Co-authored by Wolfgang Kleinwächter & Alexander Klimburg, researcher and former director of the World Economic Forum Center for Cybersecurity

In today’s world, it has become axiomatic that drastic change can occur overnight. One of those cherished concepts at risk is the idea of “One World – One Internet.” In the wake of the war in Ukraine, the geopolitical tensions on the existing Internet have increased. If the “One Internet” will survive the 2020s is increasingly an open question, as good, bad, and not-very-helpful intentions strive to pull it apart.

Key to its survival are one approach and two institutions: the multistakeholder approach has become the political glue of Internet governance, while ICANN and the IGF are the two institutions that have demonstrated that this approach is the best model to “govern” the complexity of the global Internet Ecosystem. Both ICANN and the IGF, as well as the multistakeholder approach need to be reinforced.

Looking Backwards

The fear of the global Internet breaking up is nothing new: Market forces and technology have always played a significant role in transforming the Internet. The possibility of “Internet Fragmentation” was first discussed in the 1990s, before ICANN or the IGF existed, when the main transport protocol TCP/IP and the domain name system (DNS) were challenged by alternatives. In the late 1990s, the rise of private peering and the interests of telcos was said to threaten the emerging World Wide Web (WWW) with “Internet Balkanization.” Before ICANN introduced internationalized domain names (iDNS), there was a fear that the Internet would fall apart along language lines. In the 2000s, a serious discussion was about whether the emerging Internet of Things would need a separate Object Naming System (ONS). With the creation of fully moderated “app space” and social networks, fear of Internet fragmentation was back with many new “walled gardens”. And today, new technology and technological visions—from blockchain, .eth, Web3 to the metaverse—have sometimes staked competing claims about the future of the Internet.

From a public interest point of view, splintering the global and unified Internet is a bad idea. We know from Metcalfe’s Law that the value of a network is proportional to the square of the number of connected users. The greater the number of users, the more valuable the service becomes to the community. A network with five billion users has disproportionately many more options than a network with five million. In other words, cutting out parts of the Internet reduces its value. Adding more networks and services increases its value.

Technology and market forces are not the only drivers striving to mold our information space. Today there are governments at the forefront of the discussion on Internet fragmentation. The fragmented world evident in today’s multipolar system of international relations has clearly started to spill over into the Internet overall. There is an increasingly real possibility that by the end of the 2020s, both intended as well non-intended governmental policies will end up splintering the existing Internet infrastructure and its institutions.

Some governments want to have an Internet they can control top-down like they wish to control their society and physical territory. Other governments favor a bottom-up multistakeholder approach with a free flow of ideas and information regardless of frontiers. A split Internet, divided along ideological lines, is certainly a bad thing, and it is not an unrealistic option.

This ideological battle has its own history. In the very early days, Internet development was driven by non-state actors: Technical experts, entrepreneurs, and users. While government research grants provided the mainstay of funding, non-state enthusiasts were clearly in the driving seat. In the early 1990s, governments concentrated on telecommunication policies and largely ignored the Internet altogether. But by the mid-1990s, it was clear that the “One Internet,” born out of the implementation of the Domain Name System (DNS) in the mid-1980s, was here to stay, especially as the World Wide Web started to take off. When some governments recognized that the emerging network has political implications, they started to use existing intergovernmental organizations, such as the International Telecommunication Union (ITU) or the United Nations (UN), to consider the formation of intergovernmental control mechanisms.

However, a first plan to establish an ITU-based “Memorandum of Understanding on an Internet Ad-Hoc Committee for generic Top Level Domains” (wonderfully abbreviated as “MoU IAHC gTLD”), signed in May 1997, failed to launch at the ITU Plenipotentiary the next year. The US government preferred a mechanism where the providers and the users of Internet services were in the driver’s seat. The multistakeholder “Internet Corporation of Assigned Names and Numbers” (ICANN) was established just one week after the end of the intergovernmental ITU Plenipot in November 1998, and many of the attendees must have wondered if the last word on this Internet governance discussion had really been spoken. 25 years and 5 billion users later, it’s clear that the discussion is more alive than ever.

Many governments—primarily Russia, China, Saudi Arabia and Iran, but also Brazil, India, South Africa and others - were not so satisfied with the “multistakeholder ICANN solution.” They recognized the technical expertise of ICANN’s constituencies but were not so happy that the governments’ role within ICANN was just to be an “advisory” one. And many governments did not trust the US government to deliver on its promise to terminate its oversight role over the DNS root server system (the IANA function). For its detractors, ICANN was seen as dominated by Americans, regardless of the fact that ICANN’s decision-making Board of Directors was very international, representing all major regions of the world.

Insofar it was not a surprise that some governments soon returned with plans to institutionalize governmental control over the emerging network in 2002 when the UN started the World Summit on the Information Society (WSIS). Internet Governance became the main controversial WSIS issue. Various proposals to establish a United Nations Internet Governance Organization (UNIGO) or an Intergovernmental Internet Council (IIC) failed. The argument that the Internet is too big to be governed by one stakeholder and that it needs enhanced cooperation among governments, the private sector, civil society and the technical community prevailed. The second WSIS recognized in its “Tunis Agenda” (2005) the “existing mechanisms” (as ICANN, RIRs and IETF) and launched a multistakeholder “Internet Governance Forum” (IGF), where all stakeholders could participate on equal footing.

The IGF was designed as a discussion space, not a forum for intergovernmental negotiations. The expectation was that decisions, when needed, should be made by mandated governmental or non-governmental organizations in the light of the IGF discussion. The Tunis Agenda proposed to launch a process for “enhanced cooperation” to figure out how such digital cooperation among stakeholders could be organized to promote sustainable development, bridge the digital divide, support economic growth, protect human rights and find solutions for other Internet-related public policy issues.

Governmental Control vs. Multistakeholder Approach

In the 18 years since the adoption of the Tunis Agenda, the world, particularly the Internet, has changed. The number of Internet users did grow from one million to over five billion. We saw incredible innovations, from social networks and smartphones to IoT and new artificial Intelligence (AI) applications. However, the controversy about whether intergovernmental mechanisms or multistakeholder processes should govern the Internet on the global level has continued to become more polarized and has generally spread in different directions simultaneously.

On the one hand, the multistakeholder community has not only survived, but it has also prospered. ICANN underwent two major reform processes. The IANA transition in 2016 enabled ICANN to become fully independent from US oversight. The so-called “empowered community” now has all responsibilities for the management of critical Internet resources, including the IANA function. The IGF has survived repeated attempts to “modify” its mandate and has grown: with Dynamic Coalitions (DCs), Best Practice Fora (BPF), Policy Networks (PN) and national and regional IGFs (NRIs). The launch of the IGF Parliamentarian Track during the Berlin IGF in 2019 has added a new political dimension. And the IGF Leadership Panel (LP), appointed by the UN Secretary-General in 2022, represents an attempt to give the IGF wider and more prominent backing. Messages from the annual IGF meetings are now a source of inspiration for Internet policy-making around the globe.

The multistakeholder approach itself, which is still only vaguely defined, was conceptually further developed by the NetMundial Declaration in Sao Paulo in 2014, where more than 100 governments and thousands of stakeholders agreed on a number of guiding principles, how stakeholders should cooperate in governing the Internet, as human-centered, bottom-up policy development, inclusion, transparency, openness, security and others. Today, the notion of “multistakeholderism”, and even the noun “multistakeholders” is commonly used in the UN system.

On the other hand, the friends of “Internet state control” never gave up. Already in 2003, China erected its “Great Firewall” and declared that national “cyber sovereignty” would be the key principle for its global Internet policy. In 2004, Saudi Arabia proposed an intergovernmental treaty to operate the Internet Root Server System. In 2008, ITU Secretary-General Hammadoun Touré came to the ICANN Meeting in Cairo and invited governments to leave ICANNs GAC and come to the ITU, where governments have not only a voice but a vote. In 2011, Brazil, India and South Africa proposed the establishment of an intergovernmental “Council on Internet-related Policies” (CIRP) under the United Nations. In 2012, Russia introduced the concept of “national Internet segments” at the ITU World Conference on International Communication (WCIT) in Dubai. And Russia introduced later national legislation which would allow the separation of its ccTLD domains from the global DNS. After 2013 two UNCSTD Working Groups on Enhanced Cooperation (WGEC) discussed various new intergovernmental Internet Governance mechanisms. In 2014, China launched a “World Internet Conference” (WIC) in Wuzhen, a forum similar to the IGF in idea but under full control of the “Cyberspace Administration of China” (CAC). CAC plans now to institutionalize WIC in the form of an international NGO. And intergovernmental meetings of the Shanghai Cooperation Organization (SCO) and of the BRICS continue to propose that the ITU should be the leading organization for the management of critical Internet resources.

Although these initiatives were largely thin on concrete, practical action, they did send signals to the Internet community and the governments of the world that the existing mechanisms of Internet governance and the multistakeholder approach are permanently being questioned. While more democratic-oriented governments accept that intergovernmental negotiations on Internet-related public policy issues, including cybersecurity and cybercrime, are nowadays embedded into a multistakeholder environment, more autocratic-oriented governments pushing the idea that multistakeholder mechanisms of Internet governance should operate under intergovernmental oversight.

The Tunis Agenda says stakeholders should participate in Internet policy-making “in their respective roles.” This ambiguity of the diplomatic language gives some flexibility for different interpretations and how to practice the multistakeholder approach. Some governments argue that consultation with non-state actors is the core of the multistakeholder model. Decision-making capacity remains in the hands of governments. But the “Tunis Agenda” also speaks about the “sharing” of decision-making. “Consulting” and “Sharing” are two different processes, in particular as long as there are no procedures in place on how non-governmental input from consultations leads to impact in intergovernmental decisions.

It is certainly true that there is no single multistakeholder model. How extensively different stakeholders should be involved in decision-making depends to a high degree on the specific subject. It is very understandable that governments play a strong role when it comes to international cybersecurity. And it is also understandable that the technical community plays a leading role in Internet protocols and standards. There is no “one size fits all.” The “multistakeholder square” with its four main corners- governments, business, civil society, and technical community- must be designed case by case. If one takes a holistic approach, the Internet Governance Ecosystem as a whole is governed by many very different-looking “multistakeholder squares.” As long as goodwill and trust among stakeholders dominate, the system works, as it was demonstrated by the functioning of the DNS during the recent global crisis, from the pandemic to the Ukrainian war.

However, the reality is that intergovernmental trust in Internet governance is now close to zero. It is now a regular topic of political power plays and arguably has been so since 2005. As soon as a new issue is on the table, the controversy starts already about how to design the relevant “multistakeholder governance square.” On the one hand, some governments want to keep non-state actors out of UN cybersecurity negotiations (such as in the Open-Ended Working Group/OEWG) and to (somehow) get control over Internet standardization. On the other hand, non-state actors want to get heard in cybersecurity negotiations and reject a “politicization” or “weaponization” of the development of Internet standards.

In other words, regardless of the basic WSIS consensus from 2005, the power struggle over Internet control has continued and is still the same as it was at the 1998 ITU meeting. But while the old urges are still there, the stakes are much greater, and the choices more immediate. And it is also obvious that some governments are ready to take risks which could lead to the end of the “One World—One Internet” as we know it.

The “One World—One Internet” philosophy is basically rooted in the design of the Internet transport layer and the common use of the same technical protocols (TCP/IP, DNS, BGP, HTTP, IPv4&6 etc.), based on a unified, but decentralized root server system for all kinds of Internet communication. The “United Constituencies” (as root server operators, registries, registrars, ISPs, commercial and non-commercial users etc.) and “United Stakeholders” from business, civil society and governments are working hand in hand.

This differs from the application layer, where we deal with Internet-related public policy issues. In the “United Nations” world, we have 193 national jurisdictions. And the system of international relations is based on the jus cogens principles of international law, as enshrined in the UN Charter, which includes the principle of “sovereign equality of states.”

In the 1990s, many Internet pioneers dreamed that the philosophy of the transport layer would spill over to the application layer and build a “unified world.” Today’s reality is that a substantial number of governments would like to see a spillover from the application layer to the transport layer.

The problem is that we are dealing here with two different but interconnected worlds. In the “virtual world,” the century-old barriers of time and space don’t exist anymore. In the “real world,” borders continue to exist. As long as the Internet was a playground for geeks and freaks, this “virtual vs. real” didn’t play a big role. But with the unstoppable digitalization of more and more areas of real life, the conflict between “real places” (as states) and “virtual spaces” (as networks) has simply grown with it.

In 2005 the WSIS Tunis Agenda proposed a flexible compromise, recognizing that the Internet is a layered system where different layers can have different governance models. The Internet Governance definition, adopted by 193 heads of state in Tunis, differentiated between the more technical transport layer (development of the Internet) and the more political application layer (use of the Internet).

This distinction—Governance OF the Internet and Governance ON the Internet—allowed stakeholders to have a broader approach to Internet Governance and gave them enough flexibility for interpretations. It allows us to continue with the “One World-One Internet” on the transport layer and to live with “One World-193 Jurisdictions” on the application layer. The Tunis Agenda did also propose a “broad definition” for Internet governance, which includes all Internet-related public policy issues and went beyond a “narrow definition” of “names and numbers” as the core of Internet Governance.

In the Tunis Agenda, governments also recognized “that the existing arrangements for Internet governance have worked effectively to make the Internet the highly robust, dynamic and geographically diverse medium that it is today, with the private sector taking the lead in day-to-day operations, and with innovation and value creation at the edges,” but reserved their rights to have primary responsibility with regard to “international public policy issues pertaining to the Internet.” And they agreed “the need for the development of public policy by governments in consultation with all stakeholders.”. But how such “consultations with stakeholders” should be organized remains in the hand of national governments. 193 governments, 193 different options.

Finding the right balance for Internet governance across the different but interlinked layers is a big challenge. And it will become more challenging against the background of today’s geopolitical battles.

Looking Forward

In 2003 Internet policy-making was a technical issue with some political implications. In 2023 it is a political problem with a technical component. Internet Governance, cybersecurity and digital cooperation are now on the agenda of meetings of heads of states (G20, G7, BRICS etc.) as well as foreign and defense ministers. It is part of the United Nations’ “Common Agenda.” The forthcoming “UN World Summit on the Future”, scheduled for September 2024, will adopt a “Global Digital Compact” (GDC). And all this is embedded into the growing geostrategic political conflicts which risk splitting the world just when an “age of cyber interdependence” (as the UN High-Level Panel on Digital Cooperation called it in 2019) was dawning.

What does this mean for the global Internet Governance Ecosystem in the future? One thing is for sure, in our fluid world of change, continuing with the status quo is not really an option. Numerous proposals exist on how to enhance or substitute the existing system. This is as understandable as it is problematic.

Making an existing system more efficient is one thing. But building new mechanisms is another story. In 2005 Vint Cerf, one of the fathers of the Internet, argued: “If it isn’t broken, don’t fix it.” Is today’s Internet really broken? Are the Internet problems we are facing in the 2020s of a more technical or more political, of a more social or more economic nature? To answer this question is important before starting a discussion about new mechanisms, protocols and procedures.

As Joseph Nye pointed out in his “The Regime Complex for Managing Global Cyber Activities,” it is important that policymakers fully appreciate what international relations “regime theory” says about managing a complex policy ecosystem such as of and for the Internet. “It is unlikely that there will be a single overarching regime for cyberspace any time soon. A good deal of fragmentation exists now and is likely to persist… Different sub-issues are likely to develop at different rates, with some progressing and some regressing in the dimensions of depth, breadth and compliance.”

In short, we need to find a way to deal with the additional regimes without breaking the (resource) bank. This requires three different things to work in full.

Firstly, what we need is a core commitment to the multistakeholder principle for all these regimes, without having to resort to a key definition of what multi stakeholder actually means or defining the exact balance of state and non-state actors. Multistakeholder does not have to mean one single thing, just like democracy doesn’t have one single incarnation. Depending on the overall mandate, multistakeholder can be more “deliberative” or “participative,” just like it can have one actor group in the lead, or really none at all. The meaning of the term in the UN First Committee doesn’t have to align with the term used in the (Third Committee) AHC negotiations for the cybercrime treaty, employed in the IGF, or lived in the ICANN ecosystem. The only thing they need to share in common is the importance of the involvement of the plurality of actors. Which actor is in the lead, if any, is purely contextual.

Secondly, while new regimes should be welcomed, we should be careful in allowing them to redefine Internet governance in a way that distracts from its core theme of managing Internet resources. To date, the greatest governance challenge we have can be summarized as the Internet governance trilogy: with Internet growth, the number of legitimate topics also grows. This increase demands for new policy fora, which in turn challenges the resources, particularly of the non-state actors, to participate. The original split between governance “OF” and “ON” the Internet is crucial here, and those in favor of the “One Internet” should be careful in having the two merged. There are many potential regimes for regulating policy “ON” the Internet, but fragmenting the discussion “OF” the Internet is risky.

Thirdly, we need to prevent “fragmentation in the mind” by overemphasizing silos. Even though “OF” and “ON” the Internet should remain separate policy areas, they will increasingly overlap by accident or design, and it is crucial that the different regimes are aware of each other and don’t work at cross-purposes. This is not the same as merging a silo or reinforcing it, but rather enforcing “cross ventilation” or “cross-pollination.” The existence of the IGF Leadership Panel could be a step in the right direction, with different policy “Sherpas” helping the IGF community better understand what is happening outside of their immediate bubble.

This is not a new problem. Bruce Schneier and other technologists have repeatedly called for years for enhanced communication among code makers and lawmakers. There is no need for diplomacy to merge with technology, but there is a need for diplomacy to meet technology. If the technical community is avoiding international Internet discussions outside of its immediate ecosystem, it risks that governments take this as “non vote is a vote as well.” As the final report of the Global Commission on the Stability of Cyberspace (GCSC) has outlined, we don’t need “convergence” but we need “coherence” between the different policy areas.

The IGF has to be strengthened. But forcing everything to merge with the IGF would hardly make it easier. When its mandate is reviewed in 2025, the challenge for the IGF is to be aware of all the “dots” and to link them, not necessarily to make decisions but largely to concentrate on the increasingly essential task of supporting information exchange. The IGF can function as a “clearing house” and an “early warning system.” This is not a new proposal. This was discussed by the UNCSTD Working Group on IGF Improvement in 2012.

A litmus test could become the Global Digital Compact (GDC). Digital technologies today are similar to natural resources such as air and water. Out well-being and development depend on their global availability. As part of the UN’s “Common Agenda” and the “UN World Summit on the Future,” the GDC will “set out principles and objectives for multistakeholder action,” as UN Secretary-General has outlined in his Policy Brief from May 2023. It is encouraging that this Policy Brief rejects the idea of a fragmented Internet and says that “unilateral regional, national or industry actions are insufficient: this cooperation must be global and multistakeholder to prevent digital inequalities becoming irreversible global chasms.” A GDC could become a “framework in which states and non-state actors participate fully in shaping our shared digital space and which supports interoperable governance across digital domains.” The purpose of the GDC would be for Antonio Guterres “to advance multistakeholder cooperation in order to achieve a shared vision of an open, free, secure and human-centered digital future.”

This sounds very promising. It is in line with the Tunis Agenda from 2005. And it opens the door for further innovative enhancement of our existing Internet Governance Ecosystem. The world has to overcome the digital, data and innovation divide. And while it is confronted with incredible technological innovation, there is a need for a similar wave of political innovations.

There is only little disagreement with the GDC objective. The more open question is how to achieve it. One could read the UN Policy Brief also in a way that the plea for multistakeholder cooperation is incorporated into a concept of intergovernmental leadership. The Policy Brief says: “The compact would be initiated and led by Member States with the full participation of other stakeholders. Its implementation would be open to all relevant stakeholders.” This sounds like introducing a new multistakeholder hierarchy and leaves the question open of how state and non-state actors will interact in the GDC drafting and implementation phases.

The UN started with a series of multistakeholder GDC consultations and issue-oriented deep dives, where governments and non-governmental experts did have the same rights to speak. But how will this input impact the so-called “Issue Paper,” which will be presented at the GDC Ministerial Meeting in September 2023 in New York? Ideas like the formation of “multistakeholder drafting teams” or “sounding boards” which would do the background work have been circulating for a while. But so far, it is unclear how the process is further designed.

The GDC Ministerial Meeting in September 2023 will probably agree on further guidelines for the next steps of the negotiations. But what will be the role of non-governmental stakeholders in those negotiations? The IGF has its next meeting in Kyoto in October 2023, just three weeks after the GDC Ministerial. Will the Kyoto IGF Messages, or a Multistakeholder Kyoto Digital Protocol, impact the intergovernmental negotiations to prepare the UN Summit on the Future”?

Another disputed paper is the report of the High-Level-Advisory-Board on Multilateralism (HLAB), which included some recommendations for the UN Summit on the Future. It was good that the HLAB recommended in April 2023 not to duplicate the existing Internet Governance mechanism. Nevertheless, Guterres Policy Brief proposed now in May 2023 the establishment of a new annual “Digital Cooperation Forum” (DCF). How this goes together? The UN Roadmap on Digital Cooperation proposed in 2021 an enhancement of the IGF towards an IGF Plus. The HLAB recommends avoiding duplication. And the Policy Brief proposes now a new discussion forum, an DCF. Are an IGF and a DCF two sides of the same coin, or is it the 4th dimension of “fragmentation,” the fragmentation of the discussion space?

The Policy Brief says that “the Digital Cooperation Forum would accommodate existing forums and initiatives in a hub-and-spoke arrangement and help to identify gaps where multistakeholder action is required… Internet Governance objectives and actions would continue to be supported by the IGF and relevant multistakeholder bodies such as ICANN and IETF.”

How will this be organized? How will a “hub-and-spoke arrangement” be designed? Will this produce a new bureaucracy with a multistakeholder IGF secretariat in Geneva and a governmental DCF secretariat in New York? What exactly is Internet Governance, and what is Digital Cooperation?

We already had the “definition battles” in the UN Working Group on Internet Governance (WGIG) between 2003 and 2005. This ended with accepting the “broad definition” in the Tunis Agenda. As it is natural for definitions to be reviewed from time to time in the light of new developments and changing circumstances, the reopening of such a definition battle can lead to fruitless academic disputes, a waste of limited resources and confusion, misguiding the needed serious discussions on issues raised by the GDC.

What is clear is that time is ripe for a reconsideration of the strengths and opportunities as well as the weaknesses and threats of today’s Internet Governance Ecosystem as it has evolved in the last decades. New ideas are welcomed, but there is always a risk that proposals, driven by the best intentions, can make a working system worse and not better. The plethora of initiatives and events need to be covered, after all, and with more work to be done, the chances are also that things might get missed.

The UN stands for the “United Nations,” represented by its governments. ICANN stands for the “United Constituencies” and the IGF for the “United Stakeholders.” As it makes no sense to consider the creation of another UN - the challenge is to make the UN better and more efficient - there is also no need for another ICANN or another IGF. What is needed is enhanced communication, enhanced coordination, as well as enhanced informal and formal collaboration among governments (UN), technical community (ICANN) and stakeholders such as civil society and business (IGF). The GDC is a great opportunity to reach a new quality in this multistakeholder digital cooperation.