John Gilmore has spent 30 years shaping Internet culture and politics. An early employee of Sun Microsystems and a co-founder of free software pioneer Cygnus Software (now part of Red Hat), he has worked tirelessly to promote his civil-libertarian views on how cyberspace should evolve. Entities as diverse as the Electronic Frontier Foundation, the “cypherpunks” and Usenet’s wacky and subversive “alt” newsgroups can all trace their roots to Gilmore’s efforts — and, quite often, his funding.
Gilmore has never been afraid to speak his mind on any issue, but the politics of Internet governance are particularly close to his heart. And right now, that means keeping a close eye on ICANN, the Internet Corporation for Assigned Names and Numbers. ICANN is the international body in charge of managing the Internet’s domain name system — the numbers and names that identify Internet addresses.
Critics from across the political spectrum have claimed for years that ICANN is secretive, slow, inefficient and, worst of all, firmly in the pocket of special interests. But in recent weeks, the rhetoric has gone up a notch. Suddenly, ICANN is at a crossroads.
Defenders of the organization, including former chair Esther Dyson, have long argued that ICANN simply needs time to grow, develop and earn Internet users’ respect. But four years after it was first created, ICANN is more unpopular than ever. ICANN’s decision in March to abandon a system of at-large elections that resulted in ICANN dissidents being elected to the board of directors may have been the last straw. Now many observers have given up on reform — they want the organization shut down entirely. The Senate even convened a hearing during the week of June 12 to discuss ICANN’s problems and later announced that it would step up oversight of the body.
ICANN isn’t accepting the criticism quietly. On June 20, the organization, not known for its openness, published a report justifying its own existence. And it is continuing to deny publicly elected ICANN director Karl Auerbach the right to inspect ICANN’s books.
Via e-mail, Salon talked with Gilmore, who, along with EFF, is currently helping to fund a lawsuit filed by Karl Auerbach against ICANN, demanding that the organization open its books to him.
In March, you took your complaints about ICANN to a new level, writing a letter to Vint Cerf, a member of ICANN’s board of directors and seminal figure in the history of the Internet. You criticized him and ICANN in very strong terms. Why?
I had already been biting my tongue for a year, trying to figure out how to say what I needed to say without losing a friend. When he was quoted defending ICANN’s withholding of basic information from a duly elected member of the board of directors, I realized that there was no future for that friendship, so I might as well go ahead and say what I had been withholding.
I had some hope that in response he would actually tell me why he was doing these terrible things. Like, that maybe someone had threatened his relatives if he didn’t play along. I hoped that it would touch him somehow, spark his conscience.
Have you heard from Cerf since sending the letter? What’s been his response?
He hasn’t said boo to me, hasn’t called, hasn’t sent e-mail. That isn’t a big surprise. It’s not like our kids grew up together or anything. We worked together on the Internet Society (ISOC) board for a few years, and got to know each other. We swapped e-mails a few times a year after I left ISOC.
But he took the private e-mail that I had sent to him, as a friend, and filed it in the court case, making it a public document. I had not wanted to take him to task publicly, preferring to focus my public comments on the issues rather than on his personal ethics. But he published it.
And he published it in an attempt to discredit the lawsuit, by claiming that the people behind the suit were just trying to tear down ICANN. No, we’re trying to make ICANN accountable to its public for its actions. That isn’t treason, it’s a basic principle of governance. If ICANN is abusing its power, then the public, not me, should tear it down and rebuild it better.
By casting Karl and me as destroyers, Vint seems to be assuming that if a dissident board member actually gets access to the records of what ICANN is doing, that board member will be sufficiently horrified that he will publish it as a whistleblower. And that once the public finds out what ICANN has been doing, it will be torn down. If ICANN’s internal dealings were lily-white, then Vint would have no need to keep them away from the public. If there were no secrets that a board member couldn’t be trusted with, then ICANN wouldn’t have spent two years stalling Karl and trying to get him to sign nondisclosure. What do Vint and Stuart Lynn know that we, the public, and our elected representative, Karl Auerbach, haven’t been allowed to know?
Some people argue that critics are demanding too much. ICANN is new, they say, underfunded and international in nature and thus can’t be both completely open and quick and efficient.
This is not an issue of trading off closed doors for quickness or efficiency. There is not a credible claim that ICANN has been either quick or efficient.
The root of the problem, I believe, was ICANN’s original “volunteer” lawyer, Joe Sims. He wrote the bylaws of ICANN and structured it so that it would be, as completely as possible, unaccountable to anybody. I was involved in these discussions while Jon Postel [the person responsible for assigning numerical Internet addresses for much of the Internet's existence] was alive; we were all afraid that any small organization set up to end the NSI [Network Solutions] monopoly [on domain names] would be sued out of existence by NSI. We didn’t want NSI to succeed at that.
But there’s a difference between accountability and transparency — and a difference between being immune from suit by a subcontractor, and a trustee of a global resource being immune from scrutiny by the users of that resource. EFF’s comments on the initial draft NSI charter and bylaws said, “There’s no transparency, no accountability, and no protection of civil rights,” and we made specific wording suggestions as to how they could fix that. They ignored those comments, and formed ICANN anyway. The culture of secrecy and unaccountability has festered in there ever since. They hold “open public meetings” where the public is free to shovel its comments into a dumpster. But then they ignore the comments and do what they want in closed-door meetings.
You spent two years working on domain name issues at CORE, a not-for-profit domain registry, and you’ve argued that even then, corporate interests trumped technical needs. In your letter, you also mention people “pulling strings” behind the scenes. Who would these people be? Do you have any theories?
The strings that were pulled before and during the Clinton administration’s “Green Paper” and “White Paper” process, that ultimately resulted in the creation of NewCo, also known as ICANN, were pulled by SAIC. SAIC is a very interesting for-profit company with a multibillion-dollar annual revenue, most of which comes from classified contracts with the U.S. military. What’s even more interesting about SAIC is that there is no external control on it: It is “employee-owned,” i.e., there are no outside stockholders. If you leave the company, you have to sell your shares in it. SAIC’s board of directors reads like a who’s who of the military-industrial complex (former secretaries of defense, spy-agency heads, etc.). When you read about the government wasting billions on “homeland security,” guess who gets it. SAIC’s home page features their new brochure on “SAIC — Securing the Homeland.”
Somebody at SAIC noticed that a tiny company had gotten the temporary monopoly to run the domain name system, and was being paid a few million dollars by the government, over a few years, to do all the work. In March 1995, SAIC acquired this company (Network Solutions) for $3 million, from its founder, who had won the bid because his five- or 10-person company was “minority owned.” (He later complained bitterly that they’d screwed him.)
Within the next six months, somebody inside the U.S. government suddenly decided that Network Solutions (the new SAIC subsidiary) could charge every domain name holder $50 per year, extracting hundreds of millions of dollars from Internet users. That policy was instituted despite the best efforts of the Internet community to stop it. That’s one string that was pulled. Who exactly pulled it? Sounds like a job for an investigative reporter.
I helped to design and build the infrastructure for CORE to become a domain name registry. It cost us less than 25 cents per year per name to run. Even if you added the likely legal bills from NSI suing us, it amounted to less than $2 per year for each domain name. NSI is still charging $6 per year, and doing it in much higher volumes, where it should actually cost them less than 1 cent per year to do the work.
NSI, wholly owned by SAIC, then filed for a public offering. You can read their prospectus. It said, effectively, SAIC is going to keep 90 percent of the shares, and SAIC’s shares each get 10 votes compared to the shares we’ll sell to the public. They sold off 10 percent of the company for $54 million, during the early part of the Internet stock craze. That 10 percent owned by the public had only 1 percent of the voting power, i.e., even though it was a “public company,” SAIC could do exactly what it wanted with the company, whether it was in the stockholders’ interest or not. Indeed, the prospectus was blatant enough to say that it would immediately transfer significant money (I think it was $20 million) to its parent company, SAIC, from the proceeds of going public!
The next challenge was maintaining the SAIC monopoly on selling domain names. Clearly when you’re selling something for more than 50 times its cost, you need a way to keep out competitors, or the price will drop. The NSI contract with the government was coming up for renewal, and since it had only been a small contract, it had been competitively bid for a fixed period, and was intended to be competitively rebid after that period. Also, lots of angry people were complaining about how rotten the NSI domain name registration policies and prices were. There were two challenges: keeping the government contract despite high prices and lousy service; and preventing other top-level domains from offering reasonable prices and good service. This is where the second string was pulled.
Clinton’s White House delegated the job of sorting out this mess to Ira Magaziner. He held meetings with all the stakeholders, generally telling each of them what it wanted to hear, in order to extract more information and cooperation from each one. I also talked to all the stakeholders, and it was clear that the general consensus favored competition and sane policies, though you sometimes had to cut through a thick fog of private interests pulling for their own advantage.
But somehow in the actual government decisions, what always ended up happening was that NSI would keep its monopoly. The rationale was “stability of the Internet” (a hoax, since hundreds or thousands of people in addition to NSI were capable of doing the technical work involved), “avoiding trademark squatting” (NSI had already set its domain-dispute policy to “anybody with a trademark trumps anybody without one,” so they were working in league with the trademark lobby) or “preventing chaos” (another word for competition). Somehow that statesmanlike guy Ira Magaziner managed to screw the public, screw competition and reward the billionaire spook contractor who had the monopoly contract.
But this isn’t the end of the story. SAIC was particularly smart. They knew the monopoly wouldn’t last forever, so they milked it and then got rid of it to a sucker. They dribbled out more NSI stock into the market as the stock price rebounded after the monopoly was secured. Then in March 2000, they sold the entire company to VeriSign for $21 billion in stock (yes, that’s billion). SAIC almost certainly had enough sense to sell off at least a good chunk of this stock before it dropped through the floor. (Try reading SAIC’s SEC reports for 2000 and early 2001, maybe you can tell.) Thus SAIC made billions of dollars out of spending $3 million and pulling a few strings to keep the monopoly alive.
There were other strings pulled at other times (e.g., when Vint Cerf had just joined the ICANN board, the board voted to convert NSI’s short-term contract to run the “com” [top level domain name] into a permanent contract), but those first two SAIC tugs were the key ones.
Did you do anything to try to stop the process? Did it work?
Well, CORE was an attempt to stop the process, by creating a genuinely disinterested body that would provide domain names at cost, and a global network of hundreds of retail outlets who would compete on price and quality of service. No, it didn’t work; Ira Magaziner derailed it so NSI could keep the monopoly.
Why hasn’t Auerbach been able to turn ICANN around?
I’m not privy to what goes on in ICANN board meetings. But steering any organization from the board level, particularly if the board has divided opinions, is very hard. The only real power a board has is to fire the CEO. The rest of its power is exercised by advising the CEO (if he or she will listen). It’s a delicate relationship, and it’s very disruptive to the organization when it breaks. If the CEO is unresponsive to guidance from the board, and the board is divided and thus can’t fire the CEO, then the whole organization goes dysfunctional.
I’ve also been on boards that were merely too big to make good decisions. By the time everyone has had their say on an issue, two hours have gone by and you still haven’t made a decision, yet you have a dozen issues to resolve in the meeting. To make any decisions possible in a big board, most board members have to sit back and not participate, except in issues where they have personal knowledge or serious interest. Such boards can’t resolve hard issues, unless the members will defer to wise leadership (if it’s available).
When a board is loaded with yes men who’ll support management whether they’re right or wrong, it’s tough for dissenting board members to do anything to prick the conscience of the organization. Their best role may be in being information conduits and whistleblowers to outside stakeholders. If the board is so snowed by the staff that it lets the staff get away with murder (like not revealing the books) then there isn’t even much information for a dissenter to convey.
Your question is like asking how one honest person could have turned around the Nixon White House. There was one such person, who kept calling reporters in the middle of the night to blow the whistle. She was Martha Mitchell, wife of the attorney general. She didn’t turn it around. “Deep Throat” didn’t either — but at least Deep Throat brought it down, so it could be replaced. Of course, the U.S. had the benefit of elections, to pick Nixon’s successors. ICANN has abolished those.
What do you hope to achieve by helping to bankroll Karl Auerbach’s suit against ICANN?
I hope to force ICANN to actually be accountable to its directors for its actions. I sit on half a dozen boards of directors today, and have been on more than a dozen through my life. I have never been on the board of an organization that tried to deny me access to its financial information — never. ICANN has done exactly this to Karl and other directors.
I believe it’s because there is information in there about how ICANN has misused its money, and/or has favored people who lent or gave it money. For example, how much has Jones, Day (ICANN’s lawyers, primarily Joe Sims) been paid by ICANN?
ICANN will tell you that they only want a veto over whether Karl can see or copy or publish “certain” information. The catch is that the ICANN staff works for the board of directors, not the other way around. They are trying to tell their boss what he can see and what he can do. It seemed a bit uppity to me, particularly when the nonprofit in question happens to run the global monopoly on domain names.
Not only are they wrong under California law, but they are wrong as a matter of public policy. The only way the public can affect what the otherwise secretive and unaccountable ICANN staff does is by electing directors who are responsive to the public. If the unelected ICANN staff can thwart those directors, it can thwart the public will, despite free elections of directors (which they have also abolished).
What about broader solutions? Esther Dyson, writing in the Wall Street Journal, suggested that the organization needs more money and staff. Do you think this would help or hurt the organization? Why or why not?
Again, I can’t peer into a secretive organization. If not even board members can see where the money goes, how could I tell whether they have raised or spent too much or too little?
The Department of Commerce promised several years ago to withdraw completely from Internet governance, but then ended up maintaining what it called “policy authority.” Now the Senate is threatening to curtail ICANN’s powers. What do you think the international reaction is to the U.S. government asserting control over Internet governance?
I’m no expert on the international reaction; ask some international people.
I think the international reaction on U.S. Internet dominance is a lot like the international reaction to many U.S. topics: They wish the U.S. didn’t try to treat the world as the U.S.’s own private playground, but then again it’s not wise to piss off the world’s only superpower. So they demur politely while fuming privately. You will note that only two country-code domain registries have signed the ICANN agreement, and at least one of those (Australia) was done with full arm-twisting applied, by ripping the domain away from the person who had actually created the .AU domain and run it for 20 years, to a pliable company who would sign the contract in return for the local monopoly.
Some in Congress have suggested that the U.S. Department of Commerce take over running the domain name system. What do you make of this proposition?
I objected to the U.S. government retaining any control over the DNS, at the time. But at least the government does have to follow the Freedom of Information Act; the citizens have a right to see what the government is doing. And it doesn’t have the power to suppress speech, as ICANN can do by taking away the names of people’s publications.
For U.S. citizens, this would be preferable to ICANN. But for the rest of the world, U.S. government control would not be a good thing. That’s one scenario in which a credible alternative root zone could emerge: The rest of the world could decide that the real root zone is not the one that the U.S. government controls, but some other one that they would set up.
Do you think it’s feasible to set up alternative-root name servers?
Alternative roots would need to have a credible governance structure, or they just become “meet the new boss, same as the old boss” power structures. None of the people who had set them up a few years ago were credible to me; they were just squatters hoping to have landed on a gold mine.
Are you familiar with Milton Mueller’s account of Internet governance, which portrays ICANN primarily as a tool for trademark protection. Would you agree with that assessment?
I haven’t read Mr. Mueller’s account. However, I do agree that ICANN and domain name policy has been perverted from the start by the machinations of trademark interests. Actual trademark law gives zero power to cancel or seize domain names, prevent their issuance, etc. Actual trademark law lets hundreds of people use the same name, both in different jurisdictions, and for different kinds of trades (e.g., computers vs. soap vs. ships). Trademark owners only have power over others when the others misrepresent themselves as the trademark owner.
But the trademark “maximalists” distorted both the WHOIS issues and the Uniform Dispute Resolution issues at ICANN. After the trademark lobby got only 70 percent of what they wanted from ICANN (after massive public protest stopped the other 30 percent), they then lobbied the U.S. Congress, which passed a terrible “trademarks trump domain names anyway” law. It specifies that jurisdiction for all domain disputes is in Virginia (where Network Solutions was located) and thus conveniently located where U.S. law applies, rather than the policies carefully hammered out internationally. There are still lawsuits in process over this; one I think involves a Swede and a Canadian who both have the same trademark and are trying to snatch the domain name from each other.
How would you like to see ICANN organized and run? What’s your vision for the organization?
Regarding domain names, the policy that would actually satisfy the public interest would be to have thousands of top-level domains, in which anyone could register a name. The whole monopoly problem arose because everyone wanted a name in “.com”; ditto for the squatting problem and the trademark problem and the price problem. If squatters had registered your favorite name or your trademark in a thousand TLDs [top level domain names], just use it in one of the other thousands of TLDs. This would let every trademark holder register their name as a second level domain; if Sun Microsystems got sun.com, Sun Oil could have sun.oil and Sun Photo could have sun.pix or sun.photo or sun.camera or sun.inc or any other one they wanted. You couldn’t use the DNS as a White Pages directory, but you can’t do that now anyway. If the guy who registers names in .oil wants too much for the domain, get sun.oilco or sun.gas or sun.petrol or petrol.sun instead.
How to get to that solution is the problem. Benevolent dictatorship by Jon Postel would have gotten us there, but Jon was unwilling to stand up to pressure from the White House. Ira Magaziner threatened him (“You’ll never work on the Internet again”) and he didn’t have the spine to tell Ira to take a flying leap. But Jon’s initial design would have expanded to dozens of TLDs long before ICANN, and increased them by 50 or 100 a year until demand slacked off.
Do you think this will ever happen? What will ICANN’s fate ultimately be?
If we are lucky, the current ICANN will be scrapped as a failed experiment. Its assets and powers will be handed on to some new experiment, hopefully with transparency, openness, accountability and respect for human rights built in deeply, not only in its corporate structure but in the people who we elect and hire to run it.