precedence: bulk Subject: Risks Digest 21.97 RISKS-LIST: Risks-Forum Digest Wednesday 20 March 2002 Volume 21 : Issue 97 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks) ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for further information, disclaimers, caveats, etc. ***** This issue is archived at and by anonymous ftp at ftp.sri.com, cd risks . Contents: Overcoming ICANN: Forging Better Paths for the Internet (PFIR) Abridged info on RISKS (comp.risks) ---------------------------------------------------------------------- Date: Mon, 18 Mar 2002 19:21:02 -0800 (PST) From: PFIR - People For Internet Responsibility Subject: Overcoming ICANN: Forging Better Paths for the Internet David J. Farber Peter G. Neumann Lauren Weinstein March 18, 2002 http://www.pfir.org/statements/icann Overcoming ICANN: Forging Better Paths for the Internet An Open Letter to the Global Internet Community Despite its best efforts, the Internet Corporation for Assigned Names and Numbers (ICANN) has proven overall to be a failed experiment in Internet policy development, implementation, and management. ICANN's lack of meaningful representation, and its continuing pattern of drastic and seemingly arbitrary structural and policy changes (among other shortcomings), have created an unstable and suspicion-ridden environment that is detrimental to the interests of the vast majority of Internet users around the world. The resulting overly politicized situation not only threatens the stability of the Internet itself, but also invites drastic and undesirable interventions by a variety of vested interests. We will not in this document detail the range of specific problems and issues, which have become widely recognized and known. Key aspects of the problems relating to the Internet and ICANN have been outlined in previous statements [1][2][3], along with a set of basic proposed Internet guiding principles [4]. The continuing rapid deterioration relating to ICANN and its impact on the Internet now forces us to recommend the following three actions. First, as an immediate temporary measure, all Internet policy, operational, and other Internet-related functions currently performed by ICANN should be transferred, as soon as practicable while maintaining continuity, to a different, already existing non-profit organization (or organizations) on a non-permanent, strictly stewardship basis. One potential candidate we would suggest considering for this role would be the Internet Architecture Board (IAB), although there are a range of other possibilities of course. The process to plan and begin a transfer of responsibilities from ICANN should be initiated immediately. Next, we recommend that an intensive, international study be started at once, with a mandate to propose detailed and meaningful paths for the Internet's development, operations, and management. The goal of this study would be to help guide the formation of purpose-built representative organizations and policies that would be beneficial both to established Internet stakeholders and to the wide variety of organizations and individuals who are effectively disenfranchised in the current Internet policy environment. This study should consider both short-term and long-term alternatives, and could potentially be conducted by the National Research Council (NRC) and related international organizations, among other possible frameworks. Our third recommended step would be for the results of this study to be carefully considered and, as deemed appropriate, to be implemented. Internet-related functions would be transferred from the temporary stewardship organization(s) to the entities developed from the study results. Time is definitely of the essence if a potential "meltdown" of Internet policies, functionalities, and operations in the near future is to be avoided. There is in particular an immediate need to begin the process of depoliticizing the situation and providing opportunities for consensus building regarding the range of Internet issues. Wide consensus has already been achieved on at least one key point -- even by ICANN's current president -- ICANN is seriously broken. We agree, and we additionally assert that ICANN's history, structure, and behaviors strongly indicate that the most productive course would be for ICANN's role in Internet affairs to be discontinued. This is not to cast aspersions on the efforts of any individuals involved with ICANN in the past or present. Rather, we feel that ICANN has failed as an organization, and that the amount of "bad blood" and institutional "baggage" it carries doom "reform" efforts within the organization itself to ineffectiveness at best. We come to this conclusion reluctantly, since in the past we have considered that there might be an appropriate continuing role of some sort for ICANN. Unfortunately, this is no longer possible. We do not have all of the answers regarding Internet issues -- nobody does. The proposals above are not presented as any kind of fait accompli, but rather as an attempt to stimulate recognition that the Internet is facing serious problems that are in need of serious solutions. The search for solutions will be difficult, and will be a continuing effort that far transcends matters relating to ICANN. But half-measures will no longer suffice, and the status quo (however it might be disguised or "spun") can no longer be tolerated. Some persons genuinely fear that alternatives to ICANN might lead to situations even worse than the current dysfunctional ICANN environment. That is indeed a non-zero probability, but the increasingly chaotic situation with ICANN makes degeneration a decided *likelihood* if ICANN remains involved with Internet matters. The day of reckoning is already upon us. Work should begin immediately to define and implement collaborative processes that can provide hope of assuring that the Internet will be the best possible resource for the population of the entire world. The risks in change are real, but the need for change and the possibilities for meaningful and beneficial progress are even greater. If we do not take these steps, we may well be dooming the Internet to a future of mediocrity at best, or of decay, fragmentation, greed, and even worse outrages. [1] PFIR Statement on Internet Policies, Regulations, and Control http://www.pfir.org/statements/policies [2] PFIR Proposal for a Representative Global Internet Policy Organization http://www.pfir.org/statements/proposal [3] URIICA Announcement http://www.uriica.org/announcement [4] PFIR Declaration of Principles http://www.pfir.org/principles Sincerely, David J. Farber farber@cis.upenn.edu Tel: +1 (610) 304-9127 Member of the Board of Trustees EFF - http://www.eff.org Member of the Advisory Board -- EPIC - http://www.epic.org Member of the Advisory Board -- CDT - http://www.cdt.org Member of Board of Directors -- PFIR - http://www.pfir.org Co-Founder, URIICA - Union for Representative International Internet Cooperation and Analysis - http://www.uriica.org Member of the Executive Committee USACM http://www.cis.upenn.edu/~farber Peter G. Neumann neumann@pfir.org or neumann@csl.sri.com or neumann@risks.org Tel: +1 (650) 859-2375 Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Co-Founder, Fact Squad - http://www.factsquad.org Co-Founder, URIICA - Union for Representative International Internet Cooperation and Analysis - http://www.uriica.org Moderator, RISKS Forum - http://risks.org Chairman, ACM Committee on Computers and Public Policy http://www.csl.sri.com/neumann Lauren Weinstein lauren@pfir.org or lauren@vortex.com or lauren@privacyforum.org Tel: +1 (818) 225-2800 Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Co-Founder, Fact Squad - http://www.factsquad.org Co-Founder, URIICA - Union for Representative International Internet Cooperation and Analysis - http://www.uriica.org Moderator, PRIVACY Forum - http://www.vortex.com Member, ACM Committee on Computers and Public Policy (Affiliations shown for identification only.) ------------------------------ Date: 12 Feb 2001 (LAST-MODIFIED) From: RISKS-request@csl.sri.com Subject: Abridged info on RISKS (comp.risks) The RISKS Forum is a MODERATED digest. Its Usenet equivalent is comp.risks. => SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent) if possible and convenient for you. Alternatively, via majordomo, send e-mail requests to with one-line body subscribe [OR unsubscribe] which requires your ANSWERing confirmation to majordomo@CSL.sri.com . [If E-mail address differs from FROM: subscribe "other-address " ; this requires PGN's intervention -- but hinders spamming subscriptions, etc.] Lower-case only in address may get around a confirmation match glitch. INFO [for unabridged version of RISKS information] There seems to be an occasional glitch in the confirmation process, in which case send mail to RISKS with a suitable SUBJECT and we'll do it manually. .MIL users should contact (Dennis Rears). .UK users should contact . => The INFO file (submissions, default disclaimers, archive sites, copyright policy, PRIVACY digests, etc.) is also obtainable from http://www.CSL.sri.com/risksinfo.html ftp://www.CSL.sri.com/pub/risks.info The full info file will appear now and then in future issues. *** All contributors are assumed to have read the full info file for guidelines. *** => SUBMISSIONS: to risks@CSL.sri.com with meaningful SUBJECT: line. => ARCHIVES are available: ftp://ftp.sri.com/risks or ftp ftp.sri.comlogin anonymous[YourNetAddress]cd risks [volume-summary issues are in risks-*.00] [back volumes have their own subdirectories, e.g., "cd 20" for volume 20] http://catless.ncl.ac.uk/Risks/VL.IS.html [i.e., VoLume, ISsue]. Lindsay Marshall has also added to the Newcastle catless site a palmtop version of the most recent RISKS issue and a WAP version that works for many but not all telephones: http://catless.ncl.ac.uk/w/r http://the.wiretapped.net/security/info/textfiles/risks-digest/ . http://www.planetmirror.com/pub/risks/ ftp://ftp.planetmirror.com/pub/risks/ ==> PGN's comprehensive historical Illustrative Risks summary of one liners: http://www.csl.sri.com/illustrative.html for browsing, http://www.csl.sri.com/illustrative.pdf or .ps for printing ------------------------------ End of RISKS-FORUM Digest 21.97 ************************