Testimony of Assistant Secretary Strickling before the Senate Committee on Commerce, Science, and Transportation on “Preserving the Multistakeholder Model of Internet Governance”
February 25, 2015
Testimony of The Honorable Lawrence E. Strickling Assistant Secretary for Communications and Information National Telecommunications and Information Administration United States Department of Commerce
Before the Committee on Commerce, Science, and Transportation United States Senate Hearing entitled:
"Preserving the Multistakeholder Model of Internet Governance"
Chairman Thune, Ranking Member Nelson, and members of the Committee, thank you for this opportunity to testify on behalf of the National Telecommunications and Information Administration (NTIA) regarding NTIA's role in the Internet's domain name system and the transition of NTIA's stewardship over certain technical functions related to the Internet domain name system to the global multistakeholder community. I am pleased to appear before you to update you on the current status of the transition planning process as the global Internet community works to develop a transition proposal that will ensure the stability, security, and openness of the Internet.
I. Background
The Domain Name System (DNS) is a critical component of the Internet infrastructure. It allows users to identify websites, mail servers, and other Internet destinations using easy-to-understand names (e.g., www.ntia.doc.gov) rather than the numeric network addresses (e.g., 170.110.225.163) necessary to retrieve information on the Internet. In this way, it functions similar to an "address book" for the Internet.
On July 1, 1997, President Clinton issued an Executive Memorandum directing the Secretary of Commerce to privatize the Internet DNS in a manner that increases competition and facilitates international participation in its management.[1] In June 1998, following a public comment process, NTIA issued a statement of policy on the privatization of the Internet DNS, known as the DNS White Paper.[2] The White Paper concluded that the core functions relevant to the DNS should be performed under private sector management to promote the development of robust competition and facilitate global participation in Internet management.
NTIA recognized that the Internet has succeeded in great measure because it is a decentralized system that encourages innovation and maximizes individual freedom. Where possible, market mechanisms that support competition and consumer choice should drive the management of the Internet because they lower costs, promote innovation, encourage diversity, and enhance user choice and satisfaction. Moreover, a private sector coordinating process would be more flexible than a government process and more likely to move rapidly enough to meet the changing needs of the Internet and of Internet users.
To accomplish these policy objectives, NTIA stated that it was prepared to enter into an agreement with a new not-for-profit corporation formed by private sector Internet stakeholders to coordinate and manage policy for the Internet DNS. Private sector interests formed NewCo for this purpose, which was subsequently re-named the Internet Corporation for Assigned Names and Numbers (ICANN). In the fall of 1998, NTIA entered into a Memorandum of Understanding (MOU) with ICANN to transition technical DNS coordination and management functions to the private sector.
The MOU did not simply turn over management of the DNS to ICANN. Rather, the MOU outlined a process to design, develop, and test mechanisms, methods, and procedures to ensure that the private sector had the capability and resources to assume important responsibilities related to the technical coordination and management of the DNS. The MOU evolved through several iterations and revisions as ICANN tested these principles, learned valuable lessons, and matured as an organization.
II. Internet Assigned Numbers Authority (IANA) Functions
In 1998, NTIA announced its intent to ensure the continued secure and stable performance of the IANA functions until the transition was complete. In 2000, NTIA entered into a sole-source, no-cost-to-the-government contract with ICANN, designating it to perform these functions. NTIA and ICANN have subsequently entered into contracts for the performance of the IANA functions in 2001, 2003, and 2006. On July 2, 2012, NTIA awarded ICANN the current IANA functions contract after conducting a full and open competitive procurement process. The base period of performance for this contract is October 1, 2012, to September 30, 2015. The contract also provides for two option periods of two years each; however, the parties have discretion to extend the contract for a shorter period than two years upon mutual agreement. If no action is taken, the contract will automatically expire on September 30 of this year.
The IANA functions are a set of interdependent technical functions that enable the continued efficient operation of the Internet. The IANA functions include: (1) the coordination of the assignment of technical Internet protocol parameters; (2) the administration of certain responsibilities associated with DNS root zone management; (3) the allocation of Internet numbering resources; and (4) other services related to the management of the .ARPA and .INT top-level domains (TLDs).
As the IANA functions operator, ICANN performs administrative responsibilities associated with the registries related to the three primary IANA functions. First, ICANN is the registry for the protocol parameters, as defined by the Internet Engineering Task Force (IETF).[3] Second, ICANN coordinates allocations of IP (Internet Protocol) and AS (Autonomous System) numbers to the Regional Internet Registries (RIRs).[4] Third, ICANN processes root zone file change requests for TLDs and makes publicly available a Root Zone WHOIS database with current and verified contact information for all TLD registry operators. In all three cases, ICANN, as the IANA functions operator, applies the policies developed by the customers of the IANA functions. The ICANN Board does not have authority to make policy decisions or changes on its own.
NTIA's responsibilities under the IANA functions contract are limited and clerical in nature. For example, NTIA does not have an operational role in the management of Internet numbering resources, Internet protocol parameters, the .ARPA TLD, or .INT TLD. In the root zone management function, NTIA verifies that ICANN has followed the policies and procedures established by the community when processing change requests, then authorizes the implementation of those changes. NTIA's role in root zone management does not involve the exercise of discretion or judgment with respect to such change requests.[5] NTIA does not have a similar role in the management of Internet numbering resources, Internet protocol parameters, the .ARPA TLD, or .INT TLD.
From the inception of ICANN, the U.S. Government and Internet stakeholders envisioned that the U. S. Government's role in the IANA functions would be temporary. The DNS White Paper stated that "agreement must be reached between the U.S. Government and the new corporation (ICANN) relating to the transfer of the functions currently performed by IANA."[6]
NTIA has fulfilled this temporary role not because of any statutory or legal responsibility, but as a temporary measure at the request of the President. Indeed, Congress never designated NTIA or any other specific agency responsibility for managing the Internet DNS. Thus, NTIA has no legal or statutory responsibility to manage the DNS. Just as Federal agencies can enter into contracts they need to fulfill their missions without specific legislative authority, Federal agencies can discontinue obtaining such services when they no longer need them. As NTIA made clear at the time of its Statement of Policy, it intended only to procure the IANA functions services until such time as the transition to private sector management of the Internet DNS was complete.
III. Affirmation of Commitments
Since the formation of ICANN, NTIA has worked diligently with the global Internet community to improve ICANN's accountability and transparency to the community of stakeholders it serves. In 2009, NTIA and ICANN entered into the Affirmation of Commitments (Affirmation).[7] The Affirmation signified a critical step in the transition to a multistakeholder, private sector-led model for DNS technical coordination, while also establishing an accountability framework of ongoing multistakeholder reviews of ICANN's performance. Key elements of the Affirmation include: an endorsement of the multistakeholder, private sector-led model; a commitment by ICANN to act in the interests of global Internet users (or public interest); and the establishment of mechanisms and timelines for continuing reviews of ICANN's execution of core tasks. The four subjects of the ongoing Affirmation Reviews are: ensuring accountability, transparency, and the interests of global Internet users; preserving the security, stability, and resiliency of the Internet DNS; promoting competition, consumer trust, and consumer choice in connection with any implementation of generic Top Level Domains (gTLDs); and meeting the needs of law enforcement and consumer protection in connection with WHOIS implementation and recognizing national laws. The success of the framework established by the Affirmation depends upon the full participation of stakeholders in reviewing ICANN's performance.
ICANN has made significant progress in fulfilling the commitments established by the Affirmation. To date, two iterations of the Accountability and Transparency Review Team (ATRT) have occurred, in 2010 and 2013. The reports of these teams, on which NTIA actively has participated with a broad array of international stakeholders from industry, civil society, the Internet technical community, and other governments, have served as a key accountability tool for ICANN - evaluating progress and recommending improvements. Over time, ICANN has improved its performance by implementing key recommendations from the ATRT.
Throughout the various iterations of NTIA's relationship with ICANN, NTIA has played no role in the internal governance or day-to-day operations of ICANN. NTIA has never had the contractual authority to exercise traditional regulatory oversight over ICANN.
IV. Final Steps in the Privatization of the DNS
The multistakeholder model of Internet governance is the best mechanism for maintaining an open, resilient, and secure Internet because, among other things, it is informed by a broad foundation of interested parties and it is adaptable to innovation and changing conditions. This model includes all parties - including businesses, technical experts, civil society, and governments - arriving at consensus through a bottom-up process regarding policies affecting the underlying functioning of the Internet domain name system.
ICANN and several other technical organizations embrace this model and exemplify what is possible when all stakeholders are able to participate. Specifically, within ICANN's structure, governments work in partnership with businesses, organizations, and individuals to provide public policy input on deliberations related to ICANN's mission of technical coordination, and provide advice directly to the ICANN Board. ICANN holds meetings approximately three times a year, at which global stakeholders meet to develop policies that ensure the Internet's ongoing security and stability. ICANN policy development originates in the three Supporting Organizations (SOs), which work with Advisory Committees composed of governments, individual user organizations, and technical communities in the policy development process. Over one hundred governments, including the United States, and observers from more than 30 international organizations directly advise the ICANN Board of Directors via the Governmental Advisory Committee (GAC).[8]
The 112th U.S. Congress affirmed its support for the multistakeholder model in unanimous resolutions to "preserve and advance the successful multi-stakeholder model that governs the Internet."[9] More recently, a bipartisan group of Congressional leaders reiterated this position in stating that "[t]he multi-stakeholder model for Internet governance must prevail for more countries around the world to realize the transformative benefits of Internet connectivity."[10] I am also pleased to note the recent unanimous passage of S. Res. 71, which stated that "the United States remains committed to the multistakeholder model of Internet governance" and that "the [IANA] transition process demonstrates that the United States supports and is committed to the multistakeholder model of Internet governance."[11]
Demonstrating its commitment to the multistakeholder approach, on March 14, 2014, NTIA announced its intent to complete the privatization of the domain name system first outlined in 1998. NTIA called upon ICANN to convene a multistakeholder process to develop the transition plan.[12] While looking to stakeholders and those most directly served by the IANA functions to work through the technical details, NTIA established a clear framework to guide the discussion. Specifically, NTIA communicated to ICANN that the transition proposal must have broad community support and address four principles.
First, the transition proposal must support and enhance the multistakeholder model. Specifically, the process used to develop the proposal should be open, transparent, bottom-up, and garner broad, international stakeholder support. In addition, the proposal should include measures to ensure that changes made to any of the three IANA administered databases are consistent with the publicly documented IANA functions customer and partner accepted procedures, which are developed through the multistakeholder model.
Second, the transition proposal must maintain the security, stability, and resiliency of the Internet DNS. For example, the decentralized distributed authority structure of the DNS needs to be preserved so as to avoid single points of failure, manipulation, or capture. In addition, integrity, transparency, and accountability in performing the functions must be preserved. The IANA services also need to be resistant to attacks and data corruption, be able to fully recover from degradation, if it occurs, and be performed in a stable legal environment.
Third, the transition proposal must meet the needs and expectations of the global customers and partners of the IANA services. For example, mechanisms for the adherence to and development of customer service levels, including timeliness and reliability, should be clear, as should processes for transparency, accountability, and auditability. Consistent with the current system, the separation of policy development and operational activities should continue.
Fourth, the transition proposal must maintain the openness of the Internet. The neutral and judgment-free administration of the technical DNS and IANA functions has created an environment in which the technical architecture has not been used to interfere with the exercise of free expression or the free flow of information. Any transition of the NTIA role must maintain this neutral and judgment-free administration, thereby maintaining the global interoperability of the Internet.
In addition, NTIA explicitly stated that it would not accept a proposal that replaces the NTIA role with a government-led or an inter-governmental organization solution.
While the current IANA functions contract expires on September 30, 2015, the contract can be extended for up to four years. Before any transition takes place, the businesses, civil society, and technical experts of the Internet must present a plan that has broad multistakeholder support and reflects the four key principles NTIA outlined in the announcement.
By transitioning its very limited current role in the IANA functions to the global multistakeholder community, the United States is fulfilling objectives outlined more than 17 years ago, demonstrating its commitment to the multistakeholder model, and strengthening the engagement of all stakeholders. For years, countries such as Russia, Iran, and China have opposed the multistakeholder model and sought to increase governmental control over the Internet through bodies such as the International Telecommunication Union (ITU) and the United Nations. The United States and likeminded countries, however, have firmly demonstrated our support for the multistakeholder community, and we continue to advocate for broader worldwide acceptance of and participation in the multistakeholder model to ensure that the Internet remains open and interoperable.
The world has witnessed significant progress in its collective efforts to expand support for multistakeholder Internet governance since the division that surfaced in December 2012 at the ITU World Conference on International Telecommunications (WCIT). We believe this is due in part to the transition and our support for the multistakeholder model. In April 2014, Brazil hosted the successful NetMundial conference at which a wide range of participants supported a statement reaffirming that Internet governance should be built on democratic multistakeholder processes.[13] Following NetMundial, a High-Level Panel headed by the president of Estonia released a report once again affirming the power of multistakeholder policy development. The panel said it "recognizes, fully supports, and adopts the IG [Internet governance] Principles produced in the NetMundial Statement. . . ."[14] In the fall of 2014, nations assembled at the ITU Plenipotentiary Conference in Busan, South Korea, rejected all efforts to expand the ITU's role in DNS issues handled by ICANN.[15]