Home / Blogs

ICANN and Attorneys General: Ends, Means and Unintended Ends

“For although the act condemns the doer, the end may justify him…”
— Niccolò Machiavelli, Discourses: I, 9

In a move, unprecedented in scale, ISOC moved to sell PIR, the registry for .ORG, to a for-profit entity which intends, in turn, to convert PIR into a for-profit entity itself. This move has, understandably, raised concerns from around the Internet community and cast a bright light on ICANN, the nature of its contracts with Registries and the responsibilities of the ICANN Board. There are domain investors, concerned primarily about price hikes, there are nonprofits which, while concerned about prices, are far more concerned about registrant rights to privacy and freedom of speech. As the Vice Chair for Policy of the At-Large Advisory Committee (ALAC), I've tried to navigate a consensus involving ALL of those parties because of our diverse membership. Ultimately, as the representative of "individual end user" interests, the At-Large community is most concerned with the relative trustworthiness of the ORG space and the implications of profit-driven marketing of domains. We have made our concerns clear in submissions both to Ethos and to the ICANN Board along with recommendations for a new contract which, we believe, mitigate those risks.

However, I write, today, wearing the hat of a prominent figure in the so-called IANA Transition that cut the final thread of control that the US Government enjoyed over ICANN's development. Following a two-year effort by a cross-community working group, the ICANN Board enshrined, into the bylaws, an accountability framework to minimize the risk it would go off the rails without USG oversight. Included in the new community powers are the ability to challenge a board decision with a new and improved IRP, veto the budget and even go so far as to replace the board. One such mechanism involves budgetary disclosure and was, unfortunately, misapplied by the ASO in the context of the PIR debacle. To date, the community has not reached consensus on the ideal outcome of the deal, the Board has not made its own decision about the path forward and none of the new Empowered Community mechanisms have been employed.

The, as yet, unused escalation path of the ICANN Accountability Framework

Consequently, after an initial "oh yeah!" I've become troubled about the way in which California Attorney General Xavier Becerra has weighed in. Having fought hard for our independence, the first notion of some is to run back to their government, and that should give us all pause. Becerra sent a letter urging ICANN to reject the sale of .ORG, saying, "There is mounting concern that ICANN is no longer responsive to the needs of its stakeholders." And he sent a clear warning that ICANN better take heed: "This office will continue to evaluate this matter and will take whatever action necessary to protect Californians and the nonprofit community."

That is a troubling threat to ICANN because the nonprofit organization is incorporated in California, and getting on the bad side of a state attorney general is never a good idea.

But this should trouble more than ICANN. What Becerra has done is signal that, instead of an avenue of last resort, in legal matters, he's the de facto arbiter of ICANN's decision making and policies. Today, it's the .ORG sale. Tomorrow it could assert itself into ICANN's privacy policies or compel changes to Internet standards that may unwittingly help foreign governments, including China.

If he succeeds in influencing the .ORG decision, Becerra establishes himself, perhaps unknowingly, as the new "Supreme Court" of ICANN (in fact, obviating the need for any kind of trial or appeals!). And that opens the door to mischief. For example, if a corporation doesn't like a pending ICANN decision, all it will need to do in the future is appeal to the attorney general, a politician, to try and stop it.

No doubt as attorney general of the state in which ICANN is incorporated, Becerra has a legitimate interest in the organization's compliance with laws. But influencing ICANN's business decisions undermines ICANN's independence and sets a bad precedent for the future.

Even those who oppose the .ORG sale or want greater protections as requested by the Noncommercial Stakeholders Group and the ALAC, should be wary of what this portends. It opens a door where ICANN could succumb to pressure to revise its privacy policies for registrars and registries to comply with California law — or face scrutiny over its nonprofit status.

This precedent would set ICANN back a decade and make the California state attorney general's office the go-to place to influence policy. Anybody who knows me knows that I have been a persistent watchdog on ICANN accountability. It must and should be held accountable for the decisions it makes. But for ICANN to be successful, it must be independent. Let ICANN work. Let the Empowered Community work. Whatever our intended "ends," the consequences of these "means" are deeply disturbing.

By Jonathan Zuck, Executive Director at Innovators Network Foundation – Jonathan is a widely known and respected leader in the technology industry. As a professional software developer and IT executive with more than 15 years of experience, he brings an insider's perspective to his role as Executive Director of the Innovators Network Foundation. Visit Page

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

Zuck is right: California AG has the wrong approach By Steve DelBianco  –  Apr 27, 2020 1:20 pm PDT

Jonathan's post is exactly right.  Those pushing California's AG into putting the squeeze on ICANN risk causing more damage to global Internet freedom than the sale of PIR ever could have. 

In 2016, Zuck and I were among those testifying in the US Congress in favor of terminating ICANN's legacy links to the US Commerce Department, because we needed a strong and independent ICANN to withstand pressure from governments and the United Nations.  And we said ICANN should remain a California non-profit, with bylaws that strengthened multi-stakeholder community powers over the organization.  At the time, plenty of critics insisted ICANN should be moved outside of the US, and the actions of California's AG are making those critics look prescient now.

Truth is, opponents of the PIR sale would have been more effective by approaching the AG of Pennsylvania, where PIR is based and where the deal would have to be approved.  Instead, by encouraging California to intervene, ICANN’s legitimacy has been needlessly jeopardized in a dispute that has very little to do with the critical services that ICANN provides to the Internet.

ICANN Is Not Sovereign By Anthony Rutkowski  –  Apr 27, 2020 3:59 pm PDT

All legal persons are incorporated somewhere and are accountable under the law of the jurisdiction to its government authorities.  The Internet Corporation for Assigned Names and Numbers (C2121683) exists as a § 501(c)(3) domestic nonprofit corporation operating pursuant to its articles of incorporation.  The Office of the Attorney General of California has a broad range of duties that include oversight of its corporations.

ICANN does not exist as an some kind of independent sovereign.  The Attorney General's letter makes it clear why his office is intervening, why it investigated ICANN's conduct, why it determined the transfer "raises serious concerns," and why that its action is appropriate. 

Furthermore, the IPR and services that ICANN manages were developed by the U.S. Federal government, and massively paid for by U.S. citizens for decades.  The management of those assets over the past 30 years have progressed through a sequence of bad decisions.  They are by any measure, public assets that were conveyed to ICANN by the U.S. government to manage as a private § 501(c)(3) corporation performing a fiduciary duty.  The Office of the California Attorney General is now holding ICANN accountable, and it gets to decide what is consonant with that duty, not ICANN itself or you. You are not sovereigns.

There is no longer a sovereign By Jonathan Zuck  –  Apr 27, 2020 11:50 pm PDT

Thanks for your thoughts Anthony. I recall the debates around the IANA transition and remember saying that "attempting to exercise control, where none exists, results only in a loss of influence," and I still believe that today. The very nature of the internet is such that sovereignty will forever be difficult. That said, the CCWG recognized (and most welcomed) the ultimate authority of the AG to resolve disputes that could not be resolved inside of the ICANN structure. However, it was always considered a venue of last resort, when the multi-stakeholder model had seemed to fail. Enshrined in the bylaws are the legal basis for an intervention given a disregard of the empowered community.  There's a process for lodging a concern and a detailed process of escalation for the empowered community confronting a rogue board. Once that process had failed to reach a successful conclusion, the AG could easily rule that the bylaws had been violated by the organization and could intervene. It was never the intention for the the AG to pick and choose battled early on and place a finger on the scale. The role of the AG is to enforce the bylaws, not his heavily lobbied, opinion of what the outcome should be. By exerting a "substantive" role, he unwittingly becomes the conduit for ALL decision making within ICANN and that, my friend, is a situation that the international community will not long suffer.

Drinking Your Own CoolAid By Anthony Rutkowski  –  Apr 28, 2020 4:47 am PDT

As my history of this subject in the CircleID article as well as the CRC Handbook chapter note, what we are dealing with here is a relatively trivial names and numbers registry activity long maintained as a government function that was serendipitously aggrandized and sold as "governance" because of political necessity that existed 23 years ago.  I had the dubious honor of writing the original Articles of Incorporation when it was still being called NewCorp and incorporated in Delaware with a simple management structure, but Ira wanted something grander modeled after his previous healthcare proposal.  Prior to that, a considerable array of people wanted the activity undertaken as an ITU function like countless other identifiers that Nation State Members handle using a cost-based public interest model.  For the previous 30 years, the activity was actually maintained by DARPA and NSF contractors.

The point is, many instantiations of this activity have existed and are possible.  Furthermore, the importance of these identifiers has significantly diminished with large-scale alternative resolution systems already in existence and alternative network identifiers that will vastly expand in a 5G virtualization world.  Even one of the major figures in the DNS world has moved on with alternative platforms and organization structures.  Why anyone would offer a billion dollars for an increasingly marginalized identifier domain used by non-profit organizations should be raising its own concerns.

The Office of the California Attorney general, like the concerned Members of Congress, are simply performing oversight activities they have a duty to perform for all entities under their jurisdiction.  Sovereign States and Nations are not going away anytime soon, and indeed seem more significant than ever.

So the bottom line here is that it is no longer 1997.  ICANN and the tiny slice of the networking universe it deals with is on a rapid trajectory to irrelevance, and whatever "international community" is engaged in its activities will move on.  ICANN will be curious blip on a historical timeline spanning the past 170 years of networking names and numbers.  The ICANN CoolAid here is masking the real world.

Remember Al Capone By Carlos Raul Gutierrez  –  Apr 28, 2020 1:31 pm PDT

I don't share Zuck's choice of the quotes from the Becerra letter. What I remember from Becerra's letter is that if you have been a successful non-profit for many years, and you have spent wisely your "excedents" for years instead of paying taxes, if one day you change your mind and want to become a for-profit, there is a huge tax liability behind you may have to face..... But well, I guess anybody can cut out any section of the Becerra letter of their choice. At least 5 members of the ICANN Board may be considering if the want to vote on the issue at all, because the last footnote of the Becerra letter also speaks of possible conflicts of interest. In any case, a substantial letter indeed.

no back taxes By Jonathan Zuck  –  Apr 29, 2020 10:52 am PDT

It's true that "reserves" would start getting taxed but there wouldn't be any kind of back taxes. There aren't very large reserves at the moment because all of the money has been going to ISOC. Perhaps I misunderstand your comment.

ICANN's multi stakeholder model has become a By Kevin Ohashi  –  Apr 29, 2020 4:43 am PDT

ICANN's multi stakeholder model has become a farce. The accountability mechanisms are not working. The .ORG and .COM deals are symptom of the capture of ICANN. There was near universal dissent against these deals and they pushed through and it seemed like nobody was going to stop them.

Thankfully the California AG is actually looking out for the best interests of a group broader than registry operators. If ICANN wants to stay independent it should actually serve the broader community and listen to the tens of thousands of people who express interest in issues that impact them. But they haven't, and here we are.

We should be thankful someone in power is able to actually intervene on behalf of the broader constituency of internet users.

You and Steve both worked for lobbying organizations which took money from VeriSign (you both were associated with NetChoice, and your organization ACT also took money from VeriSign). It's bizarre that someone who used to lobby for the most profitable registry operator are dissenting this issue in unison. Is this a threat to ICANN or your former(?) client? If .ORG gets rolled back, maybe the .COM deal gets investigated as well? Does a lack of real oversight favor registries over consumers?

Too funny By John Berryhill  –  Apr 29, 2020 12:27 pm PDT

Nearly any proposition one wants to argue within the ICANN community can be advanced by one of these propositions:

1.  ICANN must do [what I want] or else government authorities will make demands.

or

2. If ICANN caves to government demands, then it will lose the value of balanced consensus for [what I want] reached in the multi-stakeholder model.

What's entertaining is when you can see the same individuals hop from one foot to another, as the prerogatives of their masters demand.

Not THAT funny... By Jonathan Zuck  –  Apr 29, 2020 1:14 pm PDT

John, thanks for the comment. I agree completely. Even though we in the At-Large have raised several concerns about the transition of PIR and still await resolution of those issues, I was concerned about the process in place having spent two years of my life coming up with an accountability framework for the organization. This is an area where a little bit of consistency can go a long way!

CFIUS filing and review By Anthony Rutkowski  –  Apr 30, 2020 12:21 pm PDT

If Ethos is incorporated in Mauritius, a CIFIUS filing, review, and approval might be necessary.  Did that occur?

Add Your Comments

 To post your comments, please login or create an account.

Related

Topics

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias

Whois

Sponsored byWhoisXML API

New TLDs

Sponsored byAfilias

Domain Names

Sponsored byVerisign

Cybercrime

Sponsored byThreat Intelligence Platform

Brand Protection

Sponsored byAppdetex