Home / Blogs

Preserving ICANN's Independence Through Bold Action – Not Inaction

This week, the ICANN Board will vote on whether to approve the transfer of control of the .ORG domain to a private equity firm called Ethos Capital. This is a weighty decision for ICANN, since in order to approve the sale, it will have to convince itself that this is the right choice in the face of tremendous and widespread opposition, including from those who will be most affected by the sale. Over 800 nonprofit organizations have publicly objected, along with over 50,000 individual Internet users, representatives of several governments, two United Nations Special Rapporteurs on Freedom of Expression, and respected members of the Internet governance community. Recently, Xavier Becerra, the Attorney General of California — where ICANN is organized as a nonprofit — wrote to ICANN requesting a "no" vote on the change of control.

How should ICANN view Attorney General Becerra's letter? In a post to this site, Jonathan Zuck reminded us that "getting on the bad side of a state attorney general is never a good idea." All the more so when the attorney general is the regulating entity over you, as California's is over ICANN. At the same time, he wrote, ICANN allowing itself to be influenced by the Attorney General "undermines ICANN's independence and sets a bad precedent for the future."

I agree with Jonathan that ongoing government interventions would not be good for ICANN. After all, plenty of governments around the world seek more power to censor the Internet, and co-opting ICANN's authority over the domain name system is a path to growing that power. ICANN's independence from government control is hard-won. That's exactly why ICANN's Board should not take steps that cause regulators to be concerned that it's not taking its public interest charter seriously. We think that ICANN should vote to reject the transfer of the .ORG registry, based not on Attorney General Becerra's request but on the reason that the Attorney General felt compelled to write at all: the tremendous weight of the evidence and opinion ICANN has collected over the past months that this transfer is a bad idea, for the public interest and for the future health of the nonprofits that rely on a strong .ORG. Acting to protect the nonprofit community by rejecting the transfer would demonstrate to the Attorney General that ICANN is fulfilling its chartered purposes. Doing the right thing on the .ORG issue reduces ICANN's vulnerability to government interventions.

There's an undercurrent of opinion within ICANN that the way to maintain independence is to refuse government requests for action under any circumstances. In many cases, especially where the regulator is wrong or acting politically, that's the right approach. But it's the wrong strategy here. According to Gene Takagi, an attorney with NEO Law Group and Contributing Publisher of the Nonprofit Law Blog, "the California Attorney General has regulatory power to ensure that charitable assets are used for the purposes laid out in an organization's charter, and not purely for private benefit." And the .ORG registry agreement, under which ICANN delegates the right to run that registry, is quite a valuable asset.

In extreme circumstances, the Attorney General can involuntarily dissolve a nonprofit corporation that fails to carry out its purposes. But without going to that extreme, the state's regulators could audit ICANN's use of valuable resources, including its registry contracts — not a great scenario for any stakeholders.

No matter the perception, ICANN is not a law unto itself. It is neither a government nor an international organization established by treaty. It is a California nonprofit corporation. ICANN cannot avoid California law enforcement officials acting to make sure that ICANN is using its valuable registry agreements to further its mission, except by proactively and clearly staying true to that mission.

California takes remedial action against charitable trusts and public benefit corporations every year — corporations with far less impact than ICANN. That no such action has been directed to ICANN in the past 22 years is a testament to ICANN's good governance in pursuit of its mission so far. For example, in 2002, ICANN fulfilled a major purpose for which it was founded, by implementing the transfer of the .ORG registry from Verisign to the Internet Society, through the newly created Public Interest Registry. That transfer didn't involve ICANN passively acquiescing to a secretive business deal. It was, instead, the culmination of an open and public bidding process based on who could best protect the interests of nonprofit Internet users, not merely on who showed up with a bunch of cash. ICANN recently re-affirmed the importance of the 2002 criteria.

Following the strong objections of nonprofit Internet users and a marked lack of disclosure by PIR and Ethos, a rubber-stamp approval of the .ORG transfer, or an approval conditioned on token oversight that will be meaningless in practice, would only reinforce the conclusion that ICANN now considers itself unaccountable. It would also demonstrate that ICANN doesn't take its public interest commitments seriously. This is especially true given ICANN's refusal to disclose information to the Empowered Community about the .ORG transfer, shutting down the first invocation to date of that system of accountability. Approving the sale would also affirm the rising chorus of Internet users who fear that ICANN serves the interests of the largest registries and registrars at the expense of Internet users.

The sale of PIR to Ethos Capital risks selling out the interests of .ORG registrants, including millions of the world's most important NGOs. ICANN must stand up for the well-being of NGOs in this time of global crisis by denying the sale of their domain registry to private equity investors. Otherwise, the decision may be taken out of ICANN's hands. That would truly set a precedent that will harm NGOs and all Internet users in the long run.

By Mitch Stoltz, Senior Staff Attorney at the Electronic Frontier Foundation

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

You ain't seen nothing yet By Eliot Lear  –  Apr 30, 2020 12:31 am PDT

The EFF's panicked tones in light of barely any evidence has led to a mob mentality that has actually harmed your own interests.  You have pushed ICANN into an unenviable fight or flight position, where their only possible winning scenario is that they fight.

If they do not fight, or if they fight and lose, the international community may well decide that if there is to be government meddling at this level, the UN ought to do the meddling.  And if you think ICANN doesn't take into account the rights of individuals, you ain't seen nothin yet.  Think even such weak legislative protections as the GDPR will hold up in the face of other governments insisting on reveals?  Think again.  UN functionaries who are smacking their lips at this potential cash cow won't be paying attention to you, but to China, Russia, Saudi Arabia, and Iran.  Do you think they can do a better job of insuring the security and stability of the naming system, with all of their years of experience at all of this (read: zero)? 

But the fun doesn't stop there.  Without even having had the courtesy or wisdom to consult them, your misguided attacks on ISOC that you used in your fundraising materials will harm the organization that has focused on the very security and privacy EFF purports to protect: the IETF.  TLS, DoH, and QUIC are all standards used to protect individual security and privacy that were developed at the IETF, who now more than ever need their parent organization ISOC to help them weather the financial storm associated with COVID-19.

You may not like Ethos or how they were formed, or that they are for profit, or that they might charge $1 per year more for a domain, but that's no excuse to ignore the protections that already exist to protect the security and stability of the naming system in the unlikely event that Ethos doesn't perform.  Imagine just how strong a voice you'll have at the UN (consider how strong that voice is now, for reference).

And all of this assumes that somehow .ORG is a magical domain.  It's not.  It's three letters.  As it happens there are other letter combinations available.  Nothing stops the EFF and like-minded organizations from getting their own TLD.  Go for it.  Let's see how many not-for-profit registries will help you.  Hint: .ORG isn't managed by ISOC day to day.

Add Your Comments

 To post your comments, please login or create an account.

Related

Topics

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias

Whois

Sponsored byWhoisXML API

Brand Protection

Sponsored byAppdetex

Cybercrime

Sponsored byThreat Intelligence Platform

New TLDs

Sponsored byAfilias