Big changes proposed to DNS overseer ICANN
Spread the power, internet community tells non-profit
Domain name overseer ICANN is likely to go through a radical reorganization if it wants to be given more control of critical internet functions, currently run under contract from the US government.
Two recent papers - one from independent legal experts hired by a group looking into the contract's transitioning, and a second from an internet governance think-tank - have both highlighted the benefit to making ICANN a true member-led organization, with the internet community given real powers to effect change.
As things currently stand, ICANN is a non-profit member organization that simply doesn't have any members. Instead, all of its decisions are made by a 20-person Board, which also possesses the right to change the organization's bylaws. There is no right of recall, and all of the organization's accountability measures result in the same Board deciding on the correctness of its own actions. Perhaps not surprisingly, the Board has persistently found it was right all along.
That structure was initially developed to protect ICANN from anti-trust lawsuits and possible capture, but for the past decade it has become increasingly unpopular and ill-suited given the organization's increasing importance, budget, and tendency to make questionable decisions in the corporation's own self-interest rather than the broader public interest.
Despite numerous efforts to increase the influence of the internet community over the organization's Board and staff, including no less than seven reviews in the past 10 years, the central paradox that only the Board can reduce its own power has meant that only superficial changes have been achieved.
But that may all soon be about to change.
The decision by the US government to rescind control over the IANA functions contract and allow the internet community to decide what replaces that mechanism has allowed the community to insist on structural changes to the organization. And those calls have been publicly defended by the US government. The assessment it that ICANN is so determined to get hold of IANA contract that it may finally agree to effective reforms.
Chief among the changes is introducing actual members to the organization. ICANN's representatives have repeatedly claimed that this approach is not feasible or it's illegal or would not solve the issues it claims to. Those arguments have been methodically picked apart however by the team looking into ICANN and IANA through the application of stress-tests i.e. looking at how the global internet can be protected from a series of worst-cases scenarios.
Would you look at that
In addition, despite ICANN's own lawyers arguing strongly that many of the proposed changes would in fact be impossible or illegal, an independent legal team hired by the review team has produced an initial report that paints a very different picture.
By introducing actual members to the organization, it becomes possible to give them some say over how the organization is actually run. Those measures would include:
- Sacking the Board of Directors
- Approving or preventing changes to the organization's bylaws and mission
- Rejecting a proposed budget or strategic plan
- Making improvements to the current internal review processes
The broader problem is identified in a paper published this week by the Global Commission on Internet Governance. It is called: " ICANN: Bridging the Trust Gap."
That paper [PDF], written by internet governance expert Emily Taylor, goes into some depth of ICANN's current and past problems and identifies three main issues, many of which are also under active discussions by the review teams. They are:
- Introducing membership
- Being able to recall individual directors (as opposed to all or nothing)
- Introducing greater oversight over the organization's finances, equivalent to public sector companies
The legal review also highlighted a novel option that would work within ICANN's structure that its Board of Directors remain in overall control while spreading the power more effectively: create a much larger board of directors.
With a much larger Board, ICANN could retain its current structures but provide far greater accountability and transparency because many more people would be entitled to make and question decisions as well as have access to decision-making documents.
The legal memo argues that if this board expansion was combined with the creation of actual members and a sub-group of the Board that does much of the day-to-day work (an executive committee), many of the issues could be resolved without requiring huge structural change.
And the pushback
Unsurprisingly, ICANN's staff and Board have not taken too kindly to the proposals for reducing their power, something that has most clearly been demonstrated in the independent legal advice received so far.
There are two tracks in the IANA process: the first looking at how the IANA contract is structured going forward; and the second at how ICANN can be made more accountable. Both tracks have their own independent legal teams and review sub-groups in charge of them.
In the case of the IANA stream, there have been some eyebrow-raising activities, including:
- ICANN's legal advisors being a key member of the team and deciding on the selection of the independent legal advisor
- ICANN's legal advisors being invited into closed, unminuted meetings where the independent legal team's scope and approach were discussed
- The sub-group closed off to the internet community and containing just four members, two of which are the co-chairs of the review, selected by ICANN
- ICANN's senior legal counsel acting as the group's secretariat
- Independent debriefs of ICANN's legal advisors
That group recently decided that despite the strong wishes of the broader internet community to have a solution where the IANA contract was held by a third-party (i.e. not ICANN), that they would focus only on solutions that gave control of the IANA contract to ICANN, or a "hybrid" solution that effectively does the same.
The advice produced [PDF] has not been questioned by ICANN's staff or Board.
By contrast, the legal sub-team looking at ICANN's accountability has taken a different approach, including:
- Not giving ICANN's legal advisors preferential status
- Selecting its own legal advisor
- Holding open, minuted meetings
- Having many more than four members and offering to stay open to other members
- Not providing private briefings to ICANN's legal advisors
The legal report [PDF] that has resulted from that process has been in line with the strong wishes of the broader internet community, highlighting possible ways to achieve its goals and not shutting down any lines of inquiry.
In contrast with the report from the IANA legal team, ICANN's lawyers have produced a series of questions over this team's legal report, many questioning the validity of its conclusions.
Where is this all going?
As expected, ICANN is fiercely resisting any and all efforts that would cause its staff of Board to lose or even disperse its current overweening power over the internet's domain name system.
ICANN's CEO was even caught out recently trying to undermine the review team in an address to an industry group that supplies much of the organization's budget.
While the corporation has focused most of its efforts in ensuring its gets control of the IANA contract (rather than be awarded the contract through a third-party), it is having a hard time trying to similarly control the process that would introduce fundamental changes to the way the organization is run and how it is held accountable.
That's not to say that ICANN's legal team and Board won't do everything in their power to avoid effective structural and accountability changes for the eighth time, and the process still has some way to go.
But with a growing consensus pointing in the direction of actual members with real decision-making powers, the end result looks likely to end up with ICANN being forced to mature as an organization in direct response to being given greater responsibility over the internet's functioning.
Sponsored: 2016 Cyberthreat defense report