November 17, 2014

Internet Governance Overview: How Snowden Didn’t Really Change Anything After All

A lot has happened in the world of Internet governance this year, starting with revelations by Eric Snowden of the NSA’s extensive surveillance program. That sent a shock wave through the Internet world, especially for those arguing in favor of not regulating the Internet (i.e., those in favor of a “multi-stakeholder” framework for Internet governance). Then in March of this year, the U.S. Department of Commerce’s National Telecommunications and Information Agency (NTIA) announced it was starting a process to consider transitioning oversight of some technical functions, like Internet numbering resources, protocol assignments, and management of domain names, performed by the Internet Assigned Numbers Authority (IANA), away from IANA over to the “multi-stakeholder community.” So although by any measure, it’s been a big year for multi-stakeholderism in Internet governance, what does it all mean? 

By way of explanation, multi-stakeholderism refers to the range of actors involved in running, administering, and governing the Internet. It came into popular usage in 2005 as a result of the UN’s World Summit on Information Society (WSIS) which confirmed, inter alia, that “. . . management of the Internet encompasses both technical and public policy issues and should involve all stakeholders.” As described in the WSIS Agenda, the groups of stakeholders with an interest in Internet governance include governments, the private sector, civil society, intergovernmental and international organizations – viz. the public sector, the private sector, NGOs, academia, the technical community, etc. The multi-stakeholder approach to Internet governance is an accurate reflection of the various actors who together form the loose de facto framework for Internet governance. For example, some of these stakeholders include the Internet Engineering Task Force (IETF), which is not even a formal entity, but which is in charge of the protocols on which the Internet runs. The Internet Corporation for Assigned Names and Numbers (ICANN), the organization that performs technical functions on the Internet (like running root servers – the computers that control traffic on the Internet, and domain name administration (i.e., .com, .org, .gov), is a California not-for-profit corporation. The list goes on. 

But the whole notion of multi-stakeholderism and the flexible Internet governance vision it embraces has been under threat. A growing group of countries led by Brazil, Russia, India, and China would prefer that governance of the Internet be centralized and controlled through an inter-governmental (i.e., state-centric) body, such as the UN, the ITU (International Telecommunication Union), or some other, new international organization. This alternative model of Internet governance based on tighter state control is known as multinationalism. While the community of nations supporting multi-stakeholderism comprise mainly Western, wealthier, technologically advanced countries from the developed world, those countries supporting the multinational (i.e., state-centric) approach are mainly developing countries, or countries from the “South” that will use this fight to generally push back against what they perceive as yet another example of Western power dominating an area of international policy. Like the cold war, this tension over multi-stakeholderism had been chugging along for years with no real change to the fairly well-entrenched positions, pro and con. 

Then along came Mr. Snowden. 

Without getting in to the substance of his revelations, suffice it to say that, in the perception of much of the world, companies that offer services on the Internet that were implicated by the Snowdon revelations (Verizon, Google, Facebook, etc.) were all lumped together with the Internet itself, and for a moment in time, NSA surveillance and the Internet were seen as the same. Accordingly, existing positions for and against a multi-stakeholder Internet governance model became even more polarized. In this context, it seemed a third path might be taken when Brazil suggested a high-level conference, called “NetMundial,” to address management of the Internet in light of Snowden’s NSA surveillance revelations. Trust in the Internet had been undermined. Implicitly, trust in the multi-stakeholder model, and especially in the United States, which through NTIA still exercised a degree of control over the “IANA functions,” was also undermined. 

However, what began as a challenge to the multi-stakeholder model was at the same time a disappointment to those advocating a more state-centric approach and a relief to those supporting the multi-stakeholder approach. In one of the official documents from “NetMundial,” the conference endorsed an “open and distributed” Internet architecture as well as Internet governance principles including, “a democratic, multi-stakeholder process [. . .], ensuring the meaningful and accountable participation of all stakeholders, including governments, the private sector, civil society, the technical community, the academic community and users,” and open participative and consensus driven governance. This is in some ways a restatement of the WSIS principles and the basic premise of multi-stakeholderism. 

The outcome of the NetMundial process, hoped by some to be a Bolshevik-style contre-pointe response to evangelical proponents of multi-stakeholderism, not only largely conformed to existing multi-stakeholder catechism, but was coopted by the “mainstream.” Both ICANN and the World Economic Forum (WEF) adopted the mantel of implementing follow up actions from NetMundial including promoting “human rights and shared values.” This human rights theme will occur again in the upcoming discussion of reforms affecting ICANN. 

A month before the NetMundial conference issued its pabulum findings, the NTIA announced a process to consider relinquishing its oversight over some technical functions performed by IANA to the multi-stakeholder community – in shorthand, the IANA transition. IANA, effectively a subsidiary of ICANN, traditionally performed certain technical functions essential for the smooth and secure running of the Internet. As mentioned above, these include control of the Internet Protocol addressing system (i.e., numbering resources, including IPv4 and IPv6), managing IP protocols, and managing the rootzone database for domain names (domain name management). NTIA has had oversight over these functions via a series of agreements with ICANN in 1998 under a Memorandum of Understanding (MoU). The MoU went through several iterations and morphed into what was then called the Joint Project Agreement (JPA), which itself underwent one amendment. In 2009, the JPA was replaced with a document called the Affirmation of Commitments. Over time, in each iteration of the agreement between NTIA and ICANN, NTIA has loosened its oversight over the performance of these IANA functions by ICANN. Consequently, this latest move by NTIA can be seen as part of a continuous evolution away from NTIA’s control and oversight over the IANA functions. 

The IANA transition process is just that – a process, albeit a process that is conditioned on satisfying NTIA that there will be a suitable arrangement in place to ensure that the multi-stakeholder community will take over NTIA’s role. That said, the process is scheduled for completion by September 2015. This process consists largely of various consultations and reviews. The first is a “community outreach,” followed by a “community dialogue input” to a steering Ggroup (SG) that has been established by ICANN, which is itself supposed to be multi-stakeholder in character. The SG will produce a proposal for the transition that will be subject to a public comment period. These comments will be reviewed by the SG and then to the ICANN board and finally to NTIA for approval. 

The take away is this: nothing has changed – yet. But the dynamics this year have unleashed forces further entrenching already polarized positions on essential matters of Internet governance. Mr. Snowden’s revelations fanned the flames of those promoting a multilateral, state-centric approach to Internet governance, confirming suspicions about Western power and multi-stakeholderism, but ultimately failed to shift Internet governance toward a new model.  The IANA transition has been a long time coming and will only shift technical functions to new organizations, but within the current Internet governance model. Thus, the durability of multi-stakeholderism persists – for now.

Additional Resources

For other materials on this topic, please refer to the following.

Business Law Today

Guidance from ARIN on Legal Aspects of the Transfer of Internet Protocol Numbers
By Ben Edelman, Stephen M. Ryan
May 2013