Lack of Accountability to Non-Commercial Users Remains Problematic for ICANN's Promise to Protect the Public Interest

[Dan Krimm]

As always, it often takes someone with long-term close involvement to flesh
out the details.  This was really illuminating, thanks Robin!

It got me thinking again (on a rare day off to let my mind run free) about
the institutional structure of ICANN, and the core puzzles that it has
grappled with, seemingly from the start.  In particular this stuff:


At 1:07 PM -0700 7/15/10, Robin Gross wrote:

>>... the legal corporate governance structure of ICANN is a significant
>>part of the problem in the organization's lack of accountability and
>>transparency.  California law requires the ICANN Board of Directors to be
>>the ultimate decision makers for ICANN policy and governance matters.
>> This is inherently at odds with providing an independent mechanism to
>>check that decision making process, which is required for good public
>>governance.
>>
>>Under California law, which governs ICANN, the organization's board of
>>directors is ultimately responsible and has the final say on decisions;


There are two serious complications that stand out to me as I consider
ICANN's governing structure.


 (1)  What is "policy"?

The word "policy" gets confused, because it can refer to organizational
policy or public policy.  Typically, NPO boards are responsible for two
major things: (a) fiduciary responsibility to the organization, to ensure
sufficient financial resources, enduring operational structures, and
authority to choose the CEO; (b) responsibility to the corporate charter
and mission statement, which is filed with the State which presumably
oversees the charter in the public interest (mainly via the court system,
which is not actively engaged without the bottom-up impetus of a lawsuit).

ICANN is unusual among NPOs in the sense that its mission, or programming,
involves public policy.  It gets fuzzy here, because its directly-stated
mission seems to be technical in nature: the "security, stability and
resiliency" of the DNS system.  Inevitably this "spills over" into other
(nontechnical) areas of public policy, which is sometimes viewed as an
"externality" to the central mission.  There is great debate as to whether
it is reasonable or fair to consider such public policy considerations
genuinely external to ICANN's mission.  If it is true de facto that such
"external effects" cannot be removed from technical matters of substance in
technical policy, then it may be that any de juris statements establishing
separation must necessarily be questionable, even if instantiated in formal
legal statements and documents.  This conceptual problem seems to have been
with the organization from the outset, as a sort of fundamental "cognitive
dissonance" of organizational birth.

In any case, it would be fair to consider public policy matters part of
ICANN's "programming" which is normally overseen by a "programming
committee" on typical NPO boards.  Such programming committees generally do
not micro-manage the programming of the organization, leaving that to
program staff under the authority of the CEO, and managing the overall
success and focus of programming via the CEO.

In the case of ICANN, somehow the board seems to have gotten itself into a
situation where it must directly approve all "programming" (i.e., public
policy associated with technical policy) conducted by the organization.
This is highly unusual for well-developed NPOs, and typically only occurs
in start-up NPOs or NPOs that operate on minimal or volunteer resources,
where board members may get directly involved in program activities above
and beyond organizational fiduciary duties.  For NPOs the size of today's
ICANN, this is highly irregular, (and perhaps even legally questionable?).

The problem is, who else would you give authority to for "public policy
programming" in ICANN's case?  One looks around in vain for suitable
authorities.


 (2) Two masters, or no masters?

ICANN is in the special circumstance of having contracted certain public
governing responsibilities from the US Federal government (DOC/NTIA), via
the original JPA and now the current AOC.  The AOC is most important in
shaping the "program mission" of ICANN as it relates to public policy.

One of the central tenets of the AOC is in section 4:  "DOC affirms its
commitment to a multi-stakeholder, private sector led, bottom-up policy
development model for DNS technical coordination that acts for the benefit
of global Internet users. A private coordinating process, the outcomes of
which reflect the public interest, is best able to flexibly meet the
changing needs of the Internet and of Internet users."

In short, the DOC considers itself incapable of promulgating responsive
public policy in the area of Internet assigned names and numbers, so it has
"punted" this public governance responsibility to ICANN as a private-sector
entity, with fairly limited oversight also set forth in section 4:  "To
ensure that its decisions are in the public interest, and not just the
interests of a particular set of stakeholders, ICANN commits to perform and
publish analyses of the positive and negative effects of its decisions on
the public, including any financial impact on the public, and the positive
or negative impact (if any) on the systemic security, stability and
resiliency of the DNS."

I hope "including"  in the passage above means "including but not limited
to" because there are important public interests regarding ICANN's work
beyond the realm of financial impact and security, stability and resiliency.

However, the more general public policy interests seem to be allocated at
least inclusively if not exclusively to GAC in section 6:  "DOC also
affirms the United States Government's commitment to ongoing participation
in ICANN's Governmental Advisory Committee (GAC). DOC recognizes the
important role of the GAC with respect to ICANN decision-making and
execution of tasks and of the effective consideration by ICANN of GAC input
on the public policy aspects of the technical coordination of the Internet
DNS."

The public-input component of ICANN's governance processes (reflected in
section 10) are far less strict than, say, the Administrative Procedures
Act (APA) that governs public-input processes for federal agencies.
Section 10 in its entirety reads as follows:  "To facilitate transparency
and openness in ICANN's deliberations and operations, the terms and output
of each of the reviews will be published for public comment. Each review
team will consider such public comment and amend the review as it deems
appropriate before it issues its final report to the Board."  A nice
sentiment, but devoid of real implementation teeth ("as it deems
appropriate?" -- really? that's *all*?).
_____

These structural characteristics are where ICANN's accountability problems
originate.  Weak oversight by DOC allows (even mandates) ICANN to engage in
actions that have important public policy impacts without any structured
public policy input by the US government on behalf of the general public,
via the processes of checks and balances that presumably drive US
government accountability to the public.

Nevertheless, DOC has given ICANN authority via the AOC to make policies
that affect a broad range of public interests.

Presumably, ICANN is supposed to create its own "local" governance
structures to respond to the public interest, in place of federal
structures which are implicitly presumed to be inadequate.  Of course, one
of the primary structures ICANN has put in place for this purpose is the
GAC, in which the US government plays an important role.  But what is the
public-accountability structure of the US government's GAC representative
(or other governments' GAC reps)?

In effect, this has created *more* layers between "public interest
representatives" and the public, while creating a direct-public-input
process that is far weaker than the US's own APA.

The ironic thing there is that ICANN's founders clearly thought that simply
by creating an institution rooted in the private sector, that they would
create a policy-making process "closer to the people" than the US federal
government, which was perceived as distant and unresponsive, and captured
by special interests.

In the process, ICANN may have become something perhaps even more
dangerous: *hidden* and unresponsive, and captured by special interests.
And the special-interest capture is even more effective than it might be in
the federal system, because it is subject to fewer and weaker checks and
balances.

The private sector is not automatically "closer to the people" than a
public governance institution with formal (if imperfect) structures for
accountability to the general public.  It's just closer to private
power-players (with perhaps even less formal accountability to the general
public).
_____

Bottom line:  ICANN's struggles with accountability seem to be a direct
result of its legal mandates (such as they are), legacy organizational
structure, and confusion about its fundamental governance role.

To fix it completely would probably require taking it apart completely and
reconsidering its fundamental reason for being.  That seems unlikely in the
short term, so what we are left with is simply trying to prevent serious
damage to the general public interest along the way, in an enduring
stand-off.

Pretty much the same as it would have been if the federal government
retained direct control over the whole thing.

Don't get me wrong -- while this is frustrating, it remains crucially
important work, because in its absence major and lasting harm could occur.

ICANN is typical of efforts over the last 2-3 decades to experiment with
new forms of "public-private partnerships" in the public governance arena,
many of which are now derided as "QUANGOs" (quasi-authoritative
non-governmental organizations).  And perhaps it's not such a coincidence
that it emerged in the State of California, not just because of the
physical location of Silicon Valley, but also because the state has done a
whole lot of experimenting in public governance, using itself as the guinea
pig, with mixed results at best (and terrible results at worst).

In California, we're still trying to fix things by fiddling with the
mechanisms:  last year we voted-in a new way to draw state-legislative
districts (with a non-/multi-partisan citizen panel), and this year we just
passed a new law to tweak the election process (replacing primaries with a
"pre-general" election whose top-two vote-getters proceed to the final
general election as a 1-1 runoff).  Later this year we'll vote on rolling
back the 2/3rds super-majority to a simple majority requirement to pass a
budget (though, not the 2/3rds super-majority to pass a tax increase...),
and that proposition is leading in the polls at this time.

In the meantime, we still have major gridlock clogging up the works in
state governance, chronic structural budget crises, and a general
voters-remorse for many of our earlier experiments.

I wonder how many people involved in the founding of ICANN now have regrets
about how it all came together, and how it took on a life of its own
thereafter.  Regardless, we are stuck with it for now.  Do your best.

Thanks,
Dan


--
Any opinions expressed in this message are those of the author alone and do
not necessarily reflect any position of the author's employer.