Nick Wenban-Smith, General Counsel at Nominet explains the discussion around the US Government supposedly retaking ‘control’ of the internet
Is the US Government planning to “take control” of the internet?
There’s been some discussion around the return of IANA, the Internet Assigned Numbers Authority, to the aegis of the US government. This is in the context of it completing its transition away from the supervision of the US government to becoming a fully independent, multi-stakeholder body within the ICANN umbrella in the waning days of the Obama administration.
In some quarters, this has been positioned as the US ‘taking back control of the internet’… but we thought it was worth explaining the political and internet governance facts, and the broader implications of the situation – and contextualising the rhetoric accordingly.
What does ‘controlling the internet’ involve?
Whilst IANA has considerable responsibilities, ‘controlling the internet’ may be something of an overstatement. In fact, it manages internet addressing for top level domains, including the country code domains.
In a worst-case scenario, in which a whimsical, activist, politically- driven or straight up malicious overlord took charge of IANA, they could disable internet addressing for one or more top level domains. Whilst this isn’t the whole internet, it does represent a significant amount of control over things like country code domains (goodbye, .ru and .kr if IANA or whoever were in charge were so inclined), or the destinations of swathes of IP address, which could be blocked or altered.
The origins of IANA
IANA’s history is intrinsically linked to the development of the internet. It originated from within the US government’s Defense Advanced Research Project Agency (DARPA), but as the internet became more and more a tool for civil society use, many parts of the world and the BRIC (Brazil, Russia, India and China) countries in particular became increasingly unhappy about this direct link to the US Department of Defense.
As a result, it made a sideways move to the National Telecommunications and Information Administration (NTIA) within the Department of Commerce. Although this was still within direct US government control, the overt link with the US military had been removed, at least.
The formation of ICANN in 1998 led to a lengthy migration plan, whereby all NTIA oversight eventually lapsed and it became a fully independent function of ICANN in 2016. This is a dramatic oversimplification of a series of events in the vastly complex history of internet governance; a substantially more detailed account of which can be read on the Internet Society website.
Ultimately, the motivation for this delegation was straightforward – the IANA function needed to become more transparent and accountable, and to have modern and technically robust service level commitments to its users. Crucially, there was no reason that global TLDs should be under the control of a single state’s Government.
But why should IANA move to within the ICANN multi-stakeholder umbrella? In essence, because the only other alternative was an intergovernmental organisation such as the ITU, and the fear was that once within the oversight of governments, that an open internet would be a thing of the past.
The principal reason why the multi-stakeholder model dominates so much of internet policy today is that in embracing this model, the ultimate levers for control of key internet functions such as IANA are put beyond the vagaries of national politics and state veto.
The delegated IANA – what’s changed?
Since IANA was fully delegated from US government control, little has changed operationally. The same technical teams are running things day-to-day as before. But the new IANA board is made up of people that, amongst other things, have experience of running country code domain names, so are key stakeholders in what IANA does. This means that processes and service level agreements have been much improved, and there’s greater transparency and operational robustness in the way IANA operates.
For example, if DNS addresses for a country code domain need to change for any reasons, IANA can schedule a window for this change far more precisely now than in the past.
This operational rigour is widely regarded to be A Good Thing.
Should we be worried about the US government taking control back?
In practice, it’s not clear if this is possible or likely, legislatively, operationally or politically. However, the threat of this change does represent a potentially strong negotiating stick for the US Government with IANA, one of many such levers used to try to influence ICANN policy.
There are a number of different geopolitical issues in play at present, not least the issue of applying a GDPR compliant solution to ICANN’s registration data policies. ICANN’s physical presence in the US will always make this an issue (and indeed, it could be an issue in virtually any jurisdiction it takes, even if it ever chose to uproot itself from its home in California).
It will be interesting to see the responses to the recent NTIA request for input on internet governance questions. The multi-stakeholder model may be imperfect, but for the majority it makes more sense than unilateral or even multilateral national control over a piece of global infrastructure.
Indeed, there’s plenty of scope for vested parties to have their say about the way IANA itself is run and operated within this framework. Our hope and expectation is that the wind will die down on this issue in time, and we’ll see IANA continue to function in its new, independent, multi-stakeholder model.