[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ga] Essay on ICANN

	Since yesterday's hearing, I've read characterizations of my testimony
from a variety of people, most recently Michael Sondow, on this list.
Here's a copy of my prepared testimony (which was distributed at the
hearing; I gave an edited version orally).  Any folks who care can read it
for themselves.


Jon Weinberg


     Mr. Chairman, my name is Jon Weinberg and I'm a law professor at Wayne
State University.  In 1997-98, I was a professor in residence at the
Federal Communications Commission and I worked on some of the issues that
are currently before the Subcommittee.  I am not appearing here, though, on
behalf of either Wayne State University or the U.S. government; rather, I
am speaking only for myself.  In my view, the largely self-inflicted wounds
that ICANN has suffered to date need not be fatal.  ICANN must move quickly
to implement mechanisms for choosing new Board members who will be drawn
from, and who can represent, the Internet community.  Second, and
relatedly, it must learn to act like a part of the Internet community.
Finally, it must find an adequate way of defining, and limiting, its own
policy mandate.  If it can do all of these things, it will be able to
fulfill the role that the White Paper laid out for it.

Background -- IP numbers and domain names

       Every computer connected to the Internet must have a unique Internet
Protocol (IP) address in order to receive information, just as every
telephone on the public switched network must have a unique telephone
number.  A stable and reliable IP addressing system is crucial to the
proper functioning of the Internet.

     IP addresses (such as, however, are opaque and hard to
remember.  It would not be practical for a user to have to remember, and
type in, a different IP address for every Web site he sought to visit or
electronic mail message he wished to send.  Accordingly, under the current
Internet architecture, each IP address maps to a more or less
easy-to-remember domain name such as www.house.gov or www.law.wayne.edu.
The domain name system (DNS) makes it easier for ordinary people to use the

     The domain name system is hierarchical.  That is, the domain name
space is divided into top-level domains, or TLDs; each TLD is divided into
second-level domains, or SLDs; and so on.  The currently-available TLDs
include .com, .net, .org, .edu, all administered by Network Solutions, Inc.
(NSI), and the so-called "country code" top-level domains such as .us, .uk
and .fr.  At the outset, it was thought that .com would used by commercial
entities, .net by entities
involved with the Internet networking infrastructure, .org by nonprofit
organizations, and .edu by educational institutions.  NSI, though, does not
enforce any such restrictions on registrants in .com, .org and .net.
Indeed, NSI urges businesses to register their preferred second-level
domain names in all three of those top-level domains.

How we got where we are

     In the early days of computer networking, there was no need for a
hierarchical domain name system.  Until 1984, after all, there were fewer
than 1000 "host" computers connected to the Internet.  That number,
however, quickly grew.  It soon became clear that the Internet needed a new
addressing structure.  Scientists including Jon Postel and Paul Mockapetris
of the University of Southern California's Information Sciences Institute
(ISI) developed the current domain name system, and the first domains were
registered in 1985.  ISI assumed responsibility for oversight of the domain
name system, including oversight of the root servers, which sit at the apex
of the domain-name system and effectively determine which top-level domains
will be recognized by the system.  These and other coordinating functions,
performed by Dr. Postel and his staff at ISI, came to be known as the
Internet Assigned Numbers Authority, or IANA.  The Defense Department,
which had bankrolled almost all of the early development of the Internet,
entered into a series of contracts with ISI under which the U.S. government
paid for the IANA functions.

     The Defense Department in 1985 assigned SRI International, a nonprofit
Silicon Valley research institute, the job of registering second-level
domains in the generic (non-country code) top-level domains.  Later on, the
National Science Foundation (NSF) assumed the lead from the Defense
Department in funding basic Internet infrastructure.  In 1992, NSF
established a new structure known as the InterNIC, or Internet Network
Information Center.  It entered into cooperative agreements with AT&T to
provide Internet directory and database services; General Atomics to
provide certain Internet information services; and NSI to perform the
registration services that had been handled by SRI.  NSI agreed to register
second-level domains in the generic TLDs and to maintain those top-level
domains' master databases.  Those services were free to users; they were
underwritten by the National Science Foundation.  NSI had physical control
of the "A" root server, from which all of the other root servers get their
information, but it operated that root server on instructions from IANA.

     By 1995, the Net had come of age.  It had been more than 25 years
since the initial establishment of the Internet's predecessor, the Arpanet.
 Business were beginning to use the Internet for commercial purposes.  The
U.S. House and Senate were online.  More than 100 countries were now
connected to the Internet backbone, and operated their own top-level
domains.  The World Wide Web, which had become the dominant Internet
application, was now thus truly world-wide.  NSI negotiated with the
National Science Foundation an amendment to the cooperative agreement under
which NSI would begin charging a $50 annual fee to domain- name registrants.

     The NSI fee was unpopular, and crystallized growing unhappiness with
the structure of the domain name system.  Registrants wondered why, in
seeking to registering names in the generic TLDs, they were stuck with the
service provided by, and the fees charged by, the NSI monopoly.  NSI also
generated considerable animosity with its domain name dispute policies,
under which it asserted the right to (and did) suspend any domain name upon
complaint from a trademark owner, without regard to whether the trademark
owner had a superior legal claim to the domain name.  Finally, there was
growing consensus in the technical community that the architecture would
support many more top-level domains than had so far been authorized.

     Accordingly, Jon Postel floated a suggestion that IANA authorize up to
150 new generic top-level domains, to be operated by new registries.  As
the proposal went through successive iterations, IANA and the Internet
Society formed an elaborate, internationally representative "Internet Ad
Hoc Committee" (IAHC) to consider the question of adding new top-level
domains, with representation from, among others, the International
Telecommunications Union, the International Trademark Association and the
World Intellectual Property Organization.  The trademark lawyers urged that
the number of new domains be cut considerably; the group ultimately
generated a proposal for the addition of just seven new top-level domains.
domain-name holders, under the IAHC plan, could go to any of a large number
of competing "registrars" to register names in those new domains; the
actual master databases for all of the new domains would be controlled by a
single nonprofit corporation known as CORE, to be run by the registrars.
When Jon Postel requested that NSI insert the new CORE top-level domains
into the "A" root server, though, NSI declined to do so absent
authorization from the U.S.
government.  The U.S. government, in turn, instructed NSI to wait; it was
still in the middle of its own analysis of the domain-name situation.

     In 1998, the Commerce Department issued a "Green Paper," followed by a
"White Paper," expressing its views on Internet identifiers.  The White
Paper emphasized that with the changing role of the Internet in the modern
world, IANA's functions needed to be transferred to an entity, not funded
by the U.S. government, with a more formal and robust management structure
and more formal accountability to the international Internet community.
While Dr.
Postel had the loyalty and respect of a wide consensus of the community,
his informal leadership was no longer enough   "What happens," the question
ran, "if Jon Postel gets hit by a beer truck?"  The new entity, the White
Paper continued, should have fair, open, transparent  and pro-competitive
decisionmaking processes that protected it against capture by a narrow
group of stakeholders.

     The White Paper made clear that there was an urgent need for greater
competition in domain name registration.  That competition, it explained,
should come in two ways.  First, customers should be able to register
domains in any top-level domain, including those currently operated by NSI,
using any of a number of competing registrars.  The U.S. government
contemplated that NSI would continue to control the "registry," or master
database, for .com, .net
and .org, but that it would have to offer equal access to competing
registrars seeking to enter names in that database.  Second, the White
Paper continued, IANA's successor should add new top-level domains to the
root zone, operated by new domain-name registries, so as to expand the name
space and maximize consumer choice.

     The actual establishment of ICANN was clouded by tragedy.  Jon Postel
had agreed to serve as Chief Technical Officer of a new corporation, to be
known as the Internet Corporation for Assigned Names and Numbers, to
perform IANA's technical management functions.  The corporation's Board of
Directors were chosen from a group of distinguished personages who had had
little involvement in (and, for the most part, little knowledge of) the
"DNS wars" of the
previous few years.  The facts that not all of the Board members had
extensive technical expertise was not considered to be a problem, since Dr.
Postel could provide that technical background and guidance.  On October
16, 1998, though, Postel died at 55 of  post-operative complications from
heart surgery.  In figurative terms, he'd been hit by a beer truck.  The
Department of Commerce nonetheless, six weeks later, entered into a
memorandum of understanding with ICANN, agreeing to work together to
develop mechanisms and procedures so that the nascent ICANN could
administer Internet technical identifiers in a transparent and fair manner.

     Before the Internet took on its current economic importance, the
substantive questions confronting ICANN could have been resolved within the
Internet Engineering Task Force, a technical standards body composed of
scientists and engineers interested in Internet infrastructure, with little
attention paid by the outside world.  By the mid-1990s, though, those
questions had too much money riding on them to allow such mundane
resolution.  Those with
money or prestige at stake   NSI, trademark interests, international
standards organizations and others   all brought their lawyers to lobby in
favor of their preferred models.  The high-profile White Paper process,
indeed, probably encouraged any entities with economic stakes that had not
yet "lawyered up" that it was high time they did so.  To an increasing
degree, it was lawyers and lobbyists, rather than technical experts, who
were demanding seats at the Internet architecture table.

Where we are now

     In its quest for legitimacy, ICANN has taken several wrong turns.  It
started out under a considerable handicap since its Board members, for the
most part, have little background in Internet technical issues.  They were
chosen on the theory that it would be helpful for the Board members to be
new to the DNS debates, so that they were not tainted by identification
with past controversy.  The newness of most of the members to Internet
technical issues, though, greatly complicated the task of securing the
confidence of the Internet community.  The Board members' selection was
shrouded in secrecy, and that secrecy was exacerbated by the Board's early
penchant for closed meetings, so that the Internet community knew neither
who these people were nor how they were reaching their decisions.  ICANN
demonstrated a tin ear when it came to the Internet traditions of openness
and communication.  For the most part, ICANN still communicates to the
outside world through its public relations firm and its lawyers.  Those
channels are all very well for a commercial firm, but they are insufficient
to win ICANN acceptance as an organ   and thus a part   of the Internet
technical community.

     Nor have the structures ICANN created been the most representative.
ICANN has brokered the creation of an arbitrary structure for its Domain
Names Supporting Organization, which will have a lead role in the
development of DNS policy, under which business and trademark interests
will have a disproportionate role.  ICANN, further, lacks humility,
notwithstanding that it has a great deal to be humble about.  I was bemused
to read Esther
Dyson's explanation, in her July 19 letter to NTIA Associate Administrator
Becky Burr, that the public need not worry that ICANN will use its
authority to impose inappropriate requirements on Internet actors.  Since
ICANN, Dyson explained, is by its nature "nothing more than the reflection
of community consensus," by definition it cannot do anything improper.  If
this message is sincere, it reflects previously unimagined depths in
ICANN's lack of understanding of others' concerns.

     ICANN has seemed not to understand the importance of limiting its
policy role.  The matter of domain-name dispute resolution provides one
example.  The White Paper had urged that the World Intellectual Property
Organization explore recommendations for a uniform dispute resolution
approach for "trademark/domain name disputes involving cyberpiracy"   that
is, abusive registrations of a domain name string identical or closely
similar to another firm's
trademark, solely for the purpose of reselling the domain name to that firm
or one of its competitors.  "[I]t should be clear," the White Paper noted,
that any dispute resolution mechanism put forward by ICANN should be
limited to that category of disputes.  WIPO, after extensive deliberations,
issued a report recommending such a dispute-resolution mechanism, limited
to the cases described in the White Paper.  ICANN referred the WIPO report
to its
Domain Names Supporting Organization.  It then issued a press release
expressing its view that the mandatory dispute resolution for domain name
registrants imposed through ICANN-sanctioned contracts should not be
limited to abusive registrations, and indeed should "ultimately cover all
commercial dispute issues linked to Domain Name registrations" (emphasis
mine).  This suggests that ICANN fundamentally misunderstands its role.  We
do not need a world Internet government, imposing such policies as seem to
it good.  We need a technical coordinator to perform the limited tasks of
expanding the name space, protecting the stability of the domain name
system, and policing bad actors who threaten competition and consumer welfare.

     At the same time, though, not all of the criticisms of ICANN are
justified.  ICANN has been much criticized for its proposal that it collect
a fee to defray its own costs, from registrars registering domain names in
.com, .net and .org, for each domain name they register, not to exceed $1
per registration-year.  ICANN recently decided to table this fee for the
time being, and to rethink it in conjunction with the directly affected
entities.  This was a wise decision.  The fee was controversial, and
ICANN's spending choices have not been beyond criticism.  Nonetheless, the
White Paper contemplated that IANA's successor   unlike IANA itself   would
be free from government support precisely because it could be funded by
"domain name registries, regional IP registries, or other entities
identified by the Board."  The problem with the ICANN fee was not that
there is something wrong with such a funding mechanism in principle, but
that the Board went ahead with it without first securing the sort of
community support that would make such a fee sufficiently broadly acceptable.

     ICANN has been criticized on the ground that it is seeking to impose
overbearing requirements on NSI.  Conflict between NSI and ICANN, however,
is inevitable.  NSI currently enjoys an unparalleled monopoly in domain
name registration services, and is earning huge profits from its position.
NSI's .com, .org and .net top-level domains include the overwhelming
majority of domain-name registrations.  (NSI has over 5 million
registrations in .com alone.  The
largest top-level domain not administered by NSI is the country-code domain
.de (Germany), with fewer than 400,000 registrations.)  ICANN's task, as
set out in the Green and White Papers, is to destroy NSI's monopoly in two
ways: first, by introducing competitive registrars to .com and the other
top-level domains now administered by NSI, and second, by authorizing  new
generic top-level domains to compete with those domains.  It should be
unsurprising that NSI opposes ICANN implacably.

     NSI has sought to forestall competition, and to leverage its effective
control over the generic top-level domain master databases, in a variety of
respects.  It has aggressively and unjustifiably asserted intellectual
property control over the contents of the .com, .net and .org databases,
and is seeking to market the information contained in those databases
through such devices as its upcoming "dot com directory."    It has been
recalcitrant in its relationship with the
Department of Commerce, dragging its feet on registrar competition and
imposing barriers in the way of the testbed registrars.  It now professes
that because of "personnel resource limitations," it will be able to enable
new registrars to access its databases only at the rate of only five per
month.  It has arbitrarily and without notice blocked public access to
sources of registration information, and has insisted on receiving a fee
for maintaining the master database that
unreasonably exceeds its costs.

     It is plain that somebody needs to ride herd on NSI.  The DNS
controversy was sparked in the first instance, after all, by user concerns
over the monopoly franchise NSI was exercising under its cooperative
agreement with the National Science Foundation.  Four years later, NSI
continues to exercise tremendous market power.  The White Paper gave the
job of supervising NSI to ICANN (with backup from the Department of
Commerce).  In turn, the White Paper
directed that NSI must recognize "the role of the new corporation [that is,
ICANN] to establish and implement DNS policy and to establish terms
[applicable to NSI among others] under which registries, registrars and
gTLDs are permitted to operate."  NSI's economic interests lie in its
acting to obstruct that process.

     Some of ICANN's problems should dissipate as mechanisms are put in
place to elect new Board members.  As new Board members drawn from the
Internet community take their seats, ICANN's task of winning legitimacy
should become easier.  Important questions, though, still remain.  The
voting mechanism for ICANN's at-large Board members, to be elected by the
global membership, remains unsettled.  Other aspects of ICANN's governance
structure are already skewed.  Many observers have expressed concerns
(which I share) that ICANN's Domain Name Supporting Organization, which has
the lead role in initiating policy concerning the DNS, is structured in a
manner that is arbitrary, haphazard, and systematically tilted towards
trademark and business interests.  These aspects of ICANN's structure
deserve continuing close attention.

Where we go from here

     ICANN is seeking to enter into contractual agreements with all firms
seeking to register domain names in .com, .net, and .org, under which those
entities agree to terms (beginning with financial and business
qualifications) designed to implement DNS policy goals.  Later in the
process, it will seek to enter into similar contracts with all entities
seeking to operate top-level domains as registries.  This approach will
allow ICANN to enter into registry contracts requiring
the registries to enter into specified contracts with their registrars, and
the registrars to enter into specified contracts with domain name holders,
and so on.  Indeed, the WIPO report on domain- name dispute resolution
contemplates exactly that: all domain-name holders, in order to register
names in top-level domains included in the ICANN root, will have to agree
to particular contractual terms related to dispute resolution.  This web of
top-down contracts could give ICANN the power to impose a variety of rules
on domain name holders (and in turn, the Internet population at large) that
have little to do with Internet technical administration and domain name

     Such a result would be disastrous.  ICANN must not be a world Internet
government.  Its role should not be to enact good policies, and impose them
on the rest of us.  In particular, its role should not be to make the
Internet safe for electronic commerce.  That effort, although much prized
by business, would require a wide range of policy and value judgments that
lie far outside ICANN's limited role.  Rather, it should limit its task to
the structure and stability of the domain name system and the
administration of other Internet identifiers.

     Ironically, though, one of ICANN's biggest current tasks lies outside
the boundaries I have just defined.  I have already referred twice to
trademark-domain name dispute resolution:  ICANN has announced its
intention to quickly adopt new rules, to be imposed on all domain name
holders, potentially requiring their participation in dispute-resolution
proceedings brought by trademark owners who feel that the domain names
"pirate" their trademarks.  Yet resolution of such trademark-law disputes
between trademark owners and domain name holders has no technical
component.  It is not necessary to administration of Internet identifiers.
It could be handled through ordinary trademark-law litigation, as it has
been to date, without any threat to
the stability of the domain name system.  It is precisely the sort of issue
that IANA would not have dreamed of taking on, and that ICANN should not be
engaged in.

     ICANN is involving itself in domain-name dispute resolution for three
reasons.  First, as a matter of pure practical politics, trademark holders
have made clear that they will fight vehemently against the addition of any
new top-level domains, in Congress and other fora, unless ICANN first
implements a trademark dispute resolution mechanism.  Second, NSI already
has a trademark dispute resolution "mechanism" in place   it will suspend
any domain name upon complaint from a trademark holder with the same mark
and nearly all parties agree that that mechanism must be replaced.
Finally, the current ICANN structure gives business and trademark-owning
interests extensive influence, and the Board members are sympathetic to
their concerns.  At least the first two of these reasons may make the
enactment of some sort of trademark dispute resolution mechanism inevitable
at this point.  But this should be the last of
ICANN's forays outside of issues relating to the structure and stability of
the domain name space, and the administration of other Internet identifiers.

     ICANN, in short, has three tasks before it.  It must move quickly to
formulate, and to implement, mechanisms for choosing new Board members who
will be drawn from, and who can represent, the Internet community.  Second,
and relatedly, it must learn to act like a part of the Internet community.
Finally, it must find an adequate way of defining, and limiting, its own
mandate.  (It will not suffice for it to declare piously that, because it
is impelled by community
consensus, it is incapable of overstepping its bounds.)  If ICANN can do
all of these things, it will be able to fulfill the role that the White
Paper laid out for it.