After a slight delay, Jurimetrics has finally published my latest law review article, “Soft Law in U.S. ICT Sectors: Four Case Studies.” It is part of a major symposium that Arizona State University (ASU) Law School put together on “Governing Emerging Technologies Through Soft Law: Lessons For Artificial Intelligence” for the journal. I was 1 of 4 scholars invited to pen foundational essays for this symposium. Jurimetrics is a official publication of the American Bar Association’s Section of Science & Technology Law.

This report was a major undertaking that involved dozens of interviews, extensive historic research, several events and presentations, and then numerous revisions before the final product was released. The final PDF version of the journal article is attached.

Here is the abstract:

Traditional hard law tools and processes are struggling to keep up with the rapid pace of innovation in many emerging technologies sectors. As a result, policy­makers in the United States rely increasingly on less formal “soft law” governance mech­anisms to address concerns surrounding many newer technologies. This Article explores four case studies from different information technology areas where soft law mechanisms have already been utilized to address governance concerns. These four sectoral case stud­ies include domain name management, content oversight, privacy policy, and cyberse­curity matters. After considering the various soft law mechanisms used to address those issues, the Article concludes with some general thoughts about the effectiveness of those approaches and what lessons those case studies might hold for the use of soft law in other emerging technology sectors and contexts.

Today on Capitol Hill, the House Energy and Commerce Committee is holding a hearing on the NTIA’s recent announcement that it will relinquish its small but important administrative role in the Internet’s domain name system. The announcement has alarmed some policymakers with a well-placed concern for the future of Internet freedom; hence the hearing. Tomorrow, I will be on a panel at ITIF discussing the IANA oversight transition, which promises to be a great discussion.

My general view is that if well executed, the transition of the DNS from government oversight to purely private control could actually help secure a measure of Internet freedom for another generation—but the transition is not without its potential pitfalls.

The NTIA’s technical administration of the DNS’ “root zone” is an artifact of the Internet’s origins as a U.S. military experiment. In 1989, the government began the process of privatizing the Internet by opening it up to general and commercial use. In 1998, the Commerce Department created ICANN to oversee the DNS on a day-to-day basis. The NTIA’s announcement is arguably the culmination of this single decades-long process of privatization.

The announcement also undercuts the primary justification used by authoritarian regimes to agitate for control of the Internet. Other governments have long cited the United States’ unilateral control of the root zone, arguing that they, too, should have roles in governing the Internet. By relinquishing its oversight of the DNS, the United States significantly undermines that argument and bolsters the case for private administration of the Internet.

The United States’ stewardship of the root zone is largely apolitical. This apolitical approach to DNS administration is precisely what is at stake during the transition, hence the three pitfalls the Obama administration must avoid to preserve it.

The first pitfall is the most serious but also the least likely to materialize. Despite the NTIA’s excellent track record, authoritarian regimes like Russia, China, and Iran have long lobbied for the ITU, a clumsy and heavily politicized U.N. technical agency, to take over the NTIA’s duties. In its announcement, the NTIA said it would not accept a proposal from an intergovernmental organization, a clear rebuke to the ITU.

Nevertheless, liberal governments would be wise to send the organization a clear message in the form of much-needed reform. The ITU should adopt the transparency we expect of communications standards bodies, and it should focus on its core competency—international coordination of radio spectrum—instead of on Internet governance. If the ITU resists these reforms at its Plenipotentiary Conference this fall, the United States and other countries should slash funding or quit the Union.

ICANN’s Governmental Advisory Committee (GAC) presents a second pitfall. Indeed, the GAC is already the source of much mischief. For example, France and Luxembourg objected to the creation of the .vin top-level domain on the grounds that “vin” (wine) is a regulated term in those countries. Brazil and Peru have held up Amazon.com’s application for .amazon despite the fact that they previously agreed to the list of reserved place names, and rivers and states were not on it. Last July, the U.S. government, reeling from the Edward Snowden revelations, threw Amazon and the rule of law under the bus at the GAC as a conciliatory measure.

ICANN created the GAC to appease other governments in light of the United States’ outsized role. Since the United States is giving up its special role, the case for the GAC is much diminished. In practice, the limits on the GAC’s power are gradually eroding. ICANN’s board seems increasingly hesitant to overrule it out of fear that governments will go back to the ITU and complain that the GAC “isn’t working.” As part of the transition of the root zone to ICANN, therefore, new limits need to be placed on the GAC’s power. Ideally, it would dissolve the GAC.

The third pitfall comes from ICANN itself. The organization is awash in cash from domain registration fees and new top-level domain name applications—which cost $185,000 each—and when the root zone transition is completed, it will face no external accountability. Long-time ICANN insiders speak of “mission creep,” noting that the supposedly purely technical organization increasingly deals with trademark policy and has aided police investigations in the past, a dangerous precedent.

How can we prevent an unaccountable, cash-rich technical organization from imposing its own internal politics on what is supposed to be an apolitical administrative role? In the long run, we may never be able to stop ICANN from becoming a government-like entity, which is why it is important to support research and experimentation in peer-to-peer, decentralized domain name systems. This matter is under discussion, among other places, at the Internet Engineering Task Force, which may ultimately play something of a counterweight to an independent ICANN.

Despite these potential pitfalls, it is time for an Internet that is fully in private hands. The Obama administration deserves credit for proposing to complete the privatization of the Internet, but we must also carefully monitor the process to intercept any blunders that might result in politicization of the root zone.

The Internet began as a U.S. military project. For two decades, the government restricted access to the network to government, academic, and other authorized non-commercial use. In 1989, the U.S. gave up control—it allowed private, commercial use of the Internet, a decision that allowed it to flourish and grow as few could imagine at the time.

Late Friday, the NTIA announced its intent to give up the last vestiges of its control over the Internet, the last real evidence that it began as a government experiment. Control of the Domain Name System’s (DNS’s) Root Zone File has remained with the agency despite the creation of ICANN in 1998 to perform the other high-level domain name functions, called the IANA functions.

The NTIA announcement is not a huge surprise. The U.S. government has always said it eventually planned to devolve IANA oversight, albeit with lapsed deadlines and changes of course along the way.

The U.S. giving up control over the Root Zone File is a step toward a world in which governments no longer assert oversight over the technology of communication. Just as freedom of the printing press was important to the founding generation in America, an unfettered Internet is essential to our right to unimpeded communication. I am heartened to see that the U.S. will not consider any proposal that involves IANA oversight by an intergovernmental body.

Relatedly, next month’s global multistakeholder meeting in Brazil will consider principles and roadmaps for the future of Internet governance. I have made two contributions to the meeting, a set of proposed high-level principles that would limit the involvement of governments in Internet governance to facilitating participation by their nationals, and a proposal to support experimentation in peer-to-peer domain name systems. I view these proposals as related: the first keeps governments away from Internet governance and the second provides a check against ICANN simply becoming another government in control of the Internet.

The forum has largely been overtaken by discussion of ICANN’s move to organize a new Internet governance coalition. ICANN representatives have had both open- and closed-door meetings to push the proposal, but there are still many questions that have not been adequately answered.

One important question is about the private discussions that have led to this. The I-stars came out at least nominally aligned on this issue, though there is speculation that they are not all totally unified. Over drinks, I mentioned to an ICANN board member that it rubs a lot of people in civil society the wrong way that the I-stars seem to have coordinated on this in private. He replied that I was probably assuming too much about the level of coordination. If that’s the case, then I wonder if we will hear more from the other I-stars about their level of support for ICANN’s machinations.

More basically, we still don’t know much about the Rio non-summit. It will be in Rio, it will be in May, there will be some sort of output document. But we don’t know the agenda, or the agenda-setting process, or even the process for setting an agenda-setting process.

And strategically, we don’t know how the Brazil meeting is going to affect all of the other parts of the take-over-the-Internet industry in the coming year. The CWG-Internet happens next month, and they will take up Brazil’s proposal from the WTPF. But since Brazil is positioning itself as a leader in this new process (and aligned with ICANN now), what will they try to get at the CWG? WTDC is in March-April. And of course the Plenipot will be in the fall next year. If the Brazil summit is perceived to have failed in any sense, will that make the battle at Plenipot even more intense?

Also, whose idea was it to have a gala without alcohol?

As expected, today at 1pm there was a packed, off-the-books meeting facilitated by the “I-star” organizations (ICANN, ISOC, IETF, and a bunch of groups that don’t begin with I). The purpose of the meeting was to build support for a new Internet governance “coalition.” The argument is that because of the NSA’s global surveillance programs, the US is losing support for its perceived leadership on Internet governance. In order to avoid greater governmental or intergovernmental intrusion into the Internet, the technical community, as signaled in the Montevideo statement, must go on the offensive and create an alternative to such intrusion.

This argument is controversial, to say the least. To what extent does the “offensive” entail creating a top-down institution to deal with Internet policy issues? Neither the technical community nor civil society wants government to be in charge of the Internet, but the technical community (especially ICANN) seems much more comfortable with top-down non-governmental control. I worry that ICANN is going to become increasingly government-like. In any case, we are witnessing a small but historic rift between civil society and the technical community, which have always been on the same side in the war to keep governments off the Internet.

Even if ICANN’s argument makes a kind of sense, it may be reckless to pursue it in the proposed way. It’s now looking like there will be a don’t-call-it-a-summit in Rio in early May, hosted by the Brazilian government, to discuss these issues. Even if ICANN has good reason to believe that Brazil is negotiating in good faith, there is always the possibility that Brazil gets what it wants in the end. They are not likely to just roll over.

I’m open to the idea that we need an affirmative answer to the question of Internet policy institutions. But I’d feel a lot more comfortable if such institutions evolved bottom-up rather than emerging from a grand push, organized secretly by some members of the technical community, to create an alternative. Hopefully with the creation of the new coalition mailing list, everything can be done out in the open from here on out.

Day 1 of the Internet Governance Forum is in the books, and everyone is talking about what will happen on Day 2. Brazil recently announced that it will host a meeting on Internet governance in April. Tomorrow, ICANN is hosting a meeting at 1pm to explain how the April meeting will work.

Everyone that I’ve talked to in the hallways has brought up the meeting in April. No one is quite sure what to expect.

On one hand, Brazil has been part of the coalition that is pushing to do more Internet governance at the ITU. On the other hand, ICANN seems to be a willing participant in Brazil’s scheme. The recent “Montevideo Statement,” issued by various Internet organizations, called for globalizing the IANA function, which means at a minimum removing the US’s special role of maintaining the domain name system’s root zone file.

ICANN wants independence from the US government, and Brazil wants ICANN to be independent from the US government (and possibly dependent on the ITU), so this makes them allies for now.

Bizarrely, NSA surveillance continues to be cited as a reason for Brazil’s actions, although of course the IANA function has nothing to do with surveillance. The IANA issue is mostly about status. Other governments seem to feel slighted by the US’s control of the root zone file.

In any case, tomorrow we may know slightly more about ICANN and Brazil’s schemes.

On Sunday, the New York Times ran a story by Natasha Singer on the ongoing generic top-level domain (gTLD) expansion. Singer correctly notes that there is a great deal of skepticism that the new gTLDs will add social value. After all, what is the social value of .book when there is already .book.com?

Singer also raises cultural, expression, and competition concerns:

There’s a larger issue at stake, however. Advocates of Internet freedom contend that such an expanded address system effectively places online control over powerful commercial and cultural interests in the hands of individual companies, challenging the very idea of an open Internet. Existing generic domains, like .net and .com, overseen by Verisign Inc., a domain registry, have an open-use policy; that means consumers can buy domain names ending in .com directly from retail registrars like GoDaddy. With a new crop of applicants, however, Icann initially accepted proposals for closed or restricted generic domains, a practice that could limit competing views and businesses.

It’s true that there is concern over “closed generics,” but I think there is a deeper problem than anti-competitiveness that could emerge from TLD expansion.

Suppose that, as anticipated, TLD registries are able to restrict the scope of the sites that can use their domain name. For example, Google intends to restrict .app to uses related to (Android?) applications. These restrictions could make a great deal of economic sense—owning a .app domain name could function as a certification of a certain level of quality.

Putting aside any anti-competitive concern, restricted TLDs raise the question of who, exactly, is the final arbiter. Let’s suppose that Google rejects an application for a .app domain name for whatever reason. Can the rejected applicant appeal? And to whom?

Google is a Delaware corporation based in California. ICANN is incorporated in California. I can imagine lawsuits in Delaware or California over domain name rejections.

But the scarier possibility is that ICANN will try to resolve these disputes internally, possibly with input from its Governmental Advisory Committee (GAC). This would be problematic because the GAC is not known for its adherence to any sort of rule of law.

If GAC intervention in .app doesn’t worry you, consider the .gay TLD. At least one vision of .gay is as a safe online space for the global gay community. Suppose that the .gay registry, after winning its bid and publicly setting out content guidelines, rejects sites that engage in hate speech against gays. If disputes over such rejections end up in the GAC, then that could be disastrous, as countries like Saudi Arabia and Iran have objected to the mere existence of the .gay TLD.

We can debate whether restricted TLDs should be allowed in the first place, but we should all agree that if they are, the GAC should have no role in policing the content restrictions that registries impose to maximize the value of the namespace. The last thing we need is the world’s governments making policy about expression online.

ICANN is meeting in Durban, South Africa this week, and this morning, its Governmental Advisory Committee, which goes by the delightfully onomatopoetic acronym GAC, announced its official objection to the .amazon top-level domain name, which was set to go to Amazon, the online purveyor of books and everything else. Domain Incite reports:

The objection came at the behest of Brazil and other Latin American countries that claim rights to Amazon as a geographic term, and follows failed attempts by Amazon to reach agreement.

Brazil was able to achieve consensus in the GAC because the United States, which refused to agree to the objection three months ago in Beijing, had decided to keep mum this time around.

The objection will be forwarded to the ICANN board in the GAC’s Durban communique later in the week, after which the board will have a presumption that the .amazon application should be rejected.

The board could overrule the GAC, but it seems unlikely.

This is a loss for anything resembling rule of law on the Internet. There are rules for applying for new generic TLDs, and the rules specifically say which geographic terms are protected. Basically, anything on this list, known as ISO 3166-1 is verboten. But “Amazon” is not on that list, nor is “Patagonia;” .patagonia was recently withdrawn. Amazon and Patagonia followed the rules and won their respective gTLDs fair and square.

The US’s decision to appease other countries by remaining silent is a mistake. The idea of diplomacy is to get countries to like you so that you can get what you want on policy, not to give up what is right on policy so that other countries will like you. I agree with Milton Mueller, whose bottom line is:

What is at stake here is far more important than the interests of Amazon, Inc. and Patagonia, Inc. What’s really at stake is whether the Internet is free of pointless constraints and petty political objections; whether governments can abuse the ICANN process to create rights and powers for themselves without any international legislative process subject to democratic and judicial checks and balances; whether the alternative governance model that ICANN was supposed to represent is real; whether domain name policy is made through an open, bottom-up consensus or top-down by states; whether the use of words or names on the Internet is subject to arbitrary objections from politicians globalizing their local prejudices.

As I noted here a few days ago, the Federal Communications Commission held a workshop on Tuesday about “Speech, Democratic Engagement, and the Open Internet.”  It was a shockingly one-sided affair with the deck being stacked almost entirely in favor of advocates of Net neutrality regulation. Worse yet, those advocates shamelessly made up spooky stories about a future of “private censorship” that could only be remedied by using the First Amendment as a club to beat private players into submission. The token opposition at this Chicken Little circus was Robert Corn-Revere, a Partner at the law firm of Davis Wright Tremaine LLP in Washington, D.C.   Bob set the record straight–both in terms of baseless accusations that were flying that day as well as the revisionist histories of the First Amendment that were being put forward. I’m happy to report that Bob allowed PFF to reprint his remarks as a new white paper entitled, “The First Amendment, the Internet & Net Neutrality: Be Careful What You Wish For.”

In his essay, Corn-Revere discusses the relationship between the First Amendment and regulatory policy, particularly the treatment of new communications technologies, and he warns that government regulation of broadband networks could “provide the vehicle for advancing new First Amendment theories for media regulation” and online speech and expression more generally.  “It should not be forgotten,” he argues, “that the federal government’s initial impulse was to censor the Internet and to subject it to a far lower level of First Amendment protection. It pursued this agenda for more than a decade but was blocked by a series of First Amendment rulings.”  The Communications Decency Act and the Child Online Protection Act are just two notable examples. Luckily, the courts determined that “the open Internet would be at great risk if the government is allowed to exercise such power,” he notes, and they struck down such laws.

But we must be vigilant in defending our free speech rights, Corn-Revere warns. He notes that, “the constitutional ramifications of the network neutrality debate extend far beyond the question of whether the FCC should or should not adopt a given set of rules. On a doctrinal level the question is whether technological convergence should also lead to regulatory convergence, where the least common denominator of First Amendment protection becomes the governing rule.”

“The First Amendment, the Internet & Net Neutrality: Be Careful What You Wish For” is available on the PFF website and can also be viewed down below in a Scribd document reader. I want to also recommend that everyone take a look at the brief remarks that FCC Commissioner Robert McDowell delivered at the opening of that FCC event that Corn-Revere spoke at. “Efforts to advance ‘First Amendment values’ through additional government regulation risks turning over two hundred years of First Amendment jurisprudence on its head,” McDowell rightly argued. And that’s also consistent with the outstanding address delivered last week by Kyle McSlarrow, President & CEO of the National Cable & Telecommunications Association, on the same issue, in which he correctly noted that, “the First Amendment is framed as a shield for citizens, not a sword for government.” “By its plain terms and history, the First Amendment is a limitation on government power, not an empowerment of government,” McSlarrow said.

Thank God a few people in this town are still taking a stand for the real First Amendment.

Robert Corn-Revere Remarks at FCC Workshop on Speech and Democracy http://d1.scribdassets.com/ScribdViewer.swf?document_id=24208240&access_key=key-2h2o9rho7g9qr414utqi&page=1&version=1&viewMode=list

Here in Washington, DC we’re finally experiencing a changing of the seasons. The summer heat is retreating as cool , autumn air invades. It’s a changing of the guard–just like what’s happening to ICANN with today’s expiration of its oversight by the U.S. government. Only its a spring-like blossoming for ICANN.

The Department of Commerce has allowed the JPA to expire, thus completing the transition of DNS management to ICANN.  There were many skeptics that wanted to give ICANN more time to develop permanent mechanisms for true accountability.  Others were concerned about the threat of capture, especially on hearing proposals from the United Nations and European Commission to assume control over a newly-independent ICANN.

Over at the NetChoice blog, Steve DelBianco says that we should be pleasantly surprised to see the new Affirmation of Commitments unveiled by ICANN today, because it does much to address both of those concerns. It creates review mechanisms for accountability, new domains, and domains in non-Latin characters (IDNs).

These new “review teams” could bring to ICANN something similar to the ‘official review’ we have for football and tennis.  For close, controversial decisions, this framework could help ICANN to correct a bad call and get back on-track.  I can see a couple of areas where these new review teams can have an impact right away: I’m glad to see that the security review team has a forward-looking focus on making sure the DNS stays up 24-7, around the world, even under increasing security threats and a major expansion of top-level domains. The review team for competition and consumer choice might finally get ICANN to get its registrars to fulfill the role they were designed for: to offer consumers a choice of all top level domains—not just the ones that a registrar prefers to sell.

So it seems more like a Spring-like flowering than a Fall dropping of the leaves. ICANN gets independence, plus there’s a balanced framework that brings all governments into the oversight process alongside private sector stakeholders, with a sharpened focus on security and serving global internet users.

Louis XVI

Americans often quote, or allude to, the French expression ” Le Roi est mort, vive le Roi!” But few realize that this apparent paradox was meant quite literally by the French:From its first official proclamation in 1422 upon the coronation of Charles VII to 1774, when Louis XV finally died, the term expressed the abstract constitutional concept that sovereignty transfered from the old king (the first “Le Roi“) to the new king (the second  “Le Roi“) the very instant the old king died. Thus, France was literally never without a king until until the monarchy was finally dis-established in early 1793. When Louis XVI was guillotined later that year, his death was acclaimed simply with “Le Roi est mort!“

Tomorrow, September 30, ICANN’s Joint Project Agreement with the Department of Commerce finally terminates. “ Le JPA est mort!” But a new agreement (the “Affirmation”) will take its place, apparently providing more accountability than the JPA ever did. Vive l’Affirmation! There may come a day when, like Louis XVI, ICANN’s JPA-like agreement with Commerce terminates and nothing is there to replace it, but that day has not yet come.

Grant Gross has a great piece on this new agreement. Grant extensively quotes my PFF Adjunct Fellow (my ICANN mentor and former ICANN board member) Mike Palage, who explained that the JPA’s successor (JPA II?):

will tell [ICANN] what it should do, but it can’t legally bind them [much like past agreements]… It gives the appearance in the global community that the U.S. government has recognized that ICANN has done what is was supposed to do. What it’s also doing is … it’s putting in some accountability mechanisms.”

Yet Palage expressed concern about the new agreement:

Now while the devil will be in the detail, the only concern I have is that the private sector be on equal footing with the public sector in being able to hold ICANN accountable… If ICANN is to remain a public-private partnership that is founded on the principles of openness, transparency, inclusiveness, accountability and bottom-up coordination, then both the private and public sectors should have equal confidence in the accountability mechanism available to them.

Mike explained how to choose the “Right Path to a Permanent Accountability Framework” in a PFF paper in August, and has explained a clear vision for ICANN 3.0.

PFF Adjunct Fellow Mike Palage led this extraordinary discussion of ICANN’s origins, evolution and future with four of ICANN’s “Founding Fathers”: Milton Mueller (author of Ruling the Root), law professor David Johnson, ICANN’s first CEO Mike Roberts and then ICANN CEO Paul Twomey. In particular, the group discussed ICANN’s mission, governance structure, and accountability; the difficult issue of new generic Top Level Domain names (gTLDs) and trademark concerns; and ICANN’s future relationship with the U.S. government. Be sure to check out the handy ICANN Glossary on page 33. The audio can be downloaded here.

Here’s the transcript (PDF):

My PFF colleague Mike Palage just released a paper about a series of recent applications for national trademark rights in terms that correspond to likely strings for new top-level domain names, or TLDs, (e.g., “.BLOG”). These attempts highlight just one way in which ICANN’s new generic TLD (gTLD) application process is likely to be “gamed.” But it is also a strategy to which some trademark holders may feel compelled to resort to defend their rights to that string. Unfortunately, it does not appear that ICANN is addressing these important public policy considerations. In fact, based upon some of the provisions in the proposed draft registry agreements, it appears that ICANN staff’s actions may increase, rather than decrease, the ambiguity that opens the door to such gaming of the system.

http://d.scribd.com/ScribdViewer.swf?document_id=17847370&access_key=key-17v70dtd7qa1zrmq3z6x&page=1&version=1&viewMode=list

PFF Adjunct Fellow Mike Palage, who served on the ICANN board from 2003 to 2006, filed these comments (PDF) on the NTIA’s recent Notice of Inquiry regarding ICANN’s future.  Mike’s four key points were as follows:

1. ICANN’s Periodic Review of its internal operations and supporting organizations has failed, and has become nothing more than a “perpetual motion machine of public comments and documentation producing no meaningful results.” Only a second Evolution and Reform Process can solve ICANN’s current deficiencies;
2. ICANN must hardcode into its policies and its contracts the principle that its policies cannot supersede national laws;
3. ICANN must cease any operational role in technical infrastructure as required by its bylaws and focus instead on its mission as a technical coordinator; and
4. Congress must avoid “kicking the JPA can down the road” and instead provide much-needed leadership by creating a solid foundation for ICANN 3.0 in legislation after proper consultation with the Government Accountability Office.

I’ve been working closely with PFF Adjunct Fellow & former ICANN Board member Michael D. Palage on ICANN issues.  Michael had this to say about the ongoing saga of ICANN’s attempt to create new gTLDs.

During the recent ICANN Board meeting in Mexico City, the Board authorized the creation and funding of an Implementation Recommendation Team (IRT).  This team was to be comprised of “an internationally diverse group of persons with knowledge, expertise, and experience in the fields of trademark, consumer protection, or competition law, and the interplay of trademarks and the domain name system to develop and propose solutions to the overarching issue of trademark protection in connection with the introduction of new gTLDs.” This IRT is tasked to produce a report for consideration by the ICANN community at the Sydney meeting.

The IRT consists of 24 members:

• Chairwoman Caroline G. Chicoine; and
• Seventeen members; and
• Six ex officio members:  Four IPC-elected officers and two-GNSO elected Board Directors (Bruce Tonkin and Rita Rodin Johnston).  

I have a number of friends and colleagues serving on this team and I wish them well in their important endeavor.

I’ve previously proposed a number of rights-protection mechanisms that IRT should consider.  Today, I offer a few suggestions that I hope will guide IRT as they embark on their important work tomorrow.  In particular, I hope they’ll implement some of my suggestions intended to make the IRT process more transparent-so the rest of the global Internet can follow along with their important work and provide constructive input where possible.

By Mike Palage,  PFF Adjunct Fellow & former ICANN Board  Member

TPI’s Tom Lenard and Larry White released a study yesterday entitled ICANN at a Crossroads:  A Proposal for Better Governance and Performance (PDF).  ICANN is, indeed, at a crossroads:  A number of critical Internet governance issues will be decided over the next 6-12 months-such as:

• How to roll out new gTLDs like .BLOG, which I’ve discussed here and here (PDF).
• ICANN’s future as an increasingly independent organization, which I’ve discussed here. 

There is an acute need to better educate the public and policymakers about these complex issues and about how ICANN works-something that will be addressed by my upcoming primer on ICANN.  For that reason, I welcome TPI’s contribution to this important debate about the future of the Internet.  I share TPI’s concerns about the inadequacy of mechanisms currently in place to ensure ICANN’s accountability and the absence of any checks on ICANN’s ever-expanding budget. 

But I strongly disagree with TPI’s conclusion that:

ICANN should remain a nonprofit organization, but it should be governed by and accountable to its direct users: the registries and the registrars.  The seats on ICANN’s board could be rotated among the major operators in a manner that would reflect the diversity of viewpoints among the registries and registrars.

Having worn many hats in the ICANN eco-system-as a consultant for both registries and registrars and as a business user and IP attorney-I must say that adopting this model of direct-user control would be suicidal for ICANN.  Filling the ICANN Board with registries and registrars would create at least the appearance of a cartel, allowing those opposed to ICANN’s underlying model of public/private-partnership to capture the organization.  Neither capture by private interests opposed to the “public” part of the model nor a counter-attack by those who object to the “private” part of the model would be a good thing for Internet users or ICANN stakeholders.

Having invested over 10 years of my life in ICANN’s diverse and inclusive public/private partnership model, I speak from first-hand experience that ICANN is far from perfect as an organization.  I’ve often feared that ICANN is heading in the wrong direction and I’ve never hesitated to say so. But despite these shortcomings, the various stakeholders I work with in the seemingly byzantine “ICANN process” remain as committed as ever to the principles set forth in NTIA’s 1998 White Paper as the foundations of Internet governance.  The staying-power of this shared belief in a common set of principles among all stakeholders reaffirms my faith in the public/private partnership-whatever other changes need to be made.

Lenard and White are right about one thing:  We do need a new model for ensuring ICANN’s accountability after the expiration of ICANN’s current relationship with the U.S. Government.  But the model they suggest isn’t it—as Steve Delbianco has pointed out.

Former Washington State Governor Gary Locke will likely face some grilling questions at his confirmation hearing tomorrow in the Senate. But will he face any questions about the future of the Internet?

Senators will likely grandstand over the census, the bailout, and the AIG bonuses. The future of Internet governance, however, will surely be sacrificed at the altar of politics. But as my colleague Mark Blafkin writes in his blog post,  Al Gore may have invented the Internet, but the next Secretary will have a large role in determining its future:

As part of the Joint Project Agreement (JPA), the Department of Commerce is set to sever its agreement to backstop the Internet Corporation for Assigned Names and Numbers (ICANN) at the end of the year.  While the Department of Commerce plays no role in the day-to-day management of the Internet, it has played an important role in both holding ICANN accountable for its promises regarding private sector-leadership, and protecting ICANN from institutional capture.  We should be thinking about asking these questions:

• Before the U.S. Government gives up oversight of ICANN, how do you believe the security of the core infrastructure of the Internet can be protected? For example, should NTIA agree to ICANN’s plan to take over all security management for the Internet root zone?
• How will ICANN’s accountability be ensured in the absence of Department of Commerce oversight – especially accountability to the private sector stakeholders?
• If ICANN is fully privatized, what can be done to protect ICANN from capture by foreign governments or the United Nations, which has asserted its own right to manage “Critical Internet Resources” – not the private sector?

These questions are of interest to many in the Internet governance community, if not Commerce Committee.

ICANN has just released a second draft of its Applicant Guidebook, which would guide the creation of new generic topmore generic top-level domains (gTLDs) such as .BLOG, .NYC or .BMW. As ICANN itself declared (PDF), “New gTLDs will bring about the biggest change in the Internet since its inception nearly 40 years ago.”  PFF Adjunct Fellow Michael Palage and former ICANN Board member addressed the key problems with ICANN’s original proposal in his  paper ICANN’s “Go/ No-Go” Decision Concerning New gTLDs (PDF & embedded below), released earlier this week.

ICANN deserves credit for its detailed analysis of the many comments on the original draft which Mike summarized back in December.  ICANN also deserved credit for addressing two strong concerns of the global Internet community in response to the first draft:

• ICANN has removed its proposed 5% global domain name tax on all registry services, something Mike explains in greater detail in his “Go/No-Go” paper.
• ICANN has commissioned a badly-needed economic study on the dynamics of the domain name system “in broad.” But such a study must address how the fees ICANN collects from specific user communities relate to the actual costs of the services ICANN provides. The study should also consider why gTLDs should continue to provide such a disproportionate percentage of ICANN’s funding—currently 90%—given increasing competition between gTLDs and ccTLDs (e.g., the increasing use of .CN in China instead of .COM).

These concerns are part of a broader debate:  Will ICANN abide by its mandate to justify its fees based on recovering the costs of services associated with those fees, or will ICANN be free to continue “leveraging its monopoly over an essential facility of the Internet ( i.e., recommending additions to the Internet’s Root A Server) to charge whatever fees it wants?”  If, as Mike has discussed, ICANN walks away from its existing contractual relationship with the Department of Commerce and claims “fee simple absolute” ownership of the domain name system, who will enforce such a cost-recovery mandate?  

But ICANN simply “kicked the can down the road on the biggest concern”: how to minimize abusive domain name registrations ( e.g., cybersquatting, typosquatting, phishing, etc.) and reduce their impact on consumers. ICANN seems only to have made a vague promise to engage in additional outreach and consultation on this problem.  But Mike has proposed a number of potential solutions that are narrowly tailored to protect brand holders while respecting the fair use rights of other, including: 

• A Rebuttable Reserve Names List that would minimize the need for defensive registrations of marks that have been subject to abusive registrations by freezing registration of domain names (e.g., DELTA.AIR) that precisely correspond to those marks (e.g., Delta Airlines’ “Delta” trademark)  for the 60 days leading up to the opening of a new TLD (e.g., .AIR)—although anyone can rebut this presumption upon making a fair use showing under existing UDRP principles.
• An Expedited Domain Suspension Policy, either  as a new policy, or an amendment to the existing UDRP, that would provide a faster and more cost-effective remedy for abusive domain name registrations on an ongoing basis, but only for marks that have been registered with a national trademark authority (or the equivalent thereof).
• A Uniform Proxy Registration Policy governing the use of proxy services that substitute their own contact information for the registration’s information in the Whois database; such baseline practices and safeguards would reduce abuse that could harm legitimate users while preserving the option of proxy registration for privacy-sensitive users.

Washington Internet Daily (subscription-only) reports that:

ICANN is also rethinking its timeline for launching the gTLD application process, it said. There will be a third draft guidebook, making it unlikely applications will be accepted before December, it said. The new draft leaves provisions on four major issues – security and stability, malicious misconduct, trademark protection and demand/economic analysis of the need for new gTLDs – unchanged pending further discussion, ICANN said. Comments are due April 13. 

PFF wil continue to respond to ICANN’s call for comment to promote responsible expansion of the domain name space.  Here’s Mike’s paper (click on the rectangle-in-rectangle button at the top right to maximize the iPaper viewer):

I’ve been working closely with PFF’s new Adjunct Fellow Michael Palage on ICANN issues.  Here is his latest note , from the PFF blog.

ICANN recently proclaimed that the “Joint Project Agreement” (one of two contractual arrangements that ICANN has with the U.S. Department of Commerce (DoC) governing ICANN’s operations) will come to an end in September 2009. ICANN’s insistence on this point first became clear back in October 2008 at ICANN’s Washington, D.C. public forum on Improving Institutional Confidence when Peter Dengate Thrush, Chair of ICANN’s Board declared:

the Joint Project Agreement will conclude in September 2009. This is a legal fact, the date of expiry of the agreement. It’s not that anyone’s declared it or cancelled it; it was set up to expire in September 2009.

ICANN’s recently published 2008 Annual Report stuck to this theme:

“As we approach the conclusion of the Joint Project Agreement between the United States Department of Commerce and ICANN in September 2009…” – His Excellency Dr. Tarek Kamel, Minister of Communications and Information Technology, Arab Republic of Egypt

“Concluding the JPA in September 2009 is the next logical step in transition of the DNS to private sector management.” – ICANN Staff

“This consultation’s aim was for the community to discuss possible changes to ICANN in the lead-up to the completion of the JPA in September 2009.” – ICANN Staff

ICANN’s effort to make the termination of the JPA seem inevitable is concerning on two fronts. First, ICANN fails to mention that the current JPA appears to be merely an extension/revision of the original 1998 Memorandum of Understand (MoU) with DoC, which was set to expire in September 2000. Thus, because the JPA does not appear to be a free-standing agreement, but merely a continuation of MOU-as Bret Fausset argues in his excellent analysis of the relationship between the MoU and the JPA (also discussed by Milton Mueller). Therefore, it would be more correct to talk about whether the “MoU/JPA”-meaning the entire agreement as modified by the most current JPA-will expire or be extended.

Although previous MoUs with the USG have been extended, ICANN seems to be playing a game of chicken with the USG-hinting that it will not extend the current MoU/JPA if ICANN believes that it has completed its mission. Since it seems possible that ICANN really might walk away from the MoU/JPA without global stakeholder consensus that it has fully completed its obligations under the MoU/JPA, it is critical that we think about the consequences of such a unilateral move by ICANN. ICANN would likely argue that the bilateral contracts it has in place with registry operators-from which ICANN has carefully removed most references to the USG in recent years-provide a sufficient legal basis for ICANN to continue its current operations without direct USG oversight.

Some stakeholders have expressed concern about the idea of ICANN not being directly held accountable to any government entity, but ICANN appears to have attempted to preemptively address this concern, when it acknowledged in its 2008 Annual report that “[t]he California attorney general is the legal overseer of California nonprofit public benefit corporations such as ICANN.”

With the future stability and security of the Internet hanging in the balance, a neutral third party ought to analyze the current existing relationship between the USG and ICANN- before ICANN decides in September 2009 whether to renew the MoU/JPA or walk away. The General Accounting Office (GAO) is the ideal candidate for such a task, given its well-established reputation for independent analysis and prior experience studying these matters-especially its detailed 2000 analysis of the early stages of DoC’s relationship with ICANN.

In conducting a new study, GAO ought to consider the following issues:

• Since the original 2000 GAO report on ICANN, ICANN’s annual budget has skyrocketed to more than $60 million. That budget is set to grow significantly once ICANN begins accepting applications for new gTLDs on a large scale: Using ICANN’s own projections of new gTLD applicants and the minimum fees that will be assessed suggests that ICANN’s budget will soon exceed $100 million. As ICANN’s budget grows, one must ask: Are these fees-paid by largely gTLD registrants, registrars, and registries-consistent with the GAO’s conclusion in its 2000 report that ICANN is limited to recovering only actual costs (because “ICANN is a project partner with the Department under the memorandum of understanding, and it is the Department’s policy to allow project partners to recover only actual project costs”)?

• If ICANN walked away from the MoU/JPA without the USG formally acknowledging that ICANN had successful fulfilled its obligations under the agreement, would ICANN be able to rely upon its existing contracts with registry operators to continue collecting fees?

• In its 2000 report, the GAO asked whether the DoC “had the authority to transfer control of the authoritative root server to ICANN.” The GAO did not definitively answer this question, but concluded that it was “uncertain whether transferring control would involve the transfer of government property to a private entity” thus giving rise to implications involving the Property Clause of the U.S. Constitution (Art. IV, § 3, cl. 2.), which requires statutory authority for the disposal of government property.

• GAO investigated, but did not resolve, whether or not an act of Congress would thus be required to transfer control of the root server to ICANN. But GAO did not undertake the same analysis as to whether the contractual rights associated with the top-level domains themselves constituted “government property” requiring Congressional action for any to transfer to ICANN. This may have been because U.S. courts had, at that time, held that domain names were not “property” in general, but simply a contractual right to a service provided by the registration authority. But potentially changed with the Ninth Circuit’s 2003 decision in Kremen v. Network Solutions concerning sex.com. Thus, if the GAO concludes that ICANN’s gTLD contracts with registry operators involve property rights and that statutory authority would be required for the DoC to transfer these rights to ICANN, it is difficult to see how ICANN would be able to enforce these rights if ICANN ended its relationship with the USG as a project partner by walking away from the MoU/JPA-regardless of ICANN’s success in removing references to the USG in these contracts.

These are just some of the initial questions the GAO needs to answer well before September 2009, independent of whether the USG and ICANN decide to extend the MoU/JPA. The stakes are just too high for these questions to remain unanswered.

The intrepid Chris Soghoian has turned up an important wrinkle in Google’s services. Google pulled his AdWords ad pointing out AT&T’s campaign contributions to an Indiana politician after AT&T lodged a trademark complaint about it.

Trademark law is for preventing confusion about the source of goods and services. There is no possibility that Chris’ ad would confuse consumers in this way. He’s not providing telecommunications services, and his ad didn’t suggest it. Chris’ use of “AT&T” did not violate AT&T’s trademarks.

The subject matter of Chris’ ad is an important part of our national discourse, and something people should be able to run ads about on a platform like Google. It would be, well, evil, to kick small public policy advocates to the curb in favor of big corporations.

A company like Google is in a tough spot, of course, trying to adjudicate trademark claims at scale. But it is not acceptable to treat trademark complaints as proven just for having been submitted.

Google should take some steps to make its process more fair, such as by allowing advertisers to respond to a trademark complaint before Google acts on it. Much of the process could be automated, and it could explain to both sides what trademark rights include – and what they don’t. If after a few automated steps, the two remained at loggerheads, Google employees could take a look to see whether the claim or the response were meritorious. (A trained monkey could have determined that Chris’ ad is not a trademark violation.)

In close cases, Google should leave it to the parties to resolve, while it works in the courts to generate a substantive body of law that service providers in the position of Google are not properly liable for the trademark infringements of users. (My brief pitch for common law findings of “no liability” in such situations – as opposed to statutory protections like CDA section 230 – starts at minute 22 of this video.)

Would these ideas increase Google’s cost and potential liability? Yes, some. But Google should embrace those costs as it educates its users, employees, courts, and – most important – trademark holders about what trademark does and does not do.

Kudos to Chris for his tenacity. Google, fix this.

The Progress & Freedom Foundation has just launched the new Center for Internet Freedom.  CIF offers an alternative to the proliferation of advocacy groups calling for government intervention online by offering timely analyses and critiques of proposals that diminish the vital role of free markets, free speech and property rights.  We aim to drive the Internet policy debate in new directions by emphasizing a layered approach of technological innovation, user education, user self-help, industry self-regulation, and the enforcement of existing laws consistent with the First Amendment.  Such an approach is a less restrictive—and generally more effective—alternative to increased regulation.  

Here are some of the issues I’ll be working on as CIF’s Director in conjunction with my esteemed colleagues Adam Thierer, Adam Marcus, and adjunct fellows: 

• Defending online advertising as the lifeblood of online content & services, especially in the “Long Tail”;
• Emphasizing market solutions to problems of privacy protection, especially regarding the use of cookies and packet inspection data;
• Protecting online speech and expression both in the U.S. and abroad;
• Defending Section 230 immunity for Internet intermediaries;
• Opposing online taxation and legal barriers to e-commerce and digital payments, especially at the state and local levels; and
• Ensuring that Internet governance remains transparent and accountable without hampering the evolution of the Internet.