Warning: This is a long post, reflecting the complexity and nuance of Internet governance.
Just before the 2012 holidays, the World Conference on International Telecommunications (WCIT), pronounced as “wicket” by the cognoscenti, concluded in Dubai. In the buildup to the WCIT, there was much handwaving and fearmongering, political position jockeying, and backroom negotiations by multinational companies, governments, non-governmental organizations (NGOs), technology policy wonks and political pundits. There were frequent stories in the trade and policy rags and the mainstream press, including the New York Times. How, you might ask, could such a seemingly obscure conference engender such an international frenzy?
In the spirit of full disclosure, I should reveal that I spent a good portion of the last three years working on this issue, while heading Microsoft's Technology Policy Group. I traveled the world, meeting telecommunications policy leaders, trade associations, companies and senior representatives of international governments, including ones from the United States Departments of State, Commerce and Federal Communications Commission (FCC). With that disclosure, as well as noting that what follows are my personal opinions, a bit of background and history is in order.
The International Telecommunications Union (ITU), which is a United Nations organization, organizes the WCIT. The ITU began as the International Telegraph Union, which suggests some its origins and history. Originally responsible for coordinating global use of the radio spectrum and, more recently, assisting in international assignment of satellite orbits, the ITU now operates under three units, the ITU-R (radiocommunications), ITU-T (standardization) and ITU-D (development).
As a UN organization, the ITU's members are countries, rather than individuals, companies or NGOs. Despite the one country, one vote governance model, there is multistakeholder participation in some informal aspects of the ITU. I was a frequent visitor to the ITU, and I participated in ITU retreats and CTO roundtables. I know the ITU leadership well.
Because major ITU policies and approaches, including tariffs, are codified as international treaties – the International Telecommunication Regulations (ITRs) – policy changes are fraught with all the complexities that accompanies any international treaty. Indeed, before the 2012 WCIT, the ITRs were last updated in 1988. The languid pace of treaty change is but one of many challenges posed by the ITRs. It has also brought into question the relevance of the ITU and its policies and approaches. The country voting model and UN culture do not match the freewheeling Internet world.
Looking back twenty four years to the previous WCIT takes one almost to prehistory in Internet time. The TCP/IP protocols were in place, but international networking was largely a research or private network curiosity and dialup modems defined the consumer network experience. The World Wide Web was still a gleam in the eye of Tim Berners-Lee; the Mosaic web browser had not burst on the scene; the dot.com frenzy was yet to come; mobile phones were rare, expensive and bulky; and plummeting international telephony charges due to IP-based audio and video calling were still over the horizon. In short, the telecommunications world of 2012-2013 is radically different from the staid landscape of 1988.
The technological and economic changes wrought by the Internet in those fourteen years are equaled by the social and cultural changes. Geographically and politically separated regions are now digitally interconnected in ways unthinkable just a few years ago. The global flow of information has challenged governments, companies, NGOs and individuals to adapt legal frameworks, regulations, technical operations, social expectations and national security operations. (See Globally Connected, Globally Worried and Information Privacy: Changing Norms and Expectations for a bit of perspective.)
Multifaceted Internet Governance
One can parse Internet governance challenges in several ways: technical, legal and economic, social and ethical and national security. Let's begin with the technical issues, which are perhaps the simplest. Operating the global Internet effectively requires de facto adherence to an evolving set of technical standards. The Internet Corporation for Assigned Names and Numbers (ICANN) manages the domain name system (DNS) and IP address blocks on behalf of the international community.
Although not without controversy, ICANN and its sister organization, the Internet Society's Internet Engineering Task Force (IETF), have generally been effective in creating a multistakeholder governance model for Internet operations. However, the tizzy over generic top-level domain names (gTLDs) and intellectual property protection has heightened government desires to control ICANN.
Shifting to economics, companies, countries, NGOs and privacy advocates all worry about the transnational flow of data, differing laws and intellectual property protections, jurisdictional constraints and safe harbors. If you are a Kenyan national working for a German company with operations in Brazil, and you travel to India, just whose laws govern you and your company? The answer is murky, but generally all of the above, plus some others.
Nevertheless, Internet service operators must respond to civil and criminal legal requests for data every day. For those subject to multiple legal jurisdictions, it is sometimes impossible to satisfy the laws of countries involved. For those interested and suffering from insomnia, I highly recommend reading the Bank of Nova Scotia case (United States v. Bank of Nova Scotia, 740 F.2d 817 (11th Circuit, 1984).
Mixed with all of these legal and economic issues are elements of international trade, protectionism and economic development. The rise of cloud computing, whose economics have driven massive scale and data consolidation, has exacerbated these concerns about extraterritorial jurisdiction and control worldwide, particularly when U.S. companies dominate cloud computing and many fear the U.S. PATRIOT Act.
Then there are the crucial issues of human rights and free speech. How does one reconcile global communication, which brings differing international norms and expectations for freedom of speech into direct and day-to-day conflict? It is more than an abstract question for millions of Internet users, and one with no simple answers.
One can debate the ethics, human rights records and legitimacy of certain governments, but the sovereignty of nations and their right to establish laws within their territory is an unquestioned aspect of international law. I have seen senior representatives of governments with widely divergent views on freedom of expression all agree that their governments have a critical role to play in Internet governance. Those same representatives differed markedly in their delineation of appropriate governmental roles, their definitions of free speech and its appropriate limitations.
Finally, there are issues of national security, information security and cyberwarfare that are beyond the scope of this essay. In a knowledge economy, information is advantage, and economic or technical disruption via the Internet itself can be a form of low-grade warfare. Likewise, with military capabilities themselves increasingly dependent on smart, network-connected weapons, they are themselves objects of defense and attack.
Back to the WCIT
This interplay of technology, international law, economics and trade, social norms and human rights, and national security is a witch's brew of complexity, with diverse stakeholders and perspectives. Many of them encamped in Dubai at last December's WCIT.
Thus, it is not surprising there was acrimony and controversy, with claims and counterclaims; one could hardly expect otherwise. Central to these debates were concerns, some say unfounded, though others disagree vehemently, that the U.N., via the ITU, might assume greater control of Internet governance, shifting from the multistakeholder model toward greater centralization and government control.Some of this was also tied up in the ITU’s own search for new relevance.
What emerged from two weeks of painful negotiations was what can best be described as an uneasy peace. After much debate, 89 of 152 countries signed an amended version of the ITRs. The U.S., Japan, Canada, Germany, India, and the U.K. were not among the signatories, objecting to attempts to curtail multistakeholder governance. In short, it was an ugly mess.
What's next? The global community is strongly divided along ideological lines. Thus, we are likely to see even greater dichotomy in government intervention, more uncertainty in international law, and limits on global information flow. Despite this, I believe the Internet will continue to grow and evolve organically. Too many stakeholders want that to happen, and their voices must be heard.
Thus, I am a strong proponent of the multistakeholder model. I do recognize, though, that governments have an important role to play, just as they do in other domains. This is a messy process, and it will undoubtedly continue that way. Such is the nature of debate.