When the United Nations-sponsored World Summit on the Information Society convenes in Tunisia later this month, participants will take up the banner of extending "the benefits of the new telecommunication technologies to all the world's inhabitants."
ADVERTISEMENT
But that somewhat innocuous stated purpose gives little clue as to what is really at stake: control of the Internet.
The European Union (EU) already has withdrawn its support for the current domain registration system, managed until now by the nonprofit Internet Corporation for Assigned Names and Numbers ( ICANN), which operates under the loose direction of the U.S. Department of Commerce. That contract expires next year. Moreover, the EU already is calling for a move from a unilateral to a multilateral mode of control.
At the summit itself, to take place in Tunis, November 16 to 18, countries such as Brazil, China, Cuba, and Iran are expected to push the debate one step further by calling for the creation of an international body to govern the Internet as a global resource. The move is expected to draw fierce opposition from the U.S., which holds firm to the belief that any change in the status quo would jeopardize the Internet's ability to function as a medium of free expression.
The stakes are enormous. A sea change of one kind or another appears likely, said security expert Ed Moyle. "The Department of Commerce -- though technically in an oversight position -- has not interfered in the ICANN decision-making process in any significant way to date," he said. "But none of the four models proposed for summit consideration so far would preserve the Internet's current relationship with ICANN, which has operated to date in an effectively autonomous fashion under the control and oversight of the Department of Commerce."
A Political Football
Some summit attendees -- many of whom represent countries that oppose America's war with Iraq -- might enjoy the opportunity to play politics regarding ICANN's eventual fate. However, Moyle said, ICANN is a technical body, not a political one, and as such it has enjoyed wide latitude and decision-making authority under the current structure. "Those that favor the preservation of the current model fear that ceding oversight to the U.N. would result in a less 'laissez-faire' environment -- that it would open the door to tighter control and thereby [engender] all the trappings of control: potential taxation, inefficiency, or restriction on free speech."
The U.S. is expected to ask why it should give up oversight of something -- the Internet -- that initially was developed by its military under the aegis of the U.S. Defense Advanced Research Projects Agency (DARPA). "The U.N. is understandably nervous about the ability of the U.S. to exert control over ICANN under the current structure," Moyle said, "even if that ability isn't currently utilized to any significant degree."
Some nations remain wary of the U.S. calling the shots. In August, for example, the Bush administration objected to creation of an .xxx domain for adult-content Web sites. "Since all ICANN decisions are subject to approval by the U.S. Department of Commerce, President Bush can ultimately decide whether or not to allow that change to proceed," Moyle said. "No other country has that level of voice in the process."
On the other hand, Moyle said, the U.N. has yet to do a thorough job of outlining its goals. "I'm cautious about taking a functioning known quantity and turning it into something else -- at least without a full understanding of what the ultimate goal is."
Summit participants will debate the merits of having an international body govern the Internet, one with the ability to take up technical issues already identified by the summit's Working Group on Internet Governance (WGIG), including spam, Internet Protocol addressing, and the allocation of domain names.
The stage is set for an argument over whether America should have the final say. For its part, America isn't budging. In October, members of the U.S. House of Representatives -- including Fred Upton, R-Mich., chairman of the Subcommittee on Telecommunications and the Internet -- sent a letter to Commerce and State Department officials urging U.S. retention of Internet oversight. What's more, the Bush administration has expressed concern that a country such as China or Cuba might take advantage of a change in Internet control to stifle freedom of speech even further in those respective nations.
Giving a Voice to the People
But as the Internet has grown from a U.S. defense project into a tool for all of human society, so has the argument grown that individual nations ought to have a say in how it is governed.
Yoshio Utsumi, Secretary-General of the Geneva-based International Communications Union (ICU), recently said one of the goals of the World Summit on the Information Society is to improve Internet governance by "giving a voice to people who have been isolated, or have been invisible and silent, allowing them to speak out regardless of their economic status, their gender, or where they live."
In this respect, lending an ear to the voices to be heard in Tunisia later this month advances one goal that the U.S. government says it wants to preserve: freedom of expression.
If a power shift does occur, the ICU would most likely play a substantial role in Internet governance. Utsumi has argued that for poorer nations, a move from an agrarian to an information-based economy not only would close the digital divide but also speed the implementation of the U.N.'s millennium development goals, which include shrinking global poverty and providing universal primary education.
Some fear that U.S. reluctance to surrender control over domain names, addresses, security, and the root servers that keep the World Wide Web in operation could lead to a Balkanization of the Internet, wherein different countries run their own servers and assign their own top-level domains. This could create a scenario in which typing the same address into two different computers accesses two different Web sites.
Still others have argued that developing countries receive a disproportionate share of spam, since those countries often are unable to afford the means necessary to fight it. An international body could give those countries a greater say in security matters, advocates say.
If It Ain't Broke, Don't Fix It
Some analysts have dismissed the idea that a shake-up in Internet governance would improve Web security. "I don't know if it would make it any different or be any better if the Internet was under any control other than what we have right now," said David Smith, vice president of Gartner Group (NYSE: IT - news).
"Controlling something doesn't make it any more secure -- look at Microsoft's (Nasdaq: MSFT - news) control over Windows," Smith said. "That certainly hasn't made things any safer. The Internet is only as secure as what is on it."
He added: "There doesn't appear to be a problem to solve here. If you change things, you run the risk of breaking something that works."
Moyle said he wondered why the U.N. believes multilateral control is needed and why the organization feels it could do a better job managing the appropriate body to exert that control. "As a technologist, I'm not convinced that the U.N. is necessarily better equipped to deal with these issues than any number of other possible oversight bodies, including the U.S. Department of Commerce."
He added he also was not convinced that the U.N. would be able to wipe out spam more effectively than the engineers who have been working on the problem for the past decade. "There is a lot the U.N. wants to address, but I question how hands-off the U.N. will be in exerting control when the goals are so far-reaching."
Shark-Infested Waters
"When we talk about who controls the Internet, to me the issue is very much like who controls the ocean," said Symantec (Nasdaq: SYMC - news) director of government research Brian Witten, who worked at DARPA during the Internet's infancy. And as the movie character Steve Zizzou discovered in The Life Aquatic, "If you wander into the wrong corner, the ocean is largely unprotected," Witten said.
To mitigate the dangers of sailing across the Internet's shark-infested waters, there are many ways in which the Web could be made more secure by almost any definition, said Sun Microsystems (Nasdaq: SUNW - news) Vice President and Chief Security Officer Dr. Whitfield Diffie. "What is not clear is how the security problems [relating to malware, spam, phishing and break-ins] can be ameliorated without changing the things that make the Internet such a valuable cultural and commercial medium."
Nevertheless, further controls over the Internet -- whether implemented globally or by the U.S. -- are inevitable. One case in point comes from U.S. federal banking regulators, who now say they will require American banking institutions to move their online customers to a two-step authentication process by the end of next year. Possible solutions include the use of one-time "scratch" codes, tokens, smartcards, or even biometric readers. But the implementation of any of these methods is going to increase the cost of doing business, as well as add to the complexity of using the Internet.
Diffie noted that proposals put forth by established institutions -- especially those from national governments -- create new authorities with the power to regulate the Internet, either proactively or through threat of liability or criminal prosecution for those who don't comply.
However, what they propose to do will raise the startup costs of new Internet activities, Diffie said. "This will stifle innovation and [it] threatens to make the Internet another tool of existing monopolies."
A Mirror Image
Everyone needs to realize that the Internet mirrors society at large, both in the U.S. and around the world, Gartner's Smith said -- there will always be some individuals and groups who will attempt to exploit others for financial gain. "It's just like going out on the town at night," he said. "Although you may be concerned about being mugged, that doesn't stop you from going out, but you do have to remain vigilant and take precautions."
Analysts said people should not entertain the expectation that one's virtual life on the Internet ought to be any safer than what one encounters in the real world.
"There's no fundamental difference between using QuickBooks to embezzle funds and using a ledger to embezzle funds," Moyle said. "The technology just changes how the fraud is accomplished and maybe who commits it; it doesn't change why it's committed. As long as there are criminals, they will find a way to use the existing mechanisms to their advantage."
Vigilance, not pessimism, is what will be needed to combat the increase in criminal online threats. In this respect, a partnership between industry, academia, and government makes good sense, "with European Community and U.S. government investments going toward increasing innovation on both the inside and outside of the infrastructure," said Symantec's Witten.
"I think the Internet is evolving toward a model where the nations and the companies that invest in security are increasingly being protected from the unprotected corners of the world," he said. "That's a natural evolution in progress."
Said Smith, "If the pirates come out of their havens, then you've got to repel them back."
Assessing the Consequences
Domain names and numbers are essential components of the technical rules that govern how networks and computers find and recognize one another globally, which is why the rest of the world is so eager to have a say in how they are assigned. Still, some wonder if any change in Internet governance could potentially disrupt the Internet's core functions in a major way.
Moyle said he does not think anyone can be sure of an interruption of service if the U.N. eventually supplants ICANN. "However," he said, "history has taught us that changes of global magnitude are seldom seamless. The Internet already functions far beyond the wildest dreams of its designers -- it has enabled commerce, communications, and the exchange of information for decades now. For good or for bad, the current structure works, and works well."
The jury is still out as to what will be the consequences of a switch from ICANN. If the summit representatives decide to take a policy-centric approach to the problem of spam, such as by establishing a fine for spammers, there likely will be no technical effect on the Internet at all, Moyle said. "But if they attempt to implement some type of 'postage' scenario such as the one they proposed in 1999, I think it's a safe bet that the consequences would be earth-shattering, on both a technological and economic level." (In 1999, the U.N. called on governments to pass a law requiring Internet users to pay a tax of 1 U.S. cent for every 100 e-mails they send, with the revenue going to subsidize the extension of the Internet to Third World countries.)
The Summit's Work Group on Internet Governance also has indicated that the new IPv6 addressing system is also on the table. "IPv6 is certainly no 'instant on' -- it's a long hard road to get it done," Moyle noted.
"If the U.N. intends to softly encourage the transition to IPv6 via policy -- or merely wishes to coordinate or 'track' the deployment of IPv6 over time -- the impact will likely be minimal," Moyle said. "But if they are going to take a stronger approach -- which they could theoretically do with the new authority -- the impact would once again be tremendous."
http://news.yahoo.com/s/nf/20051108/tc_nf/38790;_ylt=AqLBLysKuGF20fSNR30WgpkjtBAF;_ylu=X3oDMTBiMW04NW9mBHNlYwMlJVRPUCUl
ADVERTISEMENT
But that somewhat innocuous stated purpose gives little clue as to what is really at stake: control of the Internet.
The European Union (EU) already has withdrawn its support for the current domain registration system, managed until now by the nonprofit Internet Corporation for Assigned Names and Numbers ( ICANN), which operates under the loose direction of the U.S. Department of Commerce. That contract expires next year. Moreover, the EU already is calling for a move from a unilateral to a multilateral mode of control.
At the summit itself, to take place in Tunis, November 16 to 18, countries such as Brazil, China, Cuba, and Iran are expected to push the debate one step further by calling for the creation of an international body to govern the Internet as a global resource. The move is expected to draw fierce opposition from the U.S., which holds firm to the belief that any change in the status quo would jeopardize the Internet's ability to function as a medium of free expression.
The stakes are enormous. A sea change of one kind or another appears likely, said security expert Ed Moyle. "The Department of Commerce -- though technically in an oversight position -- has not interfered in the ICANN decision-making process in any significant way to date," he said. "But none of the four models proposed for summit consideration so far would preserve the Internet's current relationship with ICANN, which has operated to date in an effectively autonomous fashion under the control and oversight of the Department of Commerce."
A Political Football
Some summit attendees -- many of whom represent countries that oppose America's war with Iraq -- might enjoy the opportunity to play politics regarding ICANN's eventual fate. However, Moyle said, ICANN is a technical body, not a political one, and as such it has enjoyed wide latitude and decision-making authority under the current structure. "Those that favor the preservation of the current model fear that ceding oversight to the U.N. would result in a less 'laissez-faire' environment -- that it would open the door to tighter control and thereby [engender] all the trappings of control: potential taxation, inefficiency, or restriction on free speech."
The U.S. is expected to ask why it should give up oversight of something -- the Internet -- that initially was developed by its military under the aegis of the U.S. Defense Advanced Research Projects Agency (DARPA). "The U.N. is understandably nervous about the ability of the U.S. to exert control over ICANN under the current structure," Moyle said, "even if that ability isn't currently utilized to any significant degree."
Some nations remain wary of the U.S. calling the shots. In August, for example, the Bush administration objected to creation of an .xxx domain for adult-content Web sites. "Since all ICANN decisions are subject to approval by the U.S. Department of Commerce, President Bush can ultimately decide whether or not to allow that change to proceed," Moyle said. "No other country has that level of voice in the process."
On the other hand, Moyle said, the U.N. has yet to do a thorough job of outlining its goals. "I'm cautious about taking a functioning known quantity and turning it into something else -- at least without a full understanding of what the ultimate goal is."
Summit participants will debate the merits of having an international body govern the Internet, one with the ability to take up technical issues already identified by the summit's Working Group on Internet Governance (WGIG), including spam, Internet Protocol addressing, and the allocation of domain names.
The stage is set for an argument over whether America should have the final say. For its part, America isn't budging. In October, members of the U.S. House of Representatives -- including Fred Upton, R-Mich., chairman of the Subcommittee on Telecommunications and the Internet -- sent a letter to Commerce and State Department officials urging U.S. retention of Internet oversight. What's more, the Bush administration has expressed concern that a country such as China or Cuba might take advantage of a change in Internet control to stifle freedom of speech even further in those respective nations.
Giving a Voice to the People
But as the Internet has grown from a U.S. defense project into a tool for all of human society, so has the argument grown that individual nations ought to have a say in how it is governed.
Yoshio Utsumi, Secretary-General of the Geneva-based International Communications Union (ICU), recently said one of the goals of the World Summit on the Information Society is to improve Internet governance by "giving a voice to people who have been isolated, or have been invisible and silent, allowing them to speak out regardless of their economic status, their gender, or where they live."
In this respect, lending an ear to the voices to be heard in Tunisia later this month advances one goal that the U.S. government says it wants to preserve: freedom of expression.
If a power shift does occur, the ICU would most likely play a substantial role in Internet governance. Utsumi has argued that for poorer nations, a move from an agrarian to an information-based economy not only would close the digital divide but also speed the implementation of the U.N.'s millennium development goals, which include shrinking global poverty and providing universal primary education.
Some fear that U.S. reluctance to surrender control over domain names, addresses, security, and the root servers that keep the World Wide Web in operation could lead to a Balkanization of the Internet, wherein different countries run their own servers and assign their own top-level domains. This could create a scenario in which typing the same address into two different computers accesses two different Web sites.
Still others have argued that developing countries receive a disproportionate share of spam, since those countries often are unable to afford the means necessary to fight it. An international body could give those countries a greater say in security matters, advocates say.
If It Ain't Broke, Don't Fix It
Some analysts have dismissed the idea that a shake-up in Internet governance would improve Web security. "I don't know if it would make it any different or be any better if the Internet was under any control other than what we have right now," said David Smith, vice president of Gartner Group (NYSE: IT - news).
"Controlling something doesn't make it any more secure -- look at Microsoft's (Nasdaq: MSFT - news) control over Windows," Smith said. "That certainly hasn't made things any safer. The Internet is only as secure as what is on it."
He added: "There doesn't appear to be a problem to solve here. If you change things, you run the risk of breaking something that works."
Moyle said he wondered why the U.N. believes multilateral control is needed and why the organization feels it could do a better job managing the appropriate body to exert that control. "As a technologist, I'm not convinced that the U.N. is necessarily better equipped to deal with these issues than any number of other possible oversight bodies, including the U.S. Department of Commerce."
He added he also was not convinced that the U.N. would be able to wipe out spam more effectively than the engineers who have been working on the problem for the past decade. "There is a lot the U.N. wants to address, but I question how hands-off the U.N. will be in exerting control when the goals are so far-reaching."
Shark-Infested Waters
"When we talk about who controls the Internet, to me the issue is very much like who controls the ocean," said Symantec (Nasdaq: SYMC - news) director of government research Brian Witten, who worked at DARPA during the Internet's infancy. And as the movie character Steve Zizzou discovered in The Life Aquatic, "If you wander into the wrong corner, the ocean is largely unprotected," Witten said.
To mitigate the dangers of sailing across the Internet's shark-infested waters, there are many ways in which the Web could be made more secure by almost any definition, said Sun Microsystems (Nasdaq: SUNW - news) Vice President and Chief Security Officer Dr. Whitfield Diffie. "What is not clear is how the security problems [relating to malware, spam, phishing and break-ins] can be ameliorated without changing the things that make the Internet such a valuable cultural and commercial medium."
Nevertheless, further controls over the Internet -- whether implemented globally or by the U.S. -- are inevitable. One case in point comes from U.S. federal banking regulators, who now say they will require American banking institutions to move their online customers to a two-step authentication process by the end of next year. Possible solutions include the use of one-time "scratch" codes, tokens, smartcards, or even biometric readers. But the implementation of any of these methods is going to increase the cost of doing business, as well as add to the complexity of using the Internet.
Diffie noted that proposals put forth by established institutions -- especially those from national governments -- create new authorities with the power to regulate the Internet, either proactively or through threat of liability or criminal prosecution for those who don't comply.
However, what they propose to do will raise the startup costs of new Internet activities, Diffie said. "This will stifle innovation and [it] threatens to make the Internet another tool of existing monopolies."
A Mirror Image
Everyone needs to realize that the Internet mirrors society at large, both in the U.S. and around the world, Gartner's Smith said -- there will always be some individuals and groups who will attempt to exploit others for financial gain. "It's just like going out on the town at night," he said. "Although you may be concerned about being mugged, that doesn't stop you from going out, but you do have to remain vigilant and take precautions."
Analysts said people should not entertain the expectation that one's virtual life on the Internet ought to be any safer than what one encounters in the real world.
"There's no fundamental difference between using QuickBooks to embezzle funds and using a ledger to embezzle funds," Moyle said. "The technology just changes how the fraud is accomplished and maybe who commits it; it doesn't change why it's committed. As long as there are criminals, they will find a way to use the existing mechanisms to their advantage."
Vigilance, not pessimism, is what will be needed to combat the increase in criminal online threats. In this respect, a partnership between industry, academia, and government makes good sense, "with European Community and U.S. government investments going toward increasing innovation on both the inside and outside of the infrastructure," said Symantec's Witten.
"I think the Internet is evolving toward a model where the nations and the companies that invest in security are increasingly being protected from the unprotected corners of the world," he said. "That's a natural evolution in progress."
Said Smith, "If the pirates come out of their havens, then you've got to repel them back."
Assessing the Consequences
Domain names and numbers are essential components of the technical rules that govern how networks and computers find and recognize one another globally, which is why the rest of the world is so eager to have a say in how they are assigned. Still, some wonder if any change in Internet governance could potentially disrupt the Internet's core functions in a major way.
Moyle said he does not think anyone can be sure of an interruption of service if the U.N. eventually supplants ICANN. "However," he said, "history has taught us that changes of global magnitude are seldom seamless. The Internet already functions far beyond the wildest dreams of its designers -- it has enabled commerce, communications, and the exchange of information for decades now. For good or for bad, the current structure works, and works well."
The jury is still out as to what will be the consequences of a switch from ICANN. If the summit representatives decide to take a policy-centric approach to the problem of spam, such as by establishing a fine for spammers, there likely will be no technical effect on the Internet at all, Moyle said. "But if they attempt to implement some type of 'postage' scenario such as the one they proposed in 1999, I think it's a safe bet that the consequences would be earth-shattering, on both a technological and economic level." (In 1999, the U.N. called on governments to pass a law requiring Internet users to pay a tax of 1 U.S. cent for every 100 e-mails they send, with the revenue going to subsidize the extension of the Internet to Third World countries.)
The Summit's Work Group on Internet Governance also has indicated that the new IPv6 addressing system is also on the table. "IPv6 is certainly no 'instant on' -- it's a long hard road to get it done," Moyle noted.
"If the U.N. intends to softly encourage the transition to IPv6 via policy -- or merely wishes to coordinate or 'track' the deployment of IPv6 over time -- the impact will likely be minimal," Moyle said. "But if they are going to take a stronger approach -- which they could theoretically do with the new authority -- the impact would once again be tremendous."
http://news.yahoo.com/s/nf/20051108/tc_nf/38790;_ylt=AqLBLysKuGF20fSNR30WgpkjtBAF;_ylu=X3oDMTBiMW04NW9mBHNlYwMlJVRPUCUl
