Defense In Depth
Why U.S. Security Depends on Alliances—Now More Than Ever
Who should control the Internet? That was the question the Obama administration sought to answer last fall, when the U.S. Department of Commerce ended its long-standing contract with the Internet Corporation for Assigned Names and Numbers. ICANN is the nonprofit that performs the small but significant function of governing the Internet’s system of website and domain names—managing its address book, so to speak. The Internet began as a project of the U.S. Department of Defense in the 1960s, and since its creation in the late 1990s, ICANN had remained under U.S. supervision. By bringing the contract to a close, President Barack Obama freed ICANN to act autonomously.
The Republican response was apoplectic. “Like Jimmy Carter gave away the Panama Canal, Obama is giving away the Internet,” Senator Ted Cruz of Texas said. John Bolton, a former U.S. ambassador to the UN, characterized it as “a mistake of such colossal proportions that you would have thought we’d have a huge debate about it in this country.” Stephen Miller, a campaign aide to Donald Trump, lamented, “Internet freedom will be lost for good, since there will be no way to make it great again once it is lost.”
Such criticism was not just hyperbolic; it was also fundamentally misplaced. The Obama administration did not give away the Internet; what it did was relinquish a vestige of U.S. control over a domain that had long since expanded beyond the mastery of any one entity. And by reducing its oversight, the United States made a savvy decision that will protect the very features of the Internet nearly everyone cares about most: its openness, diversity, and fundamental resilience.
What Obama’s critics miss is that as the Internet grew into a truly global resource, so did pushback against the United States’ relationship with ICANN. In the view of many governments around the world, it was well past time not just for the United States to cede its role as steward of the address book but also, more broadly, for a multilateral group of states to assume greater control over the Internet.
That is a dangerous aspiration, however, for it could undo the stability and openness that make the Internet so valuable—which is why the Obama administration sought to prevent it. Rather than weaken U.S. influence over the Internet, permanently severing ties with ICANN has diminished the specter of greater state control, helping protect an essential forum for global politics, culture, and economics from those who wish to change its very nature.
THE DARK AGES OF THE INTERNET
To understand the merits of devolving more power to ICANN, and what it portends for the future of the digital realm, it’s necessary to take a brief dive into the history of the Internet. The world’s largest and most spectacular communications technology began in the 1960s as a Defense Department project called the ARPANET. A tiny system with only a few nodes, the ARPANET was designed neither for mass use nor for commercial application. The first message was sent from the University of California, Los Angeles, to Stanford University in the fall of 1969. (It was “lo”—the programmers had been typing “login” when the system crashed.)
Five decades later, the Internet reaches around the globe and boasts some 3.5 billion users and counting. Ensuring that all of them can reliably find what they are looking for requires a method of standardizing and organizing Internet Protocol, or IP, addresses—the labels that allow someone who types into his or her browser, say, “foreignaffairs.com” to reach the website of Foreign Affairs. Without allowing this ability, the Internet would be not a comprehensive, globe-encircling web but an unreliable series of Balkanized, and perhaps censored, mini-networks. As arcane as it may seem, the responsibility for creating and organizing this address book comes with substantial political and legal powers, such as the authority to create new national domain suffixes (think “.tibet,” “.isis,” or “.california”) and the power to enforce intellectual property rights online.
Well into the 1980s, few people had the ability or the desire to go online—it was mostly just a small coterie of engineers, academics, and hobbyists who did—and so the Internet’s address book remained thin. In fact, the early Internet was so small that one man, the computer scientist Jon Postel, essentially ran the address book from his office in Los Angeles. But in the early 1990s, the Internet began to change rapidly. Spurred by the creation of webpages, user-friendly browsers, and dial-up service providers, the Internet transformed into a mainstream commercial and social space. Domain names and websites skyrocketed in value; ownership disputes followed close behind. These disputes centered not only on the question of who had the right to use a given domain name but also, and most important, on who controlled the right to award one.
Because the Internet evolved organically, with little thought that it would become a major economic and social resource, basic questions such as these were surprisingly hard to answer. In 1995, the National Science Foundation, which had developed its own ARPANET-like network, called a conference to get to the bottom of the matter. Who, if anyone, really controlled the Internet? Military officials argued that because the Defense Department had funded the original ARPANET, it owned the Internet, too, and, therefore, the address book.
Other officials were skeptical. The modern Internet had many of the same technical features as the ARPANET, but in its scale, scope, and social utility, it bore almost no resemblance. The federal government had never previously asserted that its initial funding should give it legal ownership over the Internet. Moreover, it possessed no statutory authority over the awarding of domain names. No one disputed that the Internet had been launched in the United States with federal funding. But the precise scope of the government’s legal authority was extremely hazy.
THE BIRTH OF ICANN
By the late 1990s, Internet use was growing explosively, and such uncertainty had become untenable. The administration of President Bill Clinton argued that the solution was simple: the Internet should be run by the private sector. U.S. adversaries such as China, Iran, and Russia disagreed. Keen to control this novel communications system, they began to argue that it ought to be governed by them, or at least by the UN in a multilateral fashion.
One UN agency, the Geneva-based International Telecommunication Union, which manages the radio frequency spectrum and establishes standards for communications services, viewed the Internet as a natural part of its portfolio. Having seen its powers diminished by the deregulation of the telephone industry, the ITU was searching for a new raison d’être. It found one in the Internet. As a global resource, the ITU contended, the Internet ought to be governed globally, not by one country.
But when, in 1997, the ITU sought to insert itself into Internet governance by hosting a “signing ceremony” for an agreement on domain names negotiated among several nongovernmental organizations, it generated substantial pushback from the United States. Secretary of State Madeleine Albright blasted the ITU for holding “a global meeting involving an unauthorized expenditure of resources and concluding with a quote international agreement unquote.”
The Obama administration did not give away the Internet.
The Clinton administration feared that if the Internet were governed by a multilateral body such as the ITU—one that states firmly controlled—its best features could be lost. It would become more vulnerable to censorship and control by governments with weak track records on freedom of expression and little tolerance for political dissent. And it might ultimately splinter into a series of regional or national networks rather than remain one global Internet.
To try to thwart the increasing attempts to assert multilateral control, in 1998, Clinton set in motion a new policy. Rather than increase federal control over the Internet, he sought to devolve authority to the private sector. And so he instructed the Commerce Department to issue a call for proposals for a new body to which the U.S. government could transfer day-to-day management of the address book.
The result was ICANN. The organization operated under a contract issued by the Commerce Department, which delegated to the group the responsibility for managing the domain name system and, more broadly, required it to keep the Internet running smoothly. ICANN could not alter existing policies without federal approval; the initial contract even specified which individuals at ICANN would have responsibility for various tasks. Over time, the contract granted ICANN more autonomy, and by the end, the U.S. government’s role had become largely symbolic. But it never backed down on one constraint: ICANN had to remain headquartered in the United States.
ICANN’s governance structure is Byzantine, but it succeeds in gathering together a strikingly wide range of voices. A nonprofit incorporated under California law, ICANN is financially self-sufficient, having earned nearly $200 million in revenue from user fees and domain name auctions during the last fiscal year alone. It is led by a board of directors—currently chaired by Steve Crocker, a computer scientist who helped develop the ARPANET—and a CEO. Representatives of various interest groups, such as intellectual property owners and noncommercial Internet users, help select and advise members of the board and, in some cases, develop policies. Separate advisory committees also guide policy. The most significant of these is the Governmental Advisory Committee, which includes state representatives and an array of international organizations. Further broadening the scope of input, all of ICANN’s policy proposals are open for public comment.
By creating ICANN, the Clinton administration chose to embrace even more firmly the existing, if somewhat ad hoc, tradition of “multistakeholder” Internet governance. Unlike traditional multilateral governance, this method is not state-driven; instead, it includes a diverse mix of businesses, nongovernmental organizations, and academics working alongside governments. The White House found the approach attractive because U.S. technology companies, academics, and nonprofits already dominated Internet governance, and it fit with the privatizing spirit of the times. But above all, the administration recognized that an Internet run by a wide range of public and private actors was more likely to be managed well, and more likely to remain open, global, and free, than one run simply by governments. Indeed, the Obama administration’s choice to end what remained of direct U.S. oversight over ICANN represented the culmination of Clinton’s earlier decision.
ICANN has its critics, and over time, it has tweaked its bylaws to improve its accountability and transparency and to rein in what some have seen as an overly powerful and insular board. But much like what Winston Churchill said about democracy, ICANN’s convoluted approach is probably the worst form of Internet governance—except for all the others.
THE PERILS OF MULTILATERAL CONTROL
Without question, the Internet has thrived since ICANN’s creation. The last two decades have witnessed spectacular growth in the digital domain. But despite ICANN’s success, the United States’ continuing special role only intensified the desire of other states to gain more control. At a 2012 conference facilitated by the ITU in Dubai, for instance, China, Russia, and other countries sought to negotiate an accord that would introduce rules requiring parties sending digital information to pay to reach users and that would generally enhance the ability of governments to filter and throttle content. The United States, along with 54 other countries, including Australia, India, Japan, and most of Europe, refused to sign it. But it was clear that calls for multilateral governance were mounting.
Multilateral control may seem an equitable arrangement, but it would risk ending the Internet as we know it. Many governments around the world fear the free flow of information that the Internet fosters, and they would have an easier time censoring content on a multilaterally governed Internet. Invoking sovereignty, they could block services, disable websites, and thwart political opposition. At the Dubai conference, for instance, governments proposed innocuous-sounding rules over spam that the United States and its allies feared would provide governments with new ways to control mass social mobilization.
As the campaign for multilateral governance gained momentum, the Obama administration faced a choice: Should it extend its relationship with ICANN in an attempt to maintain the United States’ traditional role as steward of the Internet, and thereby risk encouraging greater efforts to establish multilateral control? Or should it set the organization free? The administration chose the latter option and accelerated what had been planned since the Clinton years: a handoff to ICANN that would further embed multistakeholder governance and preserve the fundamental structure that so many value in the digital domain.
Adding to the sense of urgency, in 2013, Edward Snowden, a former National Security Agency contractor, released classified documents revealing the NSA’s widespread surveillance of Americans and foreigners, sometimes undertaken with the participation of U.S. technology and communications firms. The NSA’s programs had no direct connection to ICANN, but their disclosure raised hard questions about how much foreigners could trust the U.S. government and U.S. technologies, which dominate the digital domain. In April 2014, Brazil hosted a conference on Internet governance known as NETmundial, at which the country’s then president, Dilma Rousseff—who, as Snowden revealed, had herself been a target of NSA surveillance—gave a forceful opening address in which she declared a “one-sided, unilateral Internet” untenable and called for all governments to participate in Internet policy on an equal footing. Many participants shared her sense of anger, but their outrage had been softened by a well-timed statement by the U.S. government. Just a month before the meeting, the Commerce Department had announced that it would soon allow ICANN to operate independently.
SETTING THE INTERNET FREE
On October 1, 2016, the Obama administration fulfilled that promise when it allowed the Commerce Department contract to expire—although not without a flurry of last-minute court filings by Republicans aimed at stopping the transition. For many in the Internet community, the transfer marked the triumph of an Internet whole and free over one fractured and controlled.
Despite Republican claims to the contrary, the move also represented a win for the United States. Since ICANN’s inception, U.S. interests have been well served by the organization’s inclusive approach to Internet governance. ICANN has many flaws, to be sure, and it does not always side with the U.S. government. (The George W. Bush administration fought the creation of an .xxx domain, for example, but ultimately failed to block it.) That is all to the good: if ICANN consistently favored U.S. interests, it would lose legitimacy and stop serving as an effective check on the ambitions of many states, such as China and Russia, to assert greater state control.
This threat has not abated. In November 2016, China held its own global summit on Internet governance, which President Xi Jinping attended. Xi declared that China would continue to promote “equitable global Internet governance” and repeated his call for “cyber-sovereignty”: code for greater government control over all things digital.
This is the alternative vision for the Internet that the Obama administration sought to neuter. At the end of the day, the Internet is not virtual but quite physical. It relies on cables, routers, and servers overseen by a panoply of firms—all of which are subject to the jurisdiction of the country in which they reside or operate. Ultimately, the people who make the machinery of the Internet hum are vulnerable to state action. They would be all the more so if like-minded states were able to work in concert to put an end to an open and global Internet.
That was one risk of insisting that the U.S. government preserve its special role. Another was that some kind of multilateral system of management could arise without U.S. consent. These risks are hard to quantify, but they are also hard to dismiss. Far better for the United States to keep the Internet relatively free and unfettered, and let go of the steering wheel.
Indeed, in many respects, the U.S. government’s strategy of embracing a multistakeholder framework to lock in its basic preferences on Internet governance contains parallels to U.S. grand strategy after World War II. U.S. leaders in that era understood that the United States could best sustain its newfound superpower status by creating a global order that provided public goods, reduced some of its policy autonomy, and offered participation to weaker states. The result was a raft of cooperative international institutions, from the UN to the World Bank.
For the Internet, likewise, devolving power to a diverse group of actors that share the United States’ basic values furthers U.S. interests. It does so by ensuring that the existing online order becomes self-sustaining, kept alive not through U.S. power but through the shared effort of the unique mix of corporations, technical wizards, digital evangelists, and government regulators who have run the Internet for over two decades—and who will work to safeguard it for generations to come.