From the ICANN does good department, ICANN has released a report by Charles Rivers Associates on the economic relationship between registries and registrars. All in all the report takes a fairly cautious approach to its recommendations and its main benefits lie in the introduction of more rigorous economic analysis into the ICANN policy dialogue. In the full post, we summarize the recommendations, and will review the whole report in greater detail and report anything of note later.   more »

A Bulgarian group has proven that our earlier concerns about the connection between fast-track IDN country code top level domains (ccTLDs) and government control of the Web were not hypothetical. A group known as UNINET would like to become the manager of an IDN top level domain composed of two Cyrillic letters that stand for “Bulgaria.” In UNINET's letter to ICANN, the group claims to have the support of many businesses and users as well as “15 Bulgarian Internet providers, the first Bulgarian WiMax provider and the biggest Internet provider in Sofia,” the capital city. On the other hand, ICANN seems to be intent on restricting the right to apply for the domain to the Bulgarian government, which has some censorship problems, and the incumbent ccTLD operator. At a recent meeting in Sofia regarding this issue, ICANN deliberately excluded UNINET from being admitted to the meeting. ICANN staff have refused to respond to any inquiries about this shameful episode.

Milton Mueller, appointed as professor to the Chair of Security and Privacy of Internet Users within the Faculty of Technology, Policy and Management at the Delft University of Technology will present an Inaugural Address, "The Future of Freedom on the internet: Security, Privacy and Global Governance" on Friday, 17 October 2008 at 3:00 PM (Central Europe time), 9:00 am US Eastern time. The 30 minute address will be webcast.

I just returned from the “Internet of Things, Internet of the Future” conference sponsored by the French Presidency of the EU. At a panel on the privacy implications of RFID, I was struck by the way so many panelists, perhaps 4 or 5 out of 7, invoked “privacy by design” as a way of responding to RFID privacy threats. They all seemed to agree that it was somehow possible to pre-configure the technology in a way that privacy is structurally protected. Appropriately enough, the next day one of the chief intellectual promoters of this myth, law professor Lawrence Lessig, keynoted the conference.

I think people who put such stock in the ability of “design” or constructed “architectures” to solve or forestall social problems are wrong. Our ability to solve privacy problems depends on how strongly people value privacy, how well they mobilize politically and economically and whether they have the legal and regulatory tools to intervene in strategic areas of the value chain. There is no magic shortcut that allows a social objective to be inserted into the “genes” of a technology at the outset to save us from all that laborious work.   more »

The U.S. Commerce Department used its presence at a French conference on the “Internet of things” to announce that it will hold a public consultation on the different proposals to cryptographically sign the DNS root zone file, and determine who will hold the root zone trust anchor for global DNSSEC implementation. The call for public comment will be released later this week. (UPDATE: The official Notice of Inquiry has now been published.) The announcement was made by NTIA's Meredith Attwell Baker, who encouraged other governments to participate in the domestic US proceeding. The announcement occurred after NTIA prevented ICANN, the supposedly independent, global, "bottom up" administrator of the DNS, to hold its own public consultation. Also, DoC says it is awaiting a proposal from ICANN regarding "automation" (i.e., EIANA) of certain root functions. ICANN's Paul Twomey, who was on the same panel, declined comment on anything NTIA said; apparently the gag order still holds.

What is technical and what is political? Some of you may recall various members of the technical community scolding us about how implementation of DNSSEC at the root was a "purely technical issue" and that the world should ignore the governance questions and just "get on with it." This plea of urgency gained steam this summer during the Kaminsky attack episode, with some blaming the Department of Commerce as the "the show-stopper." What some technical experts failed to recognize was the underlying power struggle involving ICANN, the U.S. Commerce Department and VeriSign over the arcane business of how the root zone of the DNS might be signed, an important step in the implementation of DNSSEC. And more importantly, how the US Government is making sure this process unfolds in a way that keeps it in control of the root.   more »