An important new development concerning the Internet Corporation for Assigned Names and Numbers occurred in late February when VeriSign filed a 43-page lawsuit against ICANN in the U.S. District Court for the Central District of California.
As we've previously discussed, it appears that a number of countries around the world are frustrated with ICANN, and apparently the frustration in the business community has bubbled up, resulting in legal action by VeriSign.
ICANN is often referred to as a "regulator," and in some sense it has become a de facto regulator. Yet the organization has no independent regulatory authority per se. ICANN's "authority" stems from a 1998 memorandum of understanding, as amended, with the U.S. Department of Commerce. The agreement, in essence, makes ICANN responsible for the technical coordination of defined Domain Name System management functions. It also provides ICANN with the leeway to address "other activities necessary to coordinate the specified DNS management functions, as agreed by the parties." This wording gives ICANN some flexibility to deal with issues that weren't originally contemplated, but it evidently has interpreted that language as giving it the authority to basically regulate any related issues that it can bootstrap. Therefore, if VeriSign offers a new service, ICANN believes that it has the power to deny that service under the authority it has been granted by the Commerce Department to coordinate the DNS management function.
The VeriSign lawsuit alleges antitrust violations as well as various contract claims.
At the heart of this matter is a deep frustration with ICANN. In an actual rule-making and compliance situation, the procedures for making administrative rules are clear and involve a defined process. University of Miami law professor Michael Froomkin commented in CNET News.com that "VeriSign is absolutely right to complain that there's no predictability about ICANN procedures ICANN sort of makes it up as it goes along." ICANN was never intended to be an Internet version of the Federal Trade Commission, the Securities and Exchange Commission, or any other independent regulatory agency. It possesses narrow authority to perform a technical-coordination function.
Perhaps this lawsuit will resolve the fundamental ambiguity that has been plaguing ICANN since its formation: Is it an ordinary California nonprofit performing technical-coordination functions under contract, or is it an independent regulatory body possessing and exercising a broader power to control Internet operations (and subject, therefore, to more searching scrutiny of the processes and procedures it uses to make decisions). Can it, as a private entity, go about its business more-or-less any way it pleases? Or does it have to satisfy some higher standard because it's the only game in town when it comes to the Internet?
We believe any outcome that more clearly defines ICANN's powers, scope, and procedures is likely to be best for all concerned.
To discuss this column with other readers, please visit the Talk Shop.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.