Internet Governance – who runs the internet?

No single entity runs the Internet. We all do. This poses a problem for would-be regulators. Who do you regulate, and how? How do you stop bad things from happening? How do you impose good behaviour, protect your citizens from harm from other governments or companies?

The answer is… It’s complicated. But is the Internet really that different, or have we been victim of a collective delusion? What will happen now that we’ve all realised we’re being spied on?

This article introduces some of the basic concepts of Internet governance, and looks ahead in the light of recent developments.

What is Internet governance?

Why do people talk about “governance”, rather than “governments”, or “regulation”? Internet governance is a clunky expression – so what does it mean?

One definition comes from Milton Mueller (Ruling the Root 2002):

“Internet governance used to refer to a vital but relatively narrow set of policy issues related to the global coordination of Internet domain names and addresses”.

This definition highlights the central – and controversial – role of Internet domain names and addresses, and that from its original narrow focus, Internet governance has ballooned to cover almost anything. For example, the Working Group on Internet Governance defined Internet governance as “the development and application by Governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet. ”

This definition recognises the role of non-state actors in shaping the information society. It also emphasises the role of soft law, principles, norms, rules rather than legislation, regulation, treaties.

Any clearer? The second definition was negotiated through a multistakeholder process, and it reads as if the participants were locked away in a Château until they reached agreement (they were). But one thing is clear. You can’t just talk about governments, or regulation, because the Internet itself is different.

Why “governance” not “government(s)”?

The Internet is unlike any other mass communication system. That’s why the Working Group on Internet Governance struggled to provide a readable or even understandable definition of Internet Governance. The Internet was designed to survive attack in an age when fear of nuclear war was the motivating obsession (much like today’s obsession with the war on terror). A web-like network emerged, where each node might owned by anyone – a distributed array of individuals, private companies, public sector – and it is.

Other mass communication media, such as broadcast radio, TV, telecommunications are national in character. You have a few providers who distribute content to the public from a single point to people in the same country. This is susceptible to classical regulation, more or less a 1:1 relationship between regulator and broadcaster. The broadcast licence demands standards of behaviour, and can be withdrawn. Game over. In contrast, in many countries anyone can just set themselves up as a content provider without a licence. The Internet’s global reach means that, for example, EU laws and regulators have been powerless to protect EU citizens against infringements of their privacy. Not to mention Chancellor Merkel’s mobile phone.

In classic broadcast media, the provider commissions and distributes content, and has control of what is broadcast. But with the Internet, we’re all the broadcaster. We upload content all the time, available instantly to an international audience, and the dizzying volume of uploads means that no provider (Facebook, YouTube, whatever) can pre-vet, or even be aware of everything that’s on their networks in real time.

Who are the players?

There are a few institutions or processes that get mentioned when one talks about Internet governance. They are:

• ICANN, the Internet Corporation for Assigned Names and Numbers. A California non-profit, formed in 1998 to coordinate global naming and addressing. That is, domain names and IP addresses. ICANN makes policy for generic Top Level Domains (such as .com and the 1,900 new gTLDs that are shortly to be launched), through a bottom-up, multistakeholder process. It has a looser relationship with country code domain managers (eg .uk or .eu), and the organisations that distribute IP addresses. ICANN has been controversial since its formation. It was created by the US Government, which still keeps ultimate control over what goes in the root domain through the so-called IANA contract. This control by a single government causes conceptual and political concerns for many states, but in practice the US has always exercised a hands-off, non-politicised oversight function with regard to the domain name system.
• IGF, the Internet Governance Forum. Created as a compromised during the United Nations’ World Summit on the Information Society (WSIS) in 2005, the IGF is a multistakeholder, non-decision-making, non-policy-making forum where Internet governance issues are discussed. Advocates, such as Markus Kummer, say that the IGF’s apparent weakness is its strength, making it non-threatening and inclusive. Critics call it a “talk-shop” which has failed to make an impact outside of the narrow circle of “usual suspects” who are already involved in Internet governance.
• IETF, the Internet Engineering Task Force. This is the process through which technical standards are developed. Membership is open, anyone can participate, and the IETF is revered as a meritocracy in which the best ideas win. In the words of Dave Clark “We reject: kings, presidents and voting. We believe in: rough consensus and running code”. The reality, of course, is that not everyone is capable of defining technical standards, just as not everyone is destined to be a concert pianist – there’s a certain skill and expertise level that acts as a hidden barrier to participation. Arguably, this is quite right too – Internet standards crafted by people who know nothing about technology are about as much use as Les Dawson giving a piano concert. But there is a downside. As Larry Lessig tells us ‘code is law’. Often, technical standards can encode policy assumptions or cultural norms – especially if they are made by a small group with similar backgrounds, experiences and outlooks – and these can have a profound impact on Internet users.

What is multistakeholder?

Key Internet governance institutions describe themselves as multistakeholder. This means that civil society, technical institutions and the private sector participate with governments in policy making policy (at ICANN) or discussions (IGF). At best, multistakeholder governance offers a new model, adaptive to the fast-changing Internet environment. Everyone can have a voice.

But we should not allow “multistakeholder” to become an empty slogan. We must critically examine the actual participation. For example, last year I took part in an evidence based analysis of ICANN’s policy-making, which concludes that “unbalanced global participation trends risk legitimacy”. Little over 120 people have ever been involved in policy working groups, of which the vast majority are male and from the US. Three regions – Latin America, Asia and Africa – are barely represented. Fewer than 20 people have been involved in more than one working group, of which many are from the domain name industry.

So, is no one in charge? Is the Internet really that different?

I can’t help thinking that there’s a lot of over-statement about the Internet’s difference. Tim Wu, in the Master Switch, makes a compelling argument that all mass communication media, after an initial period of openness, tend towards monopoly or oligopolies. He describes how early stages of radio, telecommunications, even TV were characterised by the same utopian commentary about how this new media would change the world, even humanity for the better. Roll on 20 years and what do you have? A handful of incumbents who are doing very nicely, thank you.

We’ve already passed the stage where you can have a great idea in your bath one day, and be a .com zillionaire the next. The sheer scale of the giant Internet providers creates giant barriers to entry for new competitors. Whether you’re looking at global social network providers, or even at access providers in the UK, there’s only a handful of players.

So, if that’s true, then we’ve got over one of the big differences, haven’t we? We’re starting to see a market that’s quite similar to traditional mass media? We just have the international bit to overcome – and that means that countries, governments, civil society whatever, have to collaborate to find the answer. A national system won’t do.

What is ahead for Internet governance?

Last summer, we started to understand how every aspect of our online life is being scooped up, processed, data mined, re-processed, re-packaged, sometimes sold back to us, sometimes disappearing into the murky world of secret services. And we know, right? The US and UK got caught. Everyone else is at it too. It’s a bit like catching the Director of Public Prosecutions kerb crawling in Paddington. Everyone has to pretend to be shocked when it became public, but plenty of people would have turned a blind eye before that.

The shock waves have even reached the comfy, inward-looking world of Internet governance institutions, where only a few people and institutions are – in truth – actually involved. Institutions like ICANN, the Internet Engineering Task Force, the Internet Governance Forum.

We’ve seen a rash of hastily pulled together initiatives. The leaders of several Internet governance organisations, including ICANN, made a joint statement and have found themselves in an unholy alliance with the Brazilian President, hurtling towards an ill-thought-through meeting in Sao Paolo in April. Meanwhile, ICANN’s president and CEO has formed no less than 5 strategic panels, and an initiative called 1net, which seems to be a mailing list.

Carl Bildt, Sweden’s Foreign Minister, announced the formation of a two year Global Commission on Internet Governance, in collaboration with Chatham House (UK) and CIGI (Canada). It will be reviewing a number of issues, including the legitimacy of current governance mechanisms.

Not to be outdone, the European Commission made a Communication to the European Parliament and Council on 12 February 2014. It proposes a clear timeline for the globalisation of ICANN, a strengthening of the Internet Governance Forum, and greater transparency.

The year ahead will be interesting. Optimists view the Snowden revelations as an opportunity to diversify those who are involved in Internet governance discussions for the benefit of the Internet’s evolution. At the same time, many warn against knee-jerk reactions, which increase governmental control, fragmentation along national lines, to the detriment of a free, open Internet.