Guest post by Greg Thomas
The shot clock is ticking towards expiration of the NTIA-Verisign Cooperative Agreement — yet stakeholders are AWOL on completing accountability safeguards at root of the Internet.
It is remarkable — for all the wrong reasons — that only two months remain before the National Telecommunications and Information Administration (NTIA) must make a fateful decision on how it will address its’ long-standing Cooperative Agreement with Verisign — the private-sector corporation that edits the authoritative address book of the Internet’s Domain Name System (DNS), maintains two of the DNS root servers, and operates the .com and .net registries of the Internet, undoubtedly one of the most lucrative concessions ever granted.
Yet, despite representing a unique and singular opportunity to finish the critical task of improving accountability at the root zone of the Internet — and in stark contrast to the herculean effort to develop accountability mechanisms for the Internet Corporation for Assigned Names and Numbers (ICANN) prior to the transition of the Internet Assigned Names Authority (IANA) in 2016 — the much-vaunted global community of stakeholders is deafeningly silent. Whether from fatigue, attention-deficit disorder, or a failure of imagination, the absence of meaningful engagement and public dialogue by AWOL stakeholders is nothing less than dereliction of duty.
To be fair, I’ve spent nearly a decade thinking about this inflection point — perhaps longer and in greater detail than most. By way of introduction, I got my first real taste of the strange world through the looking-glass — that is, Internet governance — when I was recruited by Verisign in 2009 to help design the company’s strategy for renewal of the .net and .com registry agreements in 2011 and 2012, respectively, and with an eye on the horizon for the 2017–18 renewal cycle.
Early in 2010, I delivered a multi-year strategic plan that heavily focused on a long-term effort to build trust with the Internet’s global community of stakeholders and the U.S. Government — an approach that was sorely lacking after years of boorish, heavy-handed and appallingly tone-deaf missteps by the company and its predecessor, Network Solutions. My proposals, which anticipated the possibility that the .com concession was renewed but with constrained pricing, were all but dismissed and I was asked to leave the company not long after, in May 2010.
I was rehired in late 2013, to build a cross-company strategic perspective for the 2017–18 renewal cycle, this time including disposition of the Cooperative Agreement. The hallmark of my second stint at the company was the IANA transition and efforts to ensure that appropriate accountability safeguards were in place prior to removal of ICANN’s “training wheels”: the soft power represented by Uncle Sam’s ability to yank the lucrative, yet zero-dollar IANA procurement contract. In April of 2016, I departed Verisign, this time under my own steam, to focus my energy on other business ventures and my family, which was devastated by the sudden, unexpected loss of my father due to cancer the year before.
While pursuing other ventures, I have continued to observe developments in Internet governance from afar with the expectation that, at some point, there would be some indication of activity by some of the many interests vested in the details of any potential disposition of the Cooperative Agreement.
Yet, crickets.
Over the summer, in an effort to help spur discussion on the topic, I submitted comments for a notice of inquiry by NTIA on “International Internet Policy Priorities.” To my knowledge, the only other comments on the Cooperative Agreement were submitted by the Internet Commerce Association, an industry group representing domain investors. Additionally, GoDaddy offered some thoughts in testimony provided during a Senate hearing around the same time. The lack of focus on this issue quickly turned into a personal sense of alarm, as Summer is turning into Fall, and the calendar continues to march towards November 30th.
During the IANA transition, NTIA and ICANN were adamant that the Cooperative Agreement with Verisign was outside the scope of work required for completion before the procurement contract with ICANN expired. In hindsight, that was probably a wise decision — especially considering that, even without the thorny details of the Cooperative Agreement, the stakeholder community required a temporary extension of the procurement contract in order to complete its work.
To be clear, while a temporary extension may be similarly required here, I do not believe that the same intensity of purpose is necessary to address the disposition of the Cooperative Agreement. Although it is impossible to be certain, due to the mysterious unavailability of the original NSF-Network Solutions Cooperative Agreement, a review of the amendments available on the NTIA website suggests that only this remains relevant: NTIA’s unilateral right to review and amend the .com registry agreement between ICANN and Verisign for the stated purposes of promoting consumer choice and competition in the domain name market.
NTIA has gone to great lengths to assert that its authority is very narrow, but let’s cut to the chase: the ability to effectively set the wholesale price from which a billion-dollar public company derives more than 90% of its’ annual revenue is the very large stick which permits NTIA to speak so modestly. As I stated in my submitted comments, I do not believe it is feasible nor desirable to extend the Cooperative Agreement beyond the time necessary to ensure that a successor mechanism is in place that offers the same or better accountability safeguards for the corporation controlling a vast proportion of the DNS.
In the United States, the regulation of competition is vested in the Antitrust Division of the Department of Justice and the Federal Trade Commission. Both of these agencies are equipped with professionals possessing the experience and expertise to help foster the dynamic competition that best regulates healthy markets. Additionally, both agencies are experienced at negotiating and enforcing consent decrees with private-sector corporations, which is the solution I have previously suggested should be considered as an effective successor to the Cooperative Agreement.
Consider that, in the absence of any meaningful leverage, Verisign need only comply with a small number of technical key performance indicators (KPIs) in order to benefit, in perpetuity, from its’ presumptive right of renewal to this lucrative concession. This will only serve to allow the company to retreat further into a fortress shielded by legal provisions with which it can deflect anyone seeking redress or even basic cooperation beyond what is required for contractual compliance. One need only look at the history that includes the Cooperative Agreement to begin imagining a future without it. Or, consider the justification for the current accountability mechanism, as recounted to me in 2017 by a Clinton Administration official who helped insert this provision into the Agreement, “…time was running out and we weren’t worried about ICANN. We had to do something to keep them (the registry operator) from running away with the Internet!”
I don’t claim to have any monopoly on answers, or even good ideas. However, it is unacceptable to sit idly while one of a very small number of effective accountability safeguards expires. Take issue with me or my views, but I challenge anyone to defend the wisdom of permitting a corporation that controls so much of the core of the Internet to collect their share of Mammon while sitting comfortably behind impenetrable walls constructed from a presumptive right of renewal and a wide moat filled with basic technical KPIs; to argue with a straight face that competition is sufficiently present to regulate the domain name market and its hegemon.
Further complicating matters is the pragmatic reality that, although some have called for it, the .com registry agreement is not likely to ever be put out for open bid. The possibility that a non-US company could win a truly impartial and proper bid process overseen by ICANN is a national security non-starter. And anyone concerned about the global effects that could result from regulating an American company that is subject to U.S. jurisdiction — that is, indeed, a proverbial stone’s throw from the White House — can find ample and recent precedent for regulating entities domestically without being overly concerned about effects in other jurisdictions. Simply look at the EU’s implementation of its’ General Data Protection Regulation, which has largely had the effect of creating global privacy regulation by local fiat. What’s good for the Old World’s goose is just as good for the New World’s gander.
In the end, if so many economically and otherwise vested interests, including domain investors, copyright and trademark owners, law enforcement, new generic Top-Level Domain operators, and others, allow the path to be chosen for them at this crossroads — in effect, to fail to finish the job of ensuring effective accountability safeguards for the last of the two remaining pillars of the original IANA triad — then perhaps we really are through the looking-glass and, as the Cheshire Cat would observe, we’re all mad here.
Greg Thomas is the Managing Director of The Viking Group LLC, a strategic public affairs consultancy and Executive Director of the Responsible Consumers Alliance, a non-profit promoting a culture of personal accountability. He can be reached at greg@accountableconsumers.org.