How ICANN Policy Is Made (II)

A. Michael Froomkin

In a watershed moment in Internet history, ICANN declared this week that the ICANN staff can re-assign the .au ccTLD at will, without a finding of misconduct, without a public comment process, and despite the opposition of the incumbent ccTLD manager. In so doing, ICANN in effect simultaneously declared

  • that it can redelegate a functioning ccTLD over the opposition of the current delegate;
  • that controversial dictates of the so-called ICANN Government Advisory Committee (GAC) will be treated as ICANN policy even if they have never been voted on by any other part of the ICANN machinery;
  • that a major change on redelegation policies will be made in secret, without any public discussion;
  • that a major decision on the governance of a functioning TLD will be taken unilaterally and secretly by the ICANN staff, without either a publicly documented comment period or a vote of the DNSO or the ICANN Board.
  • that it's ICANN/GAC policy to support the creation of national mini-ICANNs as an end-run around ordinary government procedures.
  • All this from one report recommending the redelegation of .au? Yes. Even if you like this outcome, and there are reasons why you might or might not, there's quite a lot to be concerned about how ICANN got there and what this tells us about where ICANN is going.

    Some Background

    Jon Postel delegated .au to Robert Elz in 1986. Now ICANN is proposing that the US Dept. of Commerce take it away over Robert Elz's objections. How that happened is a telling story about today's Internet.

    Until this week, we all thought ccTLD policy was governed by one, or maybe two, documents. The first is RFC 1591. Here's what RFC 1591 says about re-delegations:

    Significantly interested parties in the domain should agree that the designated manager is the appropriate party.

    The IANA tries to have any contending parties reach agreement among themselves, and generally takes no action to change things unless all the contending parties agree; only in cases where the designated manager has substantially mis-behaved would the IANA step in.


    In cases when there are persistent problems with the proper operation of a domain, the delegation may be revoked, and possibly delegated to another designated manager.

    For any transfer of the designated manager trusteeship from one organization to another, the higher-level domain manager (the IANA in the case of top-level domains) must receive communications from both the old organization and the new organization that assure the IANA that the transfer in mutually agreed, and that the new organization understands its responsibilities.

    It is also very helpful for the IANA to receive communications from other parties that may be concerned or affected by the transfer.

    At the time RFC 1591 was written, IANA was an unincorporated unofficial subdivision of a university; for all intents and purposes it was Jon Postel and his associates. (Sometimes IANA was and is described as a 'function' performed by Postel, or by ISI; if IANA is just a 'function' then ICANN's acts as IANA lack even a fiction of separation, and clearly ought to be subject to the ordinary rules of transparency and process that [should] apply to ICANN generally.).

    In May 1999, ICANN (which had by that point taken over the IANA contract from USC) issued a document it called "ICP-1" which purported to `document' modifications to RFC 1591 (note how ICANN never makes policy, it just finds it ready-made). Here's what that document had to say about re-delegations:

    Transfers and Disputes over Delegations. For transfer of TLD management from one organization to another, the higher-level domain manager (the IANA in the case of TLDs), must receive communications from both the old organization and the new organization that assure the IANA that the transfer is mutually agreed, and that the proposed new manager understands its responsibilities. It is also very helpful for the IANA to receive communications from other parties that may be concerned or affected by the transfer. In the event of a conflict over designation of a TLD manager, the IANA tries to have conflicting parties reach agreement among themselves and generally takes no action unless all contending parties agree. On a few occasions, the parties involved in proposed delegations or transfers have not been able to reach an agreement and the IANA has been required to resolve the matter. This is usually a long drawn out process, leaving at least one party unhappy, so it is far better when the parties can reach an agreement among themselves. It is appropriate for interested parties to have a voice in the selection of the designated manager.

    (f) Revocation of TLD Delegation. In cases where there is misconduct, or violation of the policies set forth in this document and RFC 1591, or persistent, recurring problems with the proper operation of a domain, the IANA reserves the right to revoke and to redelegate a Top Level Domain to another manager.

    The .au Redelegation

    Leave aside the question of whether ICANN should be able to single-handedly modify RFCs, if only because this question is complicated by the fact that RFC 1591 was styled `informational' and not a 'standard'. (Today, a mere `informational' RFC is not officially a consensus document, although RFC 1591 clearly became one by usage.) Take ICP-1 as a genuine documentation of Jon Postel's and "IANA" practices up to 1999. When, under this policy, can IANA re-delegate a ccTLD over the opposition of the current holder? ICP-1 seems to envisage two sets of circumstances. One is a consensual transfer: where "both the old organization and the new organization ... assure ... IANA that the transfer is mutually agreed". That clearly is not the case here: Robert Elz, along with Melbourn IT a major Australian Internet company, opposed the transfer. The other circumstance is "where there is misconduct, or violation of the policies set forth in this document and RFC 1591, or persistent, recurring problems with the proper operation of a domain."

    There were some legitimate questions about Robert Elz's administration of .au. (You can see a discussion of some of them over at slashdot.) He was, many said, slow to approve domain registrations. On the other hand, he did the whole thing for free for years, did sub-delegate in order to make commercial registrations easier, and he did ensure that some personal domain name registrations remained free. Indeed, whatever the facts of the matter, ICANN's report on the .au delegation is surprisingly cagey about his faults. What's the problem that needs solving here? Here, in ICANN's word's, is its reason for re-delegation:

    Although the .au ccTLD has developed well to date under the personal stewardship of Mr. Elz, to achieve its future potential it should be managed by an organization formally accountable to the Australian Internet community. As noted in the U.S. Government's White Paper, "Internet names increasingly have commercial value" so that decisions about DNS policies and structure "cannot be made on an ad hoc basis by entities or individuals that are not formally accountable to the Internet community." The White Paper made this observation in 1998 to support the migration of the IANA function from the personal stewardship of Jon Postel to the more formalized structure of ICANN. Today similar considerations support migrating the .au ccTLD delegation from Mr. Elz to a formally accountable organization.
    Note well: "the .au ccTLD has developed well to date under the personal stewardship of Mr. Elz". Under RFC 1591, and even ICP 1, that should end the story and there should be no redelegation. But it didn't. (Watch ICANN policy being made, folks...)

    Maybe, you say, ICANN is just being polite. Maybe. But probably not. And even if it is, it doesn't matter. This is how precedents get made. When the next "ICP" springs on us out of the blue, you can be sure that the redelegation of .au will be at the center of it, and it will be explained as "documenting" not "making" policy. So it's important to be very clear about what is going on here.

    We need to pay close attention to the official reasons why .au is being transferred. There are broadly speaking, only two of them. First, ICANN explains, the Internet is too valuable to leave to amateurs. There's money to be made here, and names "have commercial value". Can't leave this valuable property in the hands of the old-timers. Perhaps a future Max Weber of the Internet will explain this as the move from feudalism to capitalism (or is it the move from feudalism to bureaucracy?). Second, ICANN tells us, there's a third policy document besides RFC 1591 and ICP 1 that enters into the equation:

    In February 2000, the ICANN Governmental Advisory Committee (GAC) issued a document entitled "Principles for the Delegation and Administration of Country Code Top Level Domains," commonly known as the "GAC Principles." These principles serve as "best practices" to guide governments in assuming proper roles with respect to the Internet's naming system, which the GAC has observed is a public resource to be administered in the public interest. In general, they recognize that each government has the ultimate responsibilty within its territory for its national public-policy objectives, but also that ICANN has the responsibility for ensuring that the Internet domain-name system continues to provide an effective and interoperable global naming system. The GAC Principles recommend that governments and ICANN pursue their respective roles by creating a framework for accountability memorialized in communications with each other and with the ccTLD manager (see clause 2). The GAC Principles guide governments on how to responsibly structure their relations with ccTLD managers (see clauses 5.5 and 9). Among these specific principles, the best practices contemplate that governments will assist in ensuring that the ccTLD manager complies with ICANN polices related to global coordination of the Internet DNS (clauses 9.1.7
    Get this: .au is being redelegated because ICANN does what the GAC tells it to. This GAC policy wasn't passed by the Board. It wasn't discussed by the DNSO, which is supposed to be the primary locus for the discussion of domain name policy. No, it emanates from a body we have always been assured in the most ringing tones is purely advisory. Well, the gloves are off now.

    ICANN is supposed to be a consensus body. Both RFC 1591 and ICP 1 talk a great deal about consulting local internet users. Surely a change of this magnitude -- the first redelegation of a functioning ccTLD over the protest of the existing ccTLD manger -- required some consultation. One would expect, at a minimum, an official notice that ICANN contemplated the change, and some outreach for comments. But no, when ICANN wears its IANA hat, it doesn't even bother with either notice or public comment fora:

    Upon receiving auDA's redelegation request, the IANA consulted over several weeks with the current manager of the .au ccTLD, Robert Elz. As the manager of the .au ccTLD for 15 years, Mr. Elz has accumulated great familiarity with the circumstances of the Australian Internet community and the .au ccTLD. In addition, the IANA consulted with members of the Australian Internet community, as well as seeking clarifications as necessary from auDA and the Australian Government.

    Based on this investigation, it is the IANA's conclusion that there is widespread--nearly universal--support for moving the delegation of the .au ccTLD to an organization permitting broad participation of the Australian Internet community in the development of policy for the .au ccTLD.

    Read that one carefully. Note the absence of hyperlinks. "The IANA" (that is, ICANN) "consulted with members of the Australian Internet community," -- names and numbers unspecified. As well as talking to some number of their friends and acquaintances, the ICANN staff spoke to the Australian government, and to the people coveting the ccTLD. Not surprisingly, they were all for the redelegation.

    Only two negative views make it into ICANN's report: those of Robert Elz, and those of the not-inconsiderable Melbourne IT, which runs The latter's views, and the treatment they received, are also instructive. Melbourne IT seemed to be worried that the new ccTLD domain manager "is a new, untested organization that may not prove effective in broadly representing all parts of the Internet community. Both Mr. Elz and Melbourne IT suggested that the management of the .au ccTLD would more appropriately be performed directly by the Australian Government." Indeed, Melbourne IT's letter listed a very large number of reasons why it was worried, including suggestions that the proposed new ccTLD administrator, the auDA might have exceeded its authority or violated its charter. I personally have no idea how well-founded these worries were. Several look plausible on the surface, but for all I know the real motivation might be an incumbent's anti-competitive reflex -- after all, opening up the .au namespace may make for more competition for My point here is not that Melbourne IT is right, or ICANN wrong, but rather that anyone who reads ICANN's report isn't going to know either, because ICANN never deals with the substance of Melbourne IT's objections.

    No, rather then getting into the details, ICANN dismissed them all with a breathtaking piece of sophistry. auDA can't be bad, we are assured, because both it and the Australian government promise it will be good. ICANN relied on this representation from the Australian government:

    The auDA Board comprises a good cross-section of the Internet community, deliberately having representation from the supply and demand side of the industry, representative associations and the Internet community in general. The Board has also appointed two Independent Directors, Mr Tony Staley and Mr Greg Crew. ...

    ... should a situation arise which would suggest that auDA is no longer operating in the interest of the global Internet community the Government would be made aware of this and actions would be taken to resolve the matter. Guidance would also be sought from ICANN on how best to deal with such a situation.

    (italics added). So the thing that stops auDA from turning into a supervision by ICANN. Cold comfort indeed. ICANN also relied on the auDA's promise to adhere to clause 9 of the GAC Principles (which give the local government effective control of the ccTLD). Again, the GAC principles are turned into binding policy.

    Here's ICANN/IANA's take on all this:

    According to the design described in its constitution, auDA is well-suited to be inclusive of, and accountable to, the Australian Internet community and to operate through open, transparent, and inclusive processes. Mr. Elz's and Melbourne IT's concerns appear to be that auDA will not develop according to this design. These concerns, however, are obviated by the Australian Government's desire to have the .au ccTLD managed by the private sector, combined with the Government's commitments that it will ensure that auDA operates in an open, transparent, inclusive, and representative way.
    Long-time ICANNWatchers are forgiven for the panic reaction that sets in when you hear promises that a new quasi-autonomous government organization will operate "in an open, transparent, inclusive, and representative way." We sure have heard that one before.

    Why This Is Serious

    ICANN now takes the view that if a government wants to take a ccTLD, or wants it delegated to its mini-ICANN, "IANA" can do that, without a finding of fault on the behalf of the existing ccTLD operator.

    There are three grounds for concern in this story. The first, as I've suggested in this narrative, is that ICANN persists with the fiction of IANA to the detriment of open processes. This is dangerous. The second, also set out above, is that ICANN creates new policies on the fly -- this time with the added bonus of turning GAC's advisory role into one of pure policymaking, unmediated by any other ICANN body. This too is dangerous. The third is that ICANN's new policy essentially puts governments in control of ccTLDs. That's complicated, but subtly dangerous too.

    Ultimately, I think governments can, and should be allowed to, exert control over ccTLDs designed to serve their nations. RFC 1591 requires that the ccTLD operator have a local presence, and that means that governments will always have the power to regulate (or even jail) the ccTLD operator. But in democratic governments, regulatory decisions have to be made according to established and legitimate processes. Taking a functioning ccTLD from someone against their will is not something a democratic government would necessarily find it easy to do. Similarly, all sorts of ccTLD regulations -- the UDRP comes to mind -- may only be possible if enacted through ICANN, or a series of mini-ICANNs.

    ICANN was already a means by which the US government did an end-run around ordinary government procedures. Now ICANN's taking the show on the road.

    Useful links
    Discussion of this essay at ICANNWATCH.ORG

    Story in The Australian
    slashdot discussion
    Sydney Morning Herald story

    Sept. 5, 2001