Home / Blogs

The ETNO Proposal: Unintended Consequences

McTim

In the run up to the WCIT negotiations in December, the most talked about proposed change to the ITRs (International Telecommunications Regulations) is the ETNO proposal. Most of the discussion centers around the clause;

"For this purpose, and to ensure an adequate return on investment in high bandwidth infrastructures, operating agencies shall negotiate commercial agreements to achieve a sustainable system of fair compensation for telecommunications services and, where appropriate, respecting the principle of sending party network pays."

Much of the discussion has focused on how this would deter innovation, hamper start-ups and make Internet access much more expensive. Overlooked thus far are the unintended consequences of how this proposal will affect the Content Distribution Network (CDN) industry while simultaneously making cybercrime much easier.

CDNs store content for their customers in various PoPs around the globe to ensure faster delivery to eyeball networks. It's a useful and sustainable business model, as CDN provide valuable services that folks are willing to pay for. However, if the ITRs are amended to include "sending party network pays" will these CDNs be seen as the sending party and therefore be asked to pay for delivery of their customer's content thus making their services more expensive to their customers or will they be seen as simple intermediaries, and the source of the content be seen as the sending party? It is conceivable that carriers would even try to "triple dip" with sending party pays, receiving revenue from subscribers, CDNs and content providers for the same traffic.

In the (hopefully) unlikely event that the ITRs are amended with a sending party pays clause, the answer to the above question would be in the details of the implementation. As well as the above direct threat to the CDN business model, there are indirect threats as well. CDNs place their PoPs inside eyeball networks (or at IXPs) whenever possible. With sending party pays, carriers would no longer have an incentive to host CDN PoPs within their networks, as they would not receive revenue if content was already cached inside the carriers network. This would result in greater latency, jitter and bandwidth consumption globally.

CDN deployment (which is especially useful in the developing world) would come to a halt in such a scenario. As an example, in recent years Google has put in Google Global Cache machines at a number of IXPs and in ISPs networks in Africa (and elsewhere). This has resulted in order of magnitude (or lager0 growth in network traffic at these African IXPs. This is "local content" in the sense it does not need to come from the US or the EU on expensive international links. These deployments are positive step for the development of the Internet in Africa, but if ISPs can make more money by removing them, it is hard to see why they would keep a GGC on their network.

It is much easier to foresee how exactly a "sending party network pays" could make the life of cybercriminals much easier and more profitable. If a botnet herder wanted to make some quick extortion cash from a network provider, all they would have to do is to threaten to send loads of traffic from a network to a variety of providers. It's conceivable that some ISP would accede to the demands of bot-herders or even collude with them to have traffic terminate on their network.
It would be trivial for even "script kiddies" to direct their "zombies" on a targeted network to cause network traffic to increase from the target (much as they do today with DDOS attacks) but this would be the inverse, where traffic flows out of the network which means that network pays. While this is certainly an "innovative business model", I suggest it is not one that is in the public interest.

The ETNO proposal is a bad idea for a variety of reasons, not least of which is the threat to legitimate business models and the promise of illegitimate ones. I would rather see ETNO members fix their own business models if they are not sustainable.

By McTim, Internet policy and governance consultant

Related topics: Access Providers, DDoS, Internet Governance, Telecom

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Domain Name .Africa Faces Hurdles - Q&A with Sophia Bekele

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

3 Questions to Ask Your DNS Host About DDoS

Afilias Director Wins ICANN's 2014 Leadership Award

Neustar to Build Multiple Tbps DDoS Mitigation Platform

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

DotConnectAfrica Contributes at the 9th IGF in Istanbul, Turkey

Nominum Announces Future Ready DNS

Video Interviews from ICANN 50 in London

ICANN London Recap Webinar

DotConnectAfrica Delegates Attend the Kenya Internet Governance Forum

3 Questions to Ask Your DNS Host about Lowering DDoS Risks

Sophia Bekele Weighs in on Obama's August US-Africa Leader Summit at the NYF Africa

4 Minutes Vs. 4 Hours: A Responder Explains Emergency DDoS Mitigation

Tips to Address New FFIEC DDoS Requirements

DotConnectAfrica's Expert Selected to Attend the Hague Institute of Global Justice

DotConnectAfrica Delegates Attend the KHRC Internet & Human Rights Breakfast Roundtable in Nairobi

Smokescreening: Data Theft Makes DDoS More Dangerous

Internet Business Council for Africa Participates at the EU-Africa 2014 Business Forum, Brussels

Sponsored Topics

dotMobi

Mobile

Sponsored by
dotMobi
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Afilias

DNSSEC

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign