The ICANN/IANA Transition in 60 Seconds

The following is a guest post by Paul Rosenzeig, the founder of Red Branch Consulting PLLC and a Senior Advisor to The Chertoff Group. More information about the author is displayed below.

The international governance of the internet is about to change radically. How we assign domain names is about to change.  Few, outside a small group of engaged and interested parties, have taken any notice. That’s unfortunate – since the change will affect the internet economy in ways that have yet to be fully understood.

The Situation

Here’s a simplified explanation of what’s happening:  When you came to this website you typed “goldenfrog.com” into your browser. But computers don’t speak English.  So that name had to be translated into an Internet Protocol (IP) address – a string of numbers that look something like this: 172.316.52.1. Using that IP address your laptop was able to communicate with the Golden Frog server and retrieve the web page you are reading.

This system of addressing is known as the Domain Name System (or DNS). Someone, however, has to be the keeper of the domain name address book – that is, someone has to be responsible, ultimately, for creating new top level domain names (like .org or .uk or .biz or .xxx) and maintaining a list of who got which name (so that when you type in microsoft.com you get the computer giant in Washington and not some, hypothetical, manufacturer of small, soft, cloth robes in Ireland).

When the network was first built it was so small that one man, Jon Postel, kept track of all of the names and numbers – a responsibility known as the as the Internet Assigned Number Authority or IANA function. He literally kept the list on index cards in his office.

When the job got too big for Postel, the responsibility was transferred to American institutions and since the 1990s the government has offloaded much of that responsibility to a third party—it has contracted out the IANA function to a non-profit group, the Internet Corporation for Assigned Names and Numbers (ICANN).

ICANN

ICANN is an American non-profit corporation with headquarters in Southern California. It was, to summarize and simplify, created for the purpose of being able to contract to run the IANA function. For roughly the last 15 years ICANN has entered into a contract with the National Telecommunications and Information Administration (NTIA), a component of the Department of Commerce, to manage the IANA function.

That contract expires on September 30, 2016, and the US government does not plan to renew it. Instead, (unless Congress intervenes – which is unlikely) the US will let ICANN have the responsibility of running the IANA function on its own. The only condition that NTIA set for the transition was that ICANN develop an internal mechanism for oversight and win the trust of crucial stakeholders around the world.

So, now you can see why this change is a big deal. Today, by contract, the NTIA has a verification and authorization role over how ICANN performs its functions. In other words, in the end, any changes to the DNS that ICANN wants to make are subject to review by the US government.

What Next?

After the transition takes effect the US government will give up that role and ICANN will be on its own – the only limitations on its activity will be imposed by its own new internal accountability processes. In other words, a private, non-profit corporation will have a monopoly on a critical economic resource – access to the internet domain.

While there is no reason, at this juncture, to think that the transition will necessarily result in adverse consequences, there are reasons to be cautious. Some, for example, are worried that ICANN is beholden to the domain name registry industry, who pay large fees to ICANN for the privilege of managing (and reselling) top level domain systems. When ICANN recently opened up new domains (like .home and .bank) it reaped a huge profit. If you accept the maxim that “he who has the gold makes the rules” the transition to ICANN control may actually be about a transition to corporate control through ICANN.

Still others fear a tyranny of the bureaucracy. The new accountability structure relies on something called the multi-stakeholder model – the idea that everyone with an interest can come to the table for negotiations. But that’s an awfully big table.  In the end, the ICANN executive group usually takes the initiative and drives the agenda—and without the check of the NTIA (however modest it has been in the past) they may have greater leeway to do as they please.

One final threat is of increased government influence. Until now, the role of governments has been very modest – they gave advice, but had no vote. Going forward they will have an increased role that may (or may not) result in a more politicized ICANN.

In short, the transition is a leap in the dark (or, if you prefer, a leap of faith). It takes the US government out of the role of international internet steward – something that was likely inevitable – and replaces it with an amorphous, non-profit organization with global reach. Only time will tell if this proves a good idea.

Paul Rosenzweig

Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Distinguished Visiting Fellow at the Homeland Security Studies and Analysis Institute and also serves as a Professorial Lecturer in Law at George Washington University. He is an advisor to and former member of the American Bar Association Standing Committee on Law and National Security and a Contributing Editor of the Lawfare blog. He is the author of Cyber Warfare: How Conflicts in Cyberspace are Challenging America and Changing the World and of two video lecture series from The Great Courses, Thinking About Cybersecurity: From Cyber Crime to Cyber Warfare and The Surveillance State: Big Data, Freedom, and You.

Read more posts by Paul Rosenzweig →