In the latest development from the World Conference on International Telecommunications, a new "compromise proposal” has been leaked to wcitleaks.org. This proposal is certainly no compromise, as it not only is a bald faced power grab by the sponsors (Russia, UAE, China, Saudi Arabia, Algeria, Sudan at this point), but shows a stunning lack of comprehension of how the Internet works and how it is currently governed. It also shows that the coalition of Civil Society groups and private sector organisations that have focused on WCIT have been correct all along. There are UN Member States that would like nothing better than to take over the Internet to control content and to try and remake it in the image of the international telephony system.
The most egregious of the paragraphs in this proposal refer to routing, naming and addressing, to wit:
(management of Identification resources)
31B 3A.2 Member States shall have equal rights to manage the Internet, including in regard to the allotment, assignment and reclamation of Internet numbering, naming, addressing and identification resources and to support for the operation and development of basic Internet infrastructure.
This is either completely meaningless or incredibly dangerous to the day to day operation of the current Internet depending on interpretation. If one considers that Member States already have "equal rights" to participate in the current Internet governance regime (some would say they have more than equal rights given the exalted position of the GAC inside ICANN), then this is redundant text that should be removed. However, a more pernicious interpretation is that the ITU would entirely replace the existing institutions that have been responsible for naming and addressing with a completely intergovernmental model.
Why they have proposed this seeming non-starter is anybody's guess, as no mechanism exists for nation states to force the naming and addressing bodies to hand over responsibilities to an intergovernmental body. In fact there are contracts, policy documents and MoU's in place that would absolutely prevent it. The authors and the ITU staff who helped edit this proposal surely know this (and if they don't know, that in itself shows willful ignorance of how the current system works).
Seemingly, some of the Arab States who saw their previous proposal to form an intergovernmental Regional Internet Registry sent to a Working Group to die a quiet death are thinking that proposing direct control of Internet numbering resources is a good second choice. ICP-2 is the document that precludes the ITU from forming their own RIR (they could actually do it if it only served Antarctica but that isn't an attractive option for the ITU), so they have proposed:
31F 3B.1 Member states have the right to manage all naming, numbering, addressing and identification resources used for international telecommunications/ICT services within their territories.
Not only is this a complete rejection of the current system, but it is completely unworkable idea. Say for example I have registered a .ug domain name (which I have), but the webserver is located in the USA. Is that .ug domain name used for international telecommunications/ICT services within the USA or is it used in Uganda? The answer is both, but no one would suggest that the .ug ccTLD be managed by the USA. Nevertheless, that is what 31F 3B.1 says! Another example is that Autonomous System numbers (inter-domain routing identifiers) frequently cover multiple countries or regions, so who gets to "manage them" when they are used by routers in many nations to determine where to send traffic??
In terms of routing, the proposal introduces much more unworkable ideas:
30 3.3 Operating agencies shall determine by mutual agreement which international routes are to be used. A Member State has the right to know the international route of its traffic where technically feasible.
1/7 1.4 In cases where one or more international routes have been established by agreement between administrations/operating agencies and where traffic is diverted unilaterally by the administration/operating agency of origin to an international route which has not been agreed with the administration/operating agency of destination,the terminal shares payable to the administration/operating agency of destination shall be the same as would have been due to it had the traffic been routed over the agreed primary route and the transit costs are borne by the administration/operating agency of origin, unless the administration/operating agency of destination is prepared to agree to a different share.
Currently routers forward packets based on economic choices made by the owner of that router. The two modifications above change that paradigm completely, giving Nation States the ability to control the choice of provider networks that packets transit. In addition, if an ISP tries to skirt these "toll booths", they still have to pay for traffic that would have transited the "agreed" network. In other words, even though a provider did not receive service from a provider, they still have to pay for services they didn't receive! This would seem counter-intuitive to most people, but when you understand that there is no mechanism built in to the current routing protocol to count traffic in this way, it enters the realm of the absurd.
Fred Baker, Adrian Farrel and Benoit Claise have written an excellent primer on routing for regulators at WCIT, which it seems none of the authors of this proposal have read. In it they conclude by saying:
"Maybe increased connectivity between ASes through IXPs will magnify the
benefits of Internet connectivity, will attract more local online business, and
provide a significant economic stimulus as larger percentages of the population
are able to get on line. Perhaps these benefits will go some way to offset the lost
revenues from the declining legacy telephone systems. What is the for sure is
that using DPI to monitor and charge VoIP calls in the same old way ... will
simply not work!"
Internet infrastructure (IXPs, submarine and other fiber builds, data centers, etc.) have developed outside of a treaty body. Internetworking is done between networks, not between Member States. Trying to retrofit the Internet to include toll-booths and points of governmental control at this point is self-defeating. During the last revision of the ITRs, revenue from international voice calls were the golden eggs laid by the telephony golden goose, but the Internet has disrupted that model to the point where the ITRs are an anachronism that is no longer of great utility. Ultimately, it will be end-user customers of the affected businesses that will pay the price for the type of folly.
Of course, some cynics suspect this "compromise text" is a tactical ploy in a much longer game, that diplomats are human and don't want to be seen as the cause of a failed international treaty conference, that the USA and its "Hands Off the Internet" allies will tire of saying "No" and eventually relent to some of their bad ideas. It's also possible that the USA will throw Russia a bone in hopes of getting their cooperation in other areas of international relations (think Syria).
This proposal shows that those who were concerned about the agenda of some ITU Member States and the Secretariat were right. They are out to take over the Internet, they just weren't honest about it. The ITU does useful work in, inter alia, spectrum and satellite slot allocation. They should stick to those tasks and if they really want to help spread the edge of the network to the billions who don't yet have access, perhaps they should focus on access issues instead of asserting intergovernmental control over things they clearly don't understand.
William S. Burroughs wrote "Paranoia is just having the right information". It turns out that the folk who have had great concerns about WCIT over the last year were not paranoid, they just had the right information.
By McTim, Internet policy and governance consultant
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines
Neustar DDoS Protection
Neustar DNS Services