Tuesday, January 13, 2015

Panelist Paper: Internationalization of Internet Governance Council of Councils

Panelist Paper: Internationalization of Internet Governance Council of Councils 

Seventh Regional Conference 
January 11-13, 2015, New Delhi, India 

Mahima Kaul, Observer Research Foundation 

How the Internet should be regulated—and who should regulate it—are the underlying questions in every conversation about global Internet governance. Add to that a few others: what will be the economic impact of any regulation? How should the critical Internet resources be managed? And in the absence of a common set of laws or rules, how is current case law guiding the development of the Internet? 

Countries like India, which are neither the incumbents nor yet the biggest beneficiaries of the Internet, have an interesting road to navigate. They have engaged with the current global governance system but find it inadequate to address issues that concern them. They also find that big businesses, motivated by profits, and civil society groups, often universalizing the values they believe in, are fighting to preserve a ‘multistakeholder’ system of global governance, which doesn’t necessarily provide a platform to discuss domestic concerns. 

India isn’t alone. Events taking place across the world are making it increasingly clear that national governments are not ready to let global rules dictate how the Internet functions in their territory. These moves range from the United Kingdom asking Facebook to let it directly access its platforms to monitor terror related activity, to Spain banning ‘free shipping’ from online retailers to help those offline compete, to Turkey passing a law to allow its regulators to block websites within four hours for national security concerns. The already complicated global governance landscape is made more complicated by these local laws. 

Therefore, it would benefit countries like India to focus on progressive policies to foster the power of the Internet. The first is to engage in global multistakeholder processes as they attempt to evolve to accommodate the needs of sovereign nations. The second is to study the apportioning of jurisdiction in current cases concerning international digital transactions, and learn from developing case law around the world. The third is to strengthen international cooperation in crucial areas like cyber crime investigations, and counterterrorism. Finally, while keeping in mind the needs of a developing economy, it must encourage laws and regulations that preserve the free spirit of innovation that has allowed the Internet to become a driver of the global economy. 

Multistakeholder vs Multilateral 

The truth of the matter is that multistakeholder, a term used so frequently that many experts complain it is starting to impact negatively on discussions, is a philosophy that goes beyond the structure of meetings at the Internet Governance Forum, ICANN (Internet Corporation for Assigned Names and Numbers) and other platforms. The idea that private individuals and corporations could share in the structure and management of the Internet—a network of networks—came out of the growth of the largely unregulated Internet. This network enabled unprecedented exchange of information between individuals. Not only has it enabled knowledge sharing, creativity, innovation, and trade, but also the creation of global companies which have profited from collecting and curating this data. For many users, some of these big tech companies have come to define the Internet for them, most notably those that provide social media tools, information search, and e-commerce platforms. Not surprisingly, these companies are now experiencing a pushback from governments, which seek to also benefit from their company profit revenue that Internet commerce allows. Governments, including India, are mulling regulation of ecommerce through taxation and other prudential norms. There is more. Questions about data privacy and security are now center stage, as cyberspace has increasingly become the new frontier for terror-related activities, cyber crime, and cyber war. Necessarily, governments are compelled to take action on all fronts. 

The global reach of the Internet and the companies that predominantly influence it, postulates that regulating the Internet cannot be the result of discussions restricted to only between governments. Unfortunately, though, the current global governance debate seems to have pitted governments against everyone else. This is not constructive, nor is it realistic. Perhaps the suspicion towards government should also be seen in context to the aftermath following disclosures by Edward Snowden in June 2013, about global mass surveillance by the U.S. government, in collusion with its European allies and some telecom companies. Citizens around the world were aghast at the news. At the Netmundial multistakeholder conference, held in Brazil in April 2014, following Snowden’s disclosures, the multistakeholder community met to discuss a common vision for the future of the Internet. At this meeting, the Indian government expressed reservations about signing the Netmundial outcome document that had failed to incorporate some of India’s ideas on developing multilateral Internet governance mechanisms and global cyber jurisprudence. i Did that mean that India is opposed to a free and open Internet and working with various stakeholders to achieve these aims? Take for example that the country is working with the private sector— including multinational companies—to achieve its goals of last-mile connectivity, e-governance, infrastructure security, protection against online terror and crime, and preserving a free and open Internet. At the same time, it is being aggressively challenged by, and is responding to, civil society on issues of accountability and transparency. 

In this scenario, why would a democratic country that does not have a dedicated centralized Internet ministry, and is already dealing with various stakeholders separately to discuss concerns related to the Internet, insist on a single multilateral mechanism for Internet governance? The answer could lie in the fact that, traditionally, the role envisaged for governments in the current multistakeholder model—that is to be simply be one stakeholder among the many—is at odds with the mandate that governments in developing countries, like India, see for themselves. It is also reflective of their view that the current mechanisms do not afford them the space they require. Indian government officials at Netmundial spoke of an ‘equinet’, in which all governments can have an equal say in global governance matters. Many developing countries, which are new to the Internet, are uncertain of where to go for the resolution of matters important to them. However, should this translate into creating one body to look over technical and trade issues pertaining to the Internet? 

Therefore, the challenge is not simply for governments across the world to adapt to a decentralized, distributed, Internet governance landscape, but also for multistakeholder institutions to respond to the need of governments across the board. As can be seen by the IANA transition process at ICANN, there is currently an attempt to expand the management of the critical resources of the Internet. This is a positive sign, and governments like India must engage in the process. At the same time, a platform called the ‘Netmundial Initiative’ to discuss what are called ‘orphan issues’ of the Internet has been attempted by ICANN, the World Economic Forum, and the Brazilian Internet Steering Committee. Whether it can truly respond to the needs of governments and smaller businesses, and find solutions to their problems, needs to be assessed. The next few years will be the crucial testing period for the strength, responsiveness, and true democratic ethos of the distributed multistakeholder governance system. 

“Free-Exchange Zone” 

Many governments and technology companies are pushing to ensure the Internet remains free and interoperable, without barriers to the free flow of trade. In fact, one can argue that consequent to the growth of the Internet, countries that are now invested in the international e-commerce would certainly like to see it grow. The same is true of incumbent technology companies which are benefitting from the current system, thus are actively engaged with governments, across the board, to shape and comply with regulations, so as to retain market dominance. 

Equally, it important to note that despite the impression that the Internet benefits even the smallest companies, in reality, big corporations, the intellectual property lobbies, which can bid on top level domains and the companies that have business models based on deriving profit from the private data of individuals, have in a sense already put in a centralized system of operating on the free and open platform. Governments which seek to impose ‘restrictions’ on communications and trade, could either help grow this ‘free exchange zone’ or limit it. The debate on net neutrality, taking shape in various ways in different countries, is one such example. 

Other cues can be taken from current court cases between businesses and states, as they expose many of the gaping holes that exist in Internet governance currently. Digital jurisdiction is one such important issue that has not been resolved. How complex and challenging the issue truly is has been revealed by a case currently playing out in Ireland between Microsoft and the U.S. government. The latter obtained an order in July 2014, from a U.S. court which directs Microsoft to release personal data about an unidentified citizen, stored in a server in Dublin, Ireland. Microsoft has appealed the order on the grounds that cloud privacy would be endangered. Furthermore, the government of Ireland has supported Microsoft, on the ground that the case could have ‘heavy consequences’ for international sovereignty and data privacy.ii According to one European expert, U.S. conduct is tantamount to ‘territorial encroachment’ implying that data stored in an Irish server is akin to it being stored in a U.S. server. A fallout of the Ireland case has been the introduction of the ‘Law Enforcement Access to Data Stored Abroad Act’ (LEADS Act) in the U.S. senate which requires U.S. law enforcers to obtain a judicial warrant for data stored abroad, to comply with national laws of other sovereign countries, and to use existing inter-state legal mechanisms for the purpose of obtaining the required data. In the meantime, this case continues to raise questions about the larger ideas of national jurisdiction and digital sovereignty. 

Recently, a similar question came up in the Ben Haim vs Islamic Republic of Iran case, when a U.S. court awarded damages to terror victims in the case in November 2012. In this case, the plaintiffs (victims) had asked the court to transfer in their favor Iran’s country code top-level domain name (ccTLDs)—that is ‘.ir’—reserved for a country or sovereign state, so as to facilitate collection of the quantum of compensation awarded in liquidated damages. The request set off alarm bells. Could or would ICANN, a private organization registered in California, USA, handover the ccTLD belonging to a sovereign country (in this case Iran, ‘.ir’ ), to a group of private persons (in this case the plaintiffs), under a U.S. court order? As it happened, the U.S. court ruled in November 2014, that since the ccTLD was not “subject to property attached under District of Columbia lawiii it would not award .ir to the victims.” However, what if, in the future, an action is brought by claimants in the court of competent jurisdiction in which the registered office of ICANN is situated? It is reasonable to assume that there will be many other cases concerning domain names, in the future. The question is open. 

ICANN and IANA 

Internet resource management is equally, if not more, important to the smooth functioning of the Internet, as it calls for harmonious laws and values to guide its growth. ICANN—the Internet Corporation for Assigned Names and Numbers—that is the global coordinator for the Internet’s domain naming system, IP addresses, and root server management—functions under U.S. oversight. Many countries have questioned the United States’ extraordinary influence over this process, as much as the fact that a private organization is running the Internet. As a result, ICANN is engaged in a multi-stakeholder process to gather inputs on how the IANA (Internet Assigned Numbers Authority) functions could be handed over to a larger multistakeholder body in the future. Presently, IANA functions under contract to the National Telecommunications and Information Administration (NTIA), under the U.S. Department of Commerce. 

While the community works on these proposals, a few developments on the sidelines have reemphasized the relevance of the IANA functions. Politicians in the United States fear that giving up stewardship over IANA functions would enable authoritarian governments to censor the Internet through control of ICANN. The 2015 FY Appropriations Bill, passed in the US Congressiv, has attempted to stop the NTIA’s IANA transition, stating that, “none of the funds made available by this Act may be used to relinquish the responsibility of the National Telecommunications and Information Administration during fiscal year 2015 with respect to Internet domain name system functions, including responsibility with respect to the authoritative root zone file and the Internet Assigned Numbers Authority functions.” However, some experts feel that since the NTIA was only going to relinquish oversight by simply not renewing its contract with ICANN, the Bill does not actually stop the process.v 

In fact, the political significance of ICANN is growing beyond its original technical mandate of being an Internet registry. For example, controversies over domain names have revealed, in part, the political and economic aspects of its work. Peeved over issues pertaining to ‘.wine’ and ‘.vin’, France had earlier suggested that ICANN should adopt a new general assembly with a one country, one vote model.vi This is not a new critique of ICANN. Traditionally, except the United States, other countries did not have much of a say in ICANN functioning. During WSIS, governments sought to increase their role in Internet governance, including in the functions of names and numbering. Internal reform initiated by the international community has slowly been trying to move ICANN from a private regulatory entity to one in which national governments can further engage with the process. Much of the success of ICANN lies in an acceptable multistakeholder, bottom-up plan by the Internet community, for the IANA transition. This is crucial, as its success could potentially kill any future calls for ICANN to either answer to, or give up its functions to, a multilateral body. 

The ‘Balkanized’ Internet 

Fears of a balkanized Internet, or a broken Internet, or a splinternet, have been around for years. Iran had talked about building a ‘halal Internet’—a national network not connected to the World Wide Web. In September 2014, Russian officials revealed that their country was working on a radical plan to be able to unplug Russia from the global Internet, should the occasion arrive.vii This was later denied. Countries like Brazil called for creating a national intranet after Edward Snowden’s disclosures about the U.S. National Security Agency spying on citizens around the world. Brazil was joined by Germany in its call for data localization. Both ideas have not been acted upon. However, trust in the safety of data stored in other jurisdictions has been permanently eroded, and the moral leadership of the United States questioned. Brazil and Europe have agreed to lay an undersea cable from Lisbon to Fortaleza to reduce reliance on U.S. communication cables and, consequently, U.S. surveillance, in order to ‘guarantee the neutrality’ of the Internet.viii 

What are the critical resources of the Internet? Often, people think of Internet resources which include IP addresses, affordable domain names, reliable root servers, bandwidth, affordable devices, and progressive policies.ix However, some experts restrict it to “Internet-unique logical resources” that meet the criteria of “globally unique identifiers,” and not simply any infrastructure used for running the Internet. This would limit critical Internet resources to IP addresses, domain name system, and Autonomous System Numbers (ASNs), which is a network operator—“central currency of the Internet’s routing system.”x 

Yet, China, which has its own IP address allocation service and domain name registry, has begun to participate at ICANN events and has indicated its willingness to join more global institutions that look at international Internet issues. All this, while still maintaining its “great firewall,” which relies on content filtering, control over Internet service providers, clamping down on free speech (including jailing those who dare to dissent), and the interception of communications. 

Therefore, one must consider if restricting information on the Internet constitutes its balkanization. For example, would regional filters that prevent netizens from watching certain content constitute balkanization? Those who point to China, preventing content for political reasons, might answer in the affirmative. Would they apply the same logic to corporations that could restrict content across geographies for economic reasons? Is customized search fragmenting the Internet? Ultimately, a common experience of content around the world would be impossible to maintain, for reasons that are beyond censorship, like language, local laws on content such as porn and hate speech, including local content creation. 

However, there are economic implications to consider in the event of a balkanized Internet. As mentioned in Time Magazine, “netizens would fall under a complex array of different legal requirements imposing conflicting mandates and conferring mutually exclusive rights. And much like different signaling hampers the movement of people and the trade of physical goods, an Internet within such a complex jurisdictional structure would certainly hamper modern economic activity.”xi Therefore, those who wish to reap benefits from a common Internet economy are incentivized to remain connected to the system, even as they attempt define digital sovereignty through investments in infrastructure. Further, a strategy to maintaining a common IP registry such as ICANN to ensure seamless coordination between computers around the world goes back to the question of reform of ICANN to ensure greater participation from the international community. 

Sharing critical resources helps to preserve the safety and longevity of the Internet, although it would be unrealistic to expect the Internet experience to remain exactly the same across digital borders. 

Policy Recommendations: 
 India must actively engage in the IANA transition, and other Internet governance forums, embracing the global multistakeholder processes. 
 India must invest in basic infrastructure required for the steady growth of the Internet, including investments in electricity, bandwidth and local language content. 
 India must learn from international experiences as it seeks to develop its own laws and regulations concerning the Internet. 
 International cooperation is crucial to developing a secure Internet, especially in the areas of cyber crime and counter terrorism. 

i Kaul, Mahima, “Global Internet Governance: India’s Search for a New Paradigm” September 2014. Availble at: http://www.globalpolicyjournal.com/blog/30/09/2014/global-internet-governance-indias-search-new-paradigm 
ii “Ireland backs Microsoft against US Email Demand” December, 2014. Available at: http://www.usnews.com/news/articles/2014/12/24/ireland-backs-microsoft-against-us-email-demand 
iii “Judge sides with ICANN: Plaintiffs can’t take all of Iran’s domain names” November 2014. Available at: http://arstechnica.com/tech-policy/2014/11/judge-sides-with-icann-plaintiffs-cant-take-all-of-irans-domainnames/ 
iv FY2015 Omnibus; Consolidated and Further Continuing Appropriations Act, U.S. Congress. Available at: http://docs.house.gov/meetings/RU/RU00/20141210/102799/BILLS-113rcp113-59pp.pdf 
v Rosenzweig, Paul, “Congress Tries To Stop the IANA Transition — But Does It?” December 2014. Available at: http://www.lawfareblog.com/2014/12/congress-tries-to-stop-the-iana-transition-but-does-it/ 
vi “France sparks .wine address row ahead of Icann meeting” June 2014. Available at: http://www.bbc.com/news/technology-27974293 
vii “Iran: Cyberspace Ayatollahs” March 2014. Available at: http://12mars.rsf.org/2014-en/2014/03/11/iran-therevolutionary-guards-the-supreme-council-for-cyberspace-and-the-working-group-for-identifying-criminal-content/ 
viii “Brazil, Europe plan undersea cable to skirt U.S. spying” Febuary 2014. Available at: http://www.reuters.com/article/2014/02/24/us-eu-brazil-idUSBREA1N0PL20140224 
ix Center for Democracy and Technology, USA, “What Does “Governance” Mean? What Are “Critical Internet Resources”?” Available at: https://cdt.org/files/pdfs/20071114Internet%20gov.pdf 
x DeNardis, Laura, ‘The Emerging Field of Internet Governance” September 2010. Available at: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1678343 
xi “The Future of the Internet: Balkanization and Borders” September 2013. Available at: http://ideas.time.com/2013/10/11/the-future-of-the-internet-balkanization-and-borders/

No comments: