|
For those interested in encouraging innovation in the domain name space—which presumably includes the ICANN community currently convening in Dakar—the recent episode in which VeriSign proposed, and then quickly withdrew, a bundle of new services (the VeriSign anti-abuse domain use policy) raises important issues that will be revisited as new gTLDs are introduced. Some of those issues are referenced in a recent blog post by Milton Mueller, but his emphasis on “due process” suggests a regulatory framework that is not friendly to innovation.
In order to introduce a new service, registries such as VeriSign are required to go through a pre-approval procedure—ICANN’s Registry Services Evaluation Process—which is characteristic of the public utility model that the Internet community has adopted for the domain name space, seemingly without a lot of consideration. Under the public utility model, both rates and terms of service typically must be pre-approved by the regulator. Pre-approval is also sometimes required when safety is an issue, the most notable example being the introduction of new drugs.
Pre-approval requirements necessarily raise the cost of introducing new goods and services. Even under the best of circumstances, they take time and resources. If multiple parties are allowed to participate in the proceeding, competitors are often able to raise their rivals’ costs. Unless there are demonstrable offsetting benefits—which doesn’t seem to be the case here—pre-approval requirements should be avoided.
The public utility model has historically been applied to markets where there is a single provider—a monopoly—and competition is not thought to be feasible. Prominent examples are local land-line telephone service and local electricity distribution. The market for TLDs is not currently a monopoly and will become more competitive as the new gTLD program becomes operational.
Even in the case of a monopoly, however, the public utility model has well-known deficiencies. When applied to a market where there is some competition, those deficiencies multiply. One reason is that public utility regulation gives firms the opportunity to game the system to advantage themselves at the expense of their rivals.
Further, the public utility model has difficulties accommodating technological change, especially when it involves new goods and services. These new possibilities often open opportunities for new competition, which undermines the rationale for the regulation and therefore will typically be resisted by those who benefit from that regulation. This means that new offerings somehow have to be accommodated by a model that is usually based on a “simple” standard product or service. The Internet, of course, has been an area of rapid technological change.
In the application submitted to ICANN, VeriSign proposed two types of new services: a voluntary malware scanning service to assist legitimate sites that have been infected, and an anti-abuse policy to facilitate the takedown of abusive non-legitimate sites.
Mueller (and perhaps others) is primarily concerned with the second half of the proposal, which he calls “a gigantic alteration of domain name due process.” Presumably, he is concerned that registries might take down legitimate sites without “due process”. But why would a registry want to take down a legitimate site and lose the associated revenue?
A major purpose of the VeriSign takedown proposal appears to be to develop procedures in conjunction with registrars to comply with court orders and other legal requirements. But what if a registry had a policy of taking down (or not accepting) registrations that were simply objectionable on other grounds, even if not illegal? Should that be a problem?
A registry is somewhat analogous to a shopping mall. The mall rents space to many tenants—major anchor tenants, such as Nordstrom and Macy’s—as well as a lot of smaller stores, and obviously has an incentive to keep its space rented. However, the overall reputation of the mall and its value to the various tenants depends to a large extent on the other stores in the mall. So the mall owner may not to want to rent to a store that sells pornography, or Nazi memorabilia, or pirated CDs. Such stores would produce negative externalities for the other renters and in turn for the mall owner. Of course, different malls will have different criteria for what they consider “legitimate” tenants, depending on the reputation they are trying to establish. Shoppers—weighing the attributes of the various malls from which they can choose—can decide at which malls they wish to shop.
In a similar way (although the effect may not be quite as strong), a registry is concerned about the reputation of its TLD, and different registries may have different criteria. For example, there already is a TLD (a “mall”) that specializes in pornography. More TLDs means registrants have more choices. Given the reputation the various registries are trying to establish, registries have every incentive to retain as customers websites they consider legitimate.
Thus, the central question concerns the incentives of the registries. A regulatory approval procedure only seems justified if registries have both the incentive and the ability to behave in a way that is inconsistent with the interests of registrants and Internet users more generally (or, as economists would put it, inconsistent with economic efficiency). However, whatever the structure of the sector (and even if it is a monopoly), the incentive of registries is to maximize the value of their platform, which they can do by maximizing the value of their service to their customers.
The alternative is straightforward: simply permit registries to introduce innovative new services without going through a regulatory approval process. ICANN doesn’t need to determine if a new service should be introduced because registries don’t have any interest in making their services less valuable.
Sponsored byRadix
Sponsored byCSC
Sponsored byVerisign
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byIPv4.Global
It is disappointing that you so thoroughly missed the point of my concern about domain name take down processes.
My issue, and that of most people who care about internet freedom - including the freedom of registry operators - has nothing to do with whether registries are “public utilities” or whether a pre-approval process such as RSEP is needed for new registry services. Indeed, as my blog post clearly stated, if the VeriSign proposal was exclusively concerned with their ability to offer a voluntary botnet detection service to registrars, no objections would have been raised by me.
No, the issue is the appropriate level of authority enjoyed by _governments_ with respect to domain name registries. That’s politics, not commerce. Apparently you can’t tell the difference.
In the proposal we are debating, VeriSign said it would take down any domain for any reason if asked to by a law enforcement agency. That, my friend, is not a “new service,” it is a fundamental alteration of the legal and political rights of registrants vis a vis their government, and of the legal framework underlying VeriSign’s terms of service. It says that VeriSign will completely abandon the legal rights of its customers on behalf of government agencies. But those government agencies are supposed to be constrained by due process. They have no right to take things down without following appropriate procedures to ensure that their actions are aimed at the appropriate target and that the remedy is proportionate. Verisign should not be offering to circumvent those due process protections.
If this is a “new service,” please tell me who the service is being provided to. The FBI? So how much is VeriSign being paid by the FBI to provide it? If this is a “service” I’d like to know the price. Or is the “bargain” more a political one? VeriSign continues to enjoy its operational monopoly on the implementation of the master root zone file and other politically granted privileges, in exchange for doing some dirty work for LEAs? Hmmm?
Now if you are telling me, as a “free market” guy, that VeriSign has a right to offer service on terms that only a fool would agree to, I guess I’d have to agree in part. They do have that right - but only for new contracts, not for old ones. You can’t tell someone who has registered a .com, .net or .tv domain for 10 years under an earlier contract that you will unilaterally alter their terms of service to yank their rights out from under them.
I am sure I don’t have to tell VeriSign that if it adopts such a terms of service for new registrants, it is shooting itself in the foot and will lose customers rather quickly.
If you want to be an advocate of “the market,” Tom, you really need to understand that “due process” is not a public utility “regulatory framework” that pertains to the control of suppliers. It is a constraint on the arbitrary exercise of governmental power. Due process is why you can’t take property without going through appropriate procedures to ensure that the takings are justified. Due process is why police can’t shoot people first and determine whether they are guilty later. It’s disappointing that those who say they favor economic freedom often fail to understand the need for political and legal processes to establish rules that preserve and protect freedom. There is a big difference between promoting what a few people in one short-sighted business see as in its immediate interest and promoting a legal framework that supports free people and a free market.