Today ICANN's GNSO Privacy & Proxy Services Accreditation Issues Working Group is discussing the comments that EFF and thousands of others made in response to proposals to clamp down on the availability of privacy proxy services by domain registrants. Those plans could have prevented registrants from using such services to shield their personal information from public view—but the news from the Working Group session on that count is relatively good. It seems that the Working Group will accept that privacy services should remain generally available, including by those who use their domain names commercially.
But meanwhile, literally on the same day, the United States is in the middle of a closed-door meeting in Paris that will contradict everything that the ICANN community has painstakingly agreed. At this week's meeting of the Committee on Consumer Policy of the of the OECD (Organization for Economic Cooperation and Development, a club of developed countries), the United States is pushing through language for a new revision of the OECD E-commerce Recommendation that would require domain name registration information to be made publicly available for websites that are promoting or engaged in commercial transactions with consumers.
The fact that this ignores the concerns expressed by EFF to the Committee on Consumer Policy is the least important problem. Far more important is that it rides roughshod over an open, multi-stakeholder process in which all stakeholders have been able to come together to collaborate on developing policy on WHOIS privacy (a process that has attracted intense public interest), rather than having this policy imposed from above by a bloc of powerful governments. Although not binding in themselves, OECD recommendations are influential on member states and very frequently find their way into national laws and policies.
This is not to say that ICANN's processes are perfect—far from it; indeed much of the discussion at this week's ICANN meeting centers on the ongoing process of improving its accountability. Even so, there is broad agreement by all OECD governments that for better or worse, decisions on global Internet naming and numbering should be governed using ICANN's multi-stakeholder model. This agreement is recorded even in the OECD's own documents, such as its Principles for Internet Policy-Making [PDF] which state:
The multi-stakeholder environment has underpinned the process of Internet governance and the management of critical Internet resources (such as naming and numbering resources) and it should continue to occur in a transparent manner. Governments should also work within a multi-stakeholder process to achieve international public policy goals and strengthen Internet governance.
The same commitment to multi-stakeholder rather than top-down governmental governance of the domain name system is also found in U.S. Congressional resolutions such as a February 2015 Senate resolution that:
the United States remains committed to the multistakeholder model of Internet governance, in which the private sector works in collaboration with civil society, governments, and technical experts in a consensus fashion.
In the past, the U.S. government has honored this commitment, by communicating its concerns about domain name policy through ICANN's Government Advisory Committee rather than forcing ICANN's hand through resolutions of external bodies. A good example of this was its ultimate forbearance from reversing ICANN's decision to approve the .xxx domain, despite bipartisan concern about that decision.
But on privacy proxy services, it has gone back on this commitment; not just once, but again. Apart from this week's OECD discussions, this month's leak of the IP chapter of the TPP revealed that U.S. negotiators have also forced text on the public disclosure of WHOIS data onto eleven other nations around the Pacific rim. This auguments the OECD resolution by extending it to country-code domain registries, which are otherwise independently managed. But this too breaks promises that the U.S. has made, including its agreement in the Tunis Agenda on the Information Society that:
Countries should not be involved in decisions regarding another country’s country-code Top-Level Domain (ccTLD). Their legitimate interests, as expressed and defined by each country, in diverse ways, regarding decisions affecting their ccTLDs, need to be respected, upheld and addressed via a flexible and improved framework and mechanisms.
If the United States government wishes to protect domain name administration from the clutches of repressive governments and intergovernmental organizations such as the ITU (International Telecommunications Union), then it also needs to curtail its own interference, either directly or through the intergovernmental processes and treaty negotiations that it controls. For all ICANN's faults, it is a far more appropriate venue for stakeholders to develop standards on domain privacy than either the OECD, or secretive trade negotiations such as the TPP.