hit a nice round number the same day as ICANN oversight switched to a community-led approach is probably just a coincidence.
Amazon’s .通販 was almost banned for being too confusingly similar to “.shop”, but that ludicrous decision was later overturned.
Hughes’ .dvr was originally intended as a single-registrant “closed generic”, but is now expected to operate as a restricted but multi-registrant space.
Breaking: Judge rules ICANN handover will happen!
The IANA transition is set to go ahead after a Texas judge ruled in favor of the US Federal government tonight.
Here’s the judge’s decision (pdf)
Larry Strickling, assistant secretary at the National Telecommunications and Information Administration, released the following brief statement early October 1:
The federal court in Galveston, Texas denied the plaintiffs’ application for declaratory and injunctive relief. As of October 1, 2016, the IANA functions contract has expired.
The US had been sued at the eleventh hour by four state attorneys general, who claimed that allowing ICANN to go independent would, among other things, put free speech at risk.
The judge evidently disagreed, though his full decision has not yet been made available.
ICANN chair Steve Crocker released this statement:
This transition was envisioned 18 years ago, yet it was the tireless work of the global Internet community, which drafted the final proposal, that made this a reality. This community validated the multistakeholder model of Internet governance. It has shown that a governance model defined by the inclusion of all voices, including business, academics, technical experts, civil society, governments and many others is the best way to assure that the Internet of tomorrow remains as free, open and accessible as the Internet of today.
Akram Atallah, president of ICANN’s Global Domains Division, tweeted this:
The sun will still come up in the morning and the internet will continue to function as usual. #ICANN #yestoIANA #IANATransition
— Akram Atallah (@AkramAtallah) September 30, 2016
The transition, in broad terms, means the US no longer holds a special role in managing the DNS root.
Now, instead of having to rely on vague threats from the NTIA to keep ICANN in line, the global internet community will get new powers to challenge ICANN decisions.
Recent Comments