Arguments Over Internet Governance Transition Get Even More Stupid
from the make-it-stop dept
So, yesterday, we noted that the Senate at least seemed to come (at least somewhat) to its senses in choosing not to include the ridiculous and dangerous proposal from Ted Cruz (and supported by Donald Trump) to block the transition of the IANA functions of internet governance away from the Commerce Department. I won’t go into (once again) why this is important and not a problem, or even why Cruz’s objections to it are so backwards that his plan will actually make it more likely that the “bad” result he keeps warning about will actually come to pass. You can reread the older articles on that.
However, with Democrats complaining about the Senate’s Continuing Resolution and a vote on it being pushed off, the debate over the possibility of blocking the transition is still going on. Hell, Ted Cruz even pointed to Donald Trump’s support of his plan as a reason to finally endorse Trump:
Internet freedom. Clinton supports Obama?s plan to hand over control of the Internet to an international community of stakeholders, including Russia, China, and Iran. Just this week, Trump came out strongly against that plan, and in support of free speech online.
Except, none of that is true. First, the plan does not hand over control to Russia, China and Iran — and keeping IANA under the Commerce Dept. makes it A LOT MORE LIKELY that that coalition of countries is able to grab control of the IANA functions from ICANN and the US. But, uh, even more importantly, claiming that Trump is in favor of “free speech online” is laughable. This is the candidate who has repeatedly talked about “opening up our libel laws” to go after speech he doesn’t like, has threatened to sue many publications for protected speech, and has flat out declared that we should turn off parts of the internet and anyone who responded with “freedom of speech” was “foolish.”
But, that’s still not the craziest argument I’ve heard recently concerning the transition. The award there goes to Theresa Payton, who was a top IT staffer at the White House under George W. Bush and now runs a “cybersecurity” firm. She wrote a bizarre opinion piece in The Hill that, frankly, calls into question whether she understands what ICANN even does. She tries to argue that the transition will somehow make it easier for Russia to hack our election… because [reasons].
Changing who controls the Internet Corporation for Assigned Names and Numbers (ICANN) so close to our presidential election will jeopardize the results of how you vote on Nov. 8 unless Congress stops this changeover. When the calendar hits Sept. 30, a mere 6 weeks before our election, the United States cannot be assured that if any web site is hacked, the responsible party will be held accountable. We cannot be sure if a web site is a valid. We cannot be sure if one country is being favored over another. These are all the things ICANN is responsible for and has worked perfectly since the Internet was created. Why change it now and so close to the election? Why does that matter to you as a voter?
Take a look at recent cyber activity as it relates to the election. The Democratic National Convention was breached comprising the entire party?s strategy, donor base, and indeed, national convention. Everything the DNC had done to prepare for a moment four years in the making (if not longer) was undermined by a hacker who had been in their system for some time but waited for the optimal moment to spring it on the DNC ? opening day of the convention. The FBI and other U.S. agencies, as the headlines blare, suspect Russia is responsible for the hack. Recently, Vladimir Putin went so far as to say, “Does it matter who broke in? Surely what’s important is the content of what was released to the public.?
Except, uh, ICANN has nothing to do with figuring out who hacks who. Nor is it the party that’s figuring out if one country “is being favored over another” or if a “website is valid.” That’s not ICANN’s job, and has nothing to do whatsoever with the IANA transition — which will leave the internet working exactly as it has before. Honestly, this opinion piece does nothing to call the transition into question, but does a tremendous job in calling Theresa Payton’s knowledge of technology and cybersecurity into question.
ICANN does more than just assign and/or approve your website?s domain. ICANN has its own Security and Stability Advisory Committee, which ?engages in ongoing threat assessment and risk analysis of the Internet naming and address allocation services to assess where the principal threats to stability and security lie, and advises the ICANN community accordingly.? They are equivalent to your security guard at the bank. Why change the security guard now when voter data is more vulnerable ? and prized – than ever?
If ICANN changes hands, so do the security measures taken to protect the rightful owner of your web site. If a site was hijacked today ? not an uncommon crime in the cyber world – to reassert yourself as the rightful owner, you would go through law enforcement channels, your domain provider, and yes, ICANN.
First of all, the “transition” in question isn’t about transitioning all of ICANN. Just its IANA functions, which only have a symbolic connection to the US government. Second, Payton seems to not understand what ICANN does, what the ICANN SSAC does, or how internet security works. They are not the equivalent of the “security guard at the bank.” You’d think the CEO and founder of a “cybersecurity” company would know that. And, after the IANA transition takes place, ICANN itself doesn’t “change hands” nor does it change what the SSAC does, which isn’t anything even remotely close to what Payton seems to think it does.
Don’t trust me? How about Stephen Crocker, who heads ICANN’s Board of Directors — and also helped create the damn internet. You know how much of the internet was designed through “RFCs” — “Requests for Comments” — well, Crocker invented the RFC and wrote the very first one. I think he knows what he’s talking about. And he and the head of ICANN’s SSAC, Patrik Fallstrom, have responded to Payton with a nicer version of “you have no idea what you’re talking about.”
The SSAC is not a ?security guard? for the Internet. The SSAC has no enforcement power, and the value of its advice is based on the strength of the facts underlying such advice.
The Security and Stability Advisory Committee advises the ICANN community and Board on matters relating to the security and integrity of the Internet’s naming and address allocation systems. Our recent work include advisories on a wide range of topics such as internationalized domain names, protecting domain name owners and operators, best practices for domain name registrars, analysis on the changing nature of IPv4 address semantics, and advice on matters pertaining to the correct and reliable operation of the root name system and other issues (see https://ssac.icann.org/ for more details). The SSAC neither operates as a security guard for the Internet, nor does it aspire to.
The IANA transition has no practical effect on the work and activities of the SSAC. Nor does the transition have any effect on the security and stability of website owners worldwide. The risk of compromise of a website owner does not increase as a result of the IANA transition, since ICANN and IANA do not control either the ownership of websites or the content on websites. Leading technical experts, industry associations, and civil society groups agree that allowing the IANA contract to expire is the best possible way to protect and promote the continued integrity of the Internet.
There is simply no relationship between ICANN and the current U.S. election process. Assertions of this sort are misleading and irresponsible. On the other hand, attempt to connect ICANN to the U.S. political process play directly into the hands of the enemies of an open Internet who would like to see ICANN and other Internet bodies put under the control of the United Nations or, worse yet, broken up into separate, government-controlled networks that do not interoperate smoothly around the world.
So, yeah. It seems that as we get closer to the transition, and since this issue has become “political,” we’re seeing stupider and ever more clueless attacks — but they seem to only serve to make the people behind them look worse and worse. This shouldn’t be a partisan issue. It shouldn’t be a political issue. It shouldn’t be an issue. Severing the minor link connection between IANA and the Commerce Department changes nothing practical in how the internet is governed, but takes a big weapon away from Russia and China in their quest to take control over those functions.