ICLE White Paper

IN ICANN WE TRUST: ASSURING ACCOUNTABLE INTERNET GOVERNANCE

Summary

“It’s no surprise to anyone that illegal activity happens online. What may be surprising, however, is that one of the central figures in administering core Internet functions is deeply ambivalent (at best) about its role in preventing illicit online activity.

Since 1998, the Internet Corporation for Assigned Names and Numbers (ICANN) has been the organization tasked by the U.S. government with overseeing the Domain Name System (DNS). The DNS is the system that enables domain names to resolve — meaning that when you type “google.com” in a browser address window you will reliably receive Google’s search engine each time. That reliability is a boon for Internet users, most of the time. But much mischief can be conducted through web sites, as well, and a system that reliably serves up these sites imposes costs on its users.

Take one recent example. In July 2015, a Bloomberg News piece from “bloomberg.market” indicated that Twitter was in talks over a $31B USD buyout. Naturally, the value of Twitter stock shot up before returning to normal. The problem, however, was that it was a totally fabricated event, one that the currently lax accountability regime underlying the DNS only makes easier.

One would think that ICANN would have effective procedures in place for removing (or otherwise sanctioning) domain names created or used for illegal purposes. However, even though it possesses contractual control over its registries and registrars (the entities responsible for managing and registering top level domains and domain names), the practical reality is that illegal conduct is rarely ever deterred by ICANN.

The consequences of ICANN’s non-action are evident. ICANN has refused to effectively deter content piracy on the Internet, and pirated content currently constitutes something on the order of 25% of Internet traffic. It has also overseen an inexorable increase in websites dedicated to phishing scams. As of December 2014, phishing occurred in 19% of the new gTLDs — and nearly two-thirds of the phishing occurred in just one gTLD (.XYZ). To date ICANN has steadfastly refused to take action despite the significant cost that its refusal — ostensibly rooted in its desire not to regulate Internet content — imposes on community members.

ICANN has an accountability problem.”