Home / Blogs

Constituencies Coalesce on IANA Transition and Enhanced ICANN Accountability Principles

Protect your privacy:  Get NordVPN  [73% off 2-year plans, 3 extra months]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

It is now being broadly acknowledged that, as expressed unanimously by all GNSO constituencies at the recent ICANN London meeting, “as part of the IANA transition, the multi-stakeholder community has the opportunity and responsibility to propose meaningful accountability structures that go beyond just the IANA-specific accountability issues”.

In a July 22nd Keynote Address at the American Enterprise Institute, NTIA head Lawrence Strickling—whose agency must approve any IANA transition plan developed by Internet stakeholders—made this linkage an explicit element of U.S. government policy:

Also this spring, in response to community discussions at its Singapore meeting, ICANN announced a separate process to address ways to improve its overall accountability. Specifically, this process will examine how ICANN can strengthen its accountability mechanisms to address the absence of its historical contractual relationship with NTIA. This important accountability issue will and should be addressed before any transition takes place. (Emphasis added)

While ICANN and its multistakeholder community work to launch the accountability coordination group, a group of companies, associations and individuals have been laboring in Washington to articulate the principles for an enhanced ICANN accountability framework. On July 26th the middle-of-the road Information Technology and Innovation Foundation (ITIF) published “KEY PRINCIPLES FOR COORDINATION OF INTERNET UNIQUE IDENTIFIERS”. As explained in a blog post accompanying their publication:

As the Information Technology and Innovation Foundation (ITIF) told Congress in testimony earlier this year, the transition away from U.S. oversight creates unique risks and challenges for Internet governance, many of which we may not be able to anticipate today. Without the current oversight provided by the United States, ICANN will not be accountable to anyone and will only be motivated by the interests of those individuals who control the organization. This makes it incumbent on the NTIA, the ICANN leadership, and global Internet stakeholders to insist that a comprehensive set of principles for the responsible management of Internet resources be firmly embedded within ICANN before the transition is allowed to be completed.

In pursuit of that goal, a number of stakeholders—companies, associations, and individuals (including ITIF)—have worked to develop an initial draft of these key principles. As outlined in the proposal, these principles should include a clear separation of the policy making, dispute resolution, and implementation functions; protection from government capture; complete transparency in ICANN’s processes; broad consensus for policy decisions; and significant budget and revenue limitations. Above all else, the global community of ICANN stakeholders should remain the ultimate overseer of the DNS.

The Principles (reproduced at the end of this article) reaffirm the community of ICANN stakeholders as the ultimate overseer of the DNS. They call for clear separation of ICANN’s policy making, dispute resolution, and implementation functions. Policy would continue to be centered in ICANN’s supporting organizations (SO) and advisory committees (AC)—which would also confirm the CEO selection and approve members of an Independent Dispute Resolution Panel (IDRP). That IDRP would have substantial disciplinary authority, including the power to remove Board and staff members in egregious circumstances.

ICANN’s executive functions would be limited to implementing DNS policies and to recommending policy changes to the SOs and ACs; and to overseeing DNS technical functions outsourced to expert third parties. While remaining a California non-profit corporation, it would establish two separate Boards—one for policy implementation and the other for corporate management issues.

While coordination with governments would be encouraged, capture by multilateral forces would be safeguarded further by prohibiting the CEO or any Board member from being a member of any government or government-controlled organization. Transparency would be enhanced by an annual independent accounting firm audit, and by replacing the opacity of current Board proceedings with the required release of transcripts and detailed minutes of all meetings.

All rights, responsibilities and authorities that were not explicitly granted to ICANN would remain vested in its stakeholder community. ICANN’s budget would be constrained, with changes subject to stakeholder approval. Registry and registrar payments to ICANN would be nondiscriminatory, and their own fees to customers would not be subject to ICANN regulation.

Finally, and most importantly, adoption and effective implementation of such guiding principles would need to be completed prior to the completion of the IANA functions transition, with the principles themselves being embedded within ICANN’s Articles of Incorporation and Bylaws so that they are fully enforceable by the IDRP.

Some of these Principles—such as the call for ICANN to establish two separate Boards—may generate considerable controversy. Others, such as the call for ICANN non-regulation of registry and registrar fees, already reflect generally established practice (although the current .Com price cap is a result of a U.S. government-imposed restriction and is beyond ICANN’s own jurisdiction).

But there can be little doubt that these Principles are a good starting point for what the elements of enhanced ICANN accountability actually entail. They also illustrate that once the basic principles are debated and agreed upon there will remain substantial detail work to flesh out the practical points of their implementation. All this illustrates that this is a tremendously complex task that may well extend beyond September 2015, the end of the first phase of the current IANA contract between ICANN and the U.S. government.

These Principles received a significant endorsement on August 4th, when the highly respected and influential Center for Democracy and Technology (CDT) published a blog post welcoming them. As noted in that posting, “CDT has welcomed the US government’s decision to end the last vestiges of control over the IANA functions.” Nonetheless, ICANN’s actions since the NTIA announcement have convened it of the need for a strong accountability process producing robust recommendations:

On May 6, 2014, ICANN initiated a consultation intended to develop a plan for how it can remain accountable in the absence of its historical contractual relationship to the US government. The key question has become whether, after the US cuts the umbilical cord, ICANN will be subject to too little accountability, or even worse, whether it will become “accountable” to other governments or special interests that will exercise more intrusive control than the US ever did. The prospect of an unaccountable ICANN, or one subject to control by governments or special interests, has enormous implications for the open, innovative, global Internet.

CDT has become increasingly concerned with the slow pace of the accountability process and the apparent desire of ICANN to end its relationship with the US government and to take over the IANA function itself before a new accountability structure is in place. In our view, it is essential that the accountability process move in step with the IANA transition process and that the accountability question be answered before ICANN assumes control of the IANA. To complete a transition that sees ICANN implementing the IANA functions without appropriately strengthened accountability mechanisms would be irresponsible.

In this context, we welcome one very positive development. Until recently, the discussion on strengthening ICANN’s accountability had been plagued by a lack of clear guiding principles and concrete recommendations for improvements. However, last week a diverse group of stakeholders took a major step forward with the publication of “Key Principles for Coordination of Internet Unique Identifiers.” The document offers a sound foundation upon which further discussions on ICANN accountability can be based. (Emphasis added)

CDT’s concerns about the pace of the accountability process and ICANN’s priorities seem well-founded. On the same day this blog post was published ICANN unveiled a proposal for the accountability process that would corral ICANN’s stakeholders within a Community Assembly that would largely be a powerless discussion forum—while the real accountability decisions, and issuance of the final report and recommendations, would take place in a separate Community Coordination Group dominated by seven advisors selected by ICANN’s Board Governance Committee. These ICANN-appointed advisors would further engage with other “experts” at their own prerogative; and ICANN would control the Secretariat responsible for logistical and other support of both bodies. This proposed bifurcated structure is unnecessarily complicated and appears designed to sublimate the views of ICANN’s community to those of Board-selected advisors. It would also lead to unnecessary delay that would almost surely leave the accountability process lagging far behind that for the IANA functions transition—leading to a potential separation scenario of the very type that CDT deems “irresponsible”. There is considerable irony in the fact that ICANN’s original justification for separating the IANA transition and ICANN accountability processes was the former should have the input of global Internet constituencies while the latter was a matter to be decided by ICANN stakeholders—yet now ICANN has proposed an approach to the accountability issue that would dilute the ability of its stakeholders to recommend sweeping changes.

It remains to be seen whether the ICANN community will accept this proposed secondary role and or push back hard against it. It is difficult to imagine anything as strong or sweeping as the reforms advocated in the ITIF-published Principles emerging from the structure and resulting process that ICANN has just proposed.

The Principles unveiled by ITIF will not be the sole contributors to the coming discussion. The conservative Heritage Foundation has articulated its own “Required Reforms and Standards for ICANN Transition”. While its recommendations overlap with many of the ITIF Principles, there are also significant departures—such as a call for “a new external, private oversight board for ICANN notionally called the Internet Freedom Panel, that is representative of users and possesses veto power over ICANN policy decisions that threaten the freedom, security, stability, and resilience of the Internet”. Another provision advocates that “ICANN’s bylaws should be amended to specifically commit the organization to oppose efforts to constrain free speech, online discourse, or assembly”, a concept that could well be seconded by global Internet freedom civil society groups. Another daring proposal, based on “a recent white paper by Milton Mueller and Brenden Kuerbis for the Internet Governance Project”, would separate the IANA and related technical functions into a “new IANA consortium [that] should be a private nonprofit company financed and managed by the TLD registries”. Other provisions would replace the current method of Board selection with a more transparent and direct process, and replace ICANN’s exception-riddled Documentary Disclosure Information Policy (DDIP) with a new policy based on the U.S. Freedom of Information Act (FOIA) to assure greater transparency. These are but a selective sample of the intriguing ideas put on the discussion table by Heritage.

ICANN’s stakeholders are of course global, and the U.S. contingent has no monopoly on good ideas or commitment to enhanced accountability. What they do have, however, is the ability to bring their concerns and ideas directly to Congress and the NTIA. There is a possibility that when Congress returns in September either the ITIF or Heritage principles, or both, may be introduced as Congressional Resolutions. Congress has a long history of bipartisan backing for the multistakeholder model of Internet governance. As debate shifts away from whether the IANA transition should occur and onto the accountability principles that must accompany it, there is a good possibility that further consideration will be less divisive and more bipartisan.

It seems clear that a diverse group of stakeholders are ready and willing to do the hard work of proposing, debating, and perfecting enhanced accountability measures that will help ensure that a post-IANA transition ICANN remains an organization institutionally bound to operate through a bottom-up multistakeholder policy development process led by the private sector. What remains unclear is whether ICANN’s current Board and senior staff will trust its community of stakeholders enough to let them proceed on their own—or will push to implement the IANA transition before an accountability plan is completed, while simultaneously working to control the accountability process and dilute its final output.

* * *

These are the Principles published by the ITIF:

KEY PRINCIPLES FOR COORDINATION OF INTERNET UNIQUE IDENTIFIERS

On March 14, 2014, the U.S. National Telecommunications and Information Administration (NTIA) announced its intention to transition key IANA functions to the global multistakeholder community. NTIA laid out four conditions for this transfer:

  • Support and enhance the multistakeholder model;
  • Maintain the security, stability, and resiliency of the Internet DNS;
  • Meet the needs and expectations of the global customers and partners of the IANA services; and,
  • Maintain the openness of the Internet.

NTIA also advised that it will not accept a proposal that replaces the NTIA role with a government-led or inter-governmental organization solution. To ensure appropriate coordination of Internet unique identifiers, it is essential that ICANN be structured in a way that meets each of these essential conditions before the transition. These key principles and mechanisms should be embedded into the structure of ICANN through the multistakeholder accountability process:

1. Community of Stakeholders as Ultimate Authority: The community of ICANN stakeholders should be the ultimate overseer of the DNS, responsible for: promoting a single, decentralized, open, and interoperable Internet; preserving the integrity, transparency and accountability of IP numbers and their assignments; managing domain names, and protocol number assignments; maintaining the security, stability and resiliency of the DNS; and meeting the needs and expectations of global customers and partners of the DNS.

2. Separation of Functions: To ensure the form of oversight and accountability that is appropriate for distinct activities, there should be a strong and clear separation of these three functions: policy making, dispute resolution and implementation.

3. Policy Making Function: ICANN’s existing structure of Supporting Organizations (SOs) and Advisory Committees (ACs), which provide technical and policy guidance and which comprise its bottom-up, consensus multi-stakeholder model, should continue to be responsible for policy making. Their membership should be representative of the community of ICANN stakeholders and of the different regions of the world, including developing and developed countries. They should also confirm nominees for ICANN CEO and approve members of an independent dispute resolution panel.

4. Dispute Resolution Function: ICANN’s Independent Review Panel should be expanded to ensure a balanced structure with multi-stakeholder participation, and strengthened into a new independent dispute resolution panel responsible for resolving disputes involving ICANN and endowed with the final authority to impose discipline and sanctions, and to remove Board and staff members in defined egregious circumstances. This remedy process should be transparent, accessible and timely. This is critical to ensure that the ICANN Board of Directors and ICANN’s leadership are accountable to the community of ICANN stakeholders and not responsible for adjudicating challenges to their own decisions.

5. Implementation Function: ICANN’s limited executive function should be confined to implementing policies pertaining to the coordination of Internet unique identifiers and to recommending policy changes for consideration and ultimate decision-making by the SOs and ACs. ICANN should oversee the technical functions of the DNS but should outsource technical operations to organizations with a proven track record. ICANN should remain a non-profit corporation operating under California law, but governed by two boards of directors separately focused on policy implementation and corporate management issues. Policy implementation should be done in close coordination with SOs and ACs who have the ultimate responsibility to ensure that policies they develop are implemented as intended.

6. Protection from Government Capture: Government is one of the core stakeholders within the multi-stakeholder model, and government involvement is appropriately conducted through the Governmental Advisory Committee, in coordination with the SO/AC policy development process. In particular, neither the CEO nor the members of either Board of Directors should be a member of a government or government-controlled organization. ICANN should prudently engage with government officials, focusing primarily on issues pertaining to the coordination of Internet unique identifiers, whether directly or indirectly through a third party and such engagements and the topics covered should be made public in a timely fashion.

7. Transparency: ICANN should be audited annually by an independent accounting firm, and transcripts and detailed minutes of all meetings, including those of ICANN’s Board of Directors, as well as complete documents and records should be made readily available.

8. Specific Rights and Responsibilities Appropriate for Each Function: Each function should only encompass those explicitly assigned rights, responsibilities and authorities that have been formulated through the multistakeholder accountability process. The accountability process will identify all significant functions and responsibilities, and designate them appropriately and explicitly. The accountability process should be thorough, and map specific rights, responsibilities and authorities to the appropriate function. All other rights, responsibilities and authorities should be reserved to the community of ICANN stakeholders.

9. Consensus: A significant supermajority should be required for final action on all policy decisions to demonstrate broad support by the community of ICANN stakeholders.

10. Budget and Revenue Limitations: ICANN’s budget and the revenue to support it should be limited to meeting ICANN’s specific responsibilities and should not change without SO and AC approval and the agreement of the registries and registrars who pay ICANN fees.

11. Equitable Agreements: All registries and registrars should operate under equitable agreements with ICANN that set nondiscriminatory fees to be paid to ICANN in support of its budget. ICANN may not set or regulate fees charged by registries or registrars to their customers.

12. Prior Adoption: These principles and their assured implementation should be adopted and made effective prior to the transfer of the IANA contract to ICANN, or to any other party that replaces the U.S. as contract counterparty; should be embedded in ICANN’s Articles of Incorporation & By-Laws so that they are fully enforceable by the new independent dispute resolution panel; and should form the basis for the replacement of NTIA’s current DNS agreements.

By Philip S. Corwin, Senior Director and Policy Counsel at Verisign

He also serves as Of Counsel to the IP-centric law firm of Greenberg & Lieberman. Views expressed in this article are solely his own.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Domain Names

Sponsored byVerisign

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API