|Multi-Stakeholder Public Policy Governance and its Application to the Internet Governance Forum|
Between the inception of ISOC in 1992 and the resolution of the Tunis Agenda in 2005, the Internet changed immeasurably: it grew more than four hundred times larger, and entire industries rose and fell around it. Yet formally, comparatively little changed over that period in the institutions by which it was governed. For example its peak body was still the non-governmental, non-profit civil society association, ISOC, and its technical standards were still primarily developed by one unincorporated technical body, the IETF, subject to the oversight of another, the IAB.
In general, the interrelationships between these organisations were not lines of authority but merely of informal oversight or “guidance,” mostly as posited in RFCs rather than in agreements or international instruments. The exceptions are the more recently-formed arrangements: ICANN’s with the NTIA, with its gTLD registries, and most recently—only since 2008—with the largest of the root server operators (whose role will be explained below). The concentration of effective power within the network of organisations, and its fluidity, may therefore be very different from what their formal arrangement suggests. With that proviso, a diagram summarising the various organisations and their relationships appears in Figure 2-1.
Whilst most of the organisations illustrated have been described above, a few more words must be said about ISOC, the IAB and ICANN—all of which operate on an international level—before the organisations exercising governance of the Internet’s technical coordination on a regional and a national level are examined.
ISOC is a non-profit organisation incorporated in the United States with offices in Washington, DC and Geneva. It has members in over 180 countries, divided into individual and organisational constituencies, and Chapters which are regional ISOC groups such as ISOC-AU, the Internet Society of Australia. ISOC is governed by a Board of up to twenty Trustees holding office for three years, most of whom are elected by ISOC’s members, but with three nominated by the IETF and up to five by the incumbent Board. The panel of candidates for election by members includes those nominated by a seven-member Nominating Committee, and those who are petitioned for candidacy by at least seven percent of the members in a given constituency. ISOC is the “organisational home” of the otherwise unincorporated IAB, IETF and IRTF.
The IAB is constituted both as a technical advisory group of ISOC, and as a subcommittee of the IETF. The members of the IAB, and its Chair, are nominated by a voluntarily-convened nominating committee of the IETF (the Nomcom), and these nominations are approved by ISOC’s Board of Trustees. The IETF Chair also sits as an ex officio member of the IAB. The Chairs of both the IETF and IRTF and their Steering Groups (respectively the Internet Engineering Steering Group or IESG, and the Internet Research Steering Group or IRSG) are appointed by the IAB. Membership of the Steering Groups is by nomination of Nomcom, subject to the approval of the IAB. The IAB also acts as an appeal board for complaints of improper execution of the standards process by the Steering Groups. The IAB’s own decisions are published by RFC.
The third and best known international body involved in technical coordination of the Internet is ICANN. ICANN is a non-profit California corporation currently contracted to the NTIA to manage the DNS root and to perform related functions of the formerly-independent IANA. The MOU pursuant to which these services are performed (described in its latest revision as a “Joint Project Agreement” or JPA) is due to expire in September 2009. Following its expiry, it is planned that the Department of Commerce will pass most of those functions on to ICANN for it to perform on a fully privatised basis, though in November 2005—just prior to the second session of WSIS—the NTIA matter-of-factly noted that the United States intended to “maintain its historic role in authorizing changes or modifications to the authoritative root zone file.”
The board of ICANN is composed of fifteen voting members: eight selected by a Nominating Committee (also known as NomCom, but distinct from the IETF committee of the same name), two each by ICANN’s three Supporting Organisations, and the President who sits ex officio. The ICANN NomCom is required to ensure that the directors it nominates display diversity in geography, culture, skills, experience, and perspective, which includes ensuring that the board contains at least one director, but no more than five, from each geographical region as defined in ICANN’s bylaws. Officials of national governments or intergovernmental organisations are disqualified from serving as directors.
The ICANN NomCom itself comprises seventeen voting members, plus a chair and up to five other non-voting associates, advisers and liaisons. Nine of the NomCom’s voting members are selected by ICANN’s Supporting Organisations by reference to various criteria, with five others being nominated by ICANN’s At-Large Advisory Committee described below, and one each of the remainder being designated by the Board to represent academia, by the IETF, and by the Technical Liaison Group also referred to below.
ICANN’s three Supporting Organisations (SOs), along with five self-organised Advisory Committees (ACs), serve to advise the ICANN board. Each of the Advisory Committees, and the IETF, appoint a non-voting liaison to the board. An Ombudsman is also appointed to carry out internal review of contested decisions of the board.
The three Supporting Organisations are the Address Supporting Organization (ASO), the Generic Names Support Organization (GNSO), and the Country Code Names Support Organization (CCNSO), which respectively provide policy support to ICANN in the areas of IP addressing, gTLDs and ccTLDs.
The five Advisory Committees are the Governmental Advisory Committee (GAC), the Root Server System Advisory Committee, the At-Large Advisory Committee (ALAC), the Security and Stability Advisory Committee and the Technical Liaison Group. Of these, the first three are of particular note. They are ICANN’s liaisons respectively with DNS root server operators, governments and the Internet community at large. Being Advisory Committees, they have no direct vote on ICANN’s board, though as noted above ALAC does appoint five voting members to the ICANN NomCom.
The DNS Root Server System Advisory Committee, firstly, is formed of the operators of the DNS root servers. ICANN itself does not actually control these root servers, and never did. The root servers act as the authoritative source of DNS data for the TLDs. When ICANN makes a policy decision to add a new TLD to the root, and this decision is authorised by the NTIA, it is an entry in the DNS configuration files of one of the root servers that actually effects the change. There are thirteen classes of root server distributed throughout the world, under the control of a number of independent operators.
As for the GAC, its mission is to
consider and provide advice on the activities of ICANN as they relate to concerns of governments ... including matters where there may be an interaction between ICANN’s policies and various laws and international agreements and public policy objectives.
Membership of the GAC is open to representatives of any national government. Unlike ICANN’s board, some of whose meetings are open to the public and all of which are minuted online, the GAC has resolved to meet behind closed doors. As well as advising the ICANN board directly, the GAC may recommend that the board seek external expert advice, including reference of “issues of public policy pertinent to matters within ICANN’s mission to a multinational governmental or treaty organization.” Since 2002, the GAC has also been the only Advisory Committee whose advice may not be rejected by the Board without providing written reasons.
Finally, and at the other end of the spectrum from the GAC, ALAC’s mission is to represent the interests of individual Internet users at large to the ICANN board. It is comprised of fifteen members; five selected by the ICANN NomCom, and two by each of five Regional At-Large Organizations (RALOs). The RALOs are umbrella organisations of Internet user groups, one in each geographic region as defined in the ICANN bylaws. APRALO is the RALO for the Asia-Pacific region including Australia, and ISOC-AU is one of its constituent sub-groups.
Apart from the RALOs, the other organisations involved in technical coordination of the Internet on a regional level are the RIRs such as APNIC. These are non-profit organisations responsible for the administration of IP address allocations to ISPs or sub-regional Internet registries, under the coordination of ICANN. Although the RIRs set their own policies, in 2003 they formed a Number Resources Organization (NRO) to deal with issues of joint concern, from which membership of ICANN’s ASO is drawn.
The RIRs presently in operation are ARIN (American Registry for Internet Numbers) serving North America, RIPE NCC (Réseaux IP Europeéns Network Coordination Centre) which covers Europe, Central Asia and the Middle East, APNIC which covers most of Asia, plus Oceania, LACNIC (Latin America and Caribbean Internet Addresses Registry) whose coverage is as its name suggests, and AFRINIC, which covers Africa.
APNIC, much like the other RIRs, is constituted as a non-profit membership organisation. Since 1998 it has been registered as a corporation in Queensland, Australia. The majority of members are ISPs and large corporations from the Asia-Pacific region who receive resources from APNIC, such as allocations of IP addresses or Autonomous System (AS) numbers. The members elect APNIC’s seven-member Executive Council from an open panel of nominees. The Executive Council elects APNIC’s Director General who heads its General Secretariat.
Much like the Areas of the IETF (to be discussed in greater detail below), APNIC has a number of Special Interest Groups (SIGs) which specialise in particular policy areas. SIGs devise their own charters and procedures for reaching and recording consensus. Each SIG’s work takes place on public electronic mailing lists which are open to all interested participants, not only to APNIC members. A SIG may also create short-term Working Groups to tackle specific projects on the SIG’s behalf.
Two Open Policy Meetings per year are held by APNIC at which the members present ratify any policy proposals developed by the SIGs since the preceding meeting. The proposals are then subjected to a final period of public comment on the SIG mailing list before they are endorsed by the Executive Council. BOF (Birds of a Feather) sessions are also held at Open Policy Meetings, and it is at these sessions that new SIGs may be formed if sufficient interest exists from within the membership.
On a national level, the most prominent organisations involved in technical coordination of the Internet are ISOC chapters such as ISOC-AU, and ccTLD registries such as auDA, which administers the au ccTLD.
auDA is a non-governmental organisation established in 1999 to take over administration of the au ccTLD from an individual, Robert Elz. There are a startling number of historical parallels between the transfer of administration from Elz to auDA and the transfer of administration of the DNS root from IANA and NSI to ICANN.
Most obviously, both transfers were the product of the explosion in popularity of the Internet during the mid 1990s, which overwhelmed the resources of the incumbent administrators. In Elz’s case, his initial response was to sub-delegate control of the edu.au and gov.au second-level domains (2LDs) in 1990, then net.au and asn.au in 1994. Finally in October 1996 Elz awarded Melbourne IT Ltd a five year contract to administer com.au. Much like NSI, the new monopolist immediately began charging for registration of com.au names amidst widespread dissent from the Australian Internet community.
Echoing the efforts of the gTLD-MoU, there were attempts to regulate Melbourne IT’s lucrative monopoly over the most popular Australian 2LD by establishing a ground-up organisation to be called the Australian Domain Name Administration (ADNA), which was incorporated in May 1997. However mirroring the opposition to the gTLD-MoU mounted by incumbents such as NSI, ADNA’s position became untenable when it failed to win support from most of the 2LD administrators.
To resolve this impasse, ADNA’s board requested NOIE (now AGIMO—essentially the NTIA’s counterpart in Australia) to hold a summit on the future of administration of the au ccTLD. The result of this was the formation of Australia’s equivalent to the IFWP: a dot-AU Working Group (auWG) containing public sector, private sector and civil society representatives. Following community consultation, the auWG recommended the creation of auDA, a non-profit corporation, to act as the new ccTLD administrator. Reflecting the view of ICANN’s GAC (whose secretariat at the time was NOIE), auDA’s constitution accepted “that the Internet Domain Name System is a public asset, and that the .au ccTLD is under the sovereign control of the Commonwealth of Australia.”
In November 1999 Elz transferred control of the com.au 2LD to auDA, but retained control over the au root and its other 2LDs. Once again recalling international events, the nascent auDA was criticised by Elz and the incumbent com.au monopolist Melbourne IT, as not having demonstrated its capacity and representativeness sufficiently to justify receiving control of the ccTLD. ICANN proceeded to redelegate the au ccTLD to auDA regardless of these objections in 2001.
Much as the NTIA has retained ultimate authority of the DNS root, the Commonwealth was careful to assert ultimate control over the ccTLD management function through Division 3 of Part 22 of the Telecommunications Act 1997 (Cth), which provides for the regulation of “electronic addressing” by ACMA and the ACCC (Australian Competition and Consumer Commission). This provision was passed as a precursor to the request of the Australian Government through the Minister for Communications, Information Technology, and the Arts, to ICANN to effect the transfer of control over the au ccTLD to auDA, and reserves to ACMA and the ACCC the power to take over management of the au ccTLD.
In July 2002 AusRegistry Ltd was appointed by auDA as wholesale registry operator for all of the 2LDs that were open for registrations by the general public (then com.au, net.au, org.au, asn.au and id.au), a role akin to that of Verisign in respect of the com and net gTLDs. Melbourne IT was thereby relegated to the status of one of numerous registrars accredited by auDA to accept such registrations.
auDA is a corporation limited by guarantee, containing two classes of members: supply-side (that is, those who supply domain names to the public) and demand-side (that is, consumers of domain names). Each class of member elects four directors to auDA’s board from a panel nominated by that class. The CEO is an additional non-voting member, and the board itself may appoint an additional two independent directors, a prerogative first exercised in 2000.
auDA draws upon the work of a number of ad hoc advisory and review panels and committees staffed by volunteers drawn from within and outside auDA’s membership. Nominations for membership of a panel or committee are approved by auDA’s Chief Policy Officer, an unelected staff position. There have to date been nine such panels and committees, the last of which to sit was the 2007 Names Policy Panel. The panels and committees generate proposals and recommendations which are released for public comment on auDA’s Web site before being submitted to the board for its approval.
auDA’s public policies are reviewed on a cyclical basis. During policy reviews, public submissions are received and published on auDA’s Web site. auDA also had an active mailing list, open to non-members, on which issues of policy were (often very robustly) publicly discussed and debated, but in 2003 it disassociated itself from that list which is now hosted independently.
ICANN, Bylaws (2006), article VI, section 5.
ICANN, Bylaws (2006), Article XI-A.
For more detail on the APNIC policy development process, see Section 188.8.131.52.
See generally Caslon Analytics, auDA Profile (2005).