For other versions of this document, see http://wikileaks.org/wiki/CRS-97-868 ------------------------------------------------------------------------------ Order Code 97-868 Updated March 19, 2008 Internet Domain Names: Background and Policy Issues Lennard G. Kruger Specialist in Science and Technology Resources, Science, and Industry Division Summary To navigate the Internet requires using addresses (and corresponding names) that identify the location of individual computers. As the Internet grew, the method for allocating and designating those domain names became controversial. The Administration issued a White Paper in June 1998 endorsing the creation of a new not- for-profit corporation of private sector Internet stakeholders to administer policy for the Internet name and address system. On November 25, 1998, the Department of Commerce (DOC) formally approved a new corporation, called the Internet Corporation for Assigned Names and Numbers (ICANN). A Joint Project Agreement between ICANN and DOC extends through September 2009. The 110th Congress maintains oversight on how the Department of Commerce manages and oversees ICANN's activities and policies. This report will be updated as events warrant. Background The Internet is often described as a "network of networks" because it is not a single physical entity but, in fact, hundreds of thousands of interconnected networks linking millions of computers around the world. Computers connected to the Internet are identified by a unique Internet Protocol (IP) number that designates their specific location, thereby making it possible to send and receive messages and to access information from computers anywhere on the Internet. Domain names were created to provide users with a simple location name, rather than requiring them to use a long list of numbers. For example, the IP number for the location of the THOMAS legislative system at the Library of Congress is 140.147.248.9; the corresponding domain name is thomas.loc.gov. Top Level Domains (TLDs) appear at the end of an address and are either a given country code, such as .jp or .uk, or are generic designations (gTLDs), such as .com, .org, .net, .edu, or .gov. The Domain Name System (DNS) is the distributed set of databases residing in computers around the world that contain the address numbers, mapped to corresponding domain names. Those computers, called root servers, must be coordinated to ensure connectivity across the Internet. CRS-2 The Internet originated with research funding provided by the Department of Defense Advanced Research Projects Agency (DARPA) to establish a military network. As its use expanded, a civilian segment evolved with support from the National Science Foundation (NSF) and other science agencies. While there are no formal statutory authorities or international agreements governing the management and operation of the Internet and the DNS, several entities have played key roles in the DNS. The Internet Assigned Numbers Authority (IANA) makes technical decisions concerning root servers, determines qualifications for applicants to manage country code TLDs, assigns unique protocol parameters, and manages the IP address space, including delegating blocks of addresses to registries around the world to assign to users in their geographic area. NSF was responsible for registration of nonmilitary domain names, and in 1992 put out a solicitation for managing network services, including domain name registration. In 1993, NSF signed a five-year cooperative agreement with a consortium of companies called InterNic. Under this agreement, Network Solutions Inc. (NSI), a Herndon, Virginia engineering and management consulting firm, became the sole Internet domain name registration service for registering the .com, .net., and .org. gTLDs. Since the imposition of registration fees in 1995, criticism of NSI's sole control over registration of the gTLDs grew. In addition, there was an increase in trademark disputes arising out of the enormous growth of registrations in the .com domain. There also was concern that the role played by IANA lacked a legal foundation and required more permanence to ensure the stability of the Internet and the domain name system. These concerns prompted actions both in the United States and internationally. An International Ad Hoc Committee (IAHC), a coalition of individuals representing various constituencies, released a proposal for the administration and management of gTLDs on February 4, 1997. The proposal recommended that seven new gTLDs be created and that additional registrars be selected to compete with each other in the granting of registration services for all new second level domain names. To assess whether the IAHC proposal should be supported by the U.S. government, the executive branch created an interagency group to address the domain name issue and assigned lead responsibility to the National Telecommunications and Information Administration (NTIA) of the Department of Commerce (DOC). On June 5, 1998, DOC issued a final statement of policy, "Management of Internet Names and Addresses." Called the White Paper, the statement indicated that the U.S. government was prepared to recognize and enter into agreement with "a new not-for-profit corporation formed by private sector Internet stakeholders to administer policy for the Internet name and address system."1 In deciding upon an entity with which to enter such an agreement, the U.S. government would assess whether the new system ensured stability, competition, private and bottom- up coordination, and fair representation of the Internet community as a whole. The White Paper endorsed a process whereby the divergent interests of the Internet community would come together and decide how Internet names and addresses would be managed and administered. Accordingly, Internet constituencies from around the world 1 Management of Internet Names and Addresses, National Telecommunications and Information Administration, Department of Commerce, Federal Register, Vol. 63, No. 111, June 10, 1998, 31741. CRS-3 held a series of meetings during the summer of 1998 to discuss how the New Corporation might be constituted and structured. Meanwhile, IANA, in collaboration with NSI, released a proposed set of bylaws and articles of incorporation. The proposed new corporation was called the Internet Corporation for Assigned Names and Numbers (ICANN). After five iterations, the final version of ICANN's bylaws and articles of incorporation were submitted to the Department of Commerce on October 2, 1998. On November 25, 1998, DOC and ICANN signed an official Memorandum of Understanding (MOU), whereby DOC and ICANN agreed to jointly design, develop, and test the mechanisms, methods, and procedures necessary to transition management responsibility for DNS functions to a private-sector not-for-profit entity. The White Paper also signaled DOC's intention to ramp down the government's Cooperative Agreement with NSI, with the objective of introducing competition into the domain name space while maintaining stability and ensuring an orderly transition. During this transition period, government obligations were to be terminated as DNS responsibilities transferred to ICANN. Specifically, NSI committed to the development of a Shared Registration System that permitted all accredited registrars to provide registration services within the .com, .net., and .org gTLDs. After a year of negotiations, on November 10, 1999, ICANN, NSI, and DOC formally signed agreements which provided that NSI (now VeriSign) was required to sell its registrar operation by May 10, 2001 in order to retain control of the dot-com registry until 2007. In April 2001, arguing that the registrar business was by then highly competitive, VeriSign reached a new agreement with ICANN whereby its registry and registrar businesses would not have to be separated. With DOC approval, ICANN and VeriSign signed the formal agreement on May 25, 2001. The agreement provided that VeriSign would continue to operate the .org registry until 2002; the .net registry until June 30, 2005; and the .com registry until at least the expiration date of the current agreement in 2007, and possibly beyond. In 2002, the ICANN Board selected Public Interest Registry to operate .org for six years, and in 2005, selected Verisign to operate the .net registry for an additional six years. On September 17, 2003, ICANN and the Department of Commerce agreed to extend their MOU until September 30, 2006. The MOU specified transition tasks which ICANN agreed to address. On June 30, 2005, Michael Gallagher, then-Assistant Secretary of Commerce for Communications and Information and Administrator of NTIA, stated the U.S. Government's principles on the Internet's domain name system. Specifically, NTIA stated that the U.S. Government "intends to preserve the security and stability" of the DNS, and that "the United States is committed to taking no action that would have the potential to adversely impact the effective and efficient operation of the DNS and will therefore maintain its historic role in authorizing changes or modifications to the authoritative root zone file." The NTIA statement also said that governments have legitimate interests in the management of their country code top level domains, that ICANN is the appropriate technical manager of the DNS, and that dialogue related to Internet governance should continue in relevant multiple fora.2 2 See [http://www.ntia.doc.gov/ntiahome/domainname/USDNSprinciples_06302005.pdf]. CRS-4 On September 29, 2006, DOC announced a new Joint Project Agreement (JPA) with ICANN which continues the transition to the private sector of the coordination of technical functions relating to management of the DNS. The JPA extends through September 30, 2009, and focuses on institutionalizing transparency and accountability mechanisms within ICANN. Issues Congressional Committees (primarily the Senate Committee on Commerce, Science and Transportation and the House Committee on Energy and Commerce) maintain oversight on how the Department of Commerce manages and oversees ICANN's activities and policies. Some issues of recent and current concern are discussed below. ICANN's Relationship with DOC. The Joint Project Agreement (JPA) directed DOC to conduct a "mid-term review" of ICANN's continuing transition to the private sector. On October 30, 2007, DOC asked for public comments on ICANN's progress towards becoming a more stable organization with greater transparency and accountability in its procedures and decision making. On February 28, 2008, DOC/NTIA held a public meeting to hear the views of Internet stakeholders.3 The ICANN Board stated that ICANN has met its responsibilities under the JPA, that the JPA should conclude during the months leading up to September 2009, and that DOC oversight and authority over ICANN should be ended at that time. Various Internet stakeholders disagree as to whether DOC should maintain control over ICANN after the current JPA expires. Many U.S. industry and public interest groups argue that ICANN is not yet sufficiently transparent and accountable, and that continued DOC oversight is needed until full privatization is warranted. On the other hand, many international entities and groups from countries outside the U.S. argue that ICANN has sufficiently met conditions for privatization, and that continued U.S. government control over an international organization is not appropriate. ICANN and the U.N. The United Nations (U.N.), at the December 2003 World Summit on the Information Society (WSIS), debated and agreed to study the issue of how to achieve greater international involvement in the governance of the Internet and the domain name system in particular. The study was conducted by the U.N.'s Working Group on Internet Governance (WGIG). On July 14, 2005, the WGIG released its report, stating that no single government should have a preeminent role in relation to international Internet governance, calling for further internationalization of Internet governance, and proposing the creation of a new global forum for Internet stakeholders. Four possible models were put forth, including two involving the creation of new Internet governance bodies linked to the U.N. Under three of the four models, ICANN would either be supplanted or made accountable to a higher intergovernmental body. The report's conclusions were scheduled to be considered during the second phase of the WSIS to be held in Tunis in November 2005. U.S. officials stated their opposition to transferring control and administration of the domain name system from ICANN to any international body. Similarly, the 109th Congress expressed its support for maintaining U.S. control over ICANN (H.Con.Res. 268 and S.Res. 323). 3 See [http://www.ntia.doc.gov/ntiahome/domainname/jpamidtermreview.html]. CRS-5 The European Union (EU) initially supported the U.S. position. However, during September 2005 preparatory meetings, the EU seemingly shifted its support towards an approach which favored an enhanced international role in governing the Internet. Conflict at the WSIS Tunis Summit over control of the domain name system was averted by the announcement, on November 15, 2005, of an Internet governance agreement between the U.S., the EU, and over 100 other nations. Under this agreement, ICANN and the U.S. would remain in control of the domain name system. A new international group under the auspices of the UN was formed -- the Internet Governance Forum -- which provides an ongoing forum for all stakeholders (both governments and nongovernmental groups) to discuss and debate Internet policy issues. The Internet Governance Forum was slated to run for five years and does not have binding authority. ICANN-Verisign Agreement and the .com registry. As part of a legal settlement of a long-running dispute between ICANN and Verisign, on February 28, 2006, the ICANN Board of Directors approved (by a vote of 9-5) a new .com registry agreement with Verisign. Under this settlement, Verisign will run the .com registry until 2012 (with a presumption that the agreement will be renewed beyond that date), and will be able to raise domain registration fees by 7% in four of the next six years. These registration fees refer to the current $6 fee that a registrar (such as GoDaddy or Register.com) pays the .com registry operator (Verisign) for each .com domain name registration purchased by the consumer. Under the agreement, Verisign will pay ICANN a one-time sum of $625,000 to implement the agreement, as well as a yearly registry fee, starting at $6 million per year, and going up over the next two years to approximately $12 million. Critics of the ICANN-Verisign settlement asserted that the agreement is anticompetitive, giving Verisign a virtually permanent monopoly over the lucrative .com registry, while also enabling Verisign to raise registration fees without justification. Defenders of the settlement argued that the agreement is necessary to ensure the stability and security of the Internet by ensuring the financial stability of ICANN, and by allowing Verisign the flexibility to raise revenue for upgrading its infrastructure. The ICANN- Verisign .com agreement was approved by NTIA/DOC on November 30, 2006. As a condition of its approval, NTIA retains oversight over any changes to the pricing provisions of, or renewals of, the new .com registry agreement. Approval of any renewal will occur if NTIA concludes that the approval will serve the public interest in the continued security and stability of the DNS, and in the operation of the .com registry at reasonable prices, terms and conditions. Protecting Children on the Internet. In the 107th Congress, legislation sought to create a "kids-friendly top level domain name" that would contain only age-appropriate content. The Dot Kids Implementation and Efficiency Act of 2002 was signed into law on December 4, 2002 (P.L. 107-317) and authorizes NTIA to require the .us registry operator (currently NeuStar) to establish, operate, and maintain a second level domain within the .us TLD that is restricted to material suitable for minors. In the 108th Congress, P.L. 108-21 (PROTECT Act), contains a provision (Sec. 108: Misleading Domain Names on the Internet) which makes it a punishable crime to knowingly use a misleading domain name with the intent to deceive a person into viewing obscenity on the Internet. Increased penalties are provided for deceiving minors into viewing harmful material. In the 109th Congress, the Adam Walsh Child Protection and Safety Act of 2006 (P.L. 109-248), signed into law on July 27, 2006, increases the maximum sentence from four years to ten years for deceiving minors into viewing harmful material. CRS-6 On June 1, 2005, ICANN announced that it had entered into commercial and technical negotiations with a registry company (ICM Registry) to operate a new ".xxx" domain, which would be designated for use by adult websites. Registration by adult websites into the .xxx domain would be purely voluntary, and those sites would not be required to give up their existing (for the most part, .com) sites. Announcement of a .xxx domain proved controversial. With the ICANN Board scheduled to consider final approval of the .xxx domain on August 16, 2005, the Department of Commerce sent a letter to ICANN requesting that adequate additional time be provided to allow ICANN to address the objections of individuals expressing concerns about the impact of pornography on families and children and opposing the creation of a new top level domain devoted to adult content. ICANN's Governmental Advisory Committee (GAC) also requested more time before the final decision. At the March 2006 Board meeting in New Zealand, the ICANN Board authorized ICANN staff to continue negotiations with ICM Registry to address concerns raised by the DOC and the GAC. However, on May 10, 2006, the Board voted 9-5 against accepting the proposed agreement, but did not rule out accepting a revised agreement. Subsequently, on January 5, 2007, ICANN published for public comment a proposed revised agreement with ICM Registry to establish a .xxx domain. However, on March 30, 2007, the ICANN Board voted 9-5 to deny the .xxx domain, citing its reluctance to possibly assume an ongoing management and oversight role with respect to Internet content.4 Privacy. Any person or entity who registers a domain name is required to provide contact information (phone number, address, email) which is entered into a public online database (the "WHOIS" database). The scope and accessibility of WHOIS database information has been an issue of contention. Privacy advocates have argued that access to such information should be limited, while many businesses, intellectual property interests, law enforcement agencies, and the U.S. Government have argued that complete and accurate WHOIS information should continue to be publicly accessible. Over the past several years, ICANN has debated this issue through its Generic Names Supporting Organization (GNSO), which is developing policy recommendations on what data should be publicly available through the WHOIS database. On April 12, 2006, the GNSO approved an official "working definition" for the purpose of the public display of WHOIS information. The GNSO supported a narrow technical definition favored by privacy advocates, registries, registrars, and non-commercial user constituencies, rather then a more expansive definition favored by intellectual property interests, business constituencies, Internet service providers, law enforcement agencies, and the Department of Commerce (through its participation in ICANN's Governmental Advisory Committee). At ICANN's June 2006 meeting, opponents of limiting access to WHOIS data continued urging ICANN to reconsider the working definition. On October 31, 2007, the GNSO voted to defer a decision on WHOIS database privacy and recommended more studies. The GNSO also rejected a proposal to allow Internet users the option of listing third party contact information rather than their own private data. It will now be up to the ICANN Board to decide whether or how to proceed.5 4 Legislation in past Congresses has explored the possibility of a creating a mandatory .xxx-type domain. See CRS Report RL33224, Constitutionality of Requiring Sexually Explicit Material on the Internet to be Under a Separate Domain Name, by Henry Cohen. 5 See ICANN "Whois Services" page, available at [http://www.icann.org/topics/whois-services/]. ------------------------------------------------------------------------------ For other versions of this document, see http://wikileaks.org/wiki/CRS-97-868