The Debate Over Internet Governance: Fred Baker

A: I’ve been involved in that discussion for about five years. I have to say that there are at least three different definitions that I’ve run across, probably more but at least three. One of them, fundamentally what do we do about the domain name system. The domain name system is essentially designed as a way to translate strings of characters into IP addresses and has been popularly used in a very different way. It’s been used to access systems based on trademarks, which means that whenever you put a character string in the domain name system that has a trademark associated with it somebody feels they need to define and defend that trademark. So IBM owns, for example, IBM.com, .net and a few other places like IBM.co.jp because it feels that it needs to defend its trademark. One very fundamental question that gets under that is what are we going to do about the DNS mess.

Another definition that I’ve seen kicked around is why do we have nations anymore anyhow and how can we treat the internet as a nation in its own right and develop a constitution for it and basically bypass or ignore national borders and national laws. I won’t say that that is a big group that has gone in that direction but there is a set of people who are literally headed in that direction. There is a program for a while that happened at Harvard law and I was asked to speak at it a couple years ago. The first fellow talked at some length about literally a constitution that he’d written for the internet.

Q: Who was that?

A: I am trying to remember his name. I forget. Some legal beagle. I kind of looked at the whole thing and said I use the internet and I am an American citizen. Trust me.

In between there somewhere is how do the different standards organizations relate to each other with the convergence of different technical technologies that different standards organizations relate to. How do the standards organizations talk to each other without imploding. Specifically, what is the relationship of the ITU to the internet, what is the relationship of the IETF to the ITU, and [...] should IT be used in third generation wireless program. Things like that, organizational details relating to standards organizations.

I don’t know. The definition I would apply to it is what are we going to do about the DNS mess, but I’ve heard all three.

PERSONAL BACKGROUND IN INTERNET ISSUES

Q: Can you give a little background about how you got involved in the debate, where did you come in, what led you to get involved?

A: Well, I am the chair of the internet engineering task force so as a result I am stuck with the debate. If you consider it as something about standards organizations, I am speaker for one of them. If you consider to be about DNS, I certainly don’t need to get into the legal issues of the DNS, but I certainly oversee the development of features for it, such as the ability to put telephone numbers into the DNS, we’re working on that and we worked on interactions with ITU study group 2 specifically on that issue. I’ve has something to do with the development of ICANN and the PSO and that relates to the DNS question. If you want to talk about it as the constitution of the internet, that becomes more a matter of ‘gee, I’ve been asked that question by the media.’ I kind of run away screaming. I’ve been involved with it not because I am interested in it but because my position forces me into it.

Q: What did you do before you ended up in your current position?

A: Same thing as I do now. I am an engineer. I design the equipment that works on the internet. For my day job, I work for Cisco Systems and that’s what we do.

Q: You offered the three definitions of governance that you’ve heard bandied about. Which, if any, is the best? Which would you adopt?

A: Since I’ve heard so much discussion and so little that necessarily made any sense to me bandied about under that term, it’s very hard for me to assign a definition to them or to lend a lot of credibility to this topic. When I hear somebody wanting to talk about internet governance, I tend to think here’s another person who wants to stand up and blab for a while. I haven’t seen a lot of real useful stuff come out of the debates.

ICANN: Is ICANN Governance?

Q: So ICANN would technically fit definition one?

A: ICANN would fit definition one and so to the extent that you want to consider it that way, ICANN is a process. You can call it an outcome. I think it is a process for resolving disputes. We’ll see where that actually goes.

ICANN: Personal Role in ICANN’s Development

Q: You said you were involved in the development of ICANN. Can you be a little more specific about that?

A: In the development of the Green Paper, which ultimately became the U.S. government White Paper on Domain Names and Addresses, I was approached by Ira Magaziner as one of ten thousand people he wanted to talk to to make sure what he was doing was going to make sense. So I would up spending a meeting and some time with him in developing that paper. Since then, I’ve been involved with NTIA with Becky Burr and Karen Rose and the U.S. government side of managing the transition of the root from U.S. government control from U.S. control to ICANN control and with ICANN advising them on policies and procedures and what should they do when they grow up. For example, they recently asked me what they should do in terms of filling the CTO position, which quite frankly was developed so that Jon Postel could fill it. John’s not here so what are we going to do. I also am having a discussion with them on Monday morning relating to the assigned number components of protocols, which is a service that ICANN will also do for the IETF and other people who are using defined numbers and IP protocols. So procedural aspects and giving technical input to the policy makers.

THE FUTURE

Q : Looking forward, say ten years from now, what role do you think ICANN will play under any of the definitions you’ve given us?

A: Well, I don’t believe that a constitution for the internet is going to be developed. I don’t think that Tony Rutkowski’s model of a smoke filled room where people go off to figure what the internet ought to do is eventually going to play either. What the ICANN was set up to do was to manage the root to make sure that the right names and addresses were parceled out and in what way by the registries and basically serve as a clearing house for information. I expect that’s about what they will be doing. The number of changes that are made in the root are not a great number but there is kind of some constant churning. Whenever there is a revolution in some country, there’s a need to figure out who is going to be the root for that country. Whenever ISO 3166 is updated, there’s a question of whether there’s another two letter TLD we need to add or take away. One of the current questions is that the European Union has decided that they would like to have .EU referred to the entire land area which is the European Union, which is interesting because it is not really a land area and it is not really a governmental structure, it’s a telephone code. There’s…under the rules by which the root is maintained the EU doesn’t qualify.

ICANN: Technical Management or Public Policy?

Q: Given those kinds of questions, do you think it is accurate to describe ICANN as being in the technical management business?

A: Probably. Almost clerical.

Q: How would you then respond to some of the critics of ICANN…

A: …the ones who say things like ICANN’T?

Q: …the ones who feel that a lot of what ICANN describes as technical management really has taken on a very large public policy component for several reasons, as money around the internet as gotten bigger, as the stakes have gotten bigger in other respects. How do you respond to that kind of criticism when you say what ICANN does is largely clerical?

A: To the extent that ICANN remains clerical, I think they are on their safest possible track. They were intended to be essentially clerical and they should remain so. To the extent that they go try to solve other problems, then they find themselves walking in the minefields and they do so pretty regularly. For example, coming back to this question of .EU, Mike Roberts sent myself a note, myself and Brian Carpenter, a few days ago saying ‘gee whiz. I am coming under a lot of pressure to do this. I’m running out of arguments and I think I ought to just go do it.’ Whereupon we involved in the IAB in the discussion, and one of the people who has been very involved in advising ICANN and other people on the DNS root for a while, a fellow by the name of John [Clemson] and pointed out that in that case then ICANN would be conducting foreign policy, which is illegal for a United States citizen to do. For them to make any decision which doesn’t have a clear precedent in terms of ISO 31-66 or some such thing gets them into some very dangerous water.

ICANN has its critics and I have to say, in some respects, I am one of them. I am not real pleased with the way this has all come out. However, I have to say I haven’t come up with a better one. If you look at it structurally, the internet assigned numbers authority has historically been about four people and the total amount of work they’ve done comprises about one person’s work but shuffled among, you know 10% to this person, 25% to that one. Those people kind of no matter what you do would do the right thing for the internet. I’ve never had a problem with anything any of them did or with any of their motives. These are people I know pretty well. To manage those four people, we now have a manager, a chief executive officer, a potential CEO, a board consisting of some nineteen members, and meetings that happen at random places around the world comprising hundreds to thousands of people. The whole structure seems a little baroque. That said, I don’t know how else to make sure every one gets their voice in, how to make sure that Tuvulu really does get represented, that Carl Denniger really does have somebody to yell at, that at the end of the day the right decisions get made. To give you an example of the kinds of considerations that come into that when the United States bombed the Chinese embassy last May, I was supposed to be over there in China to speak the following week. I didn’t go – something about rocks being thrown at people – and the following September I did go. I asked for a briefing before I went and was told that the Chinese government basically views the U.S. government as an aggressor, and that in Chinese lines of thinking it is unimaginable that the IETF, the organization of which I am the chair, and ICANN are not tools of the United States government. And by the way, various diagnostic features that are in Cisco routers must of course be there because they are put there by the Department of Defense as a way to tap into the Chinese networks and take it down in the event of trouble. All of which are some very interesting beliefs. If they were true, I can think of a lot of ISPs that would be using them. But, ok, there is that perception and while that might be a little extreme on China’s part, there are a lot of people in a lot of countries that have those viewpoints. The fact that right now every time ICANN makes a change in the root that has to also to be authorized by the NTIA – some view that as a control of the United Stated government over the internet and are not happy about it. The European Union is very concerned about that and would like very much for the U.S. government to get out of it. Whatever criticisms you might have of ICANN, I haven’t come up with another process by which all of those people can get their word in edgewise, apart from handing the thing to the ITU. Now I have to tell you that the ITU has not proven itself competent in handling internet facilities. If anything, they’ve proven themselves completely unknowledgeable on the subject.

Q: It sounds like your primary critique of ICANN is inefficiency, necessary inefficiency.

A: Inefficiency – necessary but inefficient. The other thing is…it has been phrased that their decision process is to discuss things at great length and then make a hasty decision. That has gotten them in hot water several times. That’s a mode of operation that they need to change. It’s the kind of thing that if you call it a democracy, then democracy is the worst form of government, except for all the other ones.

CONSENSUS: Is Consensus the Right Standard?

Q: Their standard for decision making is consensus – another term that kind of defies clear definition and to which everyone seems to ascribe a different definition. Do you think consensus is the right standard for an organization like ICANN? Do we need a super-majoritarian agreement and are we getting a super-majoritarian agreement?

A: That really depends on which question you are asking about that is before ICANN. The question of whether .EU should go into the root is not the kind of question that needs to be taken or should be taken to a group of a few thousand people to discuss – because it’s guaranteed you’ll get all possible answers. So from that kind of a thing, no they don’t do consensus based stuff, they do legal based stuff and they should. The questions of how should ICANN itself run have been done on a consensus basis and I think that is really the only way it can be done.

ICANN: Defining ICANN’s Constituency

Q: So ICANN’s process should be run by consensus, but in terms of its actual decision making who do you think should be making those decisions? What group or which people?

A: Well, in some cases, there are clearly clerical questions and the policy should be set forth by consensus. The policy should be acted on by those who work at ICANN. For example, in terms of IP 6 addresses, there is a policy for how to distribute IP 6 top level domains or address bases to registries and the registries in turn have policies for handing out those addresses to service providers. That policy was set up by consensus. The discussion happened to happen in the IETF, but it was ratified by ICANN. The individual registry policies have been developed by the registries and documented and made available so you can read them. Now those policies need to be developed on a consensus basis, but whether you get address 1 or 1000 is not something we go to a thousand people and ask. It’s something that someone says ‘gee, you need so many of them and the next number is this so here you get these.’ That’s clearly a clerical function.

ICANN: The IETF’s Relationship to ICANN

Q: So, the relationship between the IETF and ICANN…it sounds like you advise them when they have questions. How actively involved are you with ICANN?

A: Somewhat and not very. The IETF, the ITU, the W3C and […] formed something called the Protocol Support Organization. Theoretically, ICANN is supposed to bring questions of a protocol nature to the PSO. In fact, what they have tended to do so far is bring them to the IETF and I, as a representative of the IETF, have redirected them to the PSO. And Brian Carpenter has done the same. We get asked by them an awful lot for the simple reason that we understand the technical details of the things they are trying to do and in many cases help them set up the original policy. Or help their predecessors set up the initial policy. We have some history and some clue there. But the world has moved on from that point and we rather feel that while yes we want to have our hand in the game, we shouldn’t have an undue control there. So we tend to push things off to the PSO where we can’t.

So how much do I actually get involved? I’ve had a couple of meetings with ICANN. There have been memorandums of understanding signed between IETF and ICANN and between the PSO and ICANN. I give them advice when I am asked a question.

Q: In terms of memoranda of understanding, do they have expiration dates or do you have to enter into a memorandum of understanding and specify an expiration date? Do they need to be superceded?

A: They need to be superceded. If you want to change it, you supercede it.

Q: So it just kind of goes on as an agreement…

A: Right.

Q: … eternally unless someone steps in and says lets change this aspect of it and then you draft a new one.

A: Right. The reason we use an MOU as opposed to a contract is that a contract tends to be between someone who has something to offer and someone who wants it offered to them where an MOU is an understanding among peers.

ICANN: Limits on ICANN’s Authority

Q: Under this kind of system, what limits do you perceive on ICANN’s ability to set make decisions and set policy?

A: Part of their limits are limits from their charter, which of course there’s a question of how they choose to interpret it. What their charter says they are allowed to do is manage addresses, well names and numbers. They seem to periodically find themselves looking at things that are not strictly speaking names and numbers and trying to step off in other directions. They have various people like me who come back to them and say ‘you know that is not in your charter.’

Q: Ca n you give us some examples of when that has happened?

A: They escape my mind just now.

Q: Would you say something like the dispute resolution policy fits that category?

A: It could. Dispute resolution…if you look at various versions of the PSO MOU, which was developed, one of them had the flavor that in the event that the ITU and the IETF couldn’t decide on something and couldn’t get along, then ICANN would sit back and make a decision for us, which if that was true would put the ITU in a very interesting position. So that’s actually a reasonably good example where we had to come back and say that is actually outside your charter and leaves all your potential signatories in an awkward position. We had to push them back.

Q: Apart from the charter, are there any other limits on ICANN’s policy making ability?

A: The other is market pressure. They have some number of people that they serve in terms of the registries and the different supporting organizations. Whenever they try to do something that is going to meet with flack, then that is certainly a limit for them. That could limit them from things that their charter authorizes them to do and the lack of it could allow them to do things that there charter doesn’t authorize them to do. Market pressure may be the real limit.

ICANN: Fear of Capture

Q: Leaving market pressure to be the real limit do you think that that is an adequate safeguard? Especially as commercial interests in the internet have grown so explosively?

A: You keep referring to commercial interests. What commercial interests do you see applying to ICANN?

Q: Maybe I haven’t used the best phrase there but one of the common critiques of ICANN plays on what some perceive as a very real fear of corporate capture. You have very large multinational companies with increasingly large financial stakes riding on some of these decisions and the general way in which the domain name system, copyright questions and these types of things turn out under ICANN’s authority.

A: Corporate capture, I believe, is actually a red herring. It becomes in no company’s best interests to be regarded as the global bad guy. Imagine that Microsoft bought ICANN and then starting set up the domain name system in such a way that you got really great access to www.microsoft.com and nowhere else. Microsoft would be in a very bad position and would be subject to all kinds of penalties, both market and legal. That winds up being a position that nobody wants to get into.

The other extreme…what I see companies doing is coming to ICANN and saying please show me that you have a clue, please show me that you actually are going to do a good job of assigning these things and making things be fair so that can all have a playing field. I know recently before the contract with NSI was finally signed off, there was kind of a financial crisis at ICANN. A number of companies – Cicso and IBM included and I think there were a number of others – loaned ICANN some money to hold them over until they got a revenue flow from NSI. The reason was in no sense to be seen as somebody that wanted a favor from ICANN, but somebody who wanted to preserve the internet. Now those companies could, I suppose, turn around and try to muscle ICANN about you know ‘I was there when needed me.’ But I don’t see any of them trying to do that.