Home / Blogs

ICANN Fails Consumers (Again)

Garth Bruen

In its bid to be free of U.S. government oversight ICANN is leaning on the global multistakeholder community as proof positive that its policy-making comes from the ground up. ICANN's recent response to three U.S. senators invokes the input of "end users from all over the world" as a way of explaining how the organization is driven. Regardless of the invocation of the end user (and it must be instinct) ICANN cannot seem to help reaching back and slapping that end user across the face.

At the Marakesh meeting, the community took the historic step of endorsing the CCWG statement. In the interests of full disclosure, in my role as an At-Large Advisory Council member, I voted in favor of the ccwg statement. The terms of the statement are an important step and I trust the representatives who authored it. Part of this document is dedicated to placing consumer trust in the bylaws. However, the issue will always be whether or not ICANN will internally adhere to policy or keep its promises.

Starting with the basics, ICANN is a nonprofit public benefit corporation which caries inherent obligations to the public. The public interest is a cornerstone of the ICANN bylaws, which guide ICANN's actions. In terms of specifics, ICANN is now conducting a mandated review of Consumer Trust which includes DNS Abuse as a detailed part of the agenda. In terms of resources ICANN has pledged $700,000 to its pending Consumer Safeguards function in the current budget .

As active participants in ICANN policy advice, At-Large representatives want to know what all this really means in practice, how it is being implemented, how the results are measured, etc. How ICANN talks to or listens to consumers is in question. In order to understand the history of this issue, please consider the following:

In 2014 ICANN's CEO pledged to hire a Consumer Safeguards Director to take the lead on issues of Consumer Trust at ICANN. ICANN never hired such a person and at the Dublin meeting this author and regional At-Large representative attempted to get ICANN compliance to demonstrate how their mission of consumer trust could be achieved. The answer was a flat rejection of any responsibility for consumer trust.

This lead to an official letter to ICANN's CEO, in part, requesting information about the hiring of a Consumer Safeguard's director.

ICANN responded in a letter which stated, in part:

...we have identified and are engaging with promising candidates and we are optimistic that we will be able to fill this position, or announce that we have settled on a candidate, by the ICANN 55 meeting in Marrakech.

This of course sounded like good news, but the idea that ICANN could be "engaging with promising candidates" seems all but impossible for reasons explained below. Of course, by the Marrakech meeting we were anxious to hear about their new hire. On Tuesday ALAC met with ICANN compliance to get an update on their hire. We were told that unfortunately they had not found the right candidate yet even though they had interviewed several candidates. We wondered at how they were searching for candidates and asked for a copy of the job description or where the opening was posted since we could not find it on the ICANN website. Compliance promised to share the job description with ALAC.

On Wednesday of the meeting ALAC met with the ICANN Board and we planned on discussing Consumer Trust along with several other critical items. The following is my statement and questions on the various issues:

A clear definition of Consumer Trust may be elusive and difficult to make agreeable to all parties, but this is why it is important to aggressively pursue tangible results for the benefit of the whole community.

18 months or so ago, the outgoing CEO announced ICANN would create and staff a Consumer Safeguard Director. This post is still empty and we have asked about this in meetings and formal letters. We have been told about budget issues, problems finding the right candidate. I understand the usual difficulties, but the lack of results on this creates the appearance of a lack of passion and attention. External observers might assume consumer trust is simply not a priority. In general there is no clear space where ICANN is speaking directly to consumers in terms of content.

ALAC members speak directly to consumers. They ask us what is going on? In lieu of having real movement like the hiring of a consumer safeguards director. What can I show the consumer as proof that ICANN is making consumer trust a priority?

There were two core issues on the gibbet: 1) the specific issue of a staff position focused on consumer trust and 2) the general interpretation of consumer trust at ICANN. Their answers on both issues have disappointing and profound.

The response to issue #1 comes board vice chair, Bruce Tonkin. The term "consumer trust" is derived directly from the Affirmation of Commitments agreement, which Tonkin acknowledges but proceeds to dismiss the expected meaning of consumer trust. From Tonkin's perspective "ICANN's mission is only in allocating Internet identifiers," and this is what the term "consumer trust" refers to according to Tonkin. To put plainly, the consumer can trust that the Internet will function in terms of domain routing and not much else. This is the digital equivalent of keeping the trains on time, but fraud, theft, extortion, and harassment that might occur on the train are not their problem. ICANN is a pipe-fitter, if the water is poisonous and toxic, not their problem.

Then, we again hear the reminder that ICANN is "not the content police" which had absolutely nothing to do with the questions asked. Asking what steps ICANN is taking to make consumer trust a priority cannot be dismissed as a "content issue". Within Tonkin's explanation of how consumer trust fits into the AoC it seems to be written of an a "idea", "something we looked at". Consumer Trust is nothing but a whisper, it does not exist in the way an Internet user might think it does.

Tonkin then points to ICANN Compliance as they "make sure ICANN follows up on complaints". This is where the train goes completely off the rails. In attempting highlight where the consumer can find trust it is a logical fallacy to point to ICANN Compliance. The Compliance department of ICANN is an unmitigated disaster when it comes to earning the consumer trust.

What happened next left many in the room in a state shock, but was not particularly surprising. Tonkin calls ICANN Compliance Director Alan Grogan up to the microphone to explain the situation with the lack of an ICANN Consumer Safeguards Director. First, he explains the general difficulties in finding the right candidate, but then strangely admits they do not have a job description and are at loss to know how to write one. Wow. It is impossible to understand how ICANN could have found and interviewed candidates for a position that has no job description.

The ALAC also asked me yesterday if I would share with them any job description that was provided to the candidates that we've previously interviewed. Since I met with the ALAC yesterday, I've confirmed that there was no HR job description in writing that was provided to those candidates.

The situation defies logic.

So, for the purposes of understanding this better, bellow I have provided some edits to some ICANN statements:

ICANN's inclusive approach treats the public sector, the private sector, and technical experts as peers (but not consumers).

We are committed to creating a broader and more regionally diverse base of knowledgeable constituents (but not consumers).

The idea is that Internet governance should mimic the structure of the Internet itself- borderless and open to all (but not for consumers).

All points of view receive consideration on their own merits (except those of consumers).

ICANN's fundamental belief is that all users of the Internet deserve a say in how it is run (with the exclusion of consumers).

In summary, (according to Tonkin) ICANN does not have obligations to the consumers beyond keeping the trains running on time, and even if a consumer could find a valid complaint, ICANN has no capacity to define the problem or address it because it is unable to hire or even provide a job description for a Consumer Safeguards Director. This is all completely contradictory to what ICANN professes in its public face. In short, we have volumes of statements from ICANN on public interest but a hard stop on tangible action.

The larger problem

Tonkin makes it very plain in his view at the AoC only applies to new gTLDs, therefore the wispy shadow of Consumer Trust, if there is any at ICANN, does not apply to legacy TLDs. As an exercise, let us accept Tonkin's view for a minute. According to the AoC, ICANN was supposed to ensure issues of consumer trust be adequately addressed prior to implementation of the new gTLDs. The new gTLDs are off and running but there is no Consumer Trust regime and no staff person assigned to it. Tonkin also misses the more specific definition of Consumer Trust here which includes an obligation for ICANN to mitigate malicious abuse issues in the DNS, which is why DNS Abuse is part of the pending review. DNS Abuse issues, not "content" issues.

It is my hope that with coming changes ICANN we can create a true consumer agenda and not just talk. If ICANN is going to include "end users from all over the world" when citing its authority, it better start listening to the consumer for real.

By Garth Bruen, Internet Fraud Analyst and Policy Developer. More blog posts from Garth Bruen can also be read here.

Related topics: Cyberattack, Cybercrime, DNS Security, Domain Names, ICANN, Internet Governance, Law, Malware, Policy & Regulation, Spam, Top-Level Domains, Web

 
   
WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

ICANN operates like the mafia, BECAUSE IT Louise  –  Jan 09, 2017 3:27 AM PST

ICANN operates like the mafia, BECAUSE IT IS THE MAFIA. When are you going to wake up?

Prefect example of consumer view... Garth Bruen  –  Jan 09, 2017 6:52 AM PST

This comment and multiple comments like it exemplify ICANN's failure to establish trust with the consumer. And because it's not the warm and fuzzy supportive feedback the expect (and often demand) it is routinely ignored which increases negative sentiment and confirms the consumer's belief that ICANN operates for self-interest. Will be part of teleconference I have with ICANN staff later today. Thanks.

contact at ICANN? Steve Sybesma  –  Jan 13, 2017 12:18 PM PST

I scanned the post for a telltale '@' that gives an email address.

Is there someone at ICANN we can complain to about this?

Thanks Garth,

Steve

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Michele Neylon Appointed Chair Elect of i2Coalition

Neustar to be Acquired by Private Investment Group Led by Golden Gate Capital

Startup League Reports from WebSummit, Lisbon

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

.SPACE Becomes the Choice of the First Ever Space Nation Asgardia

Government Guidance for Email Authentication Has Arrived in USA and UK

Afilias Chairman Jonathan Robinson Wins ICANN's 2016 Leadership Award at ICANN 57

MarkMonitor Supports Brand Holders' Efforts Regarding .Feedback Registry

Don't Gamble With Your DNS

8 Tips to Find Your Perfect .COM Domain Name

Why .com is the Venture Capital Community's Power Player

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

The .cancerresearch TLD: Search for Cure Drives Digital Innovation

New TLD? Make Sure It's Secure

Radix Launches Startup League at TechCrunch

Celebrating One Year of .online

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

LogicBoxes Launches the New Elite Reseller Program

Sponsored Topics

Port25

Email

Sponsored by
Port25
Verisign

Security

Sponsored by
Verisign
Afilias

DNS Security

Sponsored by
Afilias
Afilias - Mobile & Web Services

Mobile

Sponsored by
Afilias - Mobile & Web Services