[discuss] Governmental participation (Was: Problem definition 1, v5)

Sat Jan 25 22:57:32 UTC 2014

On Jan 25, 2014, at 6:50 AM, Jeanette Hofmann <jeanette at wzb.eu> wrote:

> Thank you John, for this detailled response. I find myself agreeing with most of what you said. I also like the example of the poorly engineered USB charger that you used to illustrate a case where standard setting and various public policy issues (in terms of legal requirements or other types of public responsibilities) intersect.
> 
> I guess what you are indirectly saying is that we should discuss the role and type of participation of governments in concrete terms instead of remaining on a basis of abstract principles. Makes sense to me :-)

Correct - we are discussing models for more effective Internet coordination, so I
will elaborate a bit - recognizing that this is but a _model_, whereas the real 
world also has governments that may not always represent the will of their people 
in their actions, there are those folks who engage on a disingenuous basis, etc.

Regardless of what this community collectively decides, governments will perceive 
certain public policy responsibilities, and will seek solutions for fulling those 
responsibilities.  I see two distinct roles for government here: the traditional 
lawmaking/regulation, and participation in Internet technical coordination bodies 
to facilitate awareness of areas of potential intersection.

Traditional expression of governmental public policy responsibilities takes the form
of passing laws, directives, and regulations; that model doesn't work very well with 
respect to the wonderful global Internet, since often the parties you seek to affect 
(towards your particular public policy requirement) are in other jurisdictions.  
Note - this is not just intergovernmental issue; even within a given country, you may 
have a complicated hierarchy of state/county/local regulations which theoretically 
could impact Internet services and their usage.

Another problem with the lawmaking/regulatory model approach is the need for
specificity in regulation, i.e. you often have to define how things work in 
some detail, in order to proceed with regulation over a certain aspect which
of concern from a public policy perspective.  This approach works with fairly
stable and predictable industries, but the Internet is neither of those, and 
is subject to both rapid evolution and remarkable innovation.  Regulation of
how specific mechanisms or components of the Internet should work is inherently
fraught with risk, because what a static web site today may be an interactive
dynamically loaded application tomorrow, a smart phone application the next 
day, and may involve multiple models of information sharing and caching which
will be different next year.  Internet technologies evolve very quickly, and 
regulatory efforts towards public policy goals are likely to become overtaken 
by events at Internet speed...

The combination of Internet's global scope and rapid pace of change make it 
very difficult to have meaningful lawmaking/regulation; some might even argue 
that the Internet is inherently "lawless" as result and must remain so by its 
very nature.  

I do not believe it is the case, and in fact, believe that the Internet must
continue to mature if it is to hold a fundamental role in economic and social
development, but that the level of government involvement via their classic
authoritative role must be used very sparingly. In particular, given the 
challenges noted above, governments are going to need to get used to two
significant differences from their traditional roles when it comes to the 
Internet: first, that it will be necessary to work with other governments to 
find common public policy principles in order to have meaningful impact in 
their actions, and second, that it will be necessary to work at the higher 
levels of principles, norms, and standards rather than via attempts at direct 
and specific Internet regulation.

For example, an broad-based intergovernmental determination that "personal data 
can only be gathered for a legitimate purpose and must be protected from misuse" 
is a helpful expression of a public policy requirement, even if such never 
specifically mentions the "Internet", "web users", "browsers" or "ISPs" in its 
formulation.  Certainly great care is needed during the formation of such public 
policy directives (to make sure that there is ample ability for comment and 
participation) given that the result will have mandatory compliance aspects, 
but if the final result is both high level and enjoys widespread geographic
support, then it will have a real and material impact on the development of 
Internet protocols and practices for administration of the related protocol 
registries, even though these Internet standards and practices are global in 
scope and not simply regional. 

It is far better when governments can express their requirements in high-level 
principles, as these can be readily considered and incorporated into many of 
the Internet coordination activities that make take place to keep the Internet
running. This type of coordination is what governmental liaison groups should
work on, i.e. maintaining awareness of the various Internet coordination activities
that are underway (DNS policy development, RIR policy development, significant
IETF protocol development) and noting the existence of any known multinational 
(or national) standards/norms/directives which the coordination bodies should
regard in their activities.

> As far as domain names are concerned, internet identifier coordination seems to affect trademark rights and would thus justify a role for governments beyond a mere informational and collaborative status or do I missunderstand you here?

If you can find a broad-based high-level statement of principles (that many 
governments agree upon) which could be applied to globally visible names on 
the Internet, that might be the case.  To my knowledge, there is no cohesive
view among governments regarding globally visible marks (which all Internet 
identifiers are by definition) so I would be very surprised if governments 
could get together to provide a uniform set of norms and standards in this 
case.   The Internet does not magically bring about alignment among nation-
states regarding their underlying beliefs and principles; it is simply the
mechanism by which these differences in in views are now readily apparent
due to instantaneous communications between any two parties globally.

In cases where there are no broadly agreed principles, then you are left with
either no public policy framework or each country supply its own via inferior
national regulation as noted above. (This alone would appear to give give good 
reason for governments to work more closely together to define common public
policy principles, but we haven't actually seen that occurring to date...)

> When it comes to IP addresses and the RIRs, one could argue that a more active involvement of governments could have accelerated the deployment of IPv6 addresses. I mention this example because I ask myself whether issues of effectiveness/efficieny should also play a role when we talk about public-private collaboration in IG.

Again, if you can get a broad base of governments to agree to _high-level_ 
public policy standards/norms in this area, then it would be applicable to 
the Internet. I do have a personal view that IPv6 enablement of all content 
on the Internet is absolutely essential for the Internet's continued success, 
but that's not a high-level public policy goal.  The closest high-level goal 
that I can conceive of would be "Information intended to be publicly reachable 
should be made available to the broadest possible community, and presently 
this means via the Internet over both of its production networking protocols 
(IPv4, IPv6)"  Is there agreement among all countries that this is the case?
I do not believe so, but it any case, a discussion of mandatory compliance in 
such matters creates obligations beyond those strictly necessary for technical 
coordination, and on parties which are not participants in the Internet technical 
coordination bodies.  In my opinion, that would mean that it should take place 
outside of the Internet identifier coordination bodies (in a manner similar to 
the discussion of regulation to avoid fires from faulty power supplies)  This
belief is not driven by the desire that public policy matters are relevant to 
the Internet (i.e. "the industry should be left alone"), but instead the desire 
that any mandatory controls driven by public policy concerns are discussed in 
a manner and in forums which are actually appropriate for lawmaking/regulation.

I do not believe that the organizations involved in Internet identifier 
coordination (or Internet protocol standards development) have an inherent 
mandate to determine best public policy when it comes to parties not involved 
in the technical coordination system and/or requirements which go beyond the 
minimal necessary for that coordination. Instead, the requirement is to give 
due regard to any high-level inter-governmental public policy standards and 
norms which may be applicable to their coordination and development efforts. 
Governments are welcome participants such coordination efforts, with the 
recognition that they can help in raising awareness of any widely-applicable 
standards and norms during this process.  If we do intend for the mandate of
technical coordination bodies to extend beyond the minimum necessary and to
have impacts on uninvolved parties, then we need to very carefully decide 
what controls, protections, and mechanisms must be in place to provide
maximal accountability to that much broader impacted community.

Thanks!
/John

Disclaimer: My views alone (and likely to be held in disdain by anyone but me ;-)