In my previous article in the “Codifying the Cyber Commons” series, I discussed how the data that makes up the internet physically moves around the world. However, to start that movement, someone first needs to have made data available and somebody else to request the data that is relevant for her/him. There are millions of sites on the internet, so how do you find the one you are looking for? The obvious answer is type in the address, or URL. For example, if you want to reach Google, you type in http://www.google.com into your browser, and the website comes up. This is a simple enough process. However, the actual process that fulfills your data request is far more complicated, and it involves a wide variety of independent actors. First we will explore how your request is processed, then discuss the entities that control this process.
To start, each computer and server has an address known as an Internet Protocol (IP) address which allows other computers to locate it. Each address consists of a set of four numbers that identify the server where a particular website’s data can be found. For instance, Google’s primary IP address is 126.96.36.199. While this one is fairly simple, most IP addresses are often very complex, and sites that expect a large degree of traffic will often have a range of IP addresses in order to more quickly respond to requests from users. For example, Facebook occupies all the IP addresses between 188.8.131.52 – 184.108.40.206, as well as between 220.127.116.11 – 18.104.22.168 and 22.214.171.124 – 126.96.36.199. While this system of numbers is perfect for ensuring that each user has an individual identity to guide their traffic and requests through the internet, it certainly isn’t intuitive for the average person.
In order to make the internet more user friendly, the Domain Name System (DNS) system was created to give sites actual names rather than numbers. Under this system, IP addresses are paired with domain names, such as www.katoikos.world. These site names are easier to remember, which creates a more efficient way of bringing users together with the data they want. These combinations of IP addresses and domain names are compiled on specific servers that serve as reference points for other devices on the network. When a user enters a domain name into their browser, their computer communicates this request through its nearest internet access point where a series of servers help identify the location of the requested data by comparing the inputted address against a database of all the pairings of IP addresses and Domain Names. When the requested data is located, it is then transmitted back to your device so you can enjoy the bounty of the internet.
Who controls and organizes this system? The overall administrator is the International Corporation for Assigned Names and Numbers (ICANN). However, the vast size of the internet makes it almost impossible for a single entity to manage all this data. Therefore, ICANN has divided the internet into different categories and has given external organizations the ability to register new domain names through various contracts. The categories are organized around the final piece of the domain name, such as the .com or .org. These are known as the Top Level Domains (TLD). It is relatively easy to register a .com domain, as there are multiple registrars and .com domain names are given out fairly freely. However, there are more specific TLDs that are subject to stricter regulation, such as country-specific domains or the .org domain. Many of these specialized TLDs are each subject to a single registrar, who maintain their section of the DNS in coordination with ICANN.
Some of these specialized domains fulfill a public interest role, and therefore should have a degree of accountability and regulation. Currently, ICANN operates as an independent NGO, only subject to US and California state law. Since the internet is a global resource, the lack of any international oversight on this body is surprising. The same is true for the registrars that help manage different sections of the DNS. While some of them are managed by national governments, others are run by NGOs that have little to no accountability beyond local law and their agreement with ICANN.
An example of this is the .org domain, also known as the Public Interest Registry (PIR). This TLD focuses on supporting non-profit organizations and is managed by The Internet Society. This NGO was formed in 1992 in order to promote standards for fairness and independence within the internet, which included creating the PIR in 2002. This registry provides inexpensive access to domain names for non-profits who otherwise might not be able to create a presence on the internet. Additionally, a framework was put in place between ICANN and the Internet Society to preserve freedom of expression and data privacy for those organizations using a .org site.
However, the status quo was challenged this April 2020 when the Internet Society attempted to sell the PIR to Ethos Capital, a private equity firm. Many organizations protested the decision, as a for-profit entity would have no incentive to serve the public interest nature of this domain. Despite assurances by Ethos Capital that they would commit to minimal increases in price and allow for a stewardship council to be established, many felt that the desire for profit would lead to the exploitation of user data as well as potential censorship issues where non-profits could be priced out of their domain name.
Despite the obvious concerns this sale posed to organizations around the world, the only reason that the sale was not completed was that ICANN refused to permit the sale. ICANN was able to do this within California State law under the contract it had signed with the Internet Society. While in this particular instance ICANN chose to preserve the non-profit status of the PIR, there is no guarantee that they will continue to do so. In order to ensure that the PIR and other similar registries remain focused on maintaining fair access throughout the world, there should be representation in these decisions of public authorities at global level. Much the same as with regulating Internet Access Points, the International Telecommunication Union (ITU) provides an optimal partner for this purpose. Its established role in setting norms and standards in the telecommunications field globally would be well suited to ensuring that groups like non-profit organizations can have affordable and secure access to the internet through these specialized TLDs. Alongside ICANN, the ITU can serve as an international voice in the administration and regulation of cyberspace.