Comments on the Preliminary GNSO Issue Report on the RAA Amendments

Milton L Mueller mueller at SYR.EDU
Fri Jan 13 18:52:16 CET 2012


Comments of Dr. Milton Mueller on the Preliminary GNSO Issue Report on the Registrar Accreditation Agreement Amendments

As a member of the Executive Committee of the Noncommercial Stakeholders Group, I am happy to see that the board has recognized that these demands for changes to the RAA are important policy issues. As such, they should be handled by the GNSO, not through bilateral negotiations between Registrars and ICANN, and not through unilateral dicta from the GAC and law-enforcement agencies.

However, the value of this exercise is diminished by our knowledge that private negotiations between registrars and ICANN are already underway, dealing with basically the same issues. This creates confusion and raises the danger of a lack of representation in the evolution of a solution. The issues report does not seem to clarify how these two processes intersect. It is our view that the conclusions of a PDP would override any private agreements made.

The way registrars handle the personal, financial and technical data of their customers, and the way they interact with law enforcement agencies, is a policy issue of the highest order. It involves privacy and freedom of expression issues, due process issues, as well as cyber-security and the effectiveness of legitimate law enforcement in a globalized environment. The issue is complicated by the fact that law enforcement from governments anywhere in the world would be involved, and some of them are not committed to due process, individual liberty or privacy. Even legitimate governments can engage in illegitimate, extra-territorial assertions of their authority or abuses of due process. LEAs have a long history of demanding access to information that makes their jobs easier, and this is a legitimate concern. However, in democratic countries the demands of law enforcement have always been constrained by the procedural and substantive rights of individuals. ICANN must take this into account.

The demands of LEAs to make registrars collect, maintain and validate data is reminiscent of what China and South Korea have called a "real names" policy, which makes all participation in Internet communication contingent upon giving government authorities sensitive personal identification information and a blanket authority to discontinue service should any wrongdoing be suspected. This not only raises civil liberties issues, but places potentially enormous cost burdens on registrars.

The concept of intermediary responsibility is being actively debated in a number of Internet policy making forums. (E.g., see the recent OECD report "The Role of Internet Intermediaries in Advancing Public Policy Objectives."*  A point of consensus in this controversial topic is that any attempt to load up Internet intermediaries (such as domain name registrars) with too many ancillary responsibilities can stifle the innovation and growth we have come to associate with the Internet economy. It can also unfairly distribute the costs and burdens involved. Registrars who are expected to react instantly to any demand that comes to them from anyone claiming to be law enforcement will reduce their risk and liability by acceding to what may be unjust demands and sacrificing the rights of their users. 

I and many others in the broader ICANN community were troubled by the way in which the Board seems to have been stampeded into RAA amendments by a few GAC members. It is important to keep in mind that the resolutions or "decisions" made by the GAC's governmental members are not subject to ratification by their national legislatures, or to review by their national courts. Thus, the GAC has no legitimacy as a policy making organ and no authority to demand changes to the RAA. As an Advisory Committee, they can and should make us aware of certain concerns, but they are in no position to bypass ICANN's own policy development processes. Furthermore, we continue to be troubled by the failure or refusal of the law enforcement agencies making these demands to liaise with noncommercial users or civil liberties groups. 

We therefore support the initiation of a legitimate, inclusive policy development process that includes all stakeholders, including governments and law enforcement agencies. This kind of balanced, multi-stakeholder process is not simply a matter of fairness, it is eminently practical when dealing with a globalized jurisdiction where no single government can claim to be a legitimate representative of all the people and businesses involved. Proposals that come from one stakeholder group are certain to be suboptimal or harmful to other stakeholder groups. ICANN was created to resolve these conflicts of interest in a balanced way that includes all affected groups.  

* http://www.oecd.org/document/34/0,3746,en_2649_34223_48773090_1_1_1_1,00.html

Milton L. Mueller
Professor, Syracuse University School of Information Studies
Internet Governance Project
http://blog.internetgovernance.org 


More information about the Ncuc-discuss mailing list