The IANA transition and ICANN accountability processes are lurching to a conclusion. The Marrakech meeting in early March will finish the deal. The basic outlines of a proposal that seems acceptable to, but not loved by, most stakeholders is taking shape. It is time for an overall assessment of where we are.

The deal is so complex and multifaceted that it is difficult to grasp the total picture. To help with the assessment, this blog divides the proposals into three basic categories: the good, the bad and the ugly. Apologies to Sergio Leone, and for being trite, but the IANA transition is nothing if not full of goodness, badness and ugliness.  We need to clearly separate them and decide whether the total package is worthwhile.

The final ICG proposal for IANA stewardship transition can be seen here; the almost-final CCWG proposal for enhanced ICANN accountability can be downloaded here.

Let’s start with the good stuff.

The Good 

There are important reforms in the CCWG proposal and in the IANA transition plan.

No more changing the rules in the middle of the game.

One big accountability win is the way the reforms insulate fundamental bylaws from being changed unilaterally by the ICANN board. Currently any provision of the ICANN Bylaws can be changed by a 2/3 vote of the ICANN Board. While we want ICANN to evolve and be flexible, the Board and its staff have had too much discretion and have shown a tendency to amend its bylaws in ways that serve its corporate self-interest without consulting the public. For example, after losing an independent review process (IRP) challenge in 2009 ICANN quietly altered its bylaws to make it much more difficult for challengers to prevail in an IRP. The reforms will put an end to those kinds of games. Some bylaws will be classified as “fundamental” and any changes to them must be approved by a 3/4 vote of the board and ratified by the broader community. Public consultations will be required for all bylaw changes.

An independent judiciary.

ICANN is finally setting up what can only be called an independent judicial branch of Internet governance – that is, a binding and independent appeals process. The Independent Review Process (IRP) will have a standing judicial/arbitral panel that can decide on the merits of complaints brought by any individuals or companies who have been materially affected by perceived violations of the Articles of Incorporation and/or Bylaws. The so-called Empowered Community could also initiate an IRP with respect to matters reserved to it in the Articles of Incorporation or Bylaws. ICANN would bear the administrative costs of maintaining a system of 7 standing panelists, while each party should bear the costs of their own legal advice. The IRP reduces the ICANN staff’s and board’s ability to control processes, e.g. by using “expert panels” or refusals to disclose documents, as those decisions would also be subject to appeal. Most importantly, the decisions of the IRP will be binding upon the ICANN board.

Demystifying and Rationalizing IANA

It was not too long ago that many people, especially in governments, viewed “the IANA” as a magical ring of power that, if seized, could make someone Lord of the Internet. In line with this belief, not too long ago both American conservatives and European Commissioners were proposing, as part of the transition, forms of IANA oversight that would allow a third party to override the ICANN policy process by controlling what IANA does after a policy was made. Also, an “IANA mystique” developed among people with a very weak grasp of what it actually does. It was perceived as a place where the magic of the Internet happened, and produced an almost religious belief that it had to remain combined and centralized in a single entity (preferably someone or something resembling the late Jon Postel).

All this nonsense seems to have passed into history. We seem to understand now that it is the policy making process (in ICANN for names, in the RIRs for numbers and in IETF for protocols) that dictates what IANA does – and we do not solve the problem of making policies better or more accountable by creating some deus ex machina that oversees IANA. Further, we no longer think of “the IANA” as a single thing, we now understand that it is a collection of three distinct families of registries (with a few small points of interdependence), serving three operational communities with different needs (domain names, IP numbers and protocol developers). Moreover, many people have started to realize that the Root Zone Maintainer (currently, Verisign) is a part of the system that is just as important as the IANA.

In line with that more realistic understanding, the transition has succeeded, partly, in rationalizing and improving the relationship between ICANN and IANA, by structurally separating the IANA functions operator (to be known as PTI, or Post-Transition IANA) from ICANN. The reasons why this is important are outlined in some of our prior papers, in blog posts such as this and this, and in an IETF RFC. In essence, there should be a firm division between the entity that makes policy, and the entity that updates a registry in accordance with established policy. The IANA is just a clerk that implements policy and keeps the records straight. If any operational community is dissatisfied with the way the clerk updates their registries they should be able to fire the clerk and hire another. That’s accountability.

The transition proposal has moved us significantly closer to that goal. It legally separates IANA from ICANN. It establishes a very clear principle that the numbers and protocol communities have the right to fire ICANN as the IANA Functions Operator (IFO) and use someone else. Logically related to this, the proposal will divest ICANN of the IANA-related trademarks and domains. The domains and trademarks will become a resource held in trust by the IETF, and assigned to whoever the communities choose as their IFO. By giving up ownership of the trademarks and domains associated with IANA, the proposal dramatically lowers the switching costs associated with moving the IANA Functions Operator out of ICANN. A big win for accountability.

Unfortunately, the ability of the names community to separate IANA from ICANN is horribly limited – see The Ugly category below.

Community powers

The proposal creates an “empowered community” whose most important accountability functions are its ability to approve fundamental bylaw changes and to remove an individual board member or kick out the entire board. But it also has the power to reject standard bylaw changes and proposed budgets and strategic plans. It can initiate an IRP proceeding, and can also override board decisions related to IANA functions separation. The composition of the empowered community is not optimal (see The Bad, below), as it is based not on individual membership, or even distinct stakeholder groups, but upon large and very unequally sized Supporting Organizations and Advisory Committees. But in extreme cases, if ICANN does something that outrages almost everyone in its domain, there is the possibility of taking out the entire board, and of removing particularly bad board members. The threat of doing this will prove to be useful even if it never happens.

Strengthened transparency

Decisional participants in the so-called Empowered Community have strengthened rights to gain access to inspect ICANN documents, accounts and records. Inspection rights are defined under California law and the so-called Empowered Community will have inspection rights analogous to those of members under California law. Additionally, we have a commitment from ICANN that its Document and Information Disclosure Policy (DIDP) will be reviewed, and possibly improved, in Work Stream 2. There are also improvements in the transparency and procedure for Reconsideration Requests.

  The Bad

Mistakes were made along the way. Here is a list of all the bad things in the final proposals.

An empowered GAC?

Misled by naïve interpretations of multistakeholder ideology, the CCWG proposed to make the Governmental Advisory Committee (GAC) a decisional participant in an organization that was created precisely to transcend governmental jurisdictions and controls. If this happens, GAC will participate in deciding about budgets, board member removals, and other matters of ICANN corporate governance. This is a major shift in the nature of GAC’s role in ICANN, which has almost nothing to do with ICANN accountability. ICANN’s Articles of Incorporation specifically prohibit governments from appointing board members, yet here they are potentially participating in decisions to retain or throw out the board. GAC’s mandate is to provide advice on public policy matters, yet Recommendation 1 allows them to vote on budgets, bylaw changes, and the like. The CCWG also agreed to change the voting threshold required for the ICANN board to reject GAC advice, increasing it from a majority to 60% (which translates into the vote of one additional board member).

The significance of this Bad is mitigated, however, by three things. First, the GAC will not be able to vote when the Community Mechanism is considering whether to challenge the board for following GAC advice that violates its mission limitations. Second, the GAC was forced to commit itself to making decisions by full consensus. In other words, GAC is required now to always make decisions on the basis of no objection by any member. Thirdly, and weirdly, despite being thrown these goodies by the CCWG, the GAC as a whole cannot decide whether it even wants to be a decisional participant in the community mechanism. Indeed, GAC has struggled repeatedly to provide meaningful position statements throughout the process because of its consensus requirement. In some ways, GAC’s inability to come to a unified decision mitigates the threat of governmental control of ICANN; but it creates other problems. GAC can throw a wrench into empowered community proceedings by insisting on participating when it is unable to make up its mind. And this is not just Bad, but Ugly (see below).

The elevated ALAC

The CCWG also gave the tiny At Large Advisory Committee the same decisional power as an entire supporting organization. Bizarre mistake. The GNSO, ASO and ccNSO were supposed to be the policy making entities, and each of them represents thousands more individual and corporate stakeholders than ALAC. Aside from the narrowness of its representation, ALAC has a bit of a conflict of interest. Ever since it was created in 2002 as a (poor) substitute for individual membership, ICANN has poured millions of dollars into supporting and cultivating this group. ALAC is very useful to ICANN, Inc. It allows it to pretend that it aggregates the interests of all the world individual Internet users, yet at the same time it is entirely under the staff’s control. Alas, ALAC has evolved into the Internet governance equivalent of a “company union.” Not surprisingly, it routinely advocates and supports the interests of the board and staff in governance controversies – as it did all throughout the CWG and CCWG. While ALAC should have some role, its weight in the new system is entirely disproportionate to its responsibilities and representations, and its dependence on ICANN itself makes it an unreliable partner in accountability mechanisms.

The board’s revenge

At various points when ICANN was being challenged for its lack of accountability, it would lamely attempt to turn the tables on the community members or individuals and ask “to whom are YOU accountable?” Never mind that the entities and people of which this was asked did not have a monopoly on the global DNS root, or the ability to make rules regulating an entire industry and its users, while generating a revenue stream of a hundred million dollars per year in compulsory fees derived from that monopoly. ICANN, apparently, considered its community to be a menace  in need of external accountability mechanisms. And somehow it succeeded in convincing a few critical people in the CCWG that its Supporting Organizations and Advisory Committees needed to be more accountable, too. So the CCWG proposal gives the Board the authority to initiate “accountability” reviews of ACs and SOs; all ACs and SOs, that is, except for (you guessed it) the GAC. The problem with these reviews is not so much that they exist. It probably doesn’t hurt that ACs and SOs be reviewed. The problem is that a) one of the entities most in need of enhanced accountability, the GAC, is exempted; and b) ICANN, Inc. is entirely in control of who will conduct these reviews and how they will be conducted. This recommendation is based on Article IV, Section 4 of the ICANN Articles of Incorporation, which empowers the board to conduct “independent review of ICANN actions and periodic review of ICANN’s structure and procedures.”

The goal of the review, to be undertaken pursuant to such criteria and standards as the Board shall direct, shall be to determine (i) whether that organization has a continuing purpose in the ICANN structure, and (ii) if so, whether any change in structure or operations is desirable to improve its effectiveness.

The board unilaterally sets the criteria and standards of the review. This gives the board a way to exact revenge on constituencies or entities who conflict with them. An SO that consistently votes against ICANN in some important proceeding just might find that a review team appointed by ICANN has determined that it has no “continuing purpose in the ICANN structure” or that some kind of change in its structure “is desirable to improve its effectiveness.”

 The Ugly

We turn now to The Ugly. There are at least three qualifying things.

ICANN monopoly on names IANA

The ugliest part of the transition is surely the IANA separation process for names. It is so badly designed that it effectively gives ICANN’s affiliate, PTI, a permanent monopoly on running the names-related IANA functions. The proposal creates a periodic IANA Functions Review (IFR) process, one after 2 years and one every 5 years thereafter. If an IFR decides that there are serious problems, it can initiate a separation process. Reasonable. Good. But if a formal IFR says a separation was needed, one would think that a Request for Proposals would be issued and the ICANN community would start looking at bids from new operators. Did the CWG propose that? No. Instead, it said that a “Separation Cross-community Working Group” (SCWG) must be formed. The SCWG would be composed of no less than 17 people drawn from different stakeholder groups, committees, and liaisons. And before one can even create this SCWG, the idea must be approved by a supermajority vote of the GNSO and ccNSO Councils, approved by the ICANN board after a public comment period, and approved by the community mechanism developed by the CCWG. Aside from the needless procedure, note the obvious conflict of interest here: ICANN’s board gets to decide whether a committee that could divest it of the IANA functions operator will even get to exist. And keep in mind that all this happens after an official IFR has already determined that a separation process is needed. So the process of separation must jump four, almost insurmountable procedural hurdles before it can even begin. This is a caricature of multistakeholder governance, the height of ugliness. The people who designed this Rube Goldberg contraption are either idiots, or were deliberately making it impossible to ever detach the names-related IANA functions from ICANN. Probably a combination of both.

Mission and Core Values

Second place in the Ugly category goes to the revised mission and core values. The revision of ICANN’s mission statement and core values was a reform that many Internet freedom advocates put a lot of effort and hope into. We all know that it is possible for ICANN’s control over the DNS root to be leveraged for centralized regulation of content and behavior on the internet (and it is clear that certain interests are keen to use ICANN in that way). There was a hope that the mission statement could become a constitution-like limitation on ICANN’s powers: it would enumerate ICANN’s powers and allow people to challenge any deviation from the clearly defined, limited scope of authority using an independent appeals process.

That goal commanded widespread support, but did not turn out so well in the end. The results are not bad, but they are not good either. Mostly, they are just ugly.

They are ugly because they are muddled. This happened when certain stakeholders started to think about how a clear and limited mission might prevent ICANN from doing certain things they want ICANN to do. In particular, GAC and ALAC are in love with the idea of ultra vires regulation, such as Public Interest Commitments (PICs) imposed on registries by AC fiat. And the copyright and trademark interests love the idea of leveraging ICANN to create new forms of intermediary responsibility for copyright and trademark violations, regardless of whether it is required for global coordination of the DNS or not. Our attempt to come up with a mission statement that limited this kind of mission creep while satisfying these people made the language increasingly complex and full of qualifications and conditions. Ugly.

The new mission statement contains a wonderful sentence: “ICANN shall not impose regulations on services that use the Internet’s unique identifiers, or the content that such services carry or provide.” That seems like a clear win for Internet freedom. But it is followed by 400 words of qualifications and exceptions, including the statement that “ICANN shall have the ability to negotiate, enter into and enforce agreements, including Public Interest Commitments (PICs), with contracted parties in service of its Mission.” Whether the phrase “in service of its Mission” protects us from mission creep or not will depend on “case law” as it evolves in the future.

GAC: The undecided decider

Next up in the Ugly contest is the GAC. I do not mean the GAC itself, or its members, are ugly. I am referring to its participation in the CCWG process. The GAC presented us with an absurdist presence during the final stages of the CCWG. It simultaneously demanded more power for itself while also showing us that it could not make up its mind about anything important. We fought enormous battles over whether the GAC would be a decisional participant in the community mechanism, with a small faction of GAC members pushing this very strongly – yet in the end the GAC was unable to tell us that it really wanted to be part of the community mechanism! È questo brutto? The GAC is unable to make up its mind because it is composed of over 100 governments who often disagree. So, naturally enough, the faction for “GAC power” (raise your fist in the air, say that out loud three times, and think of Huey Newton) also pushed hard to eliminate the consensus requirement for GAC advice; in other words, they wanted the GAC to be able to make decisions overruling the objections of one or more sovereign nations. That’s a dangerous thought – but fortunately the community resisted it firmly.

Putting the pieces together

In evaluating this deal, it is important to keep in mind that there are still many implementation details that have to be defined, and that the proposals must still be reviewed by the NTIA and U.S. Congress.

That being said, we pretty much have to decide in the next month whether this deal is acceptable or not. For me, the key question is not, “could this be better?” (obviously, it could) but “is this significantly better than the status quo?” The status quo means that none of The Good, Bad or Ugly documented above would come to pass. ICANN’s board would continue to have almost untrammeled power, and ultimate responsibility for the accountability of ICANN would continue to reside almost entirely in the hands of a small branch of the U.S. Commerce Department.

In my view, the Good elements of this proposal outweigh the Bad and Ugly parts, and it’s pretty obvious that the status quo is worse, unless you believe that a new Presidential administration is going to hit the reset button and run us all through this hamster wheel again. There are huge disappointments here, mainly the failure of the names community to create a periodic review and re-bidding process for the IANA functions, and the muddling of the mission limitations. But we still might pull some gold out of the new mission statement’s dross, and the gains – the bylaw change approvals for the community, the strengthened IRP, and the community powers – are an advance. Assuming that the implementation details are not sabotaged somehow, I am prepared to support these proposals.

This evaluation is just a first pass. We remain open-minded to other arguments and look forward to engaging in dialogue and debate before, during and after Marrakech.