Skip to content

It Might Be Ok. But, It Also Might Be Very, Very Bad (A Dystopian View of ICANN’s Future)

October 6, 2016

On October 1, 2016, ICANN finally got its own drivers license. It was on that day that the contract between the Internet Corporation for Assigned Names and Numbers (ICANN) and the United States government Department of Commerce (DOC) lapsed. ICANN would no longer have to answer to the DOC. Instead, recommendations would come from the multi-national, multi-agency governing board. ICANN officials, and many in the IT industry have emphasized that this is a non-event. A simple administrative change that really just formalized an arrangement that was already in place. And besides, we are told, the new model will provide greater input and therefore greater responsiveness to the needs of the Internet community. 

They might be right. I really hope they are right. But, I fear they are being overly naive. Like a newly minted 16 year old driver, I fear they overestimate their own abilities and underestimate the dangers they might face. As of now, October 2016, nothing is really changed. The internet is working, the sky is blue, things are good. However, just because the world didn’t fall apart on October 1, doesn’t mean that the severing of the parental oversight from the DOC won’t result in some very bad things for internet users. 

Remember that ICANN enforces the Internet Assigned Number Authority (IANA.) The IANA covers not only how names and IP address are assigned, but how routing happens. ICANN controls the domain root zone file; the ultimate top of the routing pyramid when it comes to finding things on the internet.

Censorship

How bad could it be? After all, just because you control the assignment of names and addresses on the internet, doesn’t mean you control the content, does it? Yes, it does. Let’s suppose that you create a domain called fluffybunnies.com. You use your newly minted domain to create a blog. And your topic of choice is human rights violations in China. Today, nothing can stop you from writing to your heart’s content about the abuses that the Chinease government commits on its own people. 

Obviously, the Chinease government wouldn’t appreciate your blog very much. But hey, you’re an American (or a Brit, or a Brazilian, or someone posting outside of China.) The internet has leveled the journalistic playing field. As you sit in your apartment in Oakland, CA in the United States, how could China even touch you? They can’t can they?

Under the new order, yes, they can. In order for people to see your content, they have to be able to find fluffybunnies.com. Suppose ICANN decides to dump fluffybunnies.com from the world’s Domain Name Servers? These are the servers that route names (fluffybunnies.com) to actual server IP addresses. All of a sudden, fluffybunnies.com is gone. 

Much has been made of Google’s ability to blacklist a site and make it disappear from Google search results. However, even if Google puts you at the bottom of their search results, you still exist. ICANN has the ability to make your site completely disappear. You do not own your domain name. You lease it. ICANN is the leaseholder.

That’s crazy, Rodney. ICANN wouldn’t get involved in evaluating the content of your site. It’s not what they do.

Except they have. In 2008, ICANN pursued action against 10 registrars for not doing enough to prevent scammers and spammers from abusing the domain registry process. 

Okay, maybe they could go after a site for their content, but that’s what the multi-stakeholder model is designed to prevent from happening. All of those countries being involved means that abuses like that can’t happen.

Except they have in the past. ICANN’s multi-national board is not the United Nation, despite Senator Ted Cruz’s suggestion otherwise. However, we can look to the UN as a model for how multi-national organizations might work. In 2003 Libya became chairman of the UN Commission on Human Rights. The UN decided that the best country to lead the Human Rights Commission was a dictatorship with a horrible track record of abusing not only its own citizens, but exporting terrorism around the world. 

China or Saudi Arabia or Russia or any number of countries interested in censorship could certainly achieve a position of authority to use ICANN’s position to pursue an agenda of censorship. 

Balkanization

One of the goals touted by those in favor of ICANN’s independence, is that only by expanding the groups that have input into ICANN’s operations can we ensure that the internet remains consistent across the world. We don’t want multiple organizations assigning duplicate IP adreesses. Only ICANN can give out IP addresses. We don’t want multiple rogue locations trying to route domain names. The danger is that a rogue DNS server could hijack your request for mybank.com and instead reroute it to a scammer’s site. 

The DNS system that ICANN controls ensures that there is one address for each domain name and those names are consistent. In 1998, VeriSign challenged ICANN’s monopoly on routing names. ICANN forced VeriSign to abandon their duplicate name routing system. VeriSign sued. They lost. But, the reason they lost was because ICANN enjoyed antitrust protections from the US government. There’s an old saying,

The government prosecutes thieves. They don’t like the competition.

For better or worse, the government, the US government holds a monopoly on certain things. Some are state sponsered, like drivers licenses. We couldn’t have companies offering private drivers licenses, or license plates. We need the government to regulate them. I know if someone has a license from Vermont, the government has vetted them, just as much as if they have a license from New Mexico. Some state sanctioned monopolies are private enterprises. Major League Baseball, for example, enjoys antitrust protections from the governent. It means that the owner of the Los Angeles Dodgers cannot get together with a couple of his friends and form a new league in competition with MLB. 

Because of the exclusive nature of its contract with the Department of Commerce, ICANN enjoyed antitrust protection. There is no guarantee that ICANN will continue to enjoy antitrust protection.

But, Rodney, who would want to go to the expense and trouble of setting up a competing name resolution system? 

Lets start with the obvious: Google and Facebook. Both companies are trying to build a suite of apps and tools that will get you to enter their world and stay there. Facebook just started offering an auction site to compete with Amazon and eBay. Google, is involved in everything from self-driving cars, to mapping the world’s streets, and even walking trails. Either company would love to handle your request to go to a new site. Both already wrap other site’s content in a facebook or google wrapper. Handling the name resolution would be a natural next step and give either one of them a distinct competitive advantage. And both companies have the resources to fund such a project. 

In addition, there are numerous small companies that would also love to have a piece of the name resolution process. Verisign did it when there was not a lot of money in resolving names. The potential payoff today is much bigger. 

Privacy

The internet was designed to let people stay hidden. That’s a good thing if you are trying to avoid having your mailbox fill up with spam. It can be a bad thing if you are trying to track down the writer of a particularly troubling post on a comment section of a news article. You can wrap yourself in the blanket of anonymity and hide from the world. There is no guarantee that you can keep that wrap, or even any of your privacy going forward. Yes, the changes in ICANN’s governance could strip you naked on the internet. 

As a domain owner, you have options for keeping a degree of anonymity. I own http://www.rodneymbliss.com. I’ve hidden the address associated with my account. Spammers long ago figured out how to scrape the contact information from whois.com  and contact domain owners with “a very exclusive offer just for you!” 

Suppose, ICANN’s multinational governing board decides that anonymity is something that they will no longer respect? Do we care? 

Consider a site named http://www.saudiarabia.gay. Homosexuality is illegal in Saudi Arabia. They throw people off of buildings if they are suspected of being gay. If you are a gay man in Saudi Arabia, or if you are gay and have family that are Saudi, you probably don’t want to come out to them. However, you might want to try to carve out a safe place on the internet where those oppressed by the Saudi government can get together and share their experiences. Naturally, you don’t want the Saudi Arabian governent to know your name. so, you register http://www.saudiarabia.gay and hide your contact information. 

Remember that Saudi Arabia will also have input into ICANN’s governance. Could they pressure the organization to force registrars to reveal the owners of websites? If you think they will not, are you willing to bet your life on it? Are you willing to bet others’ lives on it?

Money

ICANN, is registered as a non-profit corporation. Non-profit does not mean “no” profit. It’s a legal protection that allows a corporation to avoid paying taxes in the United States. When ICANN was joined at the hip with the Department of Commerce, it kind of made sense for them to not pay taxes. While a private organization, they were providing a valuable service to the nation and the world. And with the oversight provided by the DOC, they were really a quasi-government agency. And of course, the government doesn’t pay taxes to itself.

That’s all changed. And while ICANN may remain a non-profit, they sell products and services. They have a budget and they have expenses. When you register a domain (fluffybunnies.com) part of the money goes to ICANN. In 2004, ICANN doubled their budget. The budget went from $8,000,000 to $16,000,000. ICANN raised the additional revenue by increasing the fees for domain registration and by offering new top level domain names (TLDs.) For $185,000 you can request your own TLD. You’ll have to pay $25,000 per year to keep it current.

This change, which was implemented in 2008 allowed many new domains. Originally, ICANN allowed

  • .com for commercial entities
  • .net for groups
  • .org for non-commercial entities
  • .edu for educational institutions
  • .gov for US governments, state and federal
  • .mil for US military

Today, there are literally hundreds of TLDs. They are no longer limited to three letters. (No, TLD never stood for “three letter domain,” although it looks like it should have.) ICANN earns money by the sale of domains. They get $185,000 for every new TLD. And they get a share of every single domain name sold (including rodneymbliss.com, saudiarabia.gay and fluffybunnies.com.)

ICANN controls both the product and the price. In 2006 ICANN settled the remains of the VeriSign lawsuit and allowed VeriSign to bump their domain registry fees by 7%. The US House of Representatives objected. Today, if ICANN decides to push a fee increase, the US government has no claim on them.

And it’s not just new domain names and renewals that can potentially earn ICANN money. Speciality domains can sell for millions. The highest price paid for a domain name was $36M for insurance.com. Currently registrars will allow you to pay a premium (up to $25,000 in some cases) to secure a particularly attractive name when new TLDs are released. There is value in names and ICANN knows that.

But, Rodney, I have my domain, so it doesn’t really impact me.

Do you? Do you own a domain? I don’t. I lease the domain. There’s an understanding that I can renew my domain for a fee and I get to “keep” it in perpetuity. Who’s to say that understanding will remain? Suppose ICANN’s international board decides it is unfair that some companies (mostly American) get to own these really valuable online properties and pay essentially nothing for them year after year. ICANN could decide that your lease is good for a certain number of years and after that, the name goes up for auction. If you really want it, you can go buy it back.

While I doubt anyone would want to use http://www.rodneymbliss.com, I don’t want to have to potentially pay a squatter to buy it back. Could it happen? Sure. will it happen? I hope not, but it’s completely up to the international board that is advising ICANN.

Trust

As I mentioned, currently .gov and .mil are assigned to United States governments and United States military sites. But, we’ve talked about the fact that this whole change in contracts is to introduce more globalization into ICANN’s governance and practices. Why should the US get to own .gov and .mil? Other countries have governments. Other countries have militaries.

Today, if you find yourself on a website that ends .gov, you are 100% guaranteed that you are on a government site. It instills a level of trust. Suppose, ICANN decides to open up .gov to other countries and entities? Here’s just one example.

I approach ICANN and announce that I want to encourage tourism. I’m want to register visit.gov to provide a place to talk about people visiting my country. That seems reasonable. After getting visit.gov the first subdomain I create is whitehouse.visit.gov. (I don’t have to register subdomain names.) Now, I’ve created a site that kind of, sort of looks like the site you’d go to if you wanted to visit the Whitehouse. But, there’s no guarantee that I would work with the US government on that site. Perhaps, I’d even set up this site to try to steal information about people who wanted to go to http://www.whitehouse.gov.

That’s a silly example, Rodney. People are smarter than that.

Do NOT do this, but if you were to type whitehouse.com into a browser, it would NOT take you to the offcial Whitehouse website. It would take you to a porn site filled with viruses. No, they are not that smart.

Likewise, if we open up .mil to non US military sites, it will destroy the trust that .mil addresses currently enjoy.

They Might Just Do The Right Thing

Okay, Rodney, there might be bad things that happen, but can’t we rely on their good intentions?

27nd Amendment

No law, varying the compensation for services of the Senators and Representatives, shall take effect, until an election of Representatives shall have intervened.

The 27th Amendment was proposed on September 25, 1789. It was designed to prevent Congress from raising its own pay. Eventually it was abandonded because many people felt that “No congress would be so bolden as to raise its own pay.” Except that eventually Congress did. And they scheduled the vote in the middle of the night.

The amendment was finally ratified by the remainder of the necessary states on May 7th, 1992 when Michigan became the 38th state to ratify it. Two hundred and two years after it was first proposed. We relied on Congress to “do the right thing.” But, given the opportunity and no safeguards, Congress didn’t. Congress answers to the American people every two years. ICANN does not even have that level of accountability. No, I don’t think we can build our belief around a corporation simply “doing the right thing.”

Trust But Verify

The horse has left the barn. We cannot go back to the way things were prior to October 1. However, we can hope that ICANN does the right thing. Tomorrow I’ll talk about specific steps that the US government can take to mitigate some of the worst of the risks I’ve listed.

This is the fourth in a five-part series on the ICANN contract that expired on October 1, 2016

Rodney M Bliss is an author, columnist and IT Consultant. His blog updates every weekday. He lives in Pleasant Grove, UT with his lovely wife, thirteen children and grandchildren. 

Follow him on
Twitter (@rodneymbliss
Facebook (www.facebook.com/rbliss
LinkedIn (www.LinkedIn.com/in/rbliss)
or email him at rbliss at msn dot com

(c) 2016 Rodney M Bliss, all rights reserved 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: