Dumb & Dumber Claims About Last Week's Internet Attack (SOPA?!? Really?)

from the take-your-pick dept

As you know, last week, large chunks of the internet spent hours writhing on the ground and totally inaccessible thanks to a giant DDoS attack that appears to have been launched via a botnet involving insecure DVR hardware (which can't be patched -- but that's another post for later). Of course, whenever this kind of thing happens, you know that some people on the politics side of things are going to come up with dumb responses, but there were some real whoppers on Friday. I'm going to focus on just two, because I honestly can't decide which one of these is dumber. I'll discuss each of them, and then you guys can vote and let us know: which of these is dumber.

First up, we've got Marsha Blackburn, who is not just a member of Congress, but (incredibly) on the House Subcommittee on Communications and Technology, which is often considered to the subcommittee that handles internet related issues. We've written about her quite a few times before, highlighting her efforts to block broadband competition and gut net neutrality. She's also argued that fair use is just a buzzword and we need stronger copyright laws. Not surprisingly, she was one of the most vocal supporters of SOPA who only finally agreed to dump the bill days after the giant online protest.

And apparently she's still upset about all that.

On Friday she went on CNN to discuss a variety of things, and the first question from Wolf Blitzer was about the DDoS attacks, and her answer is the sort of nonsense word salad that is becoming all too common in politics these days, but where she appears to suggest that if we'd passed SOPA this kind of attack wouldn't have happened. She's not just wrong, she's incredibly clueless. Here's what she said:

Wolf, you don't know who is behind this, you do not know if it's foreign or domestic. What I do know is over the years we have tried to pass a data security legislation. There's been bipartisan agreement in the House. It has not moved forward in the Senate. We also know that a few years ago we tried to do a bill called SOPA in the House which would require the ISPs to do some governance on these networks and to block some of the bad actors.

And of course, there were all of the cyberbots that took out after us that were trying to say 'no you can't do that you're going to impede our free speech.' We said 'no we're trying to keep the roadway clear and to keep some of these bad actors out of the system.'

So, what you have now, whether it is foreign or domestic, no one knows. No one knows who has released some ransomware, spyware, malware into the system that is cau... and bear in mind also this malware can live on your system for a year or much longer before it is detected.

And that is how you've had some of these extensive data breaches because the malware gets into the system, it rests there, it is pulling information and at some point, it activates. And as I tell my constituents, be careful what websites you go to, be careful what emails you open because you may be unintendedly inviting that malware or spyware into your system.

Okay, so. Almost nothing that is said above has anything to do with the DDoS attack. Not at all. Not the "data protection" bill, which is basically about requiring companies to reveal breaches to those impacted. But most certainly not SOPA, which had nothing whatsoever to do with anything having to do with cybersecurity or online attacks or DDoS. And "cyberbots"? Is she implying that the millions of people who spoke out against SOPA were some sort of fake bots? SOPA wouldn't have done anything to stop this kind of attack at all. It had nothing to do with this issue in any way shape or form. Not that Wolf Blitzer seems to know or care about any of that as he just accepts that answer and moves on.

So that's the first dumb response. Now the second: the IANA transition. We've been discussing this for years, and as we've explained, the transition is a good thing in taking an argument away from countries like Russia and China who have been trying to get more control over internet governance, by dropping an almost entirely superficial connection between the fairly minor IANA function and the US Commerce Dept. The transition happened a few weeks ago and nothing on the internet has changed, nor will it, because of this transition. It's a non-story. But, Ted Cruz tried to make it a story and now it's become a partisan thing for no good reason at all. And thus, given an opportunity, partisan sites are blaming the IANA transition for the DDoS:

Today there was a major attack on a part of the Internet that few people pay any attention to. It’s critically important though, and any disruption threatens both our prosperity as Americans, but also our freedom to communicate with each other.

This is a great reminder of why President Obama’s Internet handover plans are so threatening to our way of life.

Probable foreign attackers effectively took thousands of companies off of the Internet today by attacking a major Domain Name Service (DNS) provider: Dyn. This two-hour outage surely cost many people, very much money.

What is DNS, and why is it so important? Put simply, DNS is the system that tells people how to find you online. It converts the names of servers and sites, into numbers that the Internet Protocol can find. It’s an essential service of the commercial Internet.

And yet Barack Obama is trying to hand control of DNS over to the Chinese and the Russians. Ted Cruz has been warning people about this, and so have I. People tend to tune it out, because it sounds like a very technical, obscure issue that isn’t very important.

Well, first of all, newsflash: the transition happened three weeks ago, and Neil Stevens at Red State is so concerned about this he didn't even notice. Damn. Sneaky Obama. Second, the hand over of the IANA functions has absolutely nothing to do with a DDoS attack or what it would take to prevent it. Yes, there are some ridiculous aspects to the DNS system, some of which are managed by ICANN. But (1) the IANA transition has nothing to do with "handing control" over to the Chinese or Russians (in fact, it's the opposite -- it takes a big argument away from the Russians and Chinese that they had been using to try to seize more control, and actually makes it much more difficult for them to take control by making sure nationstates actually have very little say in internet governance). And (2) the IANA transition has fuck all to do with DDoS attacks.

Both of these examples seem to be completely clueless, technically illiterate people using real problems (the fragility of DNS systems, the massive unsecured bot-infested systems out there, the ease of taking down important systems, overly centralized critical systems), and using them to pitch some entirely separate personal pet complaint or project. But both are completely ignorant. The only question is which one is worse:

Filed Under: attacks, cybersecurity, data protection, ddos, dns, iana, iana transition, marsha blackburn

Judge Says No Way To Attorneys General Looking To Block IANA Transition

from the transition-is-a-go dept

Well, this isn't much of a surprise, but following the ridiculous last minute attempt to block the IANA transition by four state attorneys general (who have absolutely no standing or argument), a judge has flatly denied their request for an injunction meaning that the transition is a go for midnight tonight, barring any really last minute unforeseen methods to block it (or a desperate leapfrog to an appeals court).

Having spent part of the morning responding to clueless conspiracy theorists on my earlier post, I'm sure you're going to hear the standard ridiculous lizard people warnings about how this is enabling "the UN" or "leftists" and "globalists" to "takeover" the internet and how it will allow China to build the "Great Firewall" into the core functioning of the internet. None of that is even remotely true. What happens tonight at midnight is... nothing, basically. ICANN, which has managed the IANA function through its multistakeholder process for almost two decades... will continue to do so. Nothing changes. The only "change" is that the US Commerce Dept. no longer has to issue a contract to ICANN for the IANA functions. And that's it.

But, at a larger scale, what this does is preserve the way internet governance currently works, and makes sure that governments are not the one running the show. Under the ICANN setup, things are not decided at the whim of any government, but through a much more involved process, that allow lots of non-government players -- including the engineers who built the internet and keep it functioning -- to have a major say in what happens. This is good. ICANN is far from a perfect vehicle for internet governance, but this change is a good one.

Filed Under: attorneys general, iana, iana transition, internet governance
Companies: icann

Ridiculously Stupid: 4 State Attorneys General File Totally Bogus Lawsuit Against Internet Transition

from the make-it-stop dept

Okay, this is really dumb. What is it about state attorneys general making totally bullshit claims? It seems to happen with fairly consistent frequency. The latest is that four state AGs (from Arizona, Texas, Oklahoma and Nevada) have filed a lawsuit to stop the IANA transition. If you don't recall, we've written about this a bunch. A bunch of people are up in arms over something they don't seem to understand. The IANA transition is a good thing. It's not the US government handing over the internet to Russia and China as you may have heard. It's the Commerce Department severing an almost entirely symbolic link between it and a very specific internet governance capability concerning top level domains. And it's important to complete the transition because other countries (including Russia and China) keep pointing to this symbolic link as a reason for why they should have more say in internet governance. Getting rid of the link keeps the internet functioning as it has for decades -- and takes away a weapon from Russia and China. More importantly, going back on the transition now actually gives even more ammo to Russia and China, allowing them to point to unilateral actions by the US gov't to block a process that everyone had agreed upon earlier.

Anyway, to the actual lawsuit. It's dumb. It's really dumb. If you live in Arizona, Texas, Oklahoma or Nevada, you should be embarrassed for your Attorneys General. Elect better ones next time, please. First of all, they have no standing whatsoever to file this lawsuit. The IANA/top level domain system is not those states' property. They have no claim here other than "HEY LOOK! POLITICAL FOOTBALL THAT WE CAN GRANDSTAND OVER!" That does not give them standing. The best they can come up with for claiming standing is... uh... "hey, we have some websites." No, really.

Plaintiffs operate multiple websites, including those that use the .gov and .com generic top level domains, to conduct their business and communicate with their citizens.

Yeah. That's not enough to get standing here, buckos. Also, in filing a lawsuit they don't allege any actual harms. That's kind of a big no no when filing a lawsuit. Instead, they sorta maybe kinda speculate that maybe possibly there could (sorta, maybe) be some (possible, maybe, not really) harm in the theoretical future. Maybe.

Second, the entire crux of the lawsuit is that the authoritative root zone file and the internet domain name system itself are somehow "property" of the federal government, and that this transition is, in effect, the giving away of government property without an act of Congress, violating the Property Clause of the Constitution. Except, as we just discussed recently, the Government Accountability Office studied this issue earlier this month and came to the conclusion that "nope, it's not property." In case you missed it then:

It is unlikely that either the authoritative root zone file—the public “address book” for the top level of the Internet domain name system—or the Internet domain name system as a whole, is U.S. Government property under Article IV. We did not identify any Government-held copyrights, patents, licenses, or other traditional intellectual property interests in either the root zone file or the domain name system. It also is doubtful that either would be considered property under common law principles, because no entity appears to have a right to their exclusive possession or use.

Others have walked through some of the other charges and find them all totally lacking. A judge is set to review this request for an injunction later today, and you never know how any individual judge might rule. So it's entirely possible that this will muck up the timing of the transition, but long term, this filing is not just a joke, but it's an embarrassment and a waste of taxpayer money in those four states.

Filed Under: arizona, congress, gao, iana, iana transition, internet governance, nevada, oklahoma, property, standing, texas
Companies: icann

Arguments Over Internet Governance Transition Get Even More Stupid

from the make-it-stop dept

So, yesterday, we noted that the Senate at least seemed to come (at least somewhat) to its senses in choosing not to include the ridiculous and dangerous proposal from Ted Cruz (and supported by Donald Trump) to block the transition of the IANA functions of internet governance away from the Commerce Department. I won't go into (once again) why this is important and not a problem, or even why Cruz's objections to it are so backwards that his plan will actually make it more likely that the "bad" result he keeps warning about will actually come to pass. You can reread the older articles on that.

However, with Democrats complaining about the Senate's Continuing Resolution and a vote on it being pushed off, the debate over the possibility of blocking the transition is still going on. Hell, Ted Cruz even pointed to Donald Trump's support of his plan as a reason to finally endorse Trump:

Internet freedom. Clinton supports Obama’s plan to hand over control of the Internet to an international community of stakeholders, including Russia, China, and Iran. Just this week, Trump came out strongly against that plan, and in support of free speech online.

Except, none of that is true. First, the plan does not hand over control to Russia, China and Iran -- and keeping IANA under the Commerce Dept. makes it A LOT MORE LIKELY that that coalition of countries is able to grab control of the IANA functions from ICANN and the US. But, uh, even more importantly, claiming that Trump is in favor of "free speech online" is laughable. This is the candidate who has repeatedly talked about "opening up our libel laws" to go after speech he doesn't like, has threatened to sue many publications for protected speech, and has flat out declared that we should turn off parts of the internet and anyone who responded with "freedom of speech" was "foolish." But, that's still not the craziest argument I've heard recently concerning the transition. The award there goes to Theresa Payton, who was a top IT staffer at the White House under George W. Bush and now runs a "cybersecurity" firm. She wrote a bizarre opinion piece in The Hill that, frankly, calls into question whether she understands what ICANN even does. She tries to argue that the transition will somehow make it easier for Russia to hack our election... because [reasons].

Changing who controls the Internet Corporation for Assigned Names and Numbers (ICANN) so close to our presidential election will jeopardize the results of how you vote on Nov. 8 unless Congress stops this changeover. When the calendar hits Sept. 30, a mere 6 weeks before our election, the United States cannot be assured that if any web site is hacked, the responsible party will be held accountable. We cannot be sure if a web site is a valid. We cannot be sure if one country is being favored over another. These are all the things ICANN is responsible for and has worked perfectly since the Internet was created. Why change it now and so close to the election? Why does that matter to you as a voter?

Take a look at recent cyber activity as it relates to the election. The Democratic National Convention was breached comprising the entire party’s strategy, donor base, and indeed, national convention. Everything the DNC had done to prepare for a moment four years in the making (if not longer) was undermined by a hacker who had been in their system for some time but waited for the optimal moment to spring it on the DNC – opening day of the convention. The FBI and other U.S. agencies, as the headlines blare, suspect Russia is responsible for the hack. Recently, Vladimir Putin went so far as to say, "Does it matter who broke in? Surely what's important is the content of what was released to the public.”

Except, uh, ICANN has nothing to do with figuring out who hacks who. Nor is it the party that's figuring out if one country "is being favored over another" or if a "website is valid." That's not ICANN's job, and has nothing to do whatsoever with the IANA transition -- which will leave the internet working exactly as it has before. Honestly, this opinion piece does nothing to call the transition into question, but does a tremendous job in calling Theresa Payton's knowledge of technology and cybersecurity into question.

ICANN does more than just assign and/or approve your website’s domain. ICANN has its own Security and Stability Advisory Committee, which “engages in ongoing threat assessment and risk analysis of the Internet naming and address allocation services to assess where the principal threats to stability and security lie, and advises the ICANN community accordingly.” They are equivalent to your security guard at the bank. Why change the security guard now when voter data is more vulnerable – and prized - than ever?

If ICANN changes hands, so do the security measures taken to protect the rightful owner of your web site. If a site was hijacked today – not an uncommon crime in the cyber world - to reassert yourself as the rightful owner, you would go through law enforcement channels, your domain provider, and yes, ICANN.

First of all, the "transition" in question isn't about transitioning all of ICANN. Just its IANA functions, which only have a symbolic connection to the US government. Second, Payton seems to not understand what ICANN does, what the ICANN SSAC does, or how internet security works. They are not the equivalent of the "security guard at the bank." You'd think the CEO and founder of a "cybersecurity" company would know that. And, after the IANA transition takes place, ICANN itself doesn't "change hands" nor does it change what the SSAC does, which isn't anything even remotely close to what Payton seems to think it does.

Don't trust me? How about Stephen Crocker, who heads ICANN's Board of Directors -- and also helped create the damn internet. You know how much of the internet was designed through "RFCs" -- "Requests for Comments" -- well, Crocker invented the RFC and wrote the very first one. I think he knows what he's talking about. And he and the head of ICANN's SSAC, Patrik Fallstrom, have responded to Payton with a nicer version of "you have no idea what you're talking about."

The SSAC is not a “security guard” for the Internet. The SSAC has no enforcement power, and the value of its advice is based on the strength of the facts underlying such advice.

The Security and Stability Advisory Committee advises the ICANN community and Board on matters relating to the security and integrity of the Internet's naming and address allocation systems. Our recent work include advisories on a wide range of topics such as internationalized domain names, protecting domain name owners and operators, best practices for domain name registrars, analysis on the changing nature of IPv4 address semantics, and advice on matters pertaining to the correct and reliable operation of the root name system and other issues (see https://ssac.icann.org/ for more details). The SSAC neither operates as a security guard for the Internet, nor does it aspire to.

The IANA transition has no practical effect on the work and activities of the SSAC. Nor does the transition have any effect on the security and stability of website owners worldwide. The risk of compromise of a website owner does not increase as a result of the IANA transition, since ICANN and IANA do not control either the ownership of websites or the content on websites. Leading technical experts, industry associations, and civil society groups agree that allowing the IANA contract to expire is the best possible way to protect and promote the continued integrity of the Internet.

There is simply no relationship between ICANN and the current U.S. election process. Assertions of this sort are misleading and irresponsible. On the other hand, attempt to connect ICANN to the U.S. political process play directly into the hands of the enemies of an open Internet who would like to see ICANN and other Internet bodies put under the control of the United Nations or, worse yet, broken up into separate, government-controlled networks that do not interoperate smoothly around the world.

So, yeah. It seems that as we get closer to the transition, and since this issue has become "political," we're seeing stupider and ever more clueless attacks -- but they seem to only serve to make the people behind them look worse and worse. This shouldn't be a partisan issue. It shouldn't be a political issue. It shouldn't be an issue. Severing the minor link connection between IANA and the Commerce Department changes nothing practical in how the internet is governed, but takes a big weapon away from Russia and China in their quest to take control over those functions.

Filed Under: donald trump, iana, iana transition, internet freedom, internet governance, stephen crocker, ted cruz, theresa payton
Companies: icann

Senate Comes To Its Senses: Does NOT Support Ted Cruz's Plan To Block Internet Governance Transition

from the crisis-averted dept

So, just a few hours ago, the reports were still spreading that the Senate would absolutely include Ted Cruz's preferred language that would block the (largely symbolic, but really important) transfer of control over the IANA functions of ICANN away from the Commerce Department. We've explained over and over and over again why this is important -- including once this morning in response to Donald Trump suddenly taking a stand (an incredibly ignorant one, but a stand) on the issue.

And then... poof. The Senate Appropriations Committee released its "short term continuing resolution" (CR for short) and it does not include any language on blocking the IANA transition. So... all the talk and (misleading) hype was apparently a bunch of grandstanding and hot air over nothing. It may have just been posturing and used to negotiate something else. Or, maybe (just maybe) people who actually understood what was happening with the IANA transition were actually able to explain to those in charge how stupid all this rhetoric was. That would certainly be a nice explanation for this -- though it seems tragically unlikely.

But, for the short term, this means a very dangerous thing for the internet, pushed for by Ted Cruz (and, as of yesterday, Donald Trump) has been avoided. It's possible that the House could try to somehow move to block the transition, but that seems unlikely. So, we may have actually won one here and narrowly avoided political grandstanding mucking up a piece of the internet. Phew.

Filed Under: continuing resolution, donald trump, funding, iana, iana transition, internet, internet governance, senate, ted cruz
Companies: icann

Donald Trump Doubles Down On Ted Cruz's Blatantly Confused And Backwards Argument Over Internet Governance

from the let-that-transition-go dept

We've been explaining this since it was first proposed two years ago: but the IANA transfer away from the Commerce Dept. is a good thing on a variety of important levels. Earlier this year, we did a more thorough explaination on why it was a good thing, and then a further post earlier this month explained why Ted Cruz, who was leading the charge in blocking the transition, was basically wrong on every point about it. And not just wrong, dangerously so. Cruz keeps claiming that the transition makes it easier for Russia, China and the UN to "take control" over internet governance. The exact opposite is true. But we'll get there.

I was working on another post about some of the issues related to this... and while I was working on it Donald Trump decided to turn this into a Presidential campaign issue by releasing a statement more or less echoing Cruz's factually incoherent position:

"Donald J. Trump is committed to preserving Internet freedom for the American people and citizens all over the world. The U.S. should not turn control of the Internet over to the United Nations and the international community. President Obama intends to do so on his own authority – just 10 days from now, on October 1st, unless Congress acts quickly to stop him. The Republicans in Congress are admirably leading a fight to save the Internet this week, and need all the help the American people can give them to be successful. Hillary Clinton’s Democrats are refusing to protect the American people by not protecting the Internet.

The U.S. created, developed and expanded the Internet across the globe. U.S. oversight has kept the Internet free and open without government censorship – a fundamental American value rooted in our Constitution’s Free Speech clause. Internet freedom is now at risk with the President’s intent to cede control to international interests, including countries like China and Russia, which have a long track record of trying to impose online censorship. Congress needs to act, or Internet freedom will be lost for good, since there will be no way to make it great again once it is lost." - Stephen Miller, National Policy Director

First of all, here's Trump going on and on about "internet freedom" and "free speech." And yet... this is the very same candidate just a few months ago who talked about "shutting down parts of the internet" and mocking those who would say "oh freedom of speech" claiming anyone who fell back on that claim were "foolish people." So, apparently it's okay to shut down parts of the internet, and those talking about free speech are "foolish people," but a symbolic effort over who controls the domain name system must be stopped because internet freedom and free speech are too important.

More importantly, almost everything the Trump campaign says in those two short paragraphs about the transition is wrong. And it's a really, really stupid and dangerous position to take for the internet. First off, as we've explained, the current link between the Commerce Department and ICANN and its IANA functions is more theoretical than real anyway. The US government really doesn't have any official control here. It's symbolic and that symbolism is doing a hell of a lot more to hurt the internet than to help it. Yes, Russia and China have, in the past, tried to take more control over internet governance via the UN/ITU, but that was stopped. But -- and this is the important part -- a big part of their rationale for trying to do so was the US's "control" over IANA via the Commerce Dept. That is, keeping this small bit of internet governance loosely connected to the US government adds fuel to the fire for authoritarian governments to seek more control over the internet. And that doesn't even get into the backlash that it will create if we go back on our word and refuse to complete the transfer of IANA away from the Commerce Dept (again, a largely symbolic move anyway).

But, don't trust me. Trust basically anyone and everyone with any actual knowledge on the situation. Here's Tim Berners-Lee, the guy who invented the web itself, explaining why the transition must go forward and why Cruz (and, by extension now, Trump) are totally wrong:

The global consensus at the heart of the Internet exists by virtue of trust built up over decades with people from all over the world collaborating on the technical design and operation of the network and the web. ICANN is a critical part of this global consensus. But if the United States were to reverse plans to allow the global Internet community to operate ICANN independently, as Sen. Cruz is now proposing, we risk undermining the global consensus that has enabled the Internet to function and flourish over the last 25 years.

Contrary to the senator’s view, ICANN is no “mini-United Nations.” ICANN is a vital part of the voluntary, global network of private organizations that provides Internet stability and the ability to innovate free from government interventions around the world.

Berners-Lee makes it clear that going back on the transfer will put the US gov't in the same kind of dangerous category that Cruz (and Trump) put Russia and China in:

But by forcibly undermining the global Internet community’s ability to make decisions about ICANN, the United States would stoop to the level of Russia, China and other authoritarian regimes that believe in the use of force to limit freedom online.

Tim Berners-Lee not good enough for you? How about Vint Cerf, recognized as one of the creators of the internet itself. He's in favor of the transition too and has explained why people should stop freaking out about it.

If not them, how about Kathryn Brown, who runs the Internet Society. She also argues that delaying the transition is what helps the case for Russia and China, rather than the other way around:

Some warn that if the plan to transition authority on Oct. 1 is delayed, countries like Russia and China could try to shift domain name responsibilities to the United Nations, giving those nations more influence over global internet policy.

"Any delay would add a degree of instability and make the prospect of government control of the internet more likely, not less," said Kathryn Brown, president of the Internet Society, a nonprofit organization that advocates open internet policies.

Or, how about Milton Mueller? The guy who literally wrote the book on internet governance. He's now being quite vocal about how ridiculous the latest plan to block the transition via Congress is:

It vaguely suggests that the transition might create “an opportunity for an enhanced role for authoritarian nation-states in Internet governance,” but provides no evidence as to how or why it does. In fact, if the U.S. is forced to abort the transition now it would play right into the hands of authoritarian states. Killing ICANN’s reforms through impulsive and arbitrary American action would fatally undermine the global Internet governance model rooted in nonstate actors. It would strengthen the case for national sovereignty-based Internet models favored by authoritarian states. “Look,” they will say, “the U.S. wants to control the Internet, why can’t we?” ICANN’s independence from unilateral U.S. government control is a logically and politically necessary consequence of its independence from all governments. By getting in the way of that, it is the Congressmen, not the Commerce Department, who are creating an opportunity for authoritarian states to enhance their influence in Internet governance.

The Congressmen suggest that “this irreversible decision could result in a less transparent and accountable Internet governance regime.” But how? No reference is made to the actual reform plans. In fact, the transition brings with it major corporate governance changes that would significantly improve ICANN’s accountability and transparency. The transition brings with it a new set of bylaws that gives the public enhanced rights to inspect ICANN’s books, the right to remove board members, and the power to prevent the board from unilaterally modifying its bylaws. Under U.S. government supervision for the past 18 years, ICANN has been almost completely unaccountable – yet this is the status quo they want to retain. By opposing the transition, the Congressmen are getting in the way of reforms that address the very things ICANN critics have been complaining about.

The congressmen claim that “Questions have been raised about ICANN’s antitrust status.” Well, what questions, and what are their implications for the future of Internet governance? No answer. This is a phony issue. ICANN is not, and never has been, exempt from antitrust liability.

And so forth and so on. Part of the attempt to throw a wrench into the transition was Cruz claiming that Congress needs to approve the transition, as it has the power to determine if the government can "dispose of... property." But the Government Accountability Office (GAO) just released a report basically saying that doesn't apply here and the Commerce Dept is free to move ahead with the transition. Specifically, the GAO finds it to be ridiculous that the entire domain name system should be considered "property of the US government" because it's not.

It is unlikely that either the authoritative root zone file—the public “address book” for the top level of the Internet domain name system—or the Internet domain name system as a whole, is U.S. Government property under Article IV. We did not identify any Government-held copyrights, patents, licenses, or other traditional intellectual property interests in either the root zone file or the domain name system. It also is doubtful that either would be considered property under common law principles, because no entity appears to have a right to their exclusive possession or use.

In short, there's a legitimate concern that Russia and China would like more control over the internet. But that's the only point that Trump and Cruz get right. What's astounding is that their preferred course of action -- delaying or even blocking the IANA transition away from the Commerce Dept actually supports Russia and China in their efforts to gain control over the internet. So if you care about the future of the internet and how it is governed, could someone please educate Cruz and Trump that they're doing exactly the kind of damage they claim to be trying to stop?

Filed Under: donald trump, iana, iana transition, internet governance, ted cruz, tim berners-lee, vint cerf
Companies: icann

Ted Cruz Still Blatantly Misrepresenting Internet Governance Transition

from the let-it-go,-ted dept

Just a few months ago, we wrote up a decently long post explaining why the upcoming "transition" of a piece of internet governance away from the US government was both a good thing and not a big deal. You can read those two posts on it, but the really short version is twofold: (1) the Commerce Department's "control" over ICANN's IANA (Internet Assigned Numbers Authority) was always pretty much non-existent in the first place; and (2) even having that little connection to the US government, though, only provided tremendous fodder for foreign governments (mainly: Russia & China) to push to take control of the internet themselves. That's what that whole disastrous UN/ITU/WCIT mess was a few years back. Relinquishing the (non-existent) control, with clear parameters that internet governance wouldn't then be allowed to jump into the ITU's lap, helps on basically every point. It takes away a key reason that other countries have used to claim they need more control, and it makes it clear that internet governance needs to remain out of any particular government's control.

As we noted, this is all a good thing.

But for unclear reasons, Senator Ted Cruz keeps insisting that this "transfer" is about the US giving control over the internet to the UN. He's ramped up this rhetoric lately as the transition gets closer:

"Today our country faces a threat to the internet as we know it. In 22 short days, if Congress fails to act, the Obama administration intends to give away the internet to an international body akin to the United Nations," Cruz said in a speech on the Senate floor Thursday. "I rise today to discuss the significant, irreparable damage this proposed internet giveaway could wreak not only on our nation but on free speech across the world."

Except that's hogwash. The plan does exactly the opposite. We've made this point over and over again, and thankfully others are doing so as well. Fusion has a long and detailed article that highlights that Cruz's claims are a fantasy and have no basis in reality. It goes through the whole history of IANA (if you don't know the story of Jon Postel and Joyce Reynolds, and how the two of them basically kept the internet running in their spare time for a few decades, you should...), but then points out that Cruz is just wrong:

To be clear: ICANN has about as much control over the internet as Ted Cruz has a grasp on how DNS actually works–which is to say, very little. But the perpetuation of the fiction that ICANN controls the internet is representative of the completely understandable human impulse to try and assign control of the internet to someone or something, particularly in a time where the systems that shape most users’ experience of the internet are increasingly opaque and unaccountable to users.

Saying any one group controls the internet is as absurd as saying who “controls” capitalism or globalization itself. But everyone has their version of control. Silicon Valley billionaires may insist we surrender to the invisible hand of the network, which simply chooses disruption and convenience over accountability and ethics. For the federal government, it’s far easier to accuse the private sector of being in control and thwarting national security than admit that mass surveillance is an expensive and incompetent tactic. For critics (or those who’d prefer that control be in their hands), it would be far simpler to point at a single oligarch or Bohemian Club or ICANN that needs to be overthrown; it might redeem what today at times seems like a fractal trainwreck of an internet, and somehow bring us back to John Perry Barlow’s never-realized promise of an independent cyberspace.

And it also points out that the biggest "threat" to how internet governance is handled is if Cruz actually succeeds in blocking the transition:

Mostly, when I asked people at ICANN about worst-case scenarios with the transition, they pointed to Ted Cruz’s efforts. The transition not going through–either through a blocking action from this current Congress through some legislative action or Congress just delaying until the next president comes into office–would not only undermine the work that a lot of people have already put into the transition plan, it also would create even further mistrust and frustration among countries like Brazil that continue to be frustrated by US control. Maybe that would be enough to justify a fragmentation of the root zone. Or it could just make it harder for the multistakeholder model to function by undermining trust in the community as a whole, making consensus harder to achieve. Which is kind of to say it could start to look a lot more like the US Congress.

In other words, as we've explained before, Ted Cruz's concerns over the internet here are completely backwards. Up is down, black is white, night is day kind of stuff. Keeping the IANA connection to the US government is the kind of thing that opens up the possibility for Russia/China to exert more control over internet governance by routing around ICANN and its flawed, but better than the alternative, "multistakeholder" setup. Moving ICANN away from the US government, with strict rules in place that basically keep it operating as is, takes away one of the key arguments that foreign countries have been using to try to seize control over key governance aspects of the internet.

If Cruz fears foreign governments taking control of internet governance, he should do the exact opposite of what he's doing now. Let the Commerce Dept. sever the almost entirely imaginary leash it has on ICANN. Otherwise, other countries' frustration with the US's roles is a much bigger actual threat to how the internet is managed.

Filed Under: commerce dept., iana, internet, internet governance, ted cruz, transition, un, wcit
Companies: icann

Yes, Getting The US Government Out Of 'Managing' Internet Domain Governance Is A Good Thing

from the moving-on dept

A little over two years ago, when the Commerce Department officially announced plans to "relinquish control" over ICANN's IANA (Internet Assigned Numbers Authority) we tried to explain why people should stop freaking out. There were a bunch of people up in arms, claiming that the US government was "giving away the internet." That was, and still is, complete hogwash. There are two important things to understand in this. First, the Commerce Department's "oversight" over ICANN and IANA is already basically non-existent. It was always more on paper than in reality, as the Commerce Department, rightly, took a totally hands off approach. Second, there has been a big effort by foreign governments, mainly Russia and China, to take control over the internet, and strip it from ICANN, and putting it in the ITU, a confusing mess of an organization that's a part of the UN, but heavily controlled by governments without input from actual technologists or public interest groups.

A key part of the Commerce Department's "transition" plan was that it would basically erase the almost entirely imaginary link between IANA and the Commerce Department, but only if a plan was created that kept IANA independent and not as a part of the UN or any organization that would lead to mostly government control, as opposed to what everyone (unfortunately) likes to call a "multistakeholder process" (which just means not just government in the room). And with that plan in place, the Commerce Department's National Telecommunications & Information Administration (NTIA) has now come out in support of this plan.

The U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) announced today that the proposal developed by the global Internet multistakeholder community meets the criteria NTIA outlined in March 2014 when it stated its intent to transition the U.S. Government’s stewardship role for the Internet domain name system (DNS) technical functions, known as the Internet Assigned Numbers Authority (IANA) functions.

The announcement marks an important milestone in the U.S. Government’s effort to complete the transition of the Internet’s domain name system and ensure that the Internet remains a platform for innovation, economic growth, and free speech.

For the last 18 years, the United States has worked with businesses, technical experts, governments, and civil society groups to establish a multistakeholder, private-sector led system for the global coordination of the DNS. To accomplish this goal, in 1998, NTIA partnered with the Internet Corporation for Assigned Names and Numbers (ICANN), a California-based nonprofit, to transition technical DNS coordination and management functions to the private sector. In 2014, NTIA initiated the final step in the privatization process by asking ICANN to convene global stakeholders to develop a plan to complete the transition away from NTIA’s remaining legacy role.

Now, you would think that "small government" types would be happy about the US government completing its "privatization" of internet governance. But, that's because many "small government" types are only small government types when it suits them. Senate Ted Cruz and Rep. Sean Duffy have rushed out a bill, called the "Protecting Internet Freedom Act" that would block the Commerce Department from completing the privatization of the internet. This is both silly and counterproductive.

The Commerce Department's flimsy and never really used "control" over NTIA is basically meaningless yet it's frequently used by foreign governments and the ITU/UN as a reason for taking complete control over the IANA process. And that's only ramped up in recent years due to concerns about the NSA and surveillance. In other words, the US having any official control over internet governance is actually helping authoritarian governments by making the argument that US "control" over the internet is only helping the NSA. By separating IANA from the US government, but keeping the overall process as one that is not controlled by any government, you actually have a better chance of keeping the internet functioning in an open manner. Leaving it under the US government control, no matter how flimsy that link really is, only gives foreign governments useful fodder for a more complete move to take over control themselves.

Eli Dourado, who has spent a ton of time digging into and being involved in internet governance issues, has a great and detailed post about why this transition is a good thing and should be supported. It has all of the relevant history here (including my favorite point about how prior to ICANN, the IANA functions were controlled one dude, Jon Postel, who more or less declared himself the czar over how the domain name system was managed). But he also gets directly to the point: Congress forcing the US government to keep this "control" over IANA would do much more harm than good:

In truth, authoritarian regimes would love nothing more than to see the IANA transition fail. It would give them another shot at taking the issue to the ITU, this time with the added ammunition of pointing out that the United States does not keep its word regarding Internet governance. Oddly, this places Cruz and Duffy on the same side as Russia and China, against the world’s democracies, the Obama administration, sober Republicans, virtually every US tech company, the Internet Society, and virtually every freedom-loving intellectual or activist I have met who has participated on a US delegation to the ITU.

Separately, he also points out that for all the hype over this, the IANA function is actually not nearly as important as some make it out to be. The US government losing whatever sense of "control" it had over it is unlikely to have a huge impact on the internet itself. So the "costs" to this transition are basically nil. The cost to keeping the paper control in place, however, may be very large, in that it provides tremendous ammunition to foreign authoritarian regimes to push for much more extreme changes to internet governance that would be much, much worse.

Filed Under: commerce department, iana, icann, internet governance, itu, ntia, privatization, sean duffy, ted cruz, transition, un, wcit
Companies: icann

Vint Cerf Calmly Explains Why You Should Stop Freaking Out About NTIA Handover Of ICANN

from the it-doesn't-mean-crap dept

Back in March, we wrote a story explaining why the National Telecommunications and Information Administration's (NTIA) decision to "relinquish" what little "power" it had over ICANN was no big deal. It's sort of an accident of history that NTIA (a part of the US Commerce Department) even had any "mandate" over the IANA functions -- which manages domain name allocations. The "control" over ICANN/IANA has always been mostly a paper thing. ICANN is really run by a large group of folks -- the so-called "multistakeholders." I think many of us can agree that ICANN policies are currently a mess, but that has nothing to do with the NTIA's technical connection to it.

If anything, the NTIA's paper link to ICANN only served to undermine the goals of good internet governance, because it allowed other countries to falsely imply that the US government "owned" or "controlled" the internet -- opening up dangerous attempts for foreign governments to try to really take control of the internet, wiping out the multistakeholder process and replacing it entirely by governments. That would be dangerous.

Unfortunately, as we expected when we wrote our original "this means absolutely nothing" post, some people decided to freak out about it. They've insisted that NTIA's move is the US handing over the internet, potentially to foreign governments. That those same individuals have previously insisted that things like "net neutrality" are the "government taking over the internet" -- and the inherent contradiction therein -- is never really mentioned. Unfortunately, some in Congress are trying to make a big deal out of this by totally misrepresenting what's been going on.

In response, the NTIA has told everyone to calm down, but the absolute best response has to be from the "father of the internet," Vint Cerf, the guy who set up ICANN in the first place, giving his best "knowing uncle storytime" explanation of why everyone should calm down about all of this, and how, if anything, it should lead to better oversight of the ICANN IANA process. Oh, and if you watch all the way through, you might just see Vint Cerf riding a grumpy cat under a double rainbow. Because this is the internet.

Filed Under: congress, department of commerce, iana, internet governance, ntia, vint cerf
Companies: icann

Rep. Mary Bono Freaks Out Both About 'Gov't Takeover' AND 'Gov't Handover' Of The Internet

from the hypocrite-much? dept

On Friday afternoon, we wrote about the basic non-story about how NTIA (a part of the Commerce Department) will be relinquishing what little "control" it had over ICANN's IANA function. The US government already had little to no actual say over anything that ICANN was doing. The organization has been almost entirely independent from the beginning, and this move really just helps to clarify things, while actually taking some pressure off of ICANN so that other countries can't whine and complain (incorrectly) that the internet is "under US control."

Still, with headlines everywhere screaming about how the US is "giving up control" over the internet, you had to know that it was going to become some sort of political issue. And, indeed, a bunch of politicians are up in arms about this, with the most vocal (by far) critic of this move being Rep. Mary Bono, who tweeted angrily on Friday about how we should all be concerned about this and how we need to "keep the internet!"

Of course, since some of us have memories that go back more than a month or so, it's not that difficult to remember Rep. Mary Bono was also one of the most vehement politicians against net neutrality. In fact, just three years ago, in launching an attack on net neutrality, this very same Rep. Mary Bono was screaming about stopping the "government takeover of the internet." Sadly, that tweet is now deleted (gee... wonder why?).

Still, we're curious about all of this, and are hoping that Rep. Bono can answer this basic question. If we needed to "stop the government takeover of the internet" a few years ago... and yet, today, it's an incredibly important job for the government to "keep the internet," what, exactly, is Rep. Bono's position on US government control over the internet? Or is it just whatever bogus talking point she can use to fire up constituents into believing the government is about to do something bad?

Filed Under: government takeover, iana, internet, internet governance, mary bono, net neutrality, ntia
Companies: icann