
Regulatory Capture at ICANN - ohashi
https://reviewsignal.com/blog/2019/06/24/the-case-for-regulatory-capture-at-icann/
======
neilv
There seems to be a progression of MBA-ification of the Internet domain name
namespace management.

Originally, there was what seemed to be a custodian role, looking after the
namespace. Then it seemed to possibly be getting confused as a profit center,
with fees. Then ICANN happened. Then there was inexplicably created a bizarre
cottage industry of numerous middleperson "registrars", effectively selling or
renting domain names they didn't own. And a few big businesses, including
Superbowl ads. Plus there were the squatters, of course, since no one was
looking after the namespace anymore. Then an explosion of TLDs were sold. So
now we have business people talking about "market share" of TLDs, and
"consumer" options:

> _Allowing .org and future domain names to move to market-based pricing makes
> sense with today’s healthy TLD market, which is populated with many choices
> for consumers to choose from. The .org domain name is well known as one of
> the first TLDs in the market available for public registration, but it still
> only holds 5.5 percent market share, with just over 10 million names in the
> .org space compared to almost 140 million domain names and 75 percent market
> share for .com._

~~~
gist
> Plus there were the squatters, of course, since no one was looking after the
> namespace anymore.

Explain how ideally you think this should have been handled then? Specifically
someone wants to register a domain name and how should they go about doing so
and what specifically should be required of them prior to registering and what
should happen if they don't 'use' the domain and how are you going to define
'use the domain exactly' and how you will review fairly whatever the
interpretation is? How would you setup an alternate system for doing so and
practically implement it?

Squatters by the way are a myth that was invented in the 90's by the media and
used in an obviously pejorative way.

~~~
neilv
> _Squatters by the way are a myth that was invented in the 90 's by the media
> and used in an obviously pejorative way._

How do you mean it was a myth? You remember all the domain name for sale
landing pages, the faux SEO (not really) pages, the domain name marketplace
sites full of massive numbers never-used domains (sometimes domains with some
token SEO-ing done on them to increase the rank they could mention), the
registrars who helped automate massive buying of domain names, and all the
people (including people you knew personally, not made up) talking about how
they were buying up domain names for their value rather than to use (and the
people themselves sometimes said they were "squatting")? Are you saying
something else?

~~~
gist
No the idea that there is something wrong with that is what I challenge. Why?
Because it assumes that there is either a practical solution to preventing
that behavior or that that behavior is in some way bad. For whatever the
reason even though the internet is commercial people seem to think that domain
names in particular (and specifically .com) is some kind of public trust that
it's wrong to profit off of. Everyone knows that there are other ways to use a
domain name they just decide they want (mostly) the .com. And it's not
different because it's the internet.

So for example let's say you want neilv.com but someone has it figuring they
can sell it to someone at some point. There is nothing preventing you from
picking (especially today) neilv.somethhingelse or neilvonline.com and so on.
But you have decided (most people) they want the .com. Then they feel entitled
to having that .com when they come around to needing it. And they also think
there should be some perfect system developed to decide who is the valid user
and use of that domain when that practically would never happen. Now if the
little old flower shop choose neilv.com and was 'using it' but not 'using it'
is that more legit? Not really. The average person might still try to entice
that owner with money so they could use the domain name.

Lastly people think that as a group others will or should not seek to profit
and that trying to profit off an opportunity that you spot (that someone else
doesn't; or in advance of them) is wrong in some way. But it's not. It's human
nature and it's acceptable it's just that it pisses people off so they try to
paint it in a negative way. And if someone decides to take a chance and grab
domains with the intent of waiting for the right buyer to come along that is
not any different than other ways people will try to make money.

The media of course (and bloggers) feeds into this and stokes it in many ways.

If it was so obvious that buying domains or trying to hoard them was a way to
make money why didn't everyone do it? Not because they thought it was the
wrong thing to do. Because they didn't think of doing it and/or didn't have
the money to do it or weren't around or weren't creative enough. Not because
they felt it was wrong.

> the registrars who helped automate massive buying of domain names

Exactly and anyone can do this. It's not tax medallions dolled out by
politicians. Anyone can buy up domain names.

~~~
neilv
Thank you for clarifying and explaining.

I could possibly see your argument, but ICANN's early actions ("Now everyone
can get money by being a registrar middleperson, for what's still necessarily
a central registry! And sure, one person can buy thousands of namespace
entries, to scalp them!") didn't give me the impression that they'd worked
through all the possibilities for the goal of managing this resource. The best
anyone could come up with was throwing away the prior rules, unhinged
profiteering handouts, and assuming an unregulated market will work it out in
the end?

FWIW, just a small counterexample to the assertion that people weren't stopped
from buying domain names on any possible wrong-ness of it... I distinctly
recall being surprised and disapproving when I first heard of someone
registering a generic word (not based on the name of their organization) as a
domain name. It was like the reaction when the first Usenet spammers started.
It's not that nobody had thought of that, but there was some sense of
stewardship and respectability that precluded such things (and also, at one
point, rules about commercial use). We onboarded a large number of people into
some of the thinking with every new college frosh class, every September. I'm
not saying that that particular notion of decency was sustainable during a
gold rush, but "they felt it was wrong" _was_ the barrier sometimes.

~~~
phicoh
The thing is, by definition, the registry is a monopoly for a certain TLD. So
the idea was that those registries need to be regulated. What if they would
just ask insane prices?

A registry has an 'easy' part, and that is actually maintaining a list of
names and associated data, and providing that as DNS zones.

The hard part is dealing with individual customers. Providing service,
collecting money, etc.

So the idea at the time was to have lots of registrars competing on what
service they provide for what price and having more or less regulated
registries that provide a fixed service at an agreed price.

By and large this system worked.

Early on, it was not clear if large zones like .com would actually scale. So
there was some restraint of registering silly names, because that could lead
to problems.

At some point, computers got fast enough and big enough memories that large
zones were no longer a serious worry and everybody moved in to get all the
nice domains.

~~~
neilv
I'd say the many-registrar-middlepersons approach system worked badly. All we
needed was the registry to do very straightforward things, under contract.
Instead, we got additional complexity and inefficiency, gobs of money being
handed out to opportunists, people newly arriving to the Internet interfacing
with certain "registrars" that used dark patterns to upsell, whois frontends
rumored (and I've seen this myself) to grab the domain you're checking and
then offer to sell it at an inflated price, and typically the domain name you
wanted for your startup or other project was already registered by a squatter
(I saw this many times) requiring you either to pay up the gouging scalper
rates or keep trying to outpace the dictionary combinatorics attacks, and
domain names more accessible to the deep-pocketed.

~~~
phicoh
Think about the current state of ICANN. And now ICANN has to award contracts
to monopolies for gTLDs like .com and .net.

What could possibly go wrong?

The registry part is easy to specify.

For the registrar, look at how google normally operates: everything they can
automate works well and is cheap. As soon as something goes wrong and the they
lock you out of an account it becomes hopeless. Imagine that google would be
the only registrar for .com or .net

Of course, with a free market come shady parties. But with a bit of effort it
is possible to find registrars that work quite well.

With just one monopoly per gTLD, it is likely that bad things will happen in
the long run.

~~~
neilv
I don't know why we're still talking about monopolies. It should be a
contracted clerical registry doing a very straightforward thing, according to
rules.

~~~
phicoh
Reality is that this lasts for a few years. And then the contracted party
finds ways to raise prices or make a mess or both.

Look at the history of decisions taken by ICANN. Contracts get awarded with
hardly influence from the larger internet community.

------
Sir_Cmpwn
I recommend reading the entire article, the conclusion is particularly scary:

>ACT and Comptia have been infiltrating every workgroup, even the one on Open
Source (WG 7). They are doing the best they can to drown any initiative that
would not only promote OSS in Europe but also that could help Europe create a
sucessful European software sector

My thought is that outside of high-risk areas like ICANN, they're not having
much success. The OSS community in Europe is far stronger than that in
America.

~~~
pitaj
> My thought is that outside of high-risk areas like ICANN, they're not having
> much success. The OSS community in Europe is far stronger than that in
> America.

By what metric?

~~~
Sir_Cmpwn
Personal anecdotes. I frequently travel to Europe to collaborate with free
software developers or attend free software conferences, and attend
comparatively fewer in the US (and they're generally smaller in attendance
here, too).

~~~
saagarjha
Europe is smaller and more amenable to fast and cheap transportation, I think,
which encourages conference participation.

~~~
Sir_Cmpwn
That's true, Europe is a lot smaller and denser than the US.

------
ynniv
ICANN fees should be ten to one hundred times greater than they are in order
to reduce the ridiculous hoarding that has occurred.

We used to say that fees should be low so that the average person could have
their own domain. After all, there is no inherent cost in the sale, so why
should ICANN profit? Instead, organizational fees are $0.18/yr for dot com
domains, even though the registrars charge at least $8.00. This captures 97%
of retail registration proceeds in private hands. Yet at the same time, no
domains are available. Who could afford to own so many unused domains at
$8/yr? No one, because they establish private registrars and own then at
$0.18/yr, covering these meager costs by selling marginally valuable domains
for $100 and short dot coms for tens of millions on secondary markets.

If there are thousands of votes that ICANN should not be allowed to raise
rates, they are certainly from people who are profiting off their sale, and
not people using them for the intended purpose of identifying servers on the
Internet. If we are concerned about profits, we should push for them to be
assigned to a charity benefiting something deserving.

~~~
IceWreck
> ICANN fees should be ten to one hundred times greater than they are in order
> to reduce the ridiculous hoarding that has occurred.

No. Hobbiests and regular people won't be able to afford domains just because
some squatters decided to profit off this. You are probably salty just because
a squatter grabbed a domain you liked, and yeah thats irritating but that
doesn't mean that millions of people should be denied the right of having
their internet presence by making prices so high that they can't afford them.

~~~
Retric
1$ / month per domain would have zero impact on affordability for the average
American on .com. With .counrty codes they could have higher or lower fees at
their discretion.

Instead DNS is basically useless for the average person who uses search
engines and bookmarks to find things.

PS: The Phone number system oddly enough is far more user friendly in
practice.

~~~
pdonis
_> 1$ / month per domain would have zero impact on affordability for the
average American on .com_

Sure, but if there are no price caps, what makes you think .org domains will
be available for that price?

 _> DNS is basically useless for the average person who uses search engines
and bookmarks to find things._

Um, you do realize that when you click on that search engine link, you're
using DNS to find the actual site, right? Search engines point at URLs, not IP
addresses.

~~~
Retric
DNS as an abstraction layer is useful, but the specific name is not. There is
a reason people resort to bit.ly and other URL shortcuts.

~~~
justinclift
> ... people resort to bit.ly and other URL shortcuts.

Isn't the usage of that on the way out (likely long tail though), due it being
a security nightmare?

eg you never know if some url shortener is pointing to malware, bouncing
through trackers, (etc).

Even if the same url "seemed ok yesterday".

~~~
Retric
I don’t think they are safe or a good idea. But, t.co ranked #36 most popular
website.
([https://en.m.wikipedia.org/wiki/List_of_most_popular_website...](https://en.m.wikipedia.org/wiki/List_of_most_popular_websites))
So, they still seem to be very common.

DNS is incredibly important infrastructure, but the protocol is more than just
a name. Getting a geographically local IP from a universal name is independent
of what the name is. Replace Microsoft.com with MVKVS or other short string
and that still works.

~~~
ajdlinux
t.co is a special case, as Twitter generates t.co links automatically in
tweets.

------
bityard
If you look at all of the decisions that ICANN has made over the years, it's
been quite obvious that ICANN has always acted in the interests of domain
registrars rather than the Internet community as a whole.

------
dmix
The response to his claims of regulatory capture was the worst part for me.
This a really bad look for ICANN.

Any regulatory organization should constantly be on their toes about possible
capture. Anyone who rejects research on the matter with actual data and
earnest intentions as "insulting" and "incivility" is very concerning.

------
3xblah
The notion of "regulatory capture" mischaracterises the history, IMHO. I think
that term implies that the regulation is based in some actual government-
backed authority acting in the public interest.

But ICANN has no actual source of legal "authority" over domain names. Their
position is maintained only through the willingness of authors of DNS software
and network adminstrators to use the ICANN root.zone. What keeps the world's
DNS resolvers pointing to ICANN's approved root zone is simply consensus.
Unchanged default settings and the tacit agreement of network administrators.

It could be that the author is currently maintaining a significant number of
regsitrations, possibly doing a little "domaining" in his spare time. If so,
that is motivation to protest any increase in prices. The truth is that domain
names _should_ cost almost nothing. The real cost of maintaining a domain name
is not even close to what is being charged by registrars.

If I am not mistaken, the story behind the privatisation and commercialisation
of domain name registrations can be traced back to President Clinton, certain
Clinton staff members/advisors, and an ICANN-precursor, called "NewCo" at the
time. "NewCo" is shorthand among lawyers for setting up a private company.

I think "regulatory capture" is a misleading way to describe the very old
problems with ICANN and its conflicts of interest. There is no governmental
regulatory agency acting in the public interest to "capture". ICANN, both the
idea and implementation, is a private company. Adept at fending off any legal
challenges.

------
Accujack
Most of the people involved with this circus seem to think that they can
maintain an artificial scarcity of names, that they can be manipulated like a
real resource to gain financial advantage.

However, all that's needed to completely obsolete the existing domain name
system is for any significant part of the total population of Internet users
to agree to use a new one.

It's not even necessary to change the software used for DNS or change how the
system works. Just agree to change, select new master servers, configure the
software and start resolving.

Because of the way the system works, the old and new DNS trees can even
coexist, all that's needed is to list members of the new system as servers for
resolution, to be checked in addition to the ones for the old system.

Thinking about it, it's quite likely that this has already been done, and that
independent DNS systems are already in use for things like the "Dark Web".

The major purpose of having an organization manage the name and number spaces
is to organize them and avoid collisions... I don't think the people at ICANN
really understand how replaceable their function is.

~~~
oakslab
> Thinking about it, it's quite likely that this has already been done,

OpenNIC

------
nfoz
.pics

.pictures

.photo

.photos

.photography

ICANN jumped the freaking shark and made an irrevocable mess of internet
naming.

~~~
Avamander
I don't see why impose any restrictions aside from the country TLDs. We have
enough letters, we could make TLDs affordable.

~~~
dmix
> we could make TLDs affordable.

As long as we throw out the whole 'memorable' part. Which has both branding
and security implications.

We need to either commit to a limited set or unlimited set. Being stuck in
between in the worst of both worlds. If it's unlimited we can treat domains
more like phone numbers and rely on 'contact book' style systems for personal
reference instead of memory. Which would help solve both branding/security
issues.

You could even diff the URLs against your URL "contact books" (I'm trying not
to say bookmarks), to warn against possible phishing too.

~~~
nfoz
> If it's unlimited we can treat domains more like phone numbers and rely on
> 'contact book' style systems for personal reference instead of memory.

So then we can throw out the DNS and just use IP addresses or some IPFS-esque
scheme.

~~~
logfromblammo
Or use a federated contact book, such that a site operator could openly
publish a memorable name, and those names could be propagated to others and
given aliases.

...so then the nodes operated by the FAANGs would be authoritative just by
virtue of popularity. Dangit.

I guess we're back to HOSTS files.

------
pteraspidomorph
I'm not happy with ICANN's behavior in recent times. Their bylaws and
organization seem to be well designed, but I was wondering - is there a
deterrent? Is there a mechanism for punishing their executive staff when they
act in bad faith? What do they have to lose?

------
rasengan
> The public interest is at best being represented, in majority, by people
> tied up in potential conflicts of interest in the given matter. At worst, it
> looks like special interest groups for VeriSign and The Internet
> Society(ISOC)/Public Interest Registry have captured multiple groups at
> ICANN and are trying to use it to line their organizations' pockets.

> This appears to be a case study in regulatory capture. Beyond public outcry,
> there appears to be very little stopping ICANN from simply pushing through
> these contracts despite overwhelming evidence that the average internet user
> isn't in favor of these changes.

The whole internet naming system in place right now has issues due to this
fact. DNS and naming have become a critical part of the internet
infrastructure and deserve to be owned, controlled by and/or operated for the
best interests of the people.

------
snek
Everything I read about ICANN as of late is just horrible. There must be
something we can do :(

~~~
zanny
Of all the monopolies in the world conspiring against the interest of the
general public ICANN is probably one of the ones most able to be usurped.

People only use DNS through public facing DNS servers. You can run your own if
you want, whenever you want (and many routers are already doing just that,
creating .local domains etc with dnsmasq). Practically anyone can operate as a
naming system and you don't even need to hard break with ICANNs canonicity -
you can still delegate to full ICANN compliant DNS providers if you want, but
you can also go against their name policy where you want too if you are
operating the name server.

Fixing DNS is probably one of the easiest "sea change" movements possible -
many devices get their DNS delegated, so rather than convincing every
grandmother to change their phones DNS server they often just need to change
the DHCP provisioned DNS servers.

Of course, being "one of the easiest" doesn't make it actually _easy_. You
need to convince a critical mass of DNS provisioning routers, devices, etc to
stop respecting ICANN as the naming authority and pretty much every large
corporation that would have a stake in this has already sunk cost with the
ICANN / registrar mafia to get theirs. At this point, the monopoly often
benefits them by shutting out competition through exploitative pricing and
name restrictions.

The only practical way to ever get that critical mass is through automatic
changeover systems. Updates to routers, phones, computers, etc that replace
their priority DNS servers. Good, uh, luck with that, especially if the
replacement you are pushing is going to be incompatible with (some) ICANN
registered domains.

But anyone can run their own DNS server. And they can advertise whatever names
they want. They don't have to listen to ICANN, but a replacement needs to gain
enough adoption to displace ICANN's authority, which like with many
monoculture monopolist services (Twitter, Facebook, Blink, etc) is
extraordinarily difficult even in one of the easiest instances of it to fix.

~~~
phicoh
By and large, a domain is less than 20 euro a year. You can come up with
alternatives, but is it really worth it?

The hard part of domains is dealing with trademarks. In recently years it has
been remarkably quiet in that area. Which means that ICANN is doing something
right.

I don't particularly like ICANN, but the ccTLDs and legacy gTLDs are very
stable. Which is a good thing.

------
rmbryan
Here's the brief itself, which is where I started from:
[https://www.icann.org/public-comments/org-
renewal-2019-03-18...](https://www.icann.org/public-comments/org-
renewal-2019-03-18-en)

------
jbb123
I imagine that once a majority of people are using the google dns servers that
everyone seems to advise these days, that google will simply decide to ignore
most of this and serve whatever domains they like. I don't know if this is
better!

~~~
Y_Y
I do not advise using Google's dns.

------
lone_haxx0r
>"Increased competition and choice has been a major benefit for consumers in
the TLD market. Moving the .org legacy TLD to a new TLD contractual agreement
is also an opportunity to move to more market-based pricing in the domain name
space and away from arbitrary price caps.[...]"

Honestly, I agree with ICANN on this. But then ICANN contradict themselves
when they introduce URS, PDDRP and all of that, which blatantly goes againnst
the free market and competition.

You can't make IP holders happy and have a competitive market at the same
time.

ICANN want to have their cake and eat it too.

------
esarbe
At this point in time, it doesn't make sense to restrict tld anymore.

