Home / Blogs

Breaking the Internet HOWTO: The Unintended Consequences of Governmental Actions

McTim

"Breaking the Internet" is really hard to do. The network of networks is decentralized, resilient and has no Single Point Of Failure. That was the paradigm of the first few decades of Internet history, and most people involved in Internet Governance still carry that model around in their heads.

Unfortunately, that is changing and changing rapidly due to misguided government intervention. Ever since 2000, when we witnessed the LICRA v. Yahoo! conflict, we have had governments taking actions that move us away from the utopian vision of early netizens towards a dystopic, unrecognizable Internet.

This past month has been incredibly busy in terms of misguided governmental interference. Here is a short list of recent governmental bloopers and why they are deeply flawed;

1. Put out a RFP to run the core names and numbers entity (the IANA) but limit it to US organisations. For over a decade, other governments have complained bitterly that the US "controls the Internet". This move further entrenches that flawed perception but serves no actual purpose since it is nearly inconceivable that any entity other than ICANN (based in California) will get this no fee contract from the Department of Commerce. Serving turkey at Thanksgiving is an American tradition, but this move elevates the term "giving the bird" to new heights. Governments unhappy with this decision have another reason to try to "split the root" or build their own set of nameservers that they can control.

2. Propose a UN Committee for Internet-related policies (CIRP). India has done this in the UN General Assembly. Earlier this year, India, along with Brazil, and South Africa floated their "IBSA Proposal" [PDF] to near universal criticism. Despite this, the Indian delegate at the UN still said that CIRP would, inter alia,

"coordinate and oversee the bodies responsible for technical and operational functioning of the Internet, including global standards setting."

Since this is completely unlike the current situation in which the technical and standards bodies operate independently, developing standards and policies in open to all, bottom-up, transparent and consensus based processes this proposal seems aimed at breaking the "Internet Model" [PDF]. This model, sometimes called the Internet eco-system [PDF] has given us the Goose that lays the Golden Eggs. An excellent description of this is well worth reading, and as one commenter suggested "The model is so important that a threat to the model is a threat to the Internet itself." Because some governments are so angry about US unilateral control over Critical Internet Resources (see #1 above), they are willing to kill the Goose, thus ensuring no one gets the Golden Eggs.

3. Start a new Thanksgiving tradition of censoring websites without due process. Last year the rojadirecta case caused quite a stir in Internet governance circles. It seems that ICE will continue to do this until your lolcatz are replaced with this, only then will we see the public at large up in arms.

The rojadirecta case was striking in that ICE not only asserted authority over content (found to be legal in Spain, where rojadirecta is located) stored on a webserver outside the USA, it censored the website that only carried (allegedly) infringing links, as rojadirecta does not have the actual content that were thought to be infringing. Again, the US government angers the rest of the world. It may also be useful to point out that seizing the domain did not stop rojadirecta, they just moved their website to multiple other domains.

4. Be hypocritical. Proclaim your support of Internet Freedom abroad and actually fund projects that are doing excellent work to protect freedom of speech online with one hand while using the other to restrict those freedoms (see #3 above) not just for your citizens, but for billions of Internet users worldwide.

5. Make pressing a facebook "like" button a criminal act. Well done, Thailand for giving us a humorous interlude in this long, boring post!

6. Issue a court order instructing non-profit public interest organisations outside the USA (and one in Virginia) to take specific actions in the databases they manage. In some cases, these actions may violate contracts the organisations have signed with their members. Once again, a unilateral action by a government actor throws sand in the gears of a well-oiled Internet policy system that has taken decades to evolve.

7. Propose legislation that not only censors Internet content on allegations alone, but that requires ISPs and ANYONE who runs a caching DNS server, a search engine, advertising or payment network to police content. In the USA, there is an intense battle over this SOPA/PROTECT-IP legislation that actually reaches in to DNS servers and mandates filtering by server operators.

As the CDT and many others (including myself as a signatory) have argued, the DNS is not the appropriate place to do this.

DNS name queries should be and accurately translated into DNS name responses regardless of query source or query subject. That's the design of the DNS and it does its job billions of times per day. This legislation would mandate that your DNS server send you a lie when you made specific queries. Internet broken, plain and simple. In addition, our new DNS Security extensions are incompatible with a lying DNS server. The DNS is the wrong focal point to attack this problem.

Besides the breakage, the measure, as originally proposed (and as amended) just wouldn't work to Stop Online Piracy (House bill) or PROTECT-IP (Senate). It's trivial to register a new domain name, or find a new DNS service provider and let's not forget the content "lives" on webserver somewhere that has an IP address, so filtering DNS replies does not remove the content. Of course, one domain name can have many sub-domains, so taking down one domain can affect hundreds of perfectly innocent websites (as happened in last years Thanskgiving ICE takedown).

8. Hold hearings to put pressure on the organisation that manages Internet name and number resources to delay a program that is a result of more than 7 years of bottom-up policy making processes. Two separate House committees put ICANN on the hot seat this week because Congress clearly doesn't understand that they don't get to make these policies, they are just one stakeholder among many. I applaud ICANN for sticking to their agreed upon schedule for adding more gTLDs to the root;

"This process has not been rushed," said Kurt Pritz, SVP of ICANN. "Every issue has been discussed. No new issues have been raised. The people at this table participated in this debate."

Even though I have never been a proponent of new gTLDs, I understand that the Policy Development Process has finished and I accept the result. Whinging to Congress is just bad politics for the ANA and others who testified at the hearings if they ever want to be taken seriously in ICANN policy making going forward.

On the face of it, all of these disjointed legislative, judicial and executive actions would seem to argue for a global set of rules that all governments would abide by. We saw during WSIS however that the US is not about to give up the one lever of control they have over Internet names and numbers, nor are other governments willing to give up sovereignty over what happens in their territories.

If, by some miracle, a deal was reached on a treaty, this would be even more disastrous than individual governments making bad policy decisions. Having nearly 200 UN Member States making Internet policy in a top-down governments only setting would only multiply the badness of the bad ideas listed above. Do we really want China, Burma and Iran (just to mention a few) making decisions on what content we can consume or create?

Governments and Intergovernmental bodies are supposed to serve the public interest. Unfortuantely, they don't grok the Internet and their knee-jerk efforts are a threat to the Internet as we know it. They can best promote the public interest by NOT regulating the Internet.

By McTim, Internet policy and governance consultant

Related topics: Censorship, Cybercrime, DNS, DNS Security, Domain Names, Registry Services, ICANN, Internet Governance, IP Addressing, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

>"Breaking the Internet" is really hard to Charles Christopher  –  Dec 19, 2011 12:55 PM PDT

>"Breaking the Internet" is really hard to do. The network of
>networks is decentralized, resilient and has no Single Point
>Of Failure.

It's important to tease something out about those comments:

The internet is NOT Domain Names. The internet are the roads, domain names are the street signs. I can still travel from point A to point B without street signs IFF I know where I am and where I'm going without a 3rd party map.

Most people can't traverse the internet without that 3rd party map, and the entire domain name infrastructure is based on this reality.

Domain names ARE centralize, they ARE a single point of failure. Don't think so? Delete or mutilate this file and get back to me:

http://www.internic.net/zones/named.root

This is the de-facto centralization point of the internet. And without that centralization "Governmental Actions" become extremely difficult.

To say this is the way thing must be is an illusion. Many have split the root thus creating decentralized naming and "street signs" but it's not wide spread. Competing "roots" would return a decentralized internet, one more immune to "Governmental Actions".

Alt roots won't solve the problem of clueless lawmakers McTim  –  Dec 19, 2011 3:15 PM PDT

As Jon Postel once said: "A name indicates what we seek. An address indicates where it is. A route indicates how we get there."

The DNS by design is a decentralized hierarchical database, albeit with a canonical root.  If you "split the root" or run an alt-root and the contents of the rootzone are different than the "catholic root", then you have broken the Internet on purpose.  That's a risky strategy IMHO.

Even with an alt-root, you are still vulnerable to misguided governmental intervention. 

P.S. One can get root hints via ftp or even via dig from the rootservers:
dig +bufsize=1200 +norec NS . @a.root-servers.net

My primary motivation is the free flow Charles Christopher  –  Dec 28, 2011 1:21 PM PDT

My primary motivation is the free flow of communication on the internet. It is my feeling this is only possible through decentralization of the naming abstraction layer.

To lay people naming is the internet, regardless if they are aware of this self imposed illusion. The is a practical assumption on their part.

The nTLDs issue results in centralization of "remaining" TLDs into the hands of one single entity. It is clear "finalized" centralization of naming.

People here need to think very deeply about total centralization of naming under ICANN and what that means for "Government Actions". Especially at this point in history.

There are no perfect solutions, but as with investments of other types, putting all your money on one bet eventually will be a problem.

And nTLD expansion under ICANN is a bet that can only be made once ......

When ICANN expands TLDs across the keywords with greatest value, alternative roots will be far more difficult to implement do to ambiguities and no financial incentive to compete with an established TLD (AKA ICANN). Right now that problem does not exist, much opportunity exists as this is the perceived opportunity driving nTLDs at this moment (ICANN monopoly is executing on this opportunity). That fact alone is reason for ICANN to want to expand it's monopolistic TLD position, AKA continued CENTRALIZATION of "The Internet".

The centralization in turn supported by Governments as they have one single point to exert pressure on for their own benefits, as those that support their reelections ....

>If you "split the root" or run Charles Christopher  –  Dec 19, 2011 3:27 PM PDT

>If you "split the root" or run an alt-root and the contents of the rootzone are
>different than the "catholic root", then you have broken the Internet on purpose.

You are passing judgement on a technology, as government action in the OP.

As Jon Postel once said: "A name indicates what we seek. An address indicates where it is. A route indicates how we get there."

A different root is a different address, it is found in another location.

As a ICANN Registrar, I have no desire to dupicate current TLD and creating ambiguities. However, as a businessman, I am interested in true market competition.

I'm interested in the internet actually being decentralized, with MANY roots.

http://www.circleid.com/posts/splitting_the_root_its_too_late

Eh. John Levine was right there - and all of that can be done with the same set of roots we have Suresh Ramasubramanian  –  Dec 23, 2011 9:06 AM PDT

How or why is the alt root kool aid getting raked up in this day and age?

>How or why is the alt root Charles Christopher  –  Dec 28, 2011 1:16 PM PDT

>How or why is the alt root kool aid

Poisoning the Well:

http://www.nizkor.org/features/fallacies/poisoning-the-well.html

>getting raked up in this day and age?

Appeal to Common Practice:

http://www.nizkor.org/features/fallacies/appeal-to-common-practice.html

A voice of reason. Bravo and Antony Van Couvering  –  Dec 19, 2011 4:30 PM PDT

A voice of reason.  Bravo and thank you for the article.

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Public Interest Registry Announces Sunrise Period for New Internationalized Domain Names

General Availability Period for New .RED Top-Level Domain Opens

General Availability Period for New .BLUE Top-Level Domain Opens

General Availability Period for New .PINK Top-Level Domain Opens

New Chinese "Mobile" Top-Level Domain Now Available

New .KIM Domain Goes Live

Welcome .SHIKSHA! General Availability Now Open

Adrian Kinderis Appointed as Chair of Domain Name Association

Internet Reaches 271 Million Domain Names in the Fourth Quarter of 2013

Why We Decided to Stop Offering Free Accounts

Internet Business Council for Africa Participates at the EU-Africa 2014 Business Forum, Brussels

The Future of Chinese Domain Names (a Panel Discussion)

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

Tony Kirsch Announced As Head of Global Consulting of ARI Registry Services

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

Afilias Chairman Appointed to Domain Name Association Board

.BUILD Enters Landrush with Support of ARI Registry Services

Dyn Acquires Managed DNS Provider Nettica

Radix Awards Contracts for .website, .host, .space, and .press to CentralNic plc

DotConnectAfrica Statement Regarding NTIA's Intent to Transition Key Internet Domain Name Function

Sponsored Topics