Protecting Internet Freedom and American Interests: Required Reforms and Standards for ICANN Transition

Report Government Regulation

Protecting Internet Freedom and American Interests: Required Reforms and Standards for ICANN Transition

June 16, 2014 20 min read Download Report

Authors: Paul Rosenzweig, James Gattuso, Brett Schaefer and David Inserra

The U.S. National Telecommunications and Information Administration (NTIA) has contracted with the Internet Corporation for Assigned Names and Numbers (ICANN) to manage core functions of the Internet since ICANN was established in 1998. ICANN is a private nonprofit corporation created to manage policy and technical features of the Internet’s domain name system (DNS) in a multi-stakeholder manner.[1] Since the establishment of ICANN, the federal government has expressed its intent to make governance of the DNS fully private—that is, free from government oversight. However, this transition has been repeatedly deferred due to a perceived value in retaining U.S. influence and concerns over ICANN’s ability to fulfill its responsibilities absent the oversight role played by the NTIA. Unexpectedly, on March 14, 2014, the NTIA announced that it did not intend to renew its contract with ICANN and mandated that the organization consult with “global stakeholders” to agree on an alternative to the “current role played by NTIA in the coordination of the Internet’s [DNS].”[2] The existing contract expires on September 30, 2015. However, the contract permits the NTIA to exercise two renewal clauses, each for two-year periods, which could extend the current contract through September 30, 2019.[3]

When making the initial announcement, the NTIA stated it would not withdraw from the process until an acceptable alternative mechanism is developed. This new mechanism, the NTIA stated, must: (1) “Support and enhance the multi-stakeholder model”; (2) “Maintain the security, stability, and resiliency of the Internet DNS”; (3) “Meet the needs and expectation of the global customers and partners of the IANA [Internet Assigned Numbers Authority] services”; and (4) “Maintain the openness of the Internet.” Additionally, the NTIA stated that it “will not accept a proposal that replaces the NTIA role with a government-led or an inter-governmental organization solution.”[4] After concerns were voiced in Congress and the private sector, the NTIA clarified that the U.S. would renew the IANA contract with ICANN should the transition proposal fall short.[5]

The NTIA’s conditions are a good start, but insufficient, giving little practical guidance or details on what is an acceptable new oversight mechanism. The Internet is too important to permit such ambiguity. Congress should work with the Administration to define and detail minimum protections, including protections to preserve freedom of expression and reforms designed to enhance ICANN accountability and insulate it from government capture, which must be in place before the U.S. will agree to the transition. Ensuring that this transition occurs correctly is of paramount importance to the future of the Internet as a free, stable, and dynamic arena for human expression and economic growth. As explained in more detail below, those minimum protections should include procedural mechanisms that:

  • Separate policymaking from technical implementation by creating a new IANA consortium with responsibility for technical issues;
  • Create a new external, private oversight board for ICANN notionally called the Internet Freedom Panel, that is representative of users and possesses veto power over ICANN policy decisions that threaten the freedom, security, stability, and resilience of the Internet;
  • Require ICANN to adopt greater transparency and accountability rules, including, for example, an outside audit requirement and an independent arbitration mechanism; and
  • Prohibit any representative of a government, governmental institution, or intergovernmental organization from participating on ICANN’s board or the new Internet Freedom Panel in anything other than an advisory capacity.

The U.S. should not end its role in the assignment of Internet names and numbers before adequate checks and balances are put in place to ensure that the newly privatized system is sufficiently transparent and accountable and is not vulnerable to hijacking by governments or intergovernmental organizations opposed to a free and private Internet.

How the Domain Name System Works

The DNS allows users to type a website name into an Internet browser and connect with that website; heritage.org, for instance, leads to The Heritage Foundation website. The suffix to the right of the “dot” is the web address at the top of the DNS pyramid. These are known as generic top-level domains (gTLDs) and country code top-level domains (ccTLD). Examples include .com, .org, and .clothing for gTLDs and .uk or .ru for ccTLDs.

The U.S. government has contracted with ICANN to administer this system—known broadly as the IANA—since 1998. This responsibility focuses primarily on the updating, expansion, and maintenance of the DNS root zone, essentially the address book of the Internet. The root zone is maintained on 13 sets of root servers. These 13 sets are not housed in 13 distinct locations, but are comprised of hundreds of root servers at over 350 sites in many different countries.[6]

ICANN’s policy process for changing the DNS begins with consultation with the multi-stakeholder community. To change the root zone, a registry operator notifies ICANN of the proposed change. In order for a change to be made to the root, it must be in line with the consensus policies developed as a part of the multi-stakeholder process. ICANN, through a series of administrative and technical checks, makes the initial decision to make or reject the change. In most cases, changes to a root zone are routine maintenance and are non-controversial. More controversial issues—such as the creation of new gTLDs or ccTLDs—are opened for public comment and discussion until a consensus is reached.

ICANN’s proposed changes to the root zone are sent simultaneously to the NTIA for authorization and to the root zone maintainer. The NTIA very rarely rejects decisions reached by ICANN, leaving Internet governance almost entirely to the private sector.[7] It has, however, served an important role in ensuring that proper processes are followed. U.S. oversight has been light-handed, focusing on maintaining and developing Internet stability and reliability. This has allowed the Internet to grow and develop at a fantastic pace.

Once a root zone change is authorized by the NTIA, Verisign, a private company that has an agreement with the NTIA to act as root zone maintainer, performs technical checks on the proposed change, implements them and generates the updated root zone. Once the new updated root zone has been validated, it is distributed to the root servers. Typically a new root zone is propagated within minutes. A new root zone file is generated and propagated roughly every 12 hours.

Threats to Internet Freedom

The NTIA proposal to withdraw from its oversight role is in accordance with the federal government’s long-standing goal of privatizing Internet governance. As early as 1997, the Clinton Administration issued a directive instructing the Commerce Department to “support efforts to make the governance of the domain name system private.”[8] Every Administration since has supported that goal, recognizing that the Internet, and the DNS system, is too important to be subject to government control.

Fulfillment of the goal of privatization, however, has been repeatedly delayed. As the Internet has grown in importance, concerns have arisen over what would fill the vacuum following the U.S. federal government’s exit from the field. Many nations, such as China and Russia, have made no secret of their desire to limit speech on the Internet that is critical of or damaging to their interests. Even some democratic nations have supported limiting undesirable speech,[9] or limiting economic freedoms online. And international organizations such as the International Telecommunication Union (ITU), an arm of the United Nations, have expressed a strong interest in playing a role in Internet governance.

It should be stressed that ICANN presently has very limited power to actually “govern” the Web. Its job is focused on proposing and facilitating changes to the DNS. But even that power could be abused, by limiting or favoring certain domain names, or even by neglecting service of domain names of politically disfavored groups. Moreover, any government limits on Internet freedoms imposed through ICANN could serve as a precedent for limits elsewhere.

Putting Meat on the Bones of NTIA’s Principles

The Obama Administration implicitly recognizes that the decision to end the NTIA’s contractual role with ICANN poses a risk that the current system could be replaced by a less benign, government-led or intergovernmental-organization-led solution. The principles outlined by the Administration are basically guidelines for how to avoid that result. By their nature, however, they fall far short of the detail necessary to ascertain what would or would not be deemed acceptable alternatives.

The absence of clear, well-defined standards, checks, and requirements runs the risk that the NTIA will complete the transfer without adequately addressing these very real concerns because of a “pre-commitment” to a specific result or the natural momentum of the process. To ensure that adequate safeguards are adopted, Congress should work with the Administration through consultation and hearings to define and detail protections, checks, and balances required to pass muster under each of the broad principles identified by the NTIA. To guarantee that these protections are heeded by the Administration in deliberations over whether to renew or extend the ICANN contract, Congress should give them the force of law and make the expiry of the NTIA contract with ICANN contingent on their implementation.

Principle #1: The NTIA will not accept a proposal that replaces the NTIA role with a government-led or an intergovernmental organization solution.

The goal of reform should be an Internet that is free from governmental control, either individually or through inter-governmental bodies. Other nations have sought repeatedly, for example, to work through U.N. organizations such as the ITU to exercise greater authority in Internet governance. These countries can be expected to intensify their efforts in the wake of the U.S. government’s own withdrawal. Policymakers must ensure that ICANN, and any new bodies created in response to the NTIA withdrawal, represent private-sector users, with no government involvement beyond an advisory role. It is necessary that:

  • No governmental or intergovernmental body be allowed to exercise control over the management of the DNS. Government participation should be limited to an advisory role through such institutions as the Governmental Advisory Council (GAC) (an existing body that currently provides a forum for advice to ICANN by governments), and to participation as a user to the same extent and to no greater extent than non-government users.
  • No ICANN officer or voting member of the board of directors be selected by, or represent, a governmental or intergovernmental body. The board of directors and ICANN senior officers should represent the interests of the private-sector users of the Internet, not governments or intergovernmental organizations.
  • ICANN’s bylaws be amended to lock in current status of the GAC as an advisory body and its current practices in proffering advice. The stated purpose of the GAC is to “provide advice to ICANN on issues of public policy, and especially where there may be an interaction between ICANN’s activities or policies and national laws or international agreements.”[10] ICANN bylaws specifically state that GAC advice is not binding for ICANN or the board.[11] The U.S. should insist that ICANN bylaws preserve the current advisory role of the GAC and, because the GAC operating principles can be revised at any time by a majority vote of participating governments, amend the ICANN bylaws to allow receipt of GAC advice only if consensus, as defined by the GAC as “the practice of adopting decisions by general agreement in the absence of any formal objection,”[12] is achieved.

Principle #2: Maintain the openness of the Internet.

The Internet provides an unequaled forum for the exchange of ideas around the globe. Protecting the freedom of users to express their opinions or conduct online activities of their choosing should be a paramount goal of U.S. policymakers. Such free expression, however, is viewed as a threat by many authoritarian governments such as those in Russia and China. Domestically, these nations have long adopted policies limiting Internet freedom. The urge to censor is not limited to non-democratic regimes and institutions. The European Union, for example, recently required search engines, upon request, to remove links to categories of personal information, such as prior bankruptcies, which are considered no longer relevant or lack a compelling public interest meriting disclosure—in effect forcing search engines such as Google to censor content.

As a private corporation, ICANN does not have the power to directly limit speech globally. But freedom of expression could be hindered in more subtle ways. It could, for instance, refuse to allow specific domain names, such as “.falungong” or “.islam” to be entered into the root. More directly, governments can—and do—use the domain name system to shut down individual websites.[13] Perhaps most troubling of all, an unfettered ICANN could include contractual terms in its agreements with registrars of domain names that would contractually oblige the registrars to limit Internet freedom or have that effect.

ICANN should, to the greatest extent possible, avoid content-based judgments in the administration of the DNS. To date, it has generally done so, with the prominent—and understandable—exception of steps to protect intellectual property. Having ICANN headquartered in the U.S. or subject to U.S. law does not itself establish an obligation by ICANN, which is not and will not be a state institution after the transition, to protect freedom of expression. To ensure that maximum freedom of expression continues, the Administration and Congress should insist on the following protections:

  • Incorporate freedom of expression into the bylaws of ICANN. ICANN’s bylaws should be amended to specifically commit the organization to oppose efforts to constrain free speech, online discourse, or assembly. This commitment should incorporate the strictest standard for freedom of expression and association, at least as comprehensive as that applied under the First Amendment.
  • Separate the policy functions of ICANN from root zone management functions, which should be relegated to a new IANA consortium. IANA governance, often seen as a single process, actually refers to a number of quite distinct responsibilities, including making the policy decisions regarding the treatment of top-level domain names, the management of the content of the root zones, and the actual editing of the root zone files (a role now performed by Verisign under contract with the NTIA). The second two functions (the so-called IANA functions) are largely administrative functions. To reduce the possibility of political interference, the IANA functions should be separated from ICANN, leaving ICANN only with the policy role, acting through the consensus-based multi-stakeholder process. The non-policy functions would be overseen by a new, private organization, which would take over the current role of ICANN and the NTIA. As outlined in a recent white paper by Milton Mueller and Brenden Kuerbis for the Internet Governance Project,[14] this new body could be a consortium representing the most direct users of the process—the operators of the 13 root zone servers and the various registries.[15] The root server operators and the registries, including ccTLD registries, have a strong interest in ensuring that the DNS remains accurate, stable, and responsive. The new IANA consortium should be a private nonprofit company financed and managed by the TLD registries.
  • Establish an “Internet Freedom Panel” to oversee ICANN’s remaining policy function. This private-sector board would, under ICANN’s bylaws, have the authority to review and, if necessary, veto ICANN proposed changes to the DNS deemed to threaten the freedom, stability, or security of the Internet. This board should include no government members, but represent the users of the Internet. It could be structured in a number of ways, including having the non-government board members for the new IANA consortium serve concurrently on the ICANN Internet Freedom Panel.
  • Require ICANN to enter into a new legally binding global Affirmation of Commitments (AOC) with the Internet Freedom Panel that includes clear protections for freedom of expression. Under the current AOC, an agreement with the Department of Commerce, ICANN and the U.S. government agree to abide by specified procedures and to foster certain principles and objectives.[16] If the anticipated transition occurs, ICANN will no longer have an AOC partner. Therefore, prior to the expiry of the current NTIA contract, ICANN should be required to enter into a new, legally binding AOC with the Internet Freedom Panel. Moreover, protections for freedom of expression in the current AOC are insufficient and should be expressly stated in the new AOC which, along with other provisions, should be enforceable as a private contract under U.S. law.

Principle #3: Support and enhance the multi-stakeholder model.

Under the multi-stakeholder model, ICANN should be responsible to and accountable to the users of the Internet, and not to any governmental body. To ensure this accountability, policymakers should:

  • Amend ICANN bylaws to define a supermajority vote as four-fifths of voting members. The bylaws currently define a supermajority vote as a “vote of more than sixty-six (66) percent of the members present at a meeting of the applicable body” and a Generic Names Supporting Organization (GNSO) supermajority as “(a) two-thirds (2/3) of the Council members of each House, or (b) three-fourths (3/4) of one House and a majority of the other House.”[17] With NTIA oversight receding, the threshold for approving major decisions should be increased to four-fifths of all members, not just those present. This change should also be applied to all decisions currently requiring a 66 percent or two-thirds vote in the bylaws.
  • Require a supermajority of the board, as newly defined, to change ICANN’s bylaws and the articles of incorporation. With few exceptions, ICANN’s articles of incorporation and ICANN’s bylaws may be altered, amended, or repealed, and new ones adopted by a two-thirds vote of all 16 voting members of the board. As ICANN’s autonomy increases, the need to have firm rules increases. The threshold for changing or replacing the articles of incorporation and the bylaws should be raised to four-fifths of all voting members.
  • Establish term limits for ICANN senior officers. ICANN’s bylaws limit members of the board of directors to three three-year terms. However, each senior officer (the president/CEO, the secretary, and the CFO) “shall hold his or her office until he or she resigns, is removed, is otherwise disqualified to serve, or his or her successor is elected.”[18] Mandating periodic turnover of senior officers would help guard against self-interest. Senior officers should serve a maximum of nine years, as is the case for directors, and face a supermajority vote of confidence, as newly defined, every three years.
  • Simplify the process of selecting members of ICANN’s board of directors. The current process for selecting members of ICANN’s board is byzantine, involving multiple bodies established by separate articles of the bylaws, each with detailed rules and processes. The relationships among these bodies are complicated, with representatives from one body sometimes populating others.[19] The complicated nature of the process is a barrier to transparency and invites manipulation by those most familiar with the process. The ICANN bylaws should adopt a more transparent and direct process for selecting ICANN directors. One option, for instance, would be to eliminate the nominating committee and charge the various advisory bodies to select directors independently, as they currently do for some directors, and enter into arrangements with Internet organizations, coalitions, or user groups focused on specific aspects of the DNS (such as the Internet Engineering Task Force, the Internet Society, TLD registrars, and private-sector interests like the Software Alliance) to select the balance of the board members.

Principle #4: Maintain the security, stability, and resilience of the Internet DNS.

The United States, as well as the Internet community at-large, has an interest in ensuring that the Internet remains secure, stable, and resilient and does not suffer disruptions due to the transfer. To help ensure that outcome, the U.S. should insist the following be part of the transition:

  • Depoliticize the technical aspects of the DNS. The entity charged by the IANA consortium with the actual editing of the root zone files should have a clear non-discretionary obligation to implement policy decisions adopted by ICANN unless they are vetoed by the Internet Freedom Panel. This task, currently performed under contract by Verisign, should not be transferred to any new contractor for implementation unless and until the new private IANA consortium overseeing the process is satisfied with the technical competence of the new contractor and approves the transfer.
  • Require ICANN to remain subject to U.S. law. ICANN has opened two hub offices in Singapore and Istanbul that are intended to handle ICANN responsibilities. There has been speculation that ICANN could relocate its headquarters to one of these hubs or another location. If accountability and transparency measures are to be effective and enforceable, it is important that ICANN remain subject to U.S. law. ICANN’s bylaws should be changed to require that ICANN remain subject to the jurisdiction of U.S. courts and subject to U.S. law.
  • Grant the U.S. sole ownership and exclusive use of the “.gov” and “.mil” TLDs. The U.S. government developed the Internet without anticipating that it would become a global medium. As the U.S. government increased its use and presence on the Web, it used these two gTLDs as the default. Allowing other governments or the private sector to use these gTLDs poses security risks. ICANN should be required to acknowledge sole U.S. ownership and use of these gTLDs and exempt them from the requirement to publish registry information (known as WHOIS) that is applied to other gTLDs. In addition, sole U.S. authority should be acknowledged for decisions relating to changes to the root servers managing the “.gov” and “.mil” TLDs that could impact its security concerns.

Principle #5: Meet the needs and expectations of the global customers and partners of the IANA services.

It is often argued that ICANN is a monopoly. That is not strictly true. There are a number of small niche “alternative” DNS systems that operate at the margin of ICANN’s market power. Perhaps more importantly, ICANN’s market power is significantly curtailed by other Internet services that allow consumers to locate specific websites. For instance, while the domain name heritage.org is of particular value to The Heritage Foundation, it is not essential in a world dominated by search engines. Even without a memorable domain name, Internet users would have little problem navigating to The Heritage Foundation’s website through various search engines or links on other websites. Nonetheless, ICANN’s role as a user-run cooperative with sole power to allocate and regulate new gTLDs justifies safeguards against market power abuses. The U.S. should, as a condition of ending the current arrangement, require ICANN to:

  • Conduct and publicly release a five-year forensic audit. Before entrusting ICANN with greater autonomy, it should provide evidence that its financial and management decisions have been sound and comport with accepted business practices.
  • Conduct an annual outside audit. ICANN and the new IANA consortium overseeing technical implementation should be required to contract with an internationally recognized auditing firm (such as Deloitte, Dettica, PricewaterhouseCoopers, Ernst & Young, or KPMG) to conduct and publicly release an annual audit of their respective organizations. The costs should be paid by ICANN and the new IANA consortium and the auditing firm should be eligible only if it does not have a pre-existing contract with ICANN.
  • Enhance transparency in its deliberations. ICANN board meetings should be broadcast live on the Internet and archived along with meeting minutes and associated materials.
  • Limit agreements with partners. Neither ICANN nor the new IANA consortium should be permitted under their bylaws to enter into contracts imposing conditions unrelated to DNS management, such as regulating content, on the registrars with whom they conduct business. Moreover, such agreements should not be open to unilateral amendment by ICANN or the new IANA consortium, and they should be subject to legal recourse in U.S. courts.
  • Require a supermajority of ICANN’s board, as newly defined, to approve changes in prices and fees of ICANN. Although it is registered as a nonprofit corporation, ICANN’s approved budget has grown substantially over the past decade from $8.3 million in 2004 to over $200 million in 2014.[20] ICANN raises revenues to pay for its operations by charging fees on every domain name that is added, renewed, or transferred. ICANN also charges for applications for new gTLDs and, if the application is approved, additional annual fees and transaction fees. ICANN has the ability to adjust, increase, or levy new fees. ICANN has a vested interest in enhancing its financial position and, as a dominant market player, has a unique opportunity to take actions to realize that outcome. Currently, a majority decision of the board approves changes in ICANN fees. To better ensure that changes in fees or pricing are consistent with user interests, approval by a supermajority, defined as four-fifths of all directors of ICANN’s board, should be required before implementation.
  • Establish a joint inspector general (IG) office for ICANN and the new IANA consortium. The IG should be appointed by the board for a non-renewable fixed term and granted full access to ICANN and the finances, documents, and activities of ICANN and the new IANA consortium. The IG’s reports should be made publicly available and not be subject to approval or edit by ICANN officials, ICANN’s board, or the new IANA consortium.
  • Require ICANN to adopt an independent dispute resolution process. Currently, ICANN contracts with the International Centre for Dispute Resolution (ICDR)[21] for independent review of contested board actions and as a dispute resolution service provider for objections to new gTLD expansions. That role should be expanded and formalized (either under ICDR or another independent body) to establish a comprehensive independent dispute resolution system for all matters relating to ICANN’s operation.
  • Require ICANN to adopt a more open disclosure policy process at least equivalent to the U.S. Freedom of Information Act (FOIA). The multi-stakeholder community should have far greater access to ICANN documents, internal deliberations, and other materials related to its activities and decisions. ICANN currently has a Documentary Disclosure Information Policy that is “intended to ensure that information contained in documents concerning ICANN’s operational activities, and within ICANN’s possession, custody, or control, is made available to the public unless there is a compelling reason for confidentiality.”[22] While superficially similar to the FOIA process, ICANN’s defined conditions for nondisclosure are sweeping, allow broad discretion, and have been used by the organization to block transparency. The breadth and arbitrary character of these exceptions is excessive for a body not dealing with national security issues.[23] It is particularly problematic in a multi-stakeholder institution that is seeking sole authority over its activities. Moreover, unlike the U.S. government, whose FOIA denials can be challenged in court, those requesting information from ICANN have no option for independent appeal. To address this issue, ICANN should implement an appeal procedure involving the independent dispute resolution process.

The Need for Safeguards in the Internet Governance Process

To continue the vitality and freedom of the Internet, ICANN should be insulated from political pressure from governments, either directly or through intergovernmental organizations such as the U.N. or the ITU. Instead, it should be accountable to individuals and businesses that use the Internet as a vehicle for discourse, commerce, education, research, news, and other purposes. The Obama Administration has rightfully recognized the need for safeguards to be in place before any transition of ICANN is implemented. While unobjectionable, the Administration’s principles for what these safeguards should be lack the specificity to inform multi-stakeholder deliberations and fall short of the specificity needed to objectively determine if a proposal will or will not be acceptable. The Administration and Congress should address this ambiguity with legislation that establishes clear standards for each of the Administration’s announced principles, as discussed.[24]

In addition, to address outstanding questions about whether the NTIA has the authority to decline to renew the current contract with ICANN absent congressional consent, Congress should tie these standards to a specific instruction to the NTIA to retain its current authority over the contract until an acceptable proposal is reached.

In the near future, this would involve exercising renewal clauses in the current contract. Under the terms of the NTIA’s current contract with ICANN, “The Government may extend the term of this contract by written notice to the Contractor [ICANN] within 15 calendar days before the expiration of the contract; provided that the Government gives the Contractor a preliminary written notice of its intent to extend at least 30 calendar days before the contract expires.”[25] The NTIA must provide notice to ICANN by August 31, 2015, of its intent to extend the contract. In legislation identifying required standards, checks, and other changes necessary to assuage congressional and private-sector concerns about the transfer, Congress should instruct the NTIA to provide notice of extension of the contract before this deadline, should ICANN’s proposal prove inadequate.

—Paul Rosenzweig is a Visiting Fellow in the Douglas and Sarah Allison Center for Foreign and National Security Policy, of the Kathryn and Shelby Cullom Davis Institute for National Security and Foreign Policy, at The Heritage Foundation. Brett D. Schaefer is Jay Kingham Fellow in International Regulatory Affairs in the Margaret Thatcher Center for Freedom of the Davis Institute. James L. Gattuso is Senior Research Fellow for Regulatory Policy in the Thomas A. Roe Institute for Economic Policy Studies, of the Institute for Economic Freedom and Opportunity, at The Heritage Foundation. David Inserra is a Research Associate for Homeland Security and Cybersecurity in the Allison Center.

[1] In its Affirmation of Commitments signed with NTIA, ICANN commits to “(a) maintain the capacity and ability to coordinate the Internet DNS at the overall level and to work for the maintenance of a single, interoperable Internet; (b) remain a not for profit corporation, headquartered in the United States of America with offices around the world to meet the needs of a global community; and (c) to operate as a multi-stakeholder, private sector led organization with input from the public, for whose benefit ICANN shall in all events act. ICANN is a private organization and nothing in this Affirmation should be construed as control by any one entity.” ICANN, “Affirmation of Commitments by the United States Department of Commerce and the Internet Corporation for Assigned Names and Numbers,” http://www.icann.org/en/about/agreements/aoc/affirmation-of-commitments-30sep09-en.htm (accessed June 3, 2014).

[2] News release, “NTIA Announces Intent to Transition Key Internet Domain Name Functions,” National Telecommunications and Information Administration, March 14, 2014, http://www.ntia.doc.gov/press-release/2014/ntia-announces-intent-transition-key-internet-domain-name-functions (accessed June 3, 2014).

[3] The U.S. government may extend the contract by written notice to ICANN by 30 calendar days prior to the expiration of the contract. ICANN approval is not required. U.S. Department of Commerce, Award to Internet Corporation for Assigned Names and Numbers (ICANN), Contract No. SA1301-12-CN-0035, Effective September 1, 2012, Sections I.59 and I.70, pp. 58 and 65, http://www.ntia.doc.gov/files/ntia/publications/sf_26_pg_1-2-final_award_and_sacs.pdf (accessed June 3, 2014).

[4] News release, “NTIA Announces Intent to Transition Key Internet Domain Name Functions.”

[5] Assistant Secretary for Communications and Information and NTIA Administrator Lawrence E. Strickling, “Promoting Internet Growth and Innovation Through Multistakeholder Internet Governance,” March 19, 2014, http://www.ntia.doc.gov/blog/2014/promoting-internet-growth-and-innovation-through-multistakeholder-internet-governance (accessed June 3, 2014).

[6] For a current map of global distribution of the 13 root server sites, see Root-Servers.org, http://www.root-servers.org/ (accessed June 3, 2014).

[7] The most notable instance of NTIA interference with an ICANN decision involved the approval of the “.xxx” gTLD, which had been under consideration by ICANN since the early 2000s. In a 2005 letter, the Department of Commerce asked ICANN to delay this decision to allow further consideration of concerns by citizens and governments. ICANN eventually approved the gTLD in 2011 without opposition from the NTIA, even though the Obama Administration publicly disagreed with the decision. Lennard G. Kruger, “Internet Governance and the Domain Name System: Issues for Congress,” Congressional Research Service Report for Congress No. R42351, May 23, 2014, http://www.fas.org/sgp/crs/misc/R42351.pdf (accessed June 3, 2014).

[8] News release, “Memorandum for the Heads of Executive Departments and Agencies; Subject: Electronic Commerce,” The White House, July 1, 1997, http://www.fas.org/irp/offdocs/pdd-nec-ec.htm" target="_blank">http://www.fas.org/irp/offdocs/pdd-nec-ec.htm (accessed June 3, 2014).

[9] News release, “An Internet Search Engine Operator Is Responsible for the Processing that it Carries Out of Personal Data Which Appear on Web Pages Published by Third Parties,” Court of Justice of the European Union, May 13, 2014, http://curia.europa.eu/jcms/upload/docs/application/pdf/2014-05/cp140070en.pdf (accessed June 3, 2014).

[10] Governmental Advisory Committee, “About the GAC,” https://gacweb.icann.org/display/gacweb/About+The+GAC (accessed June 4, 2014).

[11] Under ICANN bylaws, the GAC “may adopt its own charter and internal operating principles or procedures to guide its operations,” which currently recognize that the GAC is not a decision-making body, that its communications are advisory, and that advice should be provided only if consensus exists among GAC membership or as a “full range of views expressed by members.” See Governmental Advisory Committee, “GAC Operating Principles,” https://gacweb.icann.org/display/gacweb/GAC+Operating+Principles (accessed June 3, 2014).

[12] Governmental Advisory Committee, “GAC Operating Principles,” Principle 47.

[13] Dave Piscatello, “Thought Paper on Domain Seizures and Takedowns,” ICANN blog, March 8, 2012, http://blog.icann.org/2012/03/thought-paper-on-domain-seizures-and-takedowns/ (accessed June 3, 2014).

[14] Milton Mueller and Brenden Kuerbix, “Roadmap for Globalizing IANA: Four Principles and a Proposal for Reform,” Internet Governance Project, undated, http://www.internetgovernance.org/wordpress/wp-content/uploads/ICANNreformglobalizingIANAfinal.pdf (accessed June 4, 2014).

[15] This approach would mean that some governmental entities would have a supervisory role through their ownership of root servers. These entities include the U.S. Department of Defense, the National Aeronautics and Space Administration, and the University of Maryland. These entities would play a role only to the extent that they are users of the system, not as government regulators per se. As the Internet expands and the number of TLDs increases, the number of root server operators and registries will likely also increase, diluting the influence of individual representatives.

[16] The commitments generally require ICANN to (a) ensure that decisions made related to the global technical coordination of the DNS are made in the public interest and are accountable and transparent; (b) preserve the security, stability, and resilience of the DNS; (c) promote competition, consumer trust, and consumer choice in the DNS marketplace; and (d) facilitate international participation in DNS technical coordination. ICANN, “Affirmation of Commitments by the United States Department of Commerce and the Internet Corporation for Assigned Names and Numbers,” September 30, 2009, https://www.icann.org/resources/pages/affirmation-of-commitments-2009-09-30-en (accessed June 4, 2014).

[17] ICANN, “Bylaws for Internet Corporation for Assigned Names and Numbers,” as amended 7 February 2014, Article X, Section 3 (9) and Appendix A, Section 12, https://www.icann.org/resources/pages/bylaws-2012-02-25-en (accessed June 4, 2014).

[18] ICANN, “Bylaws for Internet Corporation for Assigned Names and Numbers,” Article XIII, Section 2.

[19] Specifically, eight of the 16 voting directors are selected by the Nominating Committee, two by the Address Supporting Organization, two by the Country-Code Names Supporting Organization, two by the Generic Names Supporting Organization, one by the At-Large Community. The President ex officio serves as the 16th voting member. In addition to a diversity of “skills, experience, and perspective,” the directors are also supposed to represent a diversity of geography and culture. As an example of cross-pollination, the nominating committee, which selects eight ICANN board members, has a chair and chair-elect, who are appointed by the ICANN board. Five voting members of the Nominating Committee are selected by the At-Large Advisory Committee, which also independently selects one director for the ICANN board. Seven voting delegates to the Nominating Committee are selected by the Generic Names Supporting Organization, which also independently selects two directors of the ICANN board. The Nominating Committee also has mandatory delegates selected by the Address Supporting Organization and the Country-Code Names Supporting Organization, which independently select directors for the ICANN board. The Internet Engineering Task Force, which interacts with some ICANN advisory committees, also selects one delegate. ICANN, “Bylaws for Internet Corporation for Assigned Names and Numbers,” Articles VI–XI, February 7, 2014, https://www.icann.org/resources/pages/bylaws-2012-02-25-en (accessed June 4, 2014).

[20] ICANN, “Adopted Fiscal Year 2004–2005 Budget,” October 6, 2004, http://www.icann.org/en/about/financials/budget-fy04-05-06oct04-en.htm (accessed June 3, 2014), and ICANN, “FY14 Budget Approval,” board meeting, August 22, 2013, http://www.icann.org/en/about/financials/adopted-opplan-budget-fy14-22aug13-en.pdf (accessed June 4, 2014).

[21] The ICDR provides international arbitration and dispute resolution services and has headquarters in Bahrain, Ireland, Mexico, Singapore, and the U.S. See International Arbitration, “International Centre for Dispute Resolution (ICDR) (AAA Arbitration),” http://www.internationalarbitrationlaw.com/arbitral-institutions/icdr/ (accessed June 3, 2014).

[22] ICANN, “ICANN Documentary Information Disclosure Policy: Defined Conditions of Nondisclosure,” http://www.icann.org/en/about/transparency/didp (accessed June 3, 2014).

[23] For instance, among other exemptions, information provided to or by a government is off-limits if ICANN believes that there was an expectation of confidentiality or if it could harm relations with the government; internal documents, memoranda, or other communications from ICANN directors, staff, consultants, contractors, or others that “would or be likely to compromise the integrity of ICANN’s deliberative and decision-making process by inhibiting the candid exchange of ideas and communications” can be excluded; any draft “correspondence, reports, documents, agreements, contracts, emails, or any other forms of communication” are excluded; and any requests deemed by ICANN to be unreasonable, overly burdensome, unfeasible, or made by a person deemed “abusive or vexatious” or considered to be made with that intent can be denied.

[24] The recommendations in this Backgrounder are broadly consistent with the principles that underlie a recent report by the Panel on Global Internet Cooperation and Governance Mechanisms, “Towards a Collaborative, Decentralized Internet Governance Ecosystem,” May 2014, http://internetgovernancepanel.org/panel-report (accessed June 4, 2014). That panel, consisting of international luminaries from across the globe, has recommended a broad transition to forms of distributed Internet governance for all issues relating to the domain, not just the IANA function. Where the recommendations differ, principally, is in a view that some permanent structures are operationally necessary for real-world implementation of broadly decentralized governance. While a wholly decentralized system might be theoretically preferable, some form of structure is a practical necessity. See Paul Rosenzweig, “Governing a Distributed Network: Common Goods and Emergence,” The Hague Institute for Global Justice Working Paper, April 27, 2014, https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2429885 (accessed June 4, 2014).

[25] U.S. Department of Commerce, Award to Internet Corporation for Assigned Names and Numbers (ICANN), Contract No. SA1301-12-CN-0035, Effective September 1, 2012, Section I.59, p. 58, http://www.ntia.doc.gov/files/ntia/publications/sf_26_pg_1-2-final_award_and_sacs.pdf (accessed June 3, 2014).

Authors

Paul Rosenzweig
Paul Rosenzweig

Former Visiting Fellow, The Heritage Foundation (2009-2017)

James Gattuso
James Gattuso

Former Senior Research Fellow in Regulatory Policy

Schaefer
Brett Schaefer

Jay Kingham Senior Research Fellow, Margaret Thatcher Center

Inserra
David Inserra

Former Policy Analyst for Homeland Security and Cyber Policy