Home / Blogs

Breaking the Internet HOWTO: The Unintended Consequences of Governmental Actions

“Breaking the Internet” is really hard to do. The network of networks is decentralized, resilient and has no Single Point Of Failure. That was the paradigm of the first few decades of Internet history, and most people involved in Internet Governance still carry that model around in their heads.

Unfortunately, that is changing and changing rapidly due to misguided government intervention. Ever since 2000, when we witnessed the LICRA v. Yahoo! conflict, we have had governments taking actions that move us away from the utopian vision of early netizens towards a dystopic, unrecognizable Internet.

This past month has been incredibly busy in terms of misguided governmental interference. Here is a short list of recent governmental bloopers and why they are deeply flawed;

1. Put out a RFP to run the core names and numbers entity (the IANA) but limit it to US organisations. For over a decade, other governments have complained bitterly that the US “controls the Internet”. This move further entrenches that flawed perception but serves no actual purpose since it is nearly inconceivable that any entity other than ICANN (based in California) will get this no fee contract from the Department of Commerce. Serving turkey at Thanksgiving is an American tradition, but this move elevates the term “giving the bird” to new heights. Governments unhappy with this decision have another reason to try to “split the root” or build their own set of nameservers that they can control.

2. Propose a UN Committee for Internet-related policies (CIRP). India has done this in the UN General Assembly. Earlier this year, India, along with Brazil, and South Africa floated their “IBSA Proposal” [PDF] to near universal criticism. Despite this, the Indian delegate at the UN still said that CIRP would, inter alia,

“coordinate and oversee the bodies responsible for technical and operational functioning of the Internet, including global standards setting.”

Since this is completely unlike the current situation in which the technical and standards bodies operate independently, developing standards and policies in open to all, bottom-up, transparent and consensus based processes this proposal seems aimed at breaking the “Internet Model” [PDF]. This model, sometimes called the Internet eco-system [PDF] has given us the Goose that lays the Golden Eggs. An excellent description of this is well worth reading, and as one commenter suggested “The model is so important that a threat to the model is a threat to the Internet itself.” Because some governments are so angry about US unilateral control over Critical Internet Resources (see #1 above), they are willing to kill the Goose, thus ensuring no one gets the Golden Eggs.

3. Start a new Thanksgiving tradition of censoring websites without due process. Last year the rojadirecta case caused quite a stir in Internet governance circles. It seems that ICE will continue to do this until your lolcatz are replaced with this, only then will we see the public at large up in arms.

The rojadirecta case was striking in that ICE not only asserted authority over content (found to be legal in Spain, where rojadirecta is located) stored on a webserver outside the USA, it censored the website that only carried (allegedly) infringing links, as rojadirecta does not have the actual content that were thought to be infringing. Again, the US government angers the rest of the world. It may also be useful to point out that seizing the domain did not stop rojadirecta, they just moved their website to multiple other domains.

4. Be hypocritical. Proclaim your support of Internet Freedom abroad and actually fund projects that are doing excellent work to protect freedom of speech online with one hand while using the other to restrict those freedoms (see #3 above) not just for your citizens, but for billions of Internet users worldwide.

5. Make pressing a facebook “like” button a criminal act. Well done, Thailand for giving us a humorous interlude in this long, boring post!

6. Issue a court order instructing non-profit public interest organisations outside the USA (and one in Virginia) to take specific actions in the databases they manage. In some cases, these actions may violate contracts the organisations have signed with their members. Once again, a unilateral action by a government actor throws sand in the gears of a well-oiled Internet policy system that has taken decades to evolve.

7. Propose legislation that not only censors Internet content on allegations alone, but that requires ISPs and ANYONE who runs a caching DNS server, a search engine, advertising or payment network to police content. In the USA, there is an intense battle over this SOPA/PROTECT-IP legislation that actually reaches in to DNS servers and mandates filtering by server operators.

As the CDT and many others (including myself as a signatory) have argued, the DNS is not the appropriate place to do this.

DNS name queries should be and accurately translated into DNS name responses regardless of query source or query subject. That’s the design of the DNS and it does its job billions of times per day. This legislation would mandate that your DNS server send you a lie when you made specific queries. Internet broken, plain and simple. In addition, our new DNS Security extensions are incompatible with a lying DNS server. The DNS is the wrong focal point to attack this problem.

Besides the breakage, the measure, as originally proposed (and as amended) just wouldn’t work to Stop Online Piracy (House bill) or PROTECT-IP (Senate). It’s trivial to register a new domain name, or find a new DNS service provider and let’s not forget the content “lives” on webserver somewhere that has an IP address, so filtering DNS replies does not remove the content. Of course, one domain name can have many sub-domains, so taking down one domain can affect hundreds of perfectly innocent websites (as happened in last years Thanskgiving ICE takedown).

8. Hold hearings to put pressure on the organisation that manages Internet name and number resources to delay a program that is a result of more than 7 years of bottom-up policy making processes. Two separate House committees put ICANN on the hot seat this week because Congress clearly doesn’t understand that they don’t get to make these policies, they are just one stakeholder among many. I applaud ICANN for sticking to their agreed upon schedule for adding more gTLDs to the root;

“This process has not been rushed,” said Kurt Pritz, SVP of ICANN. “Every issue has been discussed. No new issues have been raised. The people at this table participated in this debate.”

Even though I have never been a proponent of new gTLDs, I understand that the Policy Development Process has finished and I accept the result. Whinging to Congress is just bad politics for the ANA and others who testified at the hearings if they ever want to be taken seriously in ICANN policy making going forward.

On the face of it, all of these disjointed legislative, judicial and executive actions would seem to argue for a global set of rules that all governments would abide by. We saw during WSIS however that the US is not about to give up the one lever of control they have over Internet names and numbers, nor are other governments willing to give up sovereignty over what happens in their territories.

If, by some miracle, a deal was reached on a treaty, this would be even more disastrous than individual governments making bad policy decisions. Having nearly 200 UN Member States making Internet policy in a top-down governments only setting would only multiply the badness of the bad ideas listed above. Do we really want China, Burma and Iran (just to mention a few) making decisions on what content we can consume or create?

Governments and Intergovernmental bodies are supposed to serve the public interest. Unfortuantely, they don’t grok the Internet and their knee-jerk efforts are a threat to the Internet as we know it. They can best promote the public interest by NOT regulating the Internet.

By McTim, Internet policy and governance consultant

Filed Under


>"Breaking the Internet" is really hard to Charles Christopher  –  Dec 19, 2011 7:55 PM

>“Breaking the Internet” is really hard to do. The network of
>networks is decentralized, resilient and has no Single Point
>Of Failure.

It’s important to tease something out about those comments:

The internet is NOT Domain Names. The internet are the roads, domain names are the street signs. I can still travel from point A to point B without street signs IFF I know where I am and where I’m going without a 3rd party map.

Most people can’t traverse the internet without that 3rd party map, and the entire domain name infrastructure is based on this reality.

Domain names ARE centralize, they ARE a single point of failure. Don’t think so? Delete or mutilate this file and get back to me:


This is the de-facto centralization point of the internet. And without that centralization “Governmental Actions” become extremely difficult.

To say this is the way thing must be is an illusion. Many have split the root thus creating decentralized naming and “street signs” but it’s not wide spread. Competing “roots” would return a decentralized internet, one more immune to “Governmental Actions”.

Alt roots won't solve the problem of clueless lawmakers McTim  –  Dec 19, 2011 10:15 PM

As Jon Postel once said: “A name indicates what we seek. An address indicates where it is. A route indicates how we get there.” 

The DNS by design is a decentralized hierarchical database, albeit with a canonical root.  If you “split the root” or run an alt-root and the contents of the rootzone are different than the “catholic root”, then you have broken the Internet on purpose.  That’s a risky strategy IMHO.

Even with an alt-root, you are still vulnerable to misguided governmental intervention. 

P.S. One can get root hints via ftp or even via dig from the rootservers:
dig +bufsize=1200 +norec NS . @a.root-servers.net

My primary motivation is the free flow Charles Christopher  –  Dec 28, 2011 8:21 PM

My primary motivation is the free flow of communication on the internet. It is my feeling this is only possible through decentralization of the naming abstraction layer. To lay people naming is the internet, regardless if they are aware of this self imposed illusion. The is a practical assumption on their part. The nTLDs issue results in centralization of "remaining" TLDs into the hands of one single entity. It is clear "finalized" centralization of naming. People here need to think very deeply about total centralization of naming under ICANN and what that means for "Government Actions". Especially at this point in history. There are no perfect solutions, but as with investments of other types, putting all your money on one bet eventually will be a problem. And nTLD expansion under ICANN is a bet that can only be made once ...... When ICANN expands TLDs across the keywords with greatest value, alternative roots will be far more difficult to implement do to ambiguities and no financial incentive to compete with an established TLD (AKA ICANN). Right now that problem does not exist, much opportunity exists as this is the perceived opportunity driving nTLDs at this moment (ICANN monopoly is executing on this opportunity). That fact alone is reason for ICANN to want to expand it's monopolistic TLD position, AKA continued CENTRALIZATION of "The Internet". The centralization in turn supported by Governments as they have one single point to exert pressure on for their own benefits, as those that support their reelections ....

>If you "split the root" or run Charles Christopher  –  Dec 19, 2011 10:27 PM

>If you “split the root” or run an alt-root and the contents of the rootzone are
>different than the “catholic root”, then you have broken the Internet on purpose.

You are passing judgement on a technology, as government action in the OP.

As Jon Postel once said: “A name indicates what we seek. An address indicates where it is. A route indicates how we get there.”

A different root is a different address, it is found in another location.

As a ICANN Registrar, I have no desire to dupicate current TLD and creating ambiguities. However, as a businessman, I am interested in true market competition.

I’m interested in the internet actually being decentralized, with MANY roots.


Eh. John Levine was right there - and all of that can be done with the same set of roots we have Suresh Ramasubramanian  –  Dec 23, 2011 4:06 PM

How or why is the alt root kool aid getting raked up in this day and age?

>How or why is the alt root Charles Christopher  –  Dec 28, 2011 8:16 PM

>How or why is the alt root kool aid Poisoning the Well: http://www.nizkor.org/features/fallacies/poisoning-the-well.html >getting raked up in this day and age? Appeal to Common Practice: http://www.nizkor.org/features/fallacies/appeal-to-common-practice.html

A voice of reason. Bravo and Antony Van Couvering  –  Dec 19, 2011 11:30 PM

A voice of reason.  Bravo and thank you for the article.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Domain Names

Sponsored byVerisign


Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API


Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC