[discuss] Transparency and Accountability vis-à-vis ICANN and the IANA functions
jcurran at istaff.org
Sat Apr 5 06:34:57 UTC 2014
On Apr 2, 2014, at 6:55 PM, George Sadowsky <george.sadowsky at gmail.com> wrote:
> So I am going to re-post a previous problem statement that got almost no traction earlier, in the hope that it may point more directly toward our goals. If it gets no traction this time, I’ll understand that it’s not the right way to proceed.
> …. accountability TO someone or group FOR something
> In other words, saying that someone is accountable, or not sufficiently accountable, by itself is relatively meaningless. But if I can also state to whom the person is accountable, and precisely for what, then I have probably made a meaningful statement that can be comprehended and discussed. Perhaps the more complete statement will allow me to also propose a metric by which the degree of adherence to accountability targets can be measured.
> HERE ARE SOME THINGS TO THINK ABOUT
> What definition of the word ‘accountability’ best fits how we believe ICANN’s acceptability should be judged and measured, either for itself only, or for its post-transition stewardship of the IANA functions, or both?
> In each case, specifically to WHOM would ICANN be accountable, and if the target of accountability is distributed, how would it be distributed? In other words, if ‘A' is ICANN, who is ‘B’ in the above definition in red?
> In each case, specifically for WHAT would ICANN be accountable? How can the degree of accountability be measured, or is that not directly relevant? In the context of the definition in red above, what are the set of 'actions and decisions' for which ICANN is accountable?
> If we could get general agreement on the responses to the above questions, it might be possible to use this approach for an initial evaluation of any transition alternatives that are proposed.
My take on your questions is attached; note I actually had to back up somewhat
to include background and a problem statement of larger scope than you may have
expected in order to be fully responsive. Also, note there are four significant
outstanding questions included, at least one of which probably warrants its own
distinct problem statement.
For next steps (in no particular order), I would recommend -
- Refinement of this problem statement (and specifically with respect to scope)
- Consensus development of the principles statement for the multi-stakeholder
- Expedited effort on development of the problem statement regarding registry
governance mechanisms to align services with customers
An interesting exercise; I hope you find the results useful in some manner.
(Feel free to edit, use, or discard as you see fit)
Disclaimer: My views alone.
=== Internet Identifier System Accountability Framework - Problem Statement
The importance of the Internet to social and economic developments globally
is universally recognized and accepted. This success of the Internet is
enabled by global coordination of the identifiers in its operation, and it
is Internet identifier registry system that enables that global coordination.
It is not possible to foresee all of the various manner in which the Internet
will affect the life of everyone globally in the coming years, and hence we
need to proactively adopt a set of principles that will insure that everyone
has an opportunity to understand and participate in the administration of the
underlying identifier system.
All organizations with primary responsibilities in the Internet Identifier
system (including specifically ICANN, but also the RIRs and IETF) should be
accountable TO the public FOR operating the system in accordance with the
following overall principles of the multistakeholder engagement model -
– Open and Inclusive: Discussions are open to all and structured to encourage the broadest range of relevant inputs from all interested parties. Input provided is valued and heard by all. All documents are freely available online. Processes for public comment and remote participation are provided wherever feasible, and without requirements for participation other than decorum.
– Consensus-based: Discussions allow for all views to be considered and addressed, leading towards common understanding and consensus among participants. Discussions are structured to avoid domination by any community of interest.
– Transparent and Accountable: Processes for discussions and decision-making are documented, publicly available, and followed. Easily accessible records of decisions and the materials used for reaching those decisions are provided. Due process is provided to appeal decisions where processes were not followed.
These principles for multistakeholder collaboration would be considered
applicable to all phases of the Internet identifier system, including:
A) Internet protocol specification development
B) Internet protocol parameter (i.e. identifier) registry specification
C) Internet identifier registry policy development
D) Internet identifier registry policy implementation
E) Internet identifier registry administration
F) Internet identifier registry operations/publication
The principles should be applicable throughout the Internet identifier
registry system activities, except during clearly identified processes
which require handling of sensitive or confidential information (e.g.
certain registry request processing, security key material, etc.)
PROBLEM STATEMENT -
The actual problem statement is: How do we provide for the accountability
TO the public FOR the operation of the entire Internet identifier system
per the principles of the multistakeholder engagement model?
DRAFT PROPOSAL -
Commitments must be obtained from each organization with primary
responsibilities in the Internet Identifier system for operating
their portion of the system in accordance with principles of the
multistakeholder engagement model.
Periodic and objective compliance assessments of each organizations
Internet identifier operations need to be performed against the
principles of the multi-stakeholder engagement model. Significant or
willful departure from the principles need to be documented, and the
organizations must review and respond regarding these findings. Such
a periodic review process could be based on the present ICANN AoC/ATRT
processes, and could involve numerous interested parties (including
governments) who wish to participate in the review team process (and
of course, the review process itself would obviously have to operate
with maximal transparency and openness at all times, including
accepting input from any/all interested parties for consideration)
OPEN QUESTIONS -
1. Would the IETF want to include periodic assessment of its own Internet
protocol specification development efforts in this commitment and review
process, or would it be more appropriate to only have it apply to the
Internet identifier registry phases (or even just the general-purpose
Internet identifier registry spaces, i.e. the DNS and IP address spaces)?
As the party which defines (and thus creates) the Internet identifier
registry spaces via its protocol specification activities, the IETF has
a unique relationship to the Internet identifier system which should be
made unambiguous as part of defining this accountability framework.
2. Is it sufficient to only seek and review ICANN and the RIRs regarding
commitments to the multi-stakeholder principles for Internet Identifier
registry system or should any consideration be given to continuing the
framework of commitment and reviews into the various DNS TLD policy
development and registry administration functions and/or the various
IP NIR/LIR/ISP address registry activities? If it is not necessary,
then what precisely are the mechanisms or assumptions that provide
reassurance that it is not necessary, and that the global Internet
community will obtain the same benefits of the multi-stakeholder
engagement principles absent any explicit commitment or assessment?
3. Organizations in the Internet identifier system provide registry
services to subordinate registries in the system, thus defining
a set of customer relationships. Registry services must therefore
meet the needs and expectation of their customers, in an environment
where the customers have no meaningful alternative. What governance
mechanisms must exist to insure that the registries provide services
with adequate performance, pricing, terms, and conditions to their
customers, and how far down must these mechanisms exist? (this open
question may warrant a distinct problem statement and consideration)
4. Does the scope of the periodic compliance review include the ability
(if ever needed) to make an overall judgement of the suitability of
an organization in the Internet identifier system to perform its
registry duties? It may be necessary to allow for such a finding
(in addition to identification of departure from the principles) in
order to provide a meaningful escalation for chronic insufficient
performance. Can it be included in the scope of the review process,
or would it also require development of clear consensus guidelines
regarding duration and magnitude of inadequate performance before
allowing such determinations to be made? (In any case, it is
recommended that the initial scope of the problem statement for
developing this accountability framework end with the production
of the review process findings report.)
More information about the discuss