January 28, 2008

What would the internet be like had there been no ICANN?

Suppose that back in 1997 the US Department of Commerce, via its National Telecommunications and Administration Administration (NTIA) had not adopted, without any demonstrable source of legal authority, that hangnail from the Reagan-Thatcher school of government - the idea that governmental powers are best exercised by private actors without the nuisances of public constraint and public oversight.

There is a branch of fiction known as "Alternative History". These are stories of what might have been.  What might have been had the British intervened on the side of the South in 1863? What might have happened had Khrushchev not backed down in Cuba in 1963? What might have happened had the Supreme Court not stepped into (onto?) the Florida presidential vote count in 2000?

In that vein I am about to engage in a bit of alternative history.

I am going to speculate about how the last ten years of internet history might have been had the US government, rather than deciding to renew the Network Solutions contract, had, instead, opted to drop its marionette strings and allow the forces of competition, innovation, and consumer choice to operate as we expect them to operate in an open, unregulated, competitive economy.  In other words, what if the US government had not created ICANN?

Being an untrained and clumsy writer, I'm going to be blunt about foreshadowing the tale: Without an ICANN we would today have greater innovation in the internet name space.  Domain name prices would be lower, consumer choice would be greater, and the internet would have greater resilience to failures than it has today.

The road we did not take would have been the better choice.

Is the dead hand of the past so strong that we are forced to live forever with that mistaken choice and never seek correction?

Shakespeare wrote, "[w]hereof what's past is prologue, what to come in yours and my discharge." Is the future really in our hands? Can we treat the choices of 1997 as mere prologue to a story not yet written?

Before starting, let us detour a bit and review the events that led to the ICANN of today.

There were two intertwined stories:

First was the story of the Cooperative Agreement with Network Solutions (a company that was subsequently acquired by Verisign and then, shrunk to a mere registrar, and sold off, with Verisign retaining the registry role.)

Second was the story of Jon Postel's test of the internet's domain name system.

Let's look at these stories:

The Story Of The Cooperative Agreement

The increasingly lucrative cooperative agreement under which Network Solutions (Verisign) was managing .com, .net, .org, and .edu was scheduled to expire in 1998.  Under that agreement Network Solutions was obligated to deliver back to NTIA the tools and data necessary to transfer operations to another contractor or to the public.

In 1997 the US government agencies became concerned - some might say they began to panic.  They felt compelled to chose between three ill alternatives:

  • Extending the Network Solutions contract.
  • Replacing Network Solutions as a contractor much as the US National Park Service occasionally replaces the concessionaires it uses to run the government owned hotels at the Grand Canyon, Yellowstone, and Yosemite national parks.
  • Relinquishing the government's role over the internet's domain name, IP address, and protocol parameters assignment systems.

The government felt that the second of these three choices - replacement of Network Solutions with another contractor - would require a formal procurement process that could take several years. Consequently this option was never seriously considered.  One could wonder why the government did not consider combining the first and second options - one term of extension in order to give time to engage in a formal procurement.  Whatever the answer, the fact is that replacement of Network Solutions was never seriously pursued.

This left two options - extend or relinquish.

The government people chose what they believed was the lesser of two evils - they chose to extend the Network Solutions contract. This choice was not unreasonable - the people who made the choice are well-intentioned, smart, and informed; but the option to relinquish would have required that they convince many less informed people in the executive and legislative branches of the US government that the nascent internet would be better left to private enterprise and choice.  It seems that even those who hew to a "small government is a better government" point of view have a hard time letting go of government control over the internet.  And few civil servants would risk being branded as "the man who lost the internet".

So, rather than ending the Cooperative Agreement, a product of a much different internet era, NTIA decided to give it a face-lift. In fact, the agreement has had its face lifted nearly a dozen times.  The resulting miracle of bureaucratic plastic surgery remains in force to this day, a lifespan increase of over 300% so far and with no clear sign that it will ever end.  This extension represents a government backed gift to Network Solutions, and its successor, Verisign, that by some estimates amounts to an income stream of nearly half a billion dollars every year.

The Story of John Postel's Test

In early 1998 Jon Postel decided to do a very good thing.   Postel wanted to validate that the DNS was as robust as it was purported to be.  Postel decided to run a limited test in the IP address from which root servers obtain their "zone files" would be altered.  This was not a particularly radical test and, should things have gone awry, backing out would be both fast and easy.  Also remember, this was in years before internet had obtained massive public visibility.  What Postel did was quite in keeping with the pragmatic approach from which the internet grew - an approach in which one tests, learns, and improves.  Nonetheless, the government went ballistic.  Postel was threatened with severe legal, even criminal, sanctions.  Postel, an employee of USC-ISI asked his employer for help; USC-ISI refused.  Postel felt what anyone would feel - alone and afraid.

So Jon Postel, a California resident, asked for help.  An attorney from Washington DC showed up on his doorstep; an attorney who does not seem to be able to demonstrate having a license to practice law in California.  But despite that apparent lack, Postel accepted this attorney.

This attorney was from the Washington DC office of the Cleveland Ohio firm of Jones Day.

The Stories Intertwine

In 1997 NTIA began to emit strong pheromones that it wanted the law firm of Jones Day to create a nominally private corporation to assume the powers that NTIA was exercising, albeit without any apparent source of legal authority for the exercise of those powers.  In other words, NTIA, an agency of the Executive Branch, wanted to induce the creation of a private body to do things that NTIA wanted done but for which NTIA did not have the legal authority to do itself.  (The reader would not be alone if this suggests that NTIA uses ICANN in much the same way that the US State Department uses Blackwater.)

Jones Day responded (much to the benefit of its balance sheet: Jones Day's response has turned into a revenue stream that floods ever larger with every passing year.  As ICANN's largest creditor, Jones Day yearly reaps millions of dollars in legal fees from the corporation that Jones Day created to serve NTIA.)

Postel's attorney from Jones Day started circulating drafts of a plan to form a body to be called ICANN.  Each successive draft seemed to be the result of yet another hidden agreement with yet another round of unknown parties.  Midway through this sequence, Jon Postel died.  But his attorney survived.  And further iterations appeared (as presumably more secret back room promises were made.)

NTIA, in an effort to appear open to other plans did allow other plans to be submitted; but it was pretty clear from various inchoate emanations that none of these had any hope and would have no weight except, perhaps, to slightly nudge the Jones Day plan. One of the most influential of these other plans was that of the Boston Working Group, a group with which I am affiliated.  Our proposal is still visible on the net at /archive/bwg/ As expected, the Jones Day plan won NTIA's nod of approval.

The fruit of this NTIA-Jones Day cultivation was a strange creation: ICANN, a thing neither fish nor fowl, not clearly private yet not clearly governmental, and like Prospero's Ariel able to operate beyond the normal constraints that restrain governmental agencies and the laws and economic forces that channel and limit private action.

A small number of incumbent interests find ICANN to be highly satisfactory and lucrative.  However, most of us end up with something rather less pleasant: Anyone buying a domain name now pays a private internet tax to ICANN and domain name prices are massively inflated (by perhaps 35,000%) with regard to the actual costs.  Others find ICANN as a body that restrains trade by denying their completely legal enterprises entre into the domain name marketplace or by subjecting their businesses processes to a small mountain of contractual gobbledygook.

NTIA and ICANN have effectively allowed the .com and .net top level domains to become the private property of Verisign.  It is not often that a caretaker, like Network Solutions, is allowed to reward itself with ownership of the estate.  By way of analogy it is as if the company that was hired to run the hotel at the Grand Canyon has been allowed to become owner of the hotel and the Grand Canyon.  This is a rather bizarre twist, yet that is what has happened.

The cost to the community of internet users is enormous - Every year more than half a billion dollars is paid by internet users in the form of inflated and arbitrary domain name fees.  And if that were not bad enough, internet innovation and imagination have been smothered on the altar of registry profits and trademark protectionism.

So much for the real history.

The Alternative History

Let us turn back the calendar to 1997.  Let us posit that NTIA has decided to let the cooperative agreement expire and has required Network Solutions (Verisign) to return the materials and data that it is obligated to return under the terms of that agreement.

And let us posit that NTIA has decided not to merely replace one face with another and instead has decided to open the door to enterprise and innovation by providing that name registration data to any and all comers.

And let us suppose that when Jon Postel ran his very sensible test that the US government did not cluck itself into a Chicken Little frenzy and demand that the net must be wrapped with a Procrustean regulatory system.

At this point perhaps you are hearing a voice in your head suggesting, or perhaps screaming, "there would have been chaos", this is an unbelievable alternative history.

Is it really unbelievable?  It certainly was possible.  What is chaos to one is often opportunity to another.  Is it not one of the foundation stones of our social system that individual choice is to be preferred to both monopoly markets and government regulation?

What is unbelievable to this writer is that the US Government leapt to the conclusion that heavy regulation of the net was required without ever really considering how the net might be nudged, rather than bludgeoned, towards greater commercial stability.

J.  D.  Rockefeller, one of the greatest monopolists of all time, justified his destruction of his competitors, his imposition of rigid controls over the petroleum refining and transport industries, and his nearly imperial control of distribution channels and products on the grounds that he was merely "rationalizing" and "standardizing" the oil business.

Those who argue in favor of ICANN often use Rockefeller's argument - they justify ICANN's rigid regulation as a way to rationalize the marketplace of internet names so that the incumbents in that marketplace can be spared the discomfort of competition and the buyers of domain names relieved of the burden of having to make a choice between different offerings.

Do we want to "rationalize" the internet in same way that Rockefeller "rationalized" the petroleum refining industry of the 1870's?

I think not.

But I digress; let us return to our story:

Suppose that in 1997 NTIA decides it will allow the cooperative agreement to lapse at the end of 1998 and that six months prior to the expiration, and again at the time of expiration, NTIA will make a copy of the operational data available without charge or encumbrance.  NTIA decides that 1998 would be a year of transition.

NTIA's decision does not eliminate Network Solutions; it merely removes Network Solution's monopoly.  If Network Solutions chose to do so, it could continue its operations.  But it would no longer be alone or given any preference or special privilege.

In other words, NTIA decides that at the end of 1998, at the end of the agreement, anybody who wants to run .com, .net, .edu, and .org would be free do so, using his/her own capital, using his/her own business plan, and at his/her own risk.

Remember the movie Spartacus?  The rebelling slave army is captured and the Roman general asks "Who among you is Spartacus?" One by one every slave stands up and says "I am Spartacus".

In our tale the ending of the cooperative agreement would cause a similar scene: New vendors, and Network Solutions - everyone - would have stood up and said "I am .com", "I am .org", "I am .net".

None would be and all would be.  There would be no legal ground to distinguish among the claimants.  The would have to compete among themselves.  Network Solutions would, however, been the Goliath.

How precisely this competition would have resolved itself none can say.  But we can say with certainty that it would have quickly resolved itself as it always does when there is a lot of money on the table.

I suppose that those of you who are still with me will be reminded of
the cartoon in which some scientists have filled a blackboard with equations.  And in the middle of the board is a cloud with the words "Then a miracle occurs".

Am I suggesting that NTIA should have bet the internet of 1997 on a miracle? Yes, I am.

But it is no less betting on a miracle than we do every day when we allow electricity, food, fuel, and many other aspects of our normal lives to be handled by the miracle of private innovation and competition within the limits set by law.

Would there have been an uncomfortable bump? Yes, there probably would have been a period during 1997 when internet users wanting to acquire domain names would not know clearly from whom to buy them. Network Solutions, the former incumbent, would with almost certainty obtain the lions' share of the business, not unlike the way that the Baby Bells inherited most of the former Ma Bell (AT&T) customers when AT&T was split apart.

What forms might have coalesced out of this temporary period of fog and uncertainty?

Competing root systems?  Cooperative, truly non-profit, registries?  Co-op registries that operate by N of M consensus systems?

All of these, probably.  Not all would have survived.  Some would have failed.

Some internet users would have had an experience similar to that of people who bought tickets on low fare airlines and charters during the 1970: the carrier failed and they got stuck with a worthless ticket and a claim in bankruptcy court on the remaining assets of the bankrupt carrier.

In our alternative history some internet users will find that they have acquired domain names that do not resolve.  There will be lawsuits for fraud.  Domain name providers who are smart will quickly change their practices and contracts so that every domain name buyer is made fully aware of the risks in much the same what that buyers of securities in the US are provided with enough information to make informed choices, should they chose to do so.

January 1, 1999 would have dawned on a more stable situation:

Network Solutions would be the dominant provider of domain names with a firm grip on the .com, .net, .org, and .edu top level domains.  Network Solutions would have simply bought out the competition.

The suite of root server operators would still have been unaffected, no one would have yet seen the Google-like opportunity that root and TLD servers provide.

However, and remember that this was during the height of the .com bubble, money was available for just about anything.  And a lot of people would have thought that having their own top level domains would be profitable.  (Even outside of our alternative history, we can see from ICANN's actual year 2000 new-TLD process that there was, in fact, a quite substantial interest in new TLDs.)

These new TLDs would have soon discovered that they would not even appear on the horizon of internet users until their TLDs were incorporated into the root zone published by Network Solutions - and Network Solutions would, understandably, not be quite willing to give that kind of aide and comfort to their would-be competitors.

By mid 1999 those who aspired to create new TLDs would have recognized that Network Solutions was not going to allow them a place in the sun and that the operators of the legacy root servers weren't particularly interested in making changes.

So by September 1999 we would have seen the deployment of the first competing root system run with as much capacity and competence as the legacy roots.  However, given the venture funding behind the new TLDs, these new root operators would have had access capital for expansion and would have been created with the attitude to aggressively reach for opportunities.

One of those opportunities would be what we today know as the Google Model - selling marketing and advertising opportunities while creating a positive feedback loop to increase those opportunities by giving users a share of the proceeds.

In year 2000 the You-Root corporation, a privately owned, for-profit, root consortium, comes into operation in competition with the legacy root.

You-Root has a multi-faceted business plan:

  • You-Root mines the DNS queries that arrive at its servers to generate a real-time feed of usage data that it sells to market research firms, corporate marketing groups, and national intelligence agencies.
  • It drives traffic to its DNS servers by paying ISP's to aim their DNS resolvers at You-Root.  ISP's receive a monthly check from You-Root that is based on the number of queries that the ISP sends to You-Root.  (You-Root finds, however, that it must quickly design mechanisms to detect synthetic traffic that is sent for no reason except to drive up the query counts.)
  • You-Root sells space in its root zone file to aspiring TLDs, much as brick-and-mortar stores sell high visibility (such as end-of-aisle) shelf space.
  • You-Root includes all of the TLDs, along with the information to their name servers, into its root zone file so that users who are switched from the legacy root are not surprised with name resolution failures.
  • You-Root uses "anycast" routing to deploy name servers where the traffic concentration warrents (or where customers are willing to pay for a local root server.) You-Root also maintains a high degree of internet connectivity so that its servers are perceived as highly responsive.
  • You-Root will, for a fee, elevate a TLD's zone data so that it is serviced by one of You-Root's own root servers and thus save a DNS query round trip time, thus making web pages under that TLD appear more responsive.  You-Root allows these TLDs to offer a pass through service in which the TLD's name registrants can also have their zone data elevated into You-Root's servers, thus saving even more DNS query round trip times and making those registrants' web sites appear even more responsive.

You-Root gains market share as several ISP's, attracted to the idea of payments for sending DNS queries to You-Root, re-aim their servers.  And large websites seeking to improve user perceptions of performance push to have their DNS zone data elevated into You-Root's servers.

You-Root cuts a deal with Microsoft in which, for exchange for real-time data for use in MSN, Microsoft will ship Windows with You-Root as the default root server group rather than the legacy root servers.  A similar deal is made with Apple.  In neither deal is it disclosed to the public in which direction any money payments were made.

Now other aspiring root operators want to get into the game. They follow You-Root's business model.

Soon the relationship between root server operators and TLDs begins to shift - those TLDs that are more successful at gaining registrants find that they become "must haves" and that they can get root server operators to pay them for inclusion rather than vice versa.

And all the while the Network Solutions/NTIA root zone becomes less and less popular because it has become like a cable TV system that only carries the ABC, CBS, and NBC television networks and does not carry new content like CNN, Comedy Central, or HBO.

By the latter part of 2001 several root systems are in full fledged competition, each trying to be carry more TLDs than its counterparts.  The result of this competition being that every root system carries all available TLDs except those few that are stigmatized, as for example might happen if there is a trademark dispute over who has the right to use a given name as a TLD.

As the pornography industry expands communities of users realize that one way they can protect themselves is by asking root providers to offer tailored views of the DNS name space.  You-Root and others begin to offer "family friendly" collections of TLD - they will, for example, include the .Disney top level domain but not .Sleeze.

Root providers will also offer TLD packages tailored for various religious, political, and social groups who, for whatever reason, want to build walls between themselves and those who are not part of their communities.

Some TLD operators will amplify this customer push for differentiation by by using contracts with their registrants as a means include or exclude certain types of content on websites found under their TLDs.

TLD operators begin to start looking for more ways to differentiate their offerings:

  • Some start offering name registrations for short periods for use with one time events.
  • Some sell names for very long periods for those who want to latch onto an internet name for as long as the TLD remains.
  • Some will sell via resellers (registrars), some will sell direct.
  • Some will give names away in order to increase the traffic they get and thus increase the value of the marketing data that they can derive.  (Most of these go the way of the Cue Cat and disappear.)
  • Some start selling names using digital certificates to represent ownership, thus providing a means for both permanent and anonymous registrations.  Revenue will be obtained by charging for specific services (such as updating name server records) rather than yearly domain name rent.  This will induce the creation of independent exchanges in which domain names can be bought and sold, often anonymously.

Eventually root zone files will begin to bulge as every large corporation decides that it wants its name to be a TLD.  This will present technical challenges to root server operators to disseminate updates to root zone files.  (However, as we know from real-life .com, this is a problem that is manageable, at least up to the present size of .com - over 70,000,000 names as of the date of this writing, January 2008.)

Competition among TLDs and root providers drives prices down and down and down.

By 2007 typical price to a consumer for a domain name falls to less than $0.25 per year, reflecting the actual mass scale of economies that obtain in DNS, particularly when there is no regulatory body imposing fiat registry rates an imposing its own tithe on name transactions in order to fund itself.

DNS resiliency is improved: In 1997 DNS was a single point of failure and attack for the internet.  By 2007 there is a multiplicity of competing roots that provide deep redundancy against failure from natural or human causes.

DNS responsivity is improved - TLD operators recognizing that DNS query/response time is a significant component of the user perception of web site responsivity begin to push data and servers closer to users.

New TLDs are no longer an issue - those who want to deploy a new TLD can do so.  But as with nearly every other kind of product offering, those who do this will have to expend time and effort to build their TLD visibility and do so with their own money (or that of their venture backers) at risk.  Consumers of domain names will grow more aware of the risks of buying a name in these new TLDs.

Some TLDs will never grow beyond boutique offerings that are found in only a few root zones.  Most of these will fade.  Others will grow so that they become visible in nearly all root zones.

In the end we will have a marketplace that allows new TLDs to be born, to grow, to spread, and to die without any central regulatory apparatus.

It will be a marketplace much like that found in the world of cable TV, in which TLDs are similar to new TV channels.  In the cable TV industry new channels must find a way to be included in the offerings of the cable and satellite providers.  In some cases these new channels will obtain visibility and become viable, in other cases they will never obtain adequate acceptance and will either disappear or be merged into another.  In the DNS industry, new TLDs must find a way to be included in the offerings of root providers else they will not gain sufficient visibility and use to survive.

And so ends our alternative history - a history in which we reach a stable, reliable DNS, both technically and economically, but without the heavy hand and cost of regulation.

Is this alternative now impossible or could we turn away from the regulatory system that has been imposed onto the internet by the US Department of Commerce via ICANN?

There are many people who think that DNS must be regulated and ossified into a single "authoritative" root.

There were many people who once thought the same thing about the voice telephone network.  History proved them wrong.

And to finish on a final note that is neither hypothetical nor an alternative history:

One of the things that neither ICANN, nor governments, nor many users are not realizing is that someday enough people might wake up, question the dogma of the single "authoritative" catholic root. They, just like Dorothy in the Wizard of Oz, already have the power to overturn the status quo.  Users of the net can simply, and without the need to ask permission from anyone or coordination with anyone, turn the technical knobs on their DNS software and make the entire legal, regulatory, and governance edifice fall to the ground - while the net keeps on running without missing a beat.

Posted by karl at January 28, 2008 12:29 AM