The beginning of every year is a time for introspection, an appraisal of the year that was, and planning for the year to come. It is also a time to follow tradition and to recap the biggest news of the year. But by now, I am guessing that we have all read our fair share about the people and events who have impacted the last 12 months. But as we examine the “whats” of 2009 (i.e. what happened, who was involved, and what resulted) , we should set our focuses forward by learning from yesterday and planning for tomorrow. That said, if we take a larger vantage point (than our own relatively small domain name industry), these lessons from 2009—in my view—could teach us all and most importantly, really shape the year ahead:

1. The Internet needs to be protected not only from the potential impacts of technical considerations but also from over-eager governments.

Governments are increasingly searching for ways to control and manipulate news and expression. What’s more is that when the traditional channels fail, they try their hand at controlling Internet access. This control can take the form of shutting down sites or manipulating the Internet bandwidth available to users within the country at crucial times. What results is that the beauty of the Internet’s vast “oneness” and ubiquitous accessibility ultimately transforms into inaccessible silos.

Yes, the Internet is growing. Yet it remains vulnerable to censorship. While traditional news channels with defined content hierarchies are easy targets for governments, what’s proving harder to control is the self-authored content, which is de-centralized and proposes a “whack-a-mole” model to the governments. Case in point, consider the barring of foreign news coverage from traditional sources during and after the Iranian election. This control inspired the populace to use their mobile phones to capture images, to use Twitter and Facebook to report what was happening to the outside world, and to help organize themselves inside the country. The most iconic image of last year was the death of a young women, Neda, from a sniper’s bullet, all captured by video on a mobile phone. For effective communication, users’ content needs to be found by the right audience—whether that is through SEO or social networks. As a result, many are opting for an account with these aggregators instead of their own unique domain name. Unfortunately, these outlets of communication are becoming more centralized. Many are consolidating (being bought—such as YouTube’s acquisition by Google) or struggling to find a working revenue model to exist (i.e., Twitter). As outlets disappear or become more centralized, governments will have an easier time quelling the chorus of voices.

2. We should start thinking of stability beyond particular technical considerations and have it encompass cross-border collaboration.

For example, a big threat to Internet stability and security is the rapid evolution of identity theft schemes and malware. These scams not only affect us all technically, but they also affect the end-users’ level of trust while surfing the web.

Think of Confiker, which had us all scrambling to respond. The Internet is a global medium. However,the laws that govern us are very much local and often conflicting. So in trying to mitigate security threats, our hands are often tied when faced with the threat of litigation for overstepping the myriad of overlapping boundaries that we have to navigate. As a result, many simply give up—to the detriment of us all. Collaboratively taking responsibility and involving players outside the ICANN area is one answer (note: shameless plug for RISG which involves almost every actor in the chain collaborating across industry lines to mitigate identity theft). But another is our governments and regulatory systems untying the chains that bind us… or at least make it much harder to do the right thing. Why not encourage our respective governments and regulatory bodies to provide multilateral relief in security cases which cross national boundaries? For example, ICANN provided regulatory relief upon request during Confiker so the registries could take the necessary actions to mitigate the threat. We need this model on a multilateral- governmental scale. If we do not actively enable end-user trust in the use of the Internet, we risk losing it.

When the trust in the wider ecosystem of the Internet decreases, users will be more tempted to give some of the their rights to a controlling third party platform provider in return for assurances of security. Haven’t we seen that happen already many times in the real world? I can almost hear the voice-over: remember those National Geographic specials? Recall when the thirsty wildebeest started walking towards the safe-looking pool of water, teeming with crocodiles. “Sadly now, there can be but one outcome.” And it wasn’t pretty.

3. We need to practice humility, see reality, and speak plainly.

We have had our heads in the sand too long, believing the Internet begins and ends with us. Reality is… it doesn’t. The center of power is shifting from the DNS players to social media sites and the ad engines (yes, I am purposely not calling them search engines). It is these folks who determine the privacy and control provisions for a massive number of users. According to Facebook, ‘privacy is so yesterday.’ Last February when Facebook decided that it perhaps owned the content users posted, it was big news on CNN. When was the last time that a WHOIS proposal enjoyed a slot on the CNN nightly news?

So what should we do?

First, we need to embrace plain speak. Many of our advocacy efforts (funny enough on behalf of the bewildered Internet users) are shrouded in such legal/policy and technical languages that they are rendered incomprehensible. How can the average Internet user, nay—the one who hasn’t come on yet—possibly understand what we are proposing to enable his/her access and use?

We should also support multi-stakeholder governance models like ICANN and help them to operate better. That means meaningful and constructive (i.e. not destructive) feedback when necessary. We should also recognize that we ourselves are not silos. The decisions that each and every one of us makes independently, affects our ecosystem and therefore all of us in the end. Case in point: we all turned a blind eye toward speculation and domain tasting for awhile. And while that had its profitable moments for a few players, it ultimately introduced volatility in the domain name market as rules, ad models, and the economy changed.

Lastly, we should ask if our community’s resources and energy spent are aligned with reality. The world is still in an economic recession. Many businesses and consumers’ first priorities are managing costs to survive. In many countries, literacy is still an issue, followed by lack and/or cost/speed of Internet access. In those cases where literacy and access are not the main issues, it is the government’s insistence on controlling the user activities and free expression which threatens to fragment the Internet into silos. Identity theft and other online security problems plague governments and the average end-user, costing each and every one of us more money. Yet the problem persists and is getting worse.

With the introduction of new Top-Level Domains (TLDs), some may turn out to have a great application and use but certainly not all of them. Is it more important that we expand the IP space (IPv6) or add more TLDs? To me that question is akin to building high-rises on a small patch of land. It is okay if everyone wants to live in Manhattan.

Would we all have been better off if instead we had focused our dialog first on “What the current and new generations of Internet users need from us?” Our shared customer needs can point us all to the appropriate sequence of actions and priorities—which we might all agree to. We can still resolve to do that in 2010.