Expect newspapers to be filled with nationalistic rhetoric and accusations of bad faith and Western hegemony, as international negotiations begin to decide the successor to ICANN, the US-funded and California-based Internet Corporation for Assigned Names and Numbers, which controls a core function of the internet.
While the debate will be a proxy for other frustrations related to the structure of the global economy, it is certain that much of the discussion of the future of ICANN, and ‘who controls the internet’, will suffer from a lack of understanding of the actual powers and responsibilities under debate.
From the rhetoric, one would be forgiven for thinking that the internet was a centralized system, run like a giant factory, with a control room somewhere in the basement of ICANN’s offices regulating the flow of information as if opening and closing electronic valves of censorship: that there was an organization somewhere somehow in charge of things.
That other organizations – governments, especially – might think like this can be forgiven. For the classically trained bureaucrat, the decentralized, haphazard collection of ‘rough consensus and running code’ that makes up the network upon which the modern world relies is painfully contradictory. Surely someone must be in charge!
To understand the issues more fully, however, requires a quick primer in the architecture of the internet. Here we go, grossly simplified: for the data moving around the internet to reach its desired destination, every single device connected to the internet needs to have an address. This is a number, called an ‘IP Address’, and today consists of four numbers each between 0 and 255, separated by dots. The Chatham House website’s server, for example, has the address of 18.104.22.168. This is a pleasingly curvaceous set of figures, but not very memorable, so to make it friendlier the internet has the Domain Name System, the DNS. The IP Address 22.214.171.124 is better known as chathamhouse.org, and anyone typing that domain name into their browser sets off a series of queries from their machine to a DNS server, asking for it to be translated back to the raw IP address. Only when that has happened can your browser then go and ask for the data you want.
With so many computers connected to the internet, and so many domain names demanded by their users, it is necessary for someone to manage the whole thing – to ensure that everyone has a fair share of the range of IP addresses that they can use for their computers, and that the DNS servers all agree on which domain names point to which IP addresses.
The key point here is that this is nothing whatsoever to do with the content of the data flowing around the internet. It is only concerned about it getting to the right place. This is analogous to the systems that allocate phone numbers. There is a specific range for your country and city (00 44 20 7 for central London, for example), but the system that assigns you that number and ensures it is yours and yours alone doesn’t care what you then say over it – just as the people who compile the Yellow Pages are not responsible for the work of the plumber you find through the directory.
Originally, the responsibility for managing this whole thing sat with the Internet Assigned Numbers Authority, IANA, an organization funded by the US Department of Defence, and based at the University of Southern California.
The DoD funding reflected the historical fact that the internet has evolved out of the Arpanet, itself originally funded by the US military, but the IANA was anything but a military organization.
For the first three decades of the internet, it was run by Jon Postel, a Grand Old Man of the early internet, whose position developed by the unique qualification of him being the guy who had always done it, and that he had the good faith and reputation of someone who had written much of the technical specifications that underlie the net. (It was in the 1980 paper detailing Transmission Control Protocol, one half of the TCP/IP networking standard that the internet relies on, that Postel wrote a phrase known as Postel’s Law: ‘Be conservative in what you do, be liberal in what you accept from others.’ Guidance for networking engineers, but good advice for all).
By 1998, it was clear that the IANA responsibilities needed to be managed by a formal organization and the US Department of Commerce, which had taken responsibility for the internet from the Department of Defence, issued a proposal to contract the IANA function to a private sector non-profit organization. Postel died suddenly that September, soon after the IANA responsibilities were tendered out to an organization of which he was to have been a founding member: ICANN.
To this day, ICANN remains the overseer of the IANA functions. It is responsible for divvying up the available IP addresses, overseeing the domain name system, regulating the domain name registrars in each country (every country has one or more of their own to look after their country-specific domains (.uk for the UK, .fr for France, and so on), and for maintaining the stability of the overall system.
At first glance, and to much of the international community, the historical US monopoly on the IANA functions – that they remain a contract awarded by the US government to a US-based organization, yet affect the whole internet everywhere – is unsatisfactory and undemocratic and potentially open to abuse. Various proposals have been put forward over the years for moving the IANA functions to a more representative body, for example the Geneva-based UN agency, the International Telecommunications Union, but traditionally the US has opposed such a move.
It is not hard to imagine why, though the flavour of your reason may depend on your level of conspiracy theory. On the one hand, a truly democratic IANA would mean the majority of its decisions being dominated by states rather less dedicated to freedom of speech and self-expression than the US. The internet users of China and Russia far outnumber those protected by the First Amendment, and even European states, Britain included, are seeking internal powers to censor the internet within their borders. Such control over IANA functions would enable a deeper level of infrastructure to be forced into existence that would make this possible. This is both unacceptable to the US, and entirely contrary to the spirit of Postel and the other internet pioneers.
On the other hand, revelations by Edward Snowden of mass surveillance of the internet by the US National Security Agency have increased calls for the IANA functions to be ‘globalized’. For example Neelie Kroes, the European Commissioner in charge of the digital agenda, has called for a greater role for Europe, and a rapid transition to a multi-stakeholder international framework. But not, she said, based on the International Telecommunications Union: ‘Some are calling for the ITU to take control of key internet functions. I agree that governments have a crucial role to play, but top-down approaches are not the right answer. We must strengthen the multistakeholder model to preserve the internet as a fast engine for innovation.’
For its part, ICANN itself has agreed that it must be reformed. Again post-Snowden, in October 2013, the leaders of ICANN and the other major organizations responsible for the management of different parts of the internet (including the Internet Engineering Task Force, the Internet Architecture Board, the World Wide Web Consortium, and the Internet Society) issued the Montevideo statement on the future of internet cooperation. In that, they called for ‘accelerating the globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing’ while also noting ‘strong concern over the undermining of the trust and confidence of internet users globally due to recent revelations of pervasive monitoring and surveillance’.
This, casually speaking, is the problem facing the internet community. ICANN’s contract is running out and it would be very bad form for the US to unilaterally decide to renew it without changing the structure of the arrangement. Especially since Snowden, the rest of the world will not stand for a US-dominated IANA structure, even if the First Amendment explicitly prohibits the US government from doing anything that might restrict freedom of speech, because the same US government has been shown to be using the internet as a tool of mass surveillance.
The IANA functions are technically nothing to do with surveillance. The snoopers at the US National Security Agency won’t care who runs the DNS either way. What has changed is that the US has lost the moral high ground.
On the other hand, truly international internet governance could be dominated by states that themselves would find a free internet quite problematic. China, for example, might object to any domain name containing the word ‘Tibet’ being owned by the Free Tibet movement.
It is clear that any alternative arrangement would need to have both freedom of speech and freedom from political interference enshrined in its charter, and be financially independent of any single nation. It could be funded at arm’s length, for example, by the ITU, but it should not be subject to any outside pressure other than a legal requirement to abide by its constitution.
Over the coming months these issues will be thrashed out in a series of meetings that promise to be more delicate than necessary. Regardless of the technical facts, the idea of governance invokes the idea of power, and no one wants to lose power, or others to gain it freely.
The Brazil summit, and further talks later this year, will be dominated by these primal desires to gain influence, even if the calls for it come from people who don’t know what they’re asking for. Such is the moral fallout if a state, such as the US, breaks Postel’s Law.
Ben Hammersley is a contributing editor at Wired magazine, a member of the European Commission High Level Expert Group on Media Freedom and Pluralism, and a non-resident fellow of the Brookings Institution