They Came, They Bored, They Conquered

A California based corporation running the Internet’S Domain Name System in the interests of the US Department of Commerce. Sound unbelievable? Think again...

The domain name system (DNS)<*> has recently been described by Harvard law professor Lawrence Lessig as the most important “constitutional space since the Louisiana purchase.” Lessig’s statement may be hyperbolic (is the Internet’s so-called ‘namespace’ really a direct successor to America’s frontier? Is it a space at all? And is this the American constitution he’s referring to?), but his recognition of the DNS as a major political scene is long overdue. The critical business of assigning the names and numbers that make the Net’s addressing system work, too prosaic and technical to attract the attention of the mainstream media, has until recently been largely exempted from public scrutiny. But the activities of ICANN (the Internet Corporation for Assigned Names and Numbers), a not-for-profit entity created to manage the namespace and recognised by the US Government in 1998, have begun to raise serious questions that have implications for our understanding not only of Net politics, but also of NGOs and transnational corporations across the board.

A DOMAIN NAME PRIMER

The Net depends on domain names (such as ‘metamute.com’) as the unique identifiers needed to route e-mail, find web pages, and connect users to other resources online. Consequently, control over the Domain Name System (DNS <*>) confers substantial power over the Net itself. Whoever controls the DNS decides what new families of ‘top-level’ domain names can exist (for example, new suffixes like ‘.biz’ or ‘.xxx’) and how these names and the numbers they refer to will be assigned to websites and other Internet resources. It is becoming increasingly obvious to many analysts that this power conferred by control of the DNS is, via ICANN and its satellite organisations, being used to do create a new regime of regulation online.

BLINDED BY SCIENCE?

You are not alone. If the fairly complex technical issues surrounding the DNS aren’t enough to put you off, ICANN’s claims that there are nothing but technical issues in considering the DNS probably will. Vint Cerf, chair of ICANN, has gone out of his way to emphasise what he calls the corporation’s “constrained responsibility” with regards to the namespace. He maintains that ICANN is a “technical coordination body,” and that its focus is therefore on technical issues, such as ‘does the registry<*> work properly? Does it interwork with the root<*>? Does it interwork with clients, registrars? Do you have a way of backing it up in case something goes wrong?’ In other words, Cerf wants Net users to believe ICANN’s remit is to fulfil the ‘straightforward technical requirements’ of making sure the DNS functions correctly.

But under the guise of such ‘purely technical’ activities, ICANN has in fact repeatedly exceeded the mandate of the Memorandum of Understanding<*> it signed with the US government in 1998. It has held controversial elections for public members on its board, allocated new TLDs* whilst failing to open up the ‘.com’ registry to competition, negotiated ‘kingmaker’ agreements with registries, attempted to restructure relationships with national ccTLDs (country code Top Level Domains), and created a bizarre arbitration process for domain disputes (of which more in a moment). In doing all of these things, the corporation has remained intensely secretive, holding its meetings in a series of locations around the world (from Egypt to Yokohama, Japan) that prevent many members of the public from following its actions consistently, if at all.

Karl Auerbach, elected to represent North America on the ICANN board in October last year, has accused ICANN of being so secretive that even as a board member he often learns about its actions from outsiders. Auerbach too believes that ICANN shelters behind its claim of making ‘purely technical’ decisions whilst pushing through policies that far exceed its mandate. “Because the Internet is new and technical,” he argues, “there is much room to dissemble public policy as technology. I have a difficult time understanding how any of ICANN’s decisions concerned with the Domain Name System have any technical content at all.”

THE TECHNICALITIES OF POLICY, OR A POLICY OF TECHNICALITY?

One area in which it is difficult to perceive any kind of technical component is ICANN’s Uniform Domain Name Dispute Resolution Policy (UDRP), a quasi-legal process which expands the protection of trademarks online to an extent not previously provided for in any US or international legislature. The UDRP attempts to substitute a set of uniform global rules for what was once a largely territorial system of rights and dispute resolution. By permitting wealthy trademark holders to pay for domains they want to acquire to be considered by ICANN-approved ‘arbitrators’, the policy is effectively being used to furnish corporations with a means to stake out their intellectual property online. Controversially, it allows the complainant to pay just one arbiter to decide on a case (repeat this sentence a couple of until its full import sinks in). As if that were not enough, published league tables of results allow trademark holders to ‘forum-shop’ for the arbitrator most favourable to their case.

Thanks to the UDRP, the trademark owner has gained significant advantages over domain names previously held by ordinary members of the general public. If one of ICANN’s approved arbitrators decide (as they are paid to) that a domain is ‘confusingly similar’ to a known mark, or that the defendant has ‘no legitimate interest’ in a domain, or was registered ‘in bad faith,’ then the trademark holder has a very good chance of retaining that domain for its own use. Many arbitrators (and I am excluding here eResolutions/Disputes.org, which has an excellent track record) tend to stretch the UDRP definitions to cover the facts of a particular case, in many instances coming up with ingenious definitions of ‘bad faith,’ ‘identical’, ‘confusingly similar,’ and other such policy criteria. One arbitrator in particular, WIPO (The World Intellectual Property Organisation), has been attempting to create a so-called ‘preclusion’ doctrine that goes well beyond UDRP policy in holding that prior registration of a name constitutes ‘bad faith’ in and of itself, simply because it prevents the trademark holder from having the name they want. As a recent report by Milton Mueller, Senior Associate of the Global Affairs Institute, points out, domain name registrations are by definition exclusive, and there are worries that the preclusion doctrine could be used by arbitrators to justify ‘bad faith’ for any name a trademark holder wants.

Accordingly, a significant number of complainants have attempted to use the UDRP to acquire property rights over generic terms or to seize valuable names from legitimate owners. Yet panellists at the most popular arbitrators seem happier to find bad faith among registrants than among complainants. As of this year, those taking a dispute to an arbitrator stand a 78% chance of getting the domain they want – provided they pay their fees.

DEEP DOWN IN THE CONNECTIONS

Why should ICANN be doing so much to support the rights of big business over the average Net user? The answer may well lie in the connections the corporation has with other NGOs and companies - and perhaps the US government itself. Tenacious ICANN-hound Ted Byfield (interviewing James Boyle in this issue of Mute) has already exhumed ICANN’s close links with law firm Jones, Day, Reavis and Pogue (JDRP). The firm, through its partner Joe Sims, had a significant hand in the creation of ICANN, helping to draft ICANN’s bylaws and select the initial board members. Another of its number, Louis Touton, became a central figure at board meetings, and now fulfils not only the role of General Counsel, but also Vice-President and Secretary for the corporation. In January this year, ICANN used an Executive Committee meeting in order to circumvent its elected board members and pay $465,553.67 to JDRP for legal services rendered during the months of October and November. This gives at least some idea of JDRP’s usefulness to the corporation.

It was JDRP, through Touton, who helped create the Government Advisory Committee, with its heavy WIPO presence that produced the UDRP. You remember WIPO. They’re the folks who are helping trademark owners to help themselves, a UN organisation established for the benefit of (and largely paid by) corporate intellectual property interests. It is of little surprise that WIPO’s dispute arbitration process is so grossly biased in favour of trademark owners. In December 1998 WIPO produced an Interim Report which called for the strongest intellectual property regime imaginable online, a one-sided procedure which, according to Michael Froomkin, another keen ICANN-baiter, all but encouraged domain name hijacking by experienced, well-funded multinational trademark lawyers, whose challenges would pose formidable risks and uncertainties to an average domain name registrant.

The WIPO Interim Report’s recommendations were opposed by existing and prospective registries, organisations representing the Internet technical community and many individual domain name holders. But although this widespread opposition forced WIPO to modify its Interim Report, the vast majority of its intent made its way into the UDRP. Which is good for WIPO, now raking in the $1000-a-pop fees it demands in return for retrieving names for its trademark owners.

ELECTED MEMBERS? WHO NEEDS ‘EM?

ICANN’s potential authority is largely unbounded. Policy authority over the root server system and other central Internet functions make it possible for the corporation to exert very broad control over Internet activity. Yet one consequence of ICANN presenting itself as a technical body is that it is able to sidestep the accountability that should be concomitant with its power, evoking the glory days of the Net in which groups like the Internet Engineering Task Force saw to things in a voluntary, decentralised, consensus-based fashion. Does there have to be, ICANN therefore feels justified in asking, an elected presence on its board?

These, of course, are questions only appropriate to a corporation which really does limit its interests to the Net’s ‘technical co-ordination’. And given that many are now recognising the links between ICANN’s putative technical work and the creation of public policies for intellectual property, industry competition, and perhaps even national sovereignty, they seem wildly out of place. What, it seems more proper to ask ourselves now, is the appropriate role of the Internet user in global Internet policy-making?

Unfortunately for the users, ICANN’s first gesture towards giving us a voice was less than successful. Firstly, only five of the nine seats on the ICANN board turned out to be up for grabs; the rest, it was quietly announced, would be retained contrary to the pledges signed by the initial, ‘interim’ board members. Their reason for their hanging in there was, said Michael Froomkin, “because they are afraid of what ICANN might do if they are not there to stop it. They don’t trust their own system”. (Back in the days of ICANN’s formation, the US government had assured us all that the initial, secretly appointed members of ICANN would serve only “until the Board of Directors is elected and installed”, which was supposed to be a period of one year. These terms had now been increased to a minimum of four years.)

The ‘At Large Membership’ registration which then took place in order to establish a constituency to elect the board members was both over-complicated and fatally flawed, allowing only a woefully inadequate (and technically pathetic) 1,000-2,000 applications a day. It seems possible that ICANN did not anticipate the degree to which the public wanted to gain a voice in the global governance of the DNS, but many could not resist seeing this as part of a continued effort on ICANN’s part to limit its public accountability by hobbling direct representation of users. It was, as Lauren Weinstein of the PRIVACY Forum puts it, “a dreadfully sorry excuse for a representative process.” The fate of the At Large Membership (ALM) and the directors they have elected is still far from certain.

WHEN IS AN NGO NOT AN NGO?

Lt. Col Shoyster, the head of MPRI, America’s largest military advisory firm, has recently suggested that military campaigns conducted by a private sector firm don’t raise the same kind of political controversy as would, for example, aid from the US government itself. His suggestion gave credence to the notion that the military sector could be using mercenaries to train armies in countries where governmental intervention would be politically unpopular. Could the same strategy be at play in the case of ICANN? Could the US government be using the non-profit corporation to launder its policymaking?

“If so,” says Michael Froomkin, “it violates the Administrative Procedures Act and violates basic norms of due process and public policy designed to ensure that federal power is exercised responsibly.” Yet the facts speak very loudly indeed. Had the US government itself been behind the UDRP, or ICANN’s shoddy election processes, there would have been hell to pay. Instead, because it is a non-profit corporation rather than a government department, ICANN is not obliged to undertake any of the tiresome, constitutional due process burdens imposed on governmental administrative bodies. It need not be (although it has always claimed brazenly that it is) transparent. It is not (at the moment) subject to the burden of judicial review or the Federal Administrative Procedures Act. It is not compelled to undergo any independent judicial review of its actions. It is not actually required to invite entities affected by its decisions to participate in making the decisions. It does not have to pretend to be democratic. In fact, ICANN has no external entity to which it is accountable other than the Attorney General of the State of California.

If ICANN is a corporation designed to represent the interests of the American government, to govern the global commons of Net users in American interests, then it is a dangerously unaccountable one insulated – as many commentators have pointed out – within a complex set of organisational shells, which preclude effective participation from outsiders.

ICANN SEE CLEARLY NOW...

As far as Tony Rutkowski of the Centre for the Next Generation Internet is concerned, ICANN is ‘a government corporation in disguise.’ Michael Froomkin agrees, calling ICANN an ‘adhocracy’ which advances US Department of Commerce interests under de-facto DoC control. Froomkin accuses the DoC of ‘half-handing’ management of the DNS to ICANN in order to let it go beyond governmental limits.

Yet there has begun to be the feeling, over the last six months, that ICANN may have gone a couple of steps too far. The DoC has become increasingly and publicly interested in the corporation’s activities and its constitutional propriety. In particular, one Senator Conrad Burns has been asking some very sticky questions about the legalities of having ceded so much power to the organisation in the first place. It may well be that ICANN is an experiment in ‘policy laundering’ which has failed dismally – insofar as many Net users are up in arms about its unaccountable, corporation-centric, bureaucratic activities. There are certainly those within the DoC who feel it’s high time that the corporation was reigned in.

Nonetheless, the strategies deployed by ICANN, if strategies they are, may work better for other such bodies in the future. We would do well to watch out for them. ICANN challenges the idea (implicit in recent writings of, for example, Negri and Hardt) that so-called NGOs must be necessarily non-governmental, divorced from the interests of the nation state. In fact, the example of ICANN suggests, the NGO can be a useful cipher for governmental and national interests (as well, as we already knew, as those of big business). We need to avoid being blinded by bureaucracy (viz. ICANN’s ‘byzantine’ structure, which makes studying its processes so difficult), or excessive technical detail. These can be used to manufacture, or sustain, a lack of interest from members of the public whilst making it very difficult for anyone who is interested to find their way to the issues that matter. Lastly, an issue that merits serious examination is whether an NGO or non-profit corporation can hide or shelter de facto policymaking under a canopy of ‘purely technical’ activities, as many commentators now (some rather belatedly) accuse ICANN of doing. Because it would be foolish to let other groups like ICANN camouflage their activities to the extent that the public sees no need for them to be publicly accountable. ICANN might well prove to be a failed experiment, but we can be sure that the corporation’s successors will learn from its mistakes. Certainly those of us at the receiving end should do the same.

JJ King <jamie AT metamute.org> has recently completed a PhD examining the importance of the American frontier in the development of the Internet [http://www.jamie.com/thesis/thesis.pdf]. Jamie is editor of NetNames News, a magazine dedicated to analysing new developments in the namespace, a contributing editor at Mute magazine, and singer in the band Snakes [http://www.mp3.com/5nake5]. He is currently working on a secret novel.

<*>

DNS (Domain Name System) Despite being infamously decentralised and non-hierarchical, the Internet in fact relies on the underlying centralised hierarchy of the domain name system, a service that translates easy-to-remember domain names into the IP (Internet Protocol) addresses that the Net is based on. Every time you use a domain name, a DNS service must translate the name into its corresponding IP address. For example, the domain name www.cnn.com translates to 207.25.71.29 .

Root Zone File (‘The Root’) At the top of the domain name system is the root zone file, which directs Internet Protocol number queries to other domain name system databases called top-level domain zone files. To ensure speed and consistency, the root server system is composed of 13 file servers containing copies of the root zone file databases listing all domain names. The master root server is called the ‘authoritative root server’ or the ‘A’ root server. Currently, the authoritative root server is operated by Verizon (formerly Network Solutions, Inc.) under the direction of the US Department of Congress, despite original plans to hand control over to ICANN. The other 12 servers receive updated information daily from the ‘A’ root server regarding the contents of the root zone file and the top-level domain zone files.

Registries & Registrars The ‘Registry’ is a database to which registrars (see below) have shared access. Each registrar writes new names to a central registry database, from which the authoritative root (see above) is built.Registrars act as the interface between the public, applicants and registrants on the one hand, and the registry on the other. They apply on behalf of applicants to register .ca domain names in the registry, and provide registration renewal, transfer and information update services for registrants.Registrar: A ‘Registrar’ (or “Domain Name Registrar”) is an organisation that is able to register domains within certain top level domains (see below for a definition of ‘top level domain’). Different registrars have rights to register within different names. Registries and registrars pay fees that account for 90 percent of ICANN’s budget. Any domain name registrar must contract with ICANN before its TLD name is listed in the root. All domain name registrars must also be accredited by ICANN before they can register domain names in the generic TLDs. This contractual relationship gives ICANN the ability to tax and regulate key aspects of the domain name business. Some argue that it is through the registrar accreditation contracts that ICANN extends its regulatory control to domain name users. Each registrar passes on the conditions and constraints of the ICANN contract to the domain name registrant.

Memorandum of Understanding (MoU)This document is the primary formal vehicle through which ICANN was officially selected as the private corporation contemplated by the government US White Paper of 1998, which expressed the intention of the US government to end direct support of Internet name and address coordination services. The MoU establishes a development program to design and test mechanisms for private coordination of technical functions related to the DNS. Critics allege that the US government had no right to transfer control of the Internet to private parties.

TLDs & ccTLDS Top level domains are those at the ‘top’ of the domain hierarchy: ‘.com’, ‘.net’, etc.. So-called ‘country-code’ top level domains (ccTLDs) are those which also relate to specific nationalities (‘.co.uk’, ‘co.nz’, and so on).

ICANN Organisational Structure Critics have drawn attention to ICANN’s ‘byzantine’ structure, calling it “hopelessly complex” and “insulated from accountability by [its] organisational shells.” In case you are in any doubt, the corporation’s formal structure is shown in this diagram ICANN is governed by 18 volunteer Directors and a salaried CEO who sits on the Board of Directors ex-officio. Members of ICANN’s Board of Directors are selected in four distinct ways. Three Supporting Organisations (SOs), each one representing a separate functional area of Internet management, elect three Directors. Five at-large members have been elected by ICANN’s at-large membership. The rest are hangovers of the initial ‘interim’ Board (some are calling them ‘boardsquatters’). The ICANN Bylaws call for three Supporting Organisations, one concerned with domain names (the Domain Name Supporting Organisation or DNSO), one with IP address management (the Address Supporting Organisation or ASO) and the third with protocol parameter assignment (the Protocol Supporting Organisation or PSO). The DNSO is composed of a Names Council, a General Assembly, and various Constituency Groups representing DNS-related interests. Each constituency elects three members of the DNSO Names Council which is supposed to manage the DNSO’s ‘consensus-building’ process and communicate recommendations about Domain Name System policy to the ICANN Board of Directors.

useful urlsOfficial ICANN page [http://www.icann.org]ICANN Watch [http://www.icannwatch.org]Lextext’s ‘ICANN.Blog’ [http://www.lextext.com/icann]‘the roving_reporter’ on Tasty Bits from the Technology Front [http://tbtf.com/roving_reporter]