[discuss] elephant in the room

Mon Mar 17 01:34:03 UTC 2014

I want to point out that the debate about iana is not the real issue.

The question is: without USG oversight, what would keep ICANN (a future rogue ICANN, not the friendly guys we know) from using the revocation of domain names (or registry contracts or registrar accreditations) to enforce a mandatory, adhesion contract that compels registrants (or even their users) to comply with global rules that are not supported by consensus, not related to protection of the sound, secure, resilient operation of the net, but instead related to some notion of what content is permissible, how people should behave online?

Will we allow the domain name system to be used, by a global multi-stakeholder group, to enforce global rules that are not supported by a demonstrated consensus among affected parties, that are designed not to regulate the internet but to regulate how people use the internet, that replace local decision-making (subsidiarity) with global rules that don't have any reasonable form of consent of the governed?

Some fear a registry-based oversight over IANA, even though the registries (including cctlds) effectively represent the whole world and, because they are the ones who have to sign the contracts with ICANN, are the sole available source of push back against abusive use of a monopoly position (the definitive say on what goes in the root).

The fact is that ICANN has already abused its monopoly (perhaps without even realizing what they were doing) by using their gatekeeper function over new gTLDs to impose contract terms that were opposed by registries and registrars and certainly not supported by consensus (and not even related to sound operation of the DNS). Specification 11 requires new gTLDs to require registrars to prohibit, inter alia, "copyright infringement or violation of any applicable law". This may or may not be enforced. But it potentially makes every registrar into an involuntary enforcer of local laws, at pain of losing its accreditation. And it potentially leverages the power of intermediaries to over-censor, over-regulate -- just the thing that section 230 in US law was designed to avoid.

If the new non-governmental form of internet governance is to support human rights, it must prevent the abuse by a future, roque ICANN of its power to use denial of domain name registration (or registrar accreditation or registry contracts) to force compliance with global rules that are not, in fact, supported by a global consensus among affected parties. We could and should make the ICANN contract terms (part of the ICANN policy process, not the IANA ministerial function) subject to consensus and limited to subjects that do not include either content regulation or prohibition of activities that do not threaten the security and stability of the net. We could give countervailing power to a group (the global registries) who might have incentive to constrain such incursions. A new DNSA, as suggested by IGP, could do that.

We could have a "constitutional moment" and create some real, accessible judicial branch to rule on such disputes, against the background of a founding document that sets forth the standards. Or we could try separation of powers -- an IANA owned by registries that would have the power NOT to follow the policy directives of a (hypothetically) rogue ICANN. Or we could do both.

But what we cannot do is to allow any institution(even the friendly, enlightened ICANN)  to control both the decision of what goes into the root, and under what conditions, so as to set those conditions so as to require the intermediaries (registries and registrars) to impose global rules that are not supported by (consented to by) a global polity of affected parties (the consent of the governed, sovereignty of the people) and not limited to rules general agreement on which is necessary to assure sound and secure operation of a global net. How long will it be before these global rules are forced onto ccTLDs as a matter of "contract required to avoid re-delegation"?

There are those who would like to use revocation of domain name registrations to "govern the net" (meaning govern the way that people behave on the net). This is a very dangerous game unless limited to the enforcement of rules on which there really is global consensus that the behaviors in question have no possible justification. An unconstrained (rogue) ICANN could in fact impose global rules, through its monopoly power over intermediaries. It would be wise now to construct the mechanisms that would constrain it from doing so. ICANN could protect itself against over-reaching governments by explaining that it doesn't have the power to enforce global rules by board fiat. The best defense would be for it to tie itself to the mast -- sign a contract with the global registries that ties the new, separate IANA duty to obey its policies to the condition that ICANN will not impose global rules unless they are supported by consensus and necessary  to protection of the sound, secure operation of the dns.