Research paper
Published 14 November 2019
Updated 14 December 2020
ISBN: 978 1 78413 377 1
As internet governance issues emerge in the wake of innovations such as the Internet of Things and advanced artificial intelligence, there is an urgent need for the EU and US to establish a common, positive multi-stakeholder vision for regulating and governing the internet.
Internet governance is associated with ‘a vital but relatively narrow set of policy issues related to the global coordination of internet domain names and addresses’.1 These are managed by ICANN through the Internet Assigned Numbers Authority (IANA) function. ICANN’s bylaws expressly limit its areas of responsibility and prevent it from engaging in issues outside its scope, such as content issues, or the impact of artificial intelligence on societies. Additionally, the internet’s landscape evolves in response to new technologies and innovations throughout the ecosystem, which limits the effectiveness of a narrow governance approach.
In 2005, the Working Group on Internet Governance defined internet governance more broadly, as ‘the development and application by Governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet’.2 The Internet Governance Forum (IGF), created by the World Summit on the Information Society,3 has adopted an inclusive attitude towards internet governance topics, and this flexible approach has enabled the evolving dialogue to reflect emerging issues.4
Domain names and Internet Protocol (IP) addresses are fundamental to the internet’s core architecture, giving each device connected to the web an identifier that is globally unique and universally accepted.5 Both domain names and IP addresses enable this and have remained relevant in the face of remarkable technological change over the past 20 years. That said, there are signs of a shift taking place. Since 2005, the number of domains per 100 internet users has declined from a highpoint of 12 (2008) to 9 (2018).6 The past decade has seen several substitutes for domain names gaining market share, notably social media accounts for individuals and businesses and apps for the mobile market, particularly in emerging economies.7 New internet protocols that support basic operations of the internet, like domain name system (DNS) over HTTPS (DoH) released by the Internet Engineering Task Force (IETF), risk splitting the internet’s DNS root zone. It also remains unclear what role, if any, domains and IP addresses will play as the Internet of Things (IoT) develops into a globally interoperable network. Meanwhile, slow adoption of IPv68 and increased use of network address translation9 continue to risk fragmentation of the IP address space. As of September 2019, only 24 per cent of the world’s internet traffic was IPv6 preferred.10
Whether or not domain names and IP addresses have as much relevance in the future, an essential component of any internet governance strategy is the continuing focus on the system’s unique identifiers. But this narrow focus is insufficient to tackle widely recognized urgent internet governance issues, which currently have no internationally agreed upon multi-stakeholder home. These issues include AI, big data, IoT and its applicable technical standards, oversight of new recursive resolvers (i.e. using DoH), as well as privacy, cybersecurity and the role of states in cyberspace.
O’Hara and Hall’s ‘Four Internets’ paper, describes four competing visions for the future of internet governance: the ‘open internet’ favoured by the US; the ‘bourgeois’ internet of the EU ‘where trolling and bad behavior are minimized and privacy protected, possibly at the cost of innovation’; China’s ‘authoritarian’ model; and the ‘spoiler’ internet for states such as Russia and North Korea, which exploit its open standards for strategic gain.11 All four approaches have differences that could characterize the future shape of the internet, or even fragment it. However, there are greater commonalities between the EU and US versus Chinese and Russian approaches – accentuating a potential East–West divide.
As the field of internet governance necessarily evolves to meet the challenges of technological and societal change, ideological fault lines between the EU and US are likely to emerge.
The relevance of the four internets model to this paper is that while internet naming and addressing (the traditional core of internet governance) have not to date posed major ideological differences between the EU and US, continued agreement cannot be taken for granted. As the field of internet governance necessarily evolves to meet the challenges of technological and societal change, ideological fault lines between the EU and US are likely to emerge. The future of a free, open internet in which human rights and the rule of law are respected is not guaranteed.12 There is a strategic imperative for the EU and US to emphasize areas of common ground in order to prevail against the emergence of an internet whose fundamental values differ from those upon which the network was founded. It is, therefore, important for the EU and US to work together to encourage participation of moderate, like-minded stakeholders in internet governance processes. The authors recommend that the EU Delegation seek to establish a taskforce for this purpose.
The term multi-stakeholder has become ubiquitous when discussing internet governance processes over the past 20 years, particularly those originating from the US. What does multi-stakeholder mean, and why has it become a charged term in the context of the four competing visions for the future of internet governance?
The term ‘multi-stakeholder’ was first coined in the 1990s as a way of extending the types of actors involved in policy and corporate decision-making. The starting point is a ‘complex, controversial issue on an international scale’,13 not unlike climate change.
In theory, multi-stakeholder governance decentralizes and democratizes decision-making. In internet policy, it is usually associated with ‘bottom-up’, ‘rough consensus’ policies developed by all stakeholders on an equal footing. For the majority of Western commentators this is viewed as the appropriate model for governing the internet,14 on the basis that involving diverse stakeholders leads to better policy outcomes.15 Multi-stakeholder is viewed as an alternative approach to intergovernmental, multilateral processes (typified by the International Telecommunication Union (ITU) and favoured by authoritarian regimes such as Russia, China and Iran). In this sense both have become charged expressions that import their advocates’ contrasting visions for the future of the internet – divided along the East–West or ‘four internets’ axis.
ICANN is above all the poster child of multi-stakeholder internet governance. Unfortunately, gaps between theory and ICANN’s practice threaten to become a strategic risk for both the EU and US visions for the future of internet governance. As practised within ICANN, multi-stakeholder governance gives equivalency to all voices, no matter how radical or self-interested, and there are underdeveloped mechanisms for breaking a deadlock or asserting the public interest.
The role of governments remains a contentious point, illustrating that, behind EU and US support for multi-stakeholder governance, there may not be a consistent, shared understanding of what ‘multi-stakeholder’ actually means. The structure of ICANN illustrates how these divergent views can impede closer cooperation in practice.
From ICANN’s inception in 1998, it was intended by the US government that the ‘private sector… take leadership for domain name system (DNS) management’.16 A foundational principle for ICANN – and what marks it out as different from the multilateral ITU – is that it is not government-led. This was originally articulated as ‘private-sector led’17 and, following the conclusion of the World Summit on the Information Society 2003–2015 (WSIS), morphed into ‘a bottom-up consensus-based multi-stakeholder process’.18 The ICANN structure has two types of stakeholder groups: the ‘supporting organizations’ – the Generic Names Supporting Organization (GNSO), the Address Supporting Organization (ASO) and the country code Names Supporting Organization (ccNSO) – which are focused on making policy for domain names and IP addresses; and the ‘advisory committees’ – the Governmental Advisory Committee (GAC), the Security and Stability Advisory Committee (SSAC), the Root Server System Advisory Committee (RSSAC), and the At Large Advisory Committee (ALAC) – which provide advice to the ICANN board. The advice of governments and other advisory committees is not binding on the ICANN directors, but over time the bylaws have strengthened the board’s obligations to provide reasons for not following GAC advice.19
Throughout ICANN’s numerous transitional periods, the US government has increasingly tried to stay at arms-length from ICANN to ensure its independence from government oversight. A respected advisory committee role within the community and acknowledgment of government’s role in internet governance suited this aim. Additionally, the US is traditionally a free market-driven economy with a light regulatory touch and decentralized governance, which is both an alternative structure compared to the EU and provides private industry a strong position in internet governance. With respect to multi-stakeholderism, the US vocally supports inclusion of all stakeholders, such as academia and civil society, but the US style of multi-stakeholderism can seem from the outside to be market-led.20
The US is traditionally a free market-driven economy with a light regulatory touch and decentralized governance, which is both an alternative structure compared to the EU and provides private industry a strong position in internet governance.
European policymakers would likely have set up ICANN in a different manner, for example, possibly including more accountability to the public to counterbalance corporate interests.21 To European policymakers, and representatives of other governments (especially authoritarian governments such as China, which would favour a multilateral solution to internet governance22), it is conceptually troubling to have sovereign states in a capacity that may be perceived as lesser than or secondary to the directors of a private corporation. In reality, the board’s powers to reject the policy recommendations of supporting organizations have always been limited.23
However, differences in status of the various stakeholder groups and advisory committees within ICANN are, for the most part, more problematic in concept than in practice. Over time, the powers and influence of ‘advisory committees’ has grown (for example, the SSAC is one of the most influential organs of the ICANN community), and successive changes to the bylaws have gradually strengthened the role of governments within ICANN.
A more practical way of thinking about multi-stakeholder processes is to adopt a flexible, results-orientated approach, driven by considerations of required expertise, which caters to those who are currently not being heard.24
An exhaustive review of the institutions involved in internet governance is outside the scope of this paper. Table 1 summarizes the characteristics of key institutions active in the internet governance landscape. There are others, such as technical standards bodies, the regional and national domain name registries, registrars, and the organizations that manage the distribution of IP addresses. The intention is to focus on areas of interest and possible influence for the EU Delegation.
Table 1 shows the institution’s characteristics, openness (how easy it is for stakeholder groups to participate), what the forum’s decision-making process is (if there is one), whether government plays a formal role, primary participating stakeholders, the oversight body or convener of the forum, and the type of formal and informal outputs by the forum.
|
Characteristics |
IGF |
National/Regional IGF (NRIs) |
IETF |
ITU |
UN GGE |
|---|---|---|---|---|---|
|
Openness25 |
Open |
Open |
Open |
Closed |
Closed |
|
Decision-making process |
n/a |
n/a |
Rough consensus |
Consensus among member states |
Consensus within the group |
|
Formal government role |
No |
No |
No |
Yes |
Yes |
|
Participation26 |
|
|
|
|
|
|
Oversight/Convener |
UN |
National & regional bodies |
Internet Society (ISOC) |
Members (states, industry, some academia) |
UN |
|
Outputs |
|
|
|
|
|
Source: Compiled by the authors.
To identify potential gaps in the thematic coverage of internet governance institutions, Figure 2 summarizes the institutions involved in the internet governance space and their areas of activity. The numbers assigned for each activity are an estimate of the intensity of each institution’s involvement in different areas. The analysis focuses on international processes and omits several institutions, which play important roles in shaping policy and standards at the national or regional levels, such as courts, sector regulation and laws, regional internet registries, and national and regional standards bodies such as the US National Institute for Science and Technology (NIST) and the European Technical Standards Institute (ETSI).
Viewed through a thematic lens, the analysis reveals gaps in the international coordination of policy issues that have a major societal impact. For example, much of the policy on AI and big data is being handled de facto by a small number of private platforms as part of product development. Likewise, the IoT lacks an international policy space and key aspects of the technical standards are also occurring within technical companies or opaquely through the ITU.
To analyse drivers in the far environment, which may affect the EU–US relationship, this paper uses the familiar ‘PEST’ environmental scanning framework to review Political, Economic, Sociological and Technological factors relevant to internet governance. This analysis does not attempt to be exhaustive. Instead, the tool is used to give a high-level view of the drivers of change in the far environment that are likely to have an impact on internet governance processes.
These drivers may undermine international support for multi-stakeholder internet governance, which is characterized by its critics as being favoured and dominated by US interests.
The impact on internet governance is seen through the growth in support from ‘swing states’ (states that are undecided on the future direction of internet governance) for the ITU, a government-led standardization body, to have a role in internet governance – an approach favoured by authoritarian states such as China.
These factors will inhibit the ability of developed world governments (especially the US and EU) to effect change or sustain a multi-stakeholder vision for internet governance without the support of other stakeholders.
With the roll-out of smart cities, the IoT and advances in artificial intelligence, governing tomorrow’s internet will be more complex than coordinating domain names and IP addresses, and will involve politically, ethically and culturally challenging issues.
