An alliance of 47 countries called on ICANN the world domain name distributor back in June 2015, to respect privacy and freedom of expression when allocating top domain names. Amicus ITS last questioned the rationale and discretion of the company when it released “.sucks” as a domain name back in March 2015 and the squabbling about fee exploitation with its licencee over trademarking in April 2015. See blog https://goo.gl/F5DPCQ
The Council of Europe (CoE) whilst holding no legal power to force ICANN to change its procedures (ICANN is a body appointed by the US Government), has stated its concern that the personal data of the domain name holders (name and postal address) is publicly available on the WHOIS online database. Whilst not subject to the European Data Protection Act, ICANN as a US body should, according to the CoE, give due regard and duty of care around the personal data it handles. In a declaration, the CoE said: “ICANN, as a private non-profit corporation, should respect international human rights law, notably the UN Resolution 17/4 on human rights and transnational corporations”. The declaration goes on to note that ICANN should strike an appropriate balance between “…economic interests and those of pluralism, culture and linguistic diversity, alongside the needs of vulnerable groups and communities”.
A requirement for ICANN is to undergo an independent review into WHOIS every three years. In the last review in 2012, the chairwoman Emily Taylor noted that ICANN staff were obstructive about its compliance function. With further reports noting poor levels of data accuracy in WHOIS records, the organisation was found wanting on its compliance and safeguards policy.
What then to make of last week’s news that ICANN Chairman, Steve Crocker lost the plot during a webinar with a working party from the 2015 review group, as they were assessing how ICANN should handle its database. When challenged, Crocker was heard to shout: “That is completely unacceptable … I understand you didn’t really want to think hard about it, but this is a destructive and inappropriate thing to do.” The outburst resulted in silence, followed by a “wow!” from one of the review group members. Not a response one would expect from the head of the management board.
The organisation appears to be resolute in not acting on any of the previous independent recommendations. This is alarming as ICANN is about to be handed control of the all powerful ‘IANA contract’ by the National Telecommunications and Information Administration (NTIA) (the arm of the US Department of Commerce responsible for this move). This would grant ICANN 100% control of the world’s DNS and IP address allocations. It all sounds messy and unsettling as the transition plan to the new IANA contract is reportedly riddled with flaws. In addition, ICANN was recently found to have broken its own bylaws when it gave preferential treatment to one or two bidders for the “.africa” top-level domain. Accusations have allegedly been made of cover-ups by the staff in misleading stakeholders and the public over its actions. It would appear that the organisation is out of control and in denial.
The NTIA meanwhile has opened two review periods for people to make comments on the proposals before it approves the transition, based on four principles:
1. Support and enhance the multi-stakeholder model.
2. Maintain the security, stability, and resiliency of the Internet DNS.
3. Meet the needs and expectation of the global customers and partners of the IANA services.
4. Maintain the openness of the Internet.
ICANN has chosen to stay silent over accusations by its critics. Surely, this time of public review is the cue for technology organisations and the internet community on the other side of the Pond to rise up and challenge ICANN to provide evidence that it is fit for purpose to carry out this important role and handle data correctly. Either that, or perhaps it should relinquish the reins in favour of an organisation that can inspire trust?