CircleID: Featured Blogs

ICANN Board Meeting Spoiler Alert

2010-03-11T15:48:00-08:00

For those participants that have been working rearranged hours and participating remotely in connection with ICANN's Nairobi meeting, here is a chance to sleep in. While ICANN Board tea leaf reading is not an exact science, there is a great deal of predictability to ICANN's actions so here are my big three predictions for tomorrow.

#1 – ICANN Board Approves the EOI

Kristina Rosette, GNSO Counsel representative highlighted how ICANN had already announced a webinar on March 18th to talk about the new gTLD process and the EOI/Pre-Reservation process. Now while ICANN staff promptly edited this page after Kristina's statement in the public forum, to include the following disclaimer (SUBJECT TO BOARD DECISION), this appears to be preordained based on the additional facts listed below.

#2 – Launch of the Global Communication Plan

The Seoul meeting was interesting as it was one of the first ICANN meetings were there was an absence of artificial timelines in connection with the launch of the new gTLD process. This meeting was also largely absent of timelines, expect for those attendees that managed to sit in on the new gTLD staff briefing given by Kurt Pritz to the Registrar Stakeholder Group. While the first slides in Kurt's presentation where almost identical to the other public presentations, the last two saw the re-emergence of project times. These slides were entitled "Applicant Guidebook V4—Shortest Path" and "Expression of Interest (EOI)—Shortest Path." While this power point presentation given to the registrars is not currently available on the ICANN website, I am sure that within minutes of this article being published it will timely appear on the ICANN website much like the update to the March 18th webinar.

#3 – Approval of the ICM Application

Today on the ICANN correspondence website there appears a private and confidential communication submitted by ICM to ICANN to settle its dispute. Given that this "private and confidential" communication is now public is a reasonable indicator that ICANN will accept the offer. The only suspense is if ICANN approves the last 2007 registry contract posted for public comment, or if it re-opens contractual negotiations. Given that re-opening negotiations would subject ICANN to intense lobbying from certain stakeholder groups that feel rather passionately about this subject and how this might distract staff from its Brussels' deliverables, it is a safe bet to predict that ICANN just bites the bullet and executes the 2007 agreement.

Shock and Awe

Regardless of what actions the ICANN Board takes tomorrow it will be criticized. Therefore, given the new style leadership demonstrated by ICANN President and CEO, Rod Beckstrom and Chairman Peter Dengate Thrush, I predict ICANN goes 'all in." While it may take several years to determine whether the ICANN Board made the right decision in Nairobi, this much is guaranteed for sure, ICANN's actions represent a global economic stimulus plan for attorneys of epic portions that will be paying dividends for year to come. Let the fun begin, and let the chips fall where they may.

Written by Michael D. Palage, Adjunct Fellow at The Progress & Freedom Foundation

Follow CircleID on Twitter

More under: Domain Names, Domain Registries, ICANN, Internet Governance, Top-Level Domains

The Free Internet in Jeopardy

2010-03-11T10:21:00-08:00

The venerated BBC World Service recently commissioned a polled involving more than 27,000 people across 26 countries. The findings are unremarkable: some 87% of Internet users believe that Internet access should be a basic right, and more than 70% of non-users believe that they should have access to it.

Depending on your country, the Internet has been available for ten years or more, and for individuals—at least in the developed world—it has since become ingrained in psyches as an essential commodity, akin to access to fixed-line telephony, electricity and potable water. For a growing number, the Internet is essential for work, for a greater number it is the first port of call for problem solving and information (Wiki and online Yellow pages come to mind) or getting things done (banking, finding out timetables for travel, etc). Most governments, too, now take the Internet as a key component of infrastructure, crucial to a nation's future socio-economic potential.

What governments may do with the Internet is another matter. A decade's experience and use of the service has enabled a growing number of governments to manhandle the potential dangers of hacking, fraud and privacy as a means to tighten the screws on their own control of access, and of their nationals' use of it. This is rightly opposed by the users themselves, over half of whom surveyed for the BBC believing that no government should be empowered to regulate the Internet.

In Europe, the 'three strikes rule' threatens to become more fashionable, following measures first proposed in France: there, the Création et Internet Bill failed in 2009 when France's Conseil Constitutionnel ruled that it leaned too much to 'guilty until proven innocent' and that it threatened major sanctions (Internet disconnection and a national blacklist on access) without judicial oversight. Nevertheless, the government shoehorned the Bill a second time, which this month came before the National Assembly for debate.

The Bill proposes that the scheme be administered by a newly formed group called HADOPI. ISPs notified about alleged file-sharing would be required to send an e-mail to the customer involved, a registered letter at the second alleged offence and, for a third offence, terminate access for up to a year. A database managed by HADOPI could presumably prevent blocked users from switching ISPs.

Italy looks like adopting a similar approach. Having in 2009 sued the Swedish The Pirate Bay site and attempted to force ISPs to block access to its content, the more recent charging of Google executives with criminal charges resulting from YouTube content denotes a government leaning towards authoritarianism regarding the Internet. The Italian three-strikes proposal would be complemented by a requirement that all blogs register with the government.

In the UK, meanwhile, the government is pushing through its controversial Digital Economy Bill, which proposes empowering regulators to disconnect or slow down Internet connections of persistent illegal file-sharers. Amendments to the Bill passed this month at the report stage at the House of Lords before its third and final reading in the House of Commons, could in theory force sites such as YouTube which host copyright-infringing material to be blocked or forced offline. The UK's three-strikes rule is similar in its essentials to those of France and the UK, with disconnection following two warnings.

At the European Union level, the European Parliament was initially critical of the three-strikes schemes, largely due to the absence of judicial review. However, this month the Anti-Counterfeiting Trade Agreement (ACTA) was put forward for debate between the US, the EC, Japan, Switzerland, Australia, New Zealand, South Korea, Canada and Mexico. Aimed at preventing online counterfeiting, it threatens to punish ISPs for content delivered.

Polls show the sincerity of popular regard for a free Internet, and suggest that to tackle piracy other solutions than blocking ISPs and throwing citizens offline should be considered. Until they are considered, citizens should, as always, be vigilant about what their governments are legislating, lest they find themselves with a thoroughly policed Internet far removed from what they now know it to be.

Written by Paul Budde, Managing Director of Paul Budde Communication

Follow CircleID on Twitter

More under: Access Providers, Censorship, Internet Governance, Policy & Regulation, Privacy

ICANN's Board Decisions in Nairobi Will Determine Its Credibility and Respect for Years to Come

2010-03-11T09:19:00-08:00

Today is the morning of the most revered Thursday in the ICANN meetings calendar—The public forum. It is tradition personified. It is the day when the show and the showcasing really begin. It is the stage and the choreography of the open microphone that can help influence ICANN decisions one way or another and make the supposed bottom up model appear at its best. Often, it serves to inform the board of issues they may have overlooked, other times it is a pre-planned, pre-arranged and choreographed in advance by proponents aiming to influence the board like a popularity contest. This special day precedes the Friday when the ICANN board makes its decisions, in public, adopting resolutions on many vital issues.

ICANN Nairobi carries serious expectations by the community of the ICANN Board to stand up and be counted. On the card are the .XXX fiasco, The Expression of Interest, which I and others have called the expression of "Special" Interest as well as on the New gTLDs implementation which is still littered with many unresolved overarching concerns, and not forgetting the Review mechanisms to oversee ICANN performance per the Affirmation of commitments, which may end up being loaded up with ICANN loyalists.

However, this Thursday and this Friday are unlike any of the previous years. They represent crossroads in ICANN's path that will determine its credibility that will shape its role and influence for years to come under the Beckstrom / Dungate Thrush leaderships. The resolutions ICANN do adopt this Friday or if it chooses to defer decisions on some instead of addressing them squarely will either boost ICANN's credibility or damage them irreparably.

By Friday 12pm Nairobi time we all should know if the ICANN board and its leadership possess the wisdom and far sightedness of a Solomon or a Joe Blog. Whether they are up to the task, challenge and responsibility bestowed on them by the Affirmation of commitments to rule over the entire global internet will also be known. By noon we will know if they have exhibited the needed leadership, diplomatic, and executive skills and the sincerity to show they can rule over the global internet in a fair, equitable and ubiquitous manner to all its stakeholders from Akron to Afghanistan, from DC to Damascus, from Beijing to Bangalore, delivering on its Affirmation of Commitments (AOC) mandate of ensuring accountability, transparency and the interests of all global Internet users as well as promoting competition, consumer trust and consumer choice.

Most important and most compelling of all other issues in Nairobi is .XXX . No matter how the board acts ICANN's credibility will be impacted. If the board instructs staff to execute the 2007 registry contract with ICM, ICANN indirectly admits it was wrong and creates a precedent that its board decisions will be questioned endlessly and can be reversed by an Independent Review panels in the future. If the board chooses not to instruct staff to execute the 2007 contract, it raises serious concerns over the seriousness of the AOC and the review mechanisms over ICANN and the New gTLDs. The board may defer some decisions to a later date citing some excuse in order to gauge a better result and prospect.

But this raises new questions I don't hear much in the ICANN corridors:

A – Does or doesn't ICANN consider itself as a "Global Public Service Provider" ?
B – Isn't ICANN a" Global Monopoly Public Service Provider?
C – As per the AOC, what if ICANN is seen to have failed based on the AOC review panelists?
D – What happens next?

In a competitive market if I am a customer of AT&T and they fail me I switch to sprint or Verizon, it is also called consumer choice. But where is the choice in the ICANN role and what happens if ICANN does fails. Does the community issue statements and press releases calling on ICANN once again to improve it like we have the last ten years. This is hardly choice or competition. ICANN needs to remember the difference between the internet world dealing with it because it respects it and sees it providing a great service as a global monopoly Versus being the only game in town ( the world actually). If ICANN was a service provider in a competitive market, I wonder how many would continue using the ICANN service based on its current levels of "Constituents Satisfaction" if another one can serve them better, faster, and cheaper. Are Google or Microsoft listening, or should ITU the only one aiming at this role?

Other bloggers / friends who are dissatisfied with ICANN wrote and what I add.

Jonathan Zuck: "But when the Chairman backed away from that stance earlier this week in Nairobi, it became clear that we should have held our breath a little bit longer".

I say to Jonathan: Stop holding your breath, no human can keep their breath that long, how long have the IDN communities been waiting for IDN gTLDs. ICANN's rational show a clear monopolistic style of management that knows there is nowhere for you to go and get the service you seek of ICANN anywhere else. Welcome to ICANN style of competition and choice.

Andrew Mack: "A Little Flexibility from ICANN and We Might Just Get IDNs… for Everyone"

I say to Andrew: The little flexibility you hope for in ICANN is like the short distance that appears between stars when you look up to the night sky. In reality these stars are light years apart. And so is ICANN on IDNs for everyone, I can speak on this matter as an expert on IDNs who has served on the ICANN President Advisory Committee on IDNs since its inception in 2005.

I will post my verdict after Friday 12pm Nairobi Time.

Written by Khaled Fattal, Chairman and CEO

Follow CircleID on Twitter

More under: Domain Names, ICANN, Internet Governance, Top-Level Domains

Whither .XXX?

2010-03-10T13:20:00-08:00

What's going to happen this week on .XXX? Nairobi is the first public board meeting since the independent review panel's nonbinding declaration in February that ICANN acted against its own rules in refusing to go ahead with .XXX. Reports that ICANN is going to 'do something' about .XXX have gone around the world via BBC news, and even surfaced on the radio in rural Ireland. The ICM team are out in force here in Nairobi, and there is endless speculation about what will happen at the Board's meeting on Friday.

ICM has no interest in being fobbed off with an invitation to join the new gTLD application process. That process is horribly delayed, of still uncertain timing and outcome, and would expose ICM to immediate competition from other porn-related TLDs. ICM has assiduously played by the rules and understandably does not wish to go to the back of the queue.

This could go one of two ways. First and most likely, the Board will fulfill its legal obligation to consider the panel's decision by having, and being seen to have at its public meeting on Friday, a discussion of the ruling. Then, perhaps regretfully, it will punt on any action by adopting some sort of delaying mechanism. One way to buy time and maybe even some credibility would be for the Board to put the 2007 registry contract with ICM out for another round of public comment. ICM says it will take legal action if there's any delay, though this might be hard to justify if it's 'just one more' round of public comment.

The second possibility is that the Board simply directs staff to execute the 2007 registry contract with ICM. This could and should happen. The US administration has changed and is no longer as beholden to the religious right. The remaining opposition within the GAC is likely quite isolated and far more concerned about new gTLDs in general. .XXX has been a thorn in the Board's side for several years, undermining ICANN's credibility and costing both parties around $6 million dollars. It can't go on. In arguments for 'not now': it would be a dramatic step that repudiates ICANN's past actions. The 2007 contract may no longer be fit for purpose. No one wants to be the host city or the CEO to open up the floodgates to yet more porn on the Internet.

Like any long running disagreement, the facts and sequence of events are in dispute. A posting by CEO Rod Beckstrom on the ICANN blog included an incomplete timeline and didn't commit to implementing anything more than the narrowest legal interpretation of the panel's findings. Many commenters attacked this, saying ICANN should just get on and do the right thing. This week in Nairobi CEO Rod Beckstrom has distanced himself from the blog posting, saying it was written by ICANN's General Counsel John Jeffrey. While that's not the most courageous stance I've ever seen, I hope it signals a move toward decisive action on .XXX.

Why is .XXX so difficult to sort out? The .XXX application triggered the perfect storm of conflict that got right to the heart of ICANN's mission and its point of deepest vulnerability. The average quango bumbles along for decades and never faces the precise set of people, motivation and cause with the potential to tear it apart. ICANN does so about every five years.

The .XXX affair exposed ICANN's core vulnerability, and gave flesh to all the conspiracy theories about the US government 'controlling the root'. The independent review panel's account sets out in black and white the invincible pressure on ICANN caused by a right wing religious lobby group's letter writing campaign to the US Department of Commerce. The panel drew strongly on Paul Twomey's statement that in the summer of 2005 the DoC said it would not put .XXX into the root. The version of events now in the public domain has not been publicly contested by the DoC.

The DoC's threat to unilaterally keep .XXX out of the root meant that ICANN, having gone through its whole consultative process and come to a decision well within the limits of its powers, would have publicly and finally been stripped of every last rag of its authority and raison d'etre. If this had been made public, ICANN would have been finished. At that point in the global Internet governance debate, the proof that the US government felt free to interfere in ICANN's work and exercise ultimate control over the Internet root would have fatally weakened the case for multi-stakeholder governance.

Not surprisingly, ICANN's leadership decided that is own failure to honour its commitment to ICM was the lesser of two evils. For the second time in eighteen months, ICANN faced down an existential threat and limped away, badly damaged. A legitimate question we can all ask ourselves is 'was it worth it'?

From the relative comfort of a lawyer's briefing room, it's easy to condemn ICANN's then leadership for not following through on the .XXX contract. ICANN's leaders faced the appalling dilemma of 'bombing the village in order to save it'. All ICM wants to do is run a registry and make some money. They played by the rules and didn't want to be drawn in to a world of international realpolitik. But there's no denying that's the world this dispute lives in. The legalistic nature of the dispute means ICM and most critics focus on ICANN's abrogation of its own procedures. This is important, but narrows the view too much to appreciate the big picture.

Who is the most at fault? Political appointees at DoC allowed religious extremists and bully boy tactics to drive policy on the stewardship of a global resource. They let momentary, parochial domestic impulses over-ride America's larger interest in a free and global Internet.

Stuart Lawley of ICM was absolutely right when he told me a couple of days ago that this issue is about much more than just a smutty little porn thing. It's a test of ICANN's accountability. The independent review panel is the jewel in the crown of ICANN's accountability mechanisms. Its declaration demands a substantive response, not just a discussion of the issues.

But .XXX is about more than ICANN's accountability, too. On a day in Nairobi that included a closed session on the role of the Government Advisory Committee and ICANN's institutional evolution, the transparency and accountability of individual governments should be in the spotlight, too.

Written by Maria Farrell, Independent Consultant

Follow CircleID on Twitter

More under: ICANN, Internet Governance, Top-Level Domains

American National Broadband Plan Good First Step

2010-03-10T10:48:00-08:00

The National Broadband Plan that the FCC will present on 17 March will set the USA on a completely different telecoms path. This plan will hopefully show Congress that it is worthwhile making the legislative changes that will deliver the social and economic benefits of a national broadband infrastructure.

Groundwork for a new direction in telecoms

Shortly before Barack Obama won the election in 2008 I started to work with what became the Obama Transition Team on some of the US telecoms policies. Obama and his small team of technological experts were aware of the developments in Australia—particularly in relation to the need for trans-sector policy on broadband infrastructure.

Together with a team of national (US) and international experts we prepared half a dozen 'BigThink' strategy reports for the Obama Team in the White House.

We also established a good relationship with the FCC (Blair Levin's team) and NTIA (Larry Strickling).

ALL parties publicly agreed to a trans-sector approach and many of our suggestions are clearly reflected in the stimulus package (open networks) of the FCC national purpose strategy. And our suggestions also appear in the upcoming National Broadband Plan—in the trans-sector approach to the public safety sector and the proposed mobile broadband infrastructure for this sector.

Visionary plan now needs legislative action

However, if we're talking about 'national purpose' a transformation of the telecoms industry is crucial, and the FCC has been specifically forbidden by Congress to address this topic.

The National Broadband Plan will most certainly highlight the benefits attached to a 'national purpose' policy but it is up to the Congress to make it happen. The plan will provide a new, visionary direction for telecoms in America but unfortunately in its current state it is a toothless tiger. It will be up to Congress to take action through legislation—without that it will be impossible to implement the plan in any timely fashion.

As matters stand at the moment the plan is the best the FCC can do. They should be applauded for the work they have done so far—they have laid the foundation for a totally new telecoms direction in the USA.

All of these trans-sector/national purpose policy proposals require very significant changes to the way the telecoms industry works and if—as has been stipulated by Congress—this can't and therefore will not be addressed in the Plan.

Affordable access to broadband infrastructure

Another key to telco transformation is the creation of a level of 'affordability' both for the end-users and for the sectors that could use the infrastructure, you won't get this without tough legislation.

To just get very fast broadband to American homes in isolation from this trans-sector approach is fairly useless. While you might get such a service to all homes the reality is that without a utilities-based trans-sector approach towards the underlying broadband infrastructure it will be impossible to make that an affordable service. We only have to look at the charges that currently apply to such (fiber-based) broadband services to realize that probably only about 25% of Americans can afford this.

While not defined as such in the USA, broadband is simply infrastructure. (Access to that infrastructure is now declared a national right in several European countries.) A problem in the US legislation is that the previous Administration gave broadband the unusual classification of 'an information service' and not an access service.

National purpose good for the nation and for lowering the consumer bill

If the trans-sector approach is applied other sectors (healthcare, education, energy, public safety) can be directed by the government to start using this network—thus paying their share towards the cost of the broadband infrastructure—for the delivery of their services, e.g., the monitoring of aged people from their homes to reduce the need for hospitalization.

This has to be a government-driven approach as the social and economic trans-sector benefits fall outside the balance sheets of the telco providers. These benefits need to be carefully monetized and used as input by the government in developing government policies in these areas. The OECD has indicated that the savings made by using the broadband network for healthcare, education and transport alone could pay for the deployment of a national broadband network.

Unfortunately the economic benefits are very hard to calculate. But was it possible to predict the benefits of the electricity network when it was built? The naysayers in those days said that it was outrageous to pay for infrastructure that would simple replace candles.

Structural changes to the industry are needed

In order for those sectors to be able to deliver these services the broadband infrastructure needs to be made available to them on a utilities basis. This can't be done within the vertically-integrated structure of the telecoms industry. An open network policy is required, and that is clearly not on the table in the United States—at least not for 90% of the infrastructure that will be involved in its National Broadband Plan.

So, yes, even without legislative changes the new broadband plan might indeed deliver broadband to most people in the USA—but at what cost to the average American citizen? For the moment at least, the incumbents can't believe their luck at the honey pot the government is placing in front of them. They are in a prime position to deliver these networks and they will not be required to do this at an affordable price. The government will pay the going rack rate which will include a very fat premium to the carriers on top of costs.

This situation cries out for structural changes to the industry, but it doesn't look as though change will take place in the foreseeable future.

The end result is that access to broadband will remain significantly more expensive to Americans than to people in countries that opt for an open network and utility approach towards basic infrastructure.

Regional and Rural America will be second rated

Another result will be that regional and rural users will get a second-rate service (lower speed). There is no way that those premium prices charged by the incumbent telcos can be afforded to build an equivalent broadband network in regional America. This is a very dangerous development as it will undermine the delivery of the trans-sector services to those communities. Healthcare, energy and public safety services require Qos, security, reliability, privacy protection, etc. A second-rate network will certainly compromise some of that and might even render it unacceptable for the usage of such service.

As mentioned above, the incumbents are jumping up and down with joy and—in relation to voluntary cooperation to give some spectrum back—the broadcasters are arrogantly saying 'over my dead body'. But in reality, and based on decades of anti-competitive behavior, who among these players will voluntarily give up their monopolistic rents as requested by what is, in that respect, a rather powerless FCC.

The ball is now in the court of Congress

Congress should take a very hard look at itself and answer some these questions before propping up an outmoded telecommunications structure. This money can only be spent once and at present it appears that without structural changes to the industry the new National Broadband Plan will not provide the right foundation for those national interest investments. It would be impossible to successfully implement these policies without simultaneously addressing the structural issues in the industry.

We have top-class people involved in the development of the National Broadband Plan—the ones mentioned above, as well as the excellent team of extremely hardworking people that Blair Levin has built up.

So that's not the issue. The issue is the failure of the American political system.

For the first time in its history a different approach is being taken towards telecoms in America—we now accept such notions as open networks, network neutrality and trans-sector/national. Let us hope that Congress now takes the baton from the FCC and supplies the legislative follow-up that is required to implement this very important first step.

The plan, as it will be presented on 17 March, has gone as far as the FCC can take it. It is now up to the legislators to be visionary—to make sure that the National Broadband Plan is followed up with legislation that will enable the telecoms industry to deliver the enormous social and economic national benefits highlighted in the plan.

Written by Paul Budde, Managing Director of Paul Budde Communication

Follow CircleID on Twitter

More under: Broadband, Policy & Regulation, Telecom

ICANN Takes a Wrong Turn on New TLD Contracts - "Post Signature Revision Process?"

2010-03-10T07:04:00-08:00

The pen is mightier than the word...or should be. When ICANN Chairman Peter Dengate-Thrush -- an accomplished attorney—said last year that he wouldn't let one of his own clients agree to a contract that could be unilaterally changed after it was signed, the Internet community breathed a sigh of relief.

But when the Chairman backed away from that stance earlier this week in Nairobi, it became clear that we should have held our breath a little bit longer.

ICANN's Draft Applicant Guidebook (DAG) is the bible for companies and organizations seeking to launch a new top-level domain. The latest iteration of the DAG, released last year, included a provision that would allow ICANN to summarily rewrite the terms of its contracts with new domain operators, even after those contracts are signed.

Members of the community roundly criticized the proposal which turns the fundamental covenant of a contract on its head, and has ramifications that extend far beyond prospective operators of new domains. When Dengate-Thrush signaled his own concern with the provision, many assumed that it was well on its way to being removed, or at the very least replaced with something more reasonable.

This week, however, the Chairman backed away from that position, saying that ICANN would need the flexibility to make changes to already-singed registry contracts. This has the potential to be a serious blow, not just to new registry operators, but also to clarity, contractual compliance and due process throughout ICANN.

Contracts form the backbone of ICANN's larger compact with the global Internet community. The subject of contracts, and of contract enforcement has been a repeated theme in the larger discussion of accountability and transparency within the organization.

On the eve of a critical review of ICANN's transparency and accountability, it would send a terrible message if ICANN were to take a giant step away from contractual certainty and fairness.

ICANN is under great pressure to finalize the DAG and launch the new TLD round, but this is an issue that cannot be overlooked. The community has spoken through the bottom-up process, and has said in a clear voice that this contractual provision is unacceptable. Even the most fervent proponents of the new TLD round cannot wish for a contractual obligation that can be changed at ICANN's whim.

The place to address this is here in Nairobi. ICANN needs to send a clear signal that it understands the community's concerns, and will work quickly to develop a contractual structure that is fair to all.

With any luck, new registries won't have to consider Dengate-Thrush's extremely sound legal advice, and not sign.

Written by Jonathan Zuck, President

Follow CircleID on Twitter

More under: ICANN, Internet Governance, Top-Level Domains

A Little Flexibility from ICANN and We Might Just Get IDNs… for Everyone

2010-03-08T06:48:00-08:00

Nobody doubts that some time in the near future there will be Internationalized Domain Names (IDNs) in Chinese, Russian or Arabic scripts. The Chinese, Russian and Arabic-character-using worlds are large—encompassing hundreds of millions of current and potential users. They are politically influential blocs, with the ability to demand action in international meetings. And perhaps most importantly, they are—at least when taken together—rich. Everybody knows that access on the web in these languages is not a matter of if, but simply a question of when…

But what about the poorer nations of the world that use scripts other than the largest IDNs and the typical Latin character set currently available on the net? What about Amharic, or Georgian, Azeri or Thai, Burmese or Cambodian? Doesn't the internet community have a goal of reaching out to them in their own languages too? The answer is yes, but I fear that despite the rhetoric, some of ICANN's policies may actually end up creating disincentives for companies wishing to fully build out the IDN space.

To listen to the words of Rod Beckstrom, ICANN's new-ish leader, the community's goal is to help make the internet available to anyone in their own language—and in their own character set or script. And, as we heard during the Seoul ICANN meeting last year—there was actually a celebratory cocktail to usher in the new IDN age—IDNs are the future. Still, work on Chinese, Korean and the like is only the beginning. There are dozens of scripts out there.

However, there is potentially a real flaw in ICANN's planning that threatens to upend this vision of universal IDN access, effectively leaving some scripts "out in the cold". Under ICANN's new gTLD implementation plan as presently proposed, registries operating existing gTLDs (or those hoping to operate new ones) will be required to apply for each IDN version separately… and pay full fees for each one. This directly impacts the go/no go decision for registry operators who need to make a reasonable "business case" for each script that they apply for, in order to justify the high application costs. And, while these costs might seem trivial for gTLDs in, say, Chinese or Arabic, this policy pretty much ensures that registry operators (new or old) will leave some scripts undeveloped.

The likely upshot is that the gTLD revolution going on around the world will bypass Georgian, Burmese, and Amharic entirely… furthering the digital divide.

There may be a solution, if ICANN has the flexibility to adjust its policies. Many of the evaluation costs in the new gTLD process are duplicated. As just one example, if a potential registry operator applies for multiple gTLDs, it is likely that most technical qualifications will only have to be evaluated once. This would lower ICANN's evaluation costs, and should lead to reduced application costs as well, leading to more competition for (and interest in) smaller scripts. And there may be other ways to lower the barriers to entry so that companies large and small will be able to make the business case for a truly, fully IDN-friendly internet.

At every ICANN and Internet Governance Forum meeting we hear about the need to make the internet an equal- (or at least more equal-) access platform, one that respects language and culture diversity. Lowering the costs for companies wanting to provide IDN access in less popular scripts is one obvious, tangible way to make this happen. A little flexibility could go a long way to providing a real internet future for the millions that speak and write Armenian or Burmese or a host of other languages.

Written by Andrew Mack, Principal at AMGlobal Consulting

Follow CircleID on Twitter

More under: Domain Names, ICANN, Multilinguism, Top-Level Domains, Web

OTT Threat to Telco's Middleware Opportunities

2010-03-08T06:43:00-08:00

I recently participated in two Comverse events, and once again the message was driven home to me about the enormous opportunities that lie ahead of the industry in the field of new telecoms applications.

The middleware and cloud applications that are now appearing at the edge of the network will of course, be further developed once high-speed broadband becomes available, but already they are having an enormous impact on the telecoms market. The new user experiences that can be obtainable through these applications will enrich fast broadband networks beyond recognition.

What we now have is, on the one hand, the Over-The-Top (OTT) applications that have conquered the world thanks to companies such as Google, Facebook, Amazon, Skype, Microsoft, Apple, Yahoo, YouTube and so on; and, on the other, the attempts by the telcos to develop these apps though their broadband and mobile portals.

By using the OTT route one can avoid many of the problems that the telco industry has been dealing with for decades. I remember as far back as the early 1990s, when both Telstra and Optus launched their impressive new billing reforms; but today, more than twenty years later, their billing and operational support systems (BSS/OSS) are as far from completion as they were in the 1990s. In fact it is likely that they are even further behind now, since many new applications have become available since that time—applications that are making those telco systems look like dinosaurs. In the mobile market we can also refer to decade old failed strategy of introducing IMS.

While fast broadband is the essential infrastructure of the digital economy the real action will take place on the layer above the infrastructure. This is where for many years I have envisaged the future of the telcos—facilitating the development of the digital economy, rather than concentrating on end-user products like telephone calls, mobile portals or broadband applications.

This is the world of value-added infrastructure, middleware and cloud services. However the old infrastructure with its legacy of BSS and OSS systems has failed to make the transition to the new Internet-based ICT infrastructure, let alone being able to facilitate Web 2.0 or Web 3.0 services.

In the meantime it is the new digital media companies that are building not national but international middleware networks. While telcos fail to service customer bases that consist of millions of users the digital media companies are able to serve hundreds of millions of customers.

Therefore NBNs could be a godsend, since this will, potentially at least, give telcos the opportunity to build a value-added layer on top of the infrastructure that will be capable of delivering Next Generation Network (NGN) service such as Web 3.0+ services.

However, while the digital media companies are progressing in this field on a monthly basis, telcos still measure their progress in years, so at present the gap is still growing, but not in favour of the telcos.

So the sooner the telcos start their transformation the better.

However, after well over a decade of calling for change time is now running out. They have now also lost the mobile portal battle against the apps market (that happened so fast they never knew what hit them). If the telcos miss this last opportunity it is indeed highly likely that they will be relegated to being basic infrastructure operators—and that market is also under threat as construction companies are better-positioned to do this job after most telcos went out of this business one or two decades ago.

On a more positive note, while customers might not like their dinosaur telcos they do, at the same time, trust them. They have built robust systems with enormous reliability and sound security based on proper standards and availability everywhere.

So the telcos could use this advantage to offer that same level of trust in an Internet world where it is becoming increasingly difficult to know who is trustworthy and who is not. I have made this argument for many years, trying to get the telcos to move. Again, the opportunity is still there—but for how long?

Banks are in a similar position, but they have far more valuable data they can use to help customers navigate the digital economy. So they could easily compete in this market as well. Customer knowledge is the key element of the digital economy.

However, more immediate competition is coming from the social media sites, which are quickly becoming the new powerhouses of the digital economy; also, they already have far more information about their customers and can use this to expand their services.

So it is two minutes to twelve for the telcos here as well.

Looking at some of those fantastic applications from Comverse we see a range of enriched voice and messaging services with superior user experience, complete with visualisation, personalisation, location, multi-channel applications and an openness to social networks, UGC-sites and RSS feeds.

I can see the digital media companies offering these communications applications immediately, but the telcos may not move so fast. This would hurt the telcos right at the very core of their communications business and I can now quite easily see these products being offered by companies other than the telcos.

Some of the mobile companies are better-positioned than the fixed operators; however if we look at the mobile portals market versus the applications market we see that the mobile operators also have largely failed to make the transition to the new open web-based world.

Perhaps the telcos should start looking more at OTT services themselves. There are great applications with unified communication applications in relation to social sites, location-based activities, etc. If the telcos were smart they could offer voice free and allow customers to choose from a whole range of value-added voice services and to make incremental changes to the applications they really value.

Over and again I have argued that, rather than concentrating on their retail customers, the telcos should supply their middleware and cloud services to the content and services providers. They should be the key providers to the organisations that are going to drive the digital economy.

Written by Paul Budde, Managing Director of Paul Budde Communication

Follow CircleID on Twitter

More under: Broadband, Cloud Computing, Data Center, Telecom

LTE and Spectrum Stupidity

2010-03-06T10:17:00-08:00

Mobile operators are counting on Long Term Evolution (LTE) technology to handle surging demand for mobile data access. But LTE developers made some poor choices, cutting spectral efficiency and thus driving up operator costs.

LTE was envisioned as an all IP system, but the RF allocations follow the voice-centric approach of earlier generations. While LTE standards allow for either Frequency Division Duplexing (FDD) or Time Division Duplexing (TDD), all initial LTE equipment uses FDD. FDD requires two separate blocks of spectrum—one for each direction. FDD makes perfect sense for bi-directional voice traffic. It makes no sense for data. With the exception of peer-to-peer file sharing (which most mobile operators block), data traffic is very asymmetric. Sending data via FDD means one block of spectrum is fully utilized and the other, equal sized block, is dramatically under utilized. Result: the operator pays for almost twice the spectrum they actually use.

Verizon is deploying LTE in the 700 MHz C block which means they are using 746 MHz to 756 MHz (a 10 MHz channel) for their downlink (to the mobile device) and wasting most of 777 MHz to 787 MHz (another 10 MHz channel) for the uplink. If Verizon could deploy TDD (as used by WiMAX and as defined for LTE but not implemented), they could fully utilize both 10 MHz blocks for data transfers, almost doubling their data capacity.

I don't know the actual capacity Verizon will realize on average with their first generation LTE infrastructure. But suppose Peter Rysavy is correct (as implied by Gigaom) that Verizon will initially average 15 Mbps per 10 MHz channel. That's 15/15 Mbps, symmetric, even though average traffic is likely to be 15/2 Mbps. No single user is likely to see 15 Mbps; rather that 15 Mbps is shared among all users in that sector. With TDD (the default for WiMAX and an unimplemented option for LTE), the Verizon spectrum could support two channels of perhaps 13/2 Mbps each in that same sector. Again, no single user will see 13 Mbps, but all the users in the cell will be sharing 30 Mbps of capacity that can be dynamically divided between up and down—mostly like averaging 26/4 Mbps but able to allocate 15/15 or 28/2 as the traffic mix changes.

It's ironic the LTE implementors got this wrong when you consider their decision to use only IP in the rest of the LTE design, thereby dropping support for traditional voice or SMS services. That's right, initial LTE deployments won't support voice telephony or SMS messages, only data services, and yet LTE spectrum assignments were made as if voice comes first.

That's ironic.

Written by Brough Turner, Founder & CTO at Ashtonbrooke; Chief Strategy Officer at Dialogic

Follow CircleID on Twitter

More under: Access Providers, Broadband, Mobile, Telecom, Wireless

Are Portable Email Addresses Possible?

2010-03-06T10:06:01-08:00

News reports say that the Israeli government is close to passing a law that requires portable e-mail addresses, similar to portable phone numbers. Number portability has been a success, making it much easier to switch from one provider to another, and address portability might ease switching among ISPs. But e-mail is not phone calls. Is it even possible?

The bill's sponsors apparently assume that e-mail messages work enough like phone calls that whatever they do to make phone numbers portable can work the same way for mail. Unfortunately, they're wrong.

Every time you make a phone call, software in the phone system checks to see if the number you're calling has been ported. Since phone numbers are geographically assigned, there is a shared porting database for each calling area in which the calling switch looks up the dialed number (DN) to get the routing number (RN). If the number hasn't been ported the DN is the same as the RN, but if it has, RN is a number assigned to the switch to which the number has been ported. Then the call is routed based on the RN, but it also sends along the DN so the target switch knows who the call is for. The shared databases are run by a neutral party (Neustar in the US) and every telco pays to support it. The system was designed this way so that numbers that have been ported away don't put an extra load on the "donor" system from which it was ported.

Email doesn't work like that. There is a DNS lookup for the domain name, the part of the address after the @ sign. but all mail within the same domain is routed to the same place. For the small minority of Internet users who have their own domains, they can change the domain's DNS records to change where the mail goes, but for users who get their addresses from their ISP or their employer, it's tied to the ISP or the employer. You can imagine a system in which every mail delivery did a DNS lookup of the e-mail address first, but that's not how the mail system works.

But since this is a government mandate, is there any way to make this sort of work?

There were two other approaches for phone number portability proposed and discarded, call release and call forwarding. In call release, the call first goes to the original switch, which sends back a status message saying the number has been ported to another switch, and the calling switch then reconnects to the other switch. Call forwarding should be familiar to everyone--the called switch places a call to the real destination switch and connects the incoming call to it.

E-mail has analogs to both of these. For something like call release, the SMTP standard has always had a status code that a recipient system can send back to a sending system to say that the recipient has moved, and giving a new address. As far as anyone can tell, nobody has ever used that code, but it's there if anyone wants to give it a try. Mail forwarding, on the other hand, is very common.

The least awful way I can think of to make something like this work for email is that the user's new provider can contact the old provider on the user's behalf, and request the address be forwarded. So long as it's forwarded, the new provider pays the old one a modest monthly fee, mostly to give the providers an incentive to cancel the forward when the user leaves. The fees would probably net out in most cases so the costs would be mostly administrative.

Mechanically, that kind of setup would not be very hard. Administratively, it would be a nightmare. If the forwarded mail starts to bounce are they allowed to turn it off? Does the old provider do its usual spam filtering? (What if the user left because the filtering was lousy and lost a lot of real mail?)

Another possibility would be for the old provider to keep mail accounts active even though the account is otherwise turned off, and let people pick up mail from its mail server. This is surprisingly common now, often by accident. For example, I cancelled my BT broadband account in July when I left England, but the associated mail account still works, seven months later. Mechanically this still isn't hard, but if it's a required service, now each ISP now has a permanent obligation to provide mail service to people from whom they no longer get any income, and with whom they have no other relationship. How do they know when to turn off the mail? If the user doesn't pick up the mail for a month? Six months? A year?

So my main advice is to forget it, since there's little evidence that this is a service so important it needs to be mandated. On the other hand, ISPs might find a small new income stream by selling forwarding service, like many post offices do. If the user is willing to pay $20/yr, that'd probably cover the cost of keeping a mailbox open, and would solve the problem without having to invent new rules and mechanisms.

Written by John Levine, Author, Consultant & Speaker

Follow CircleID on Twitter

More under: Email

Authorities Take Down the Mariposa Botnet

2010-03-05T10:47:00-08:00

There are a number of sources talking about the takedown of the Mariposa botnet, here are a few of the good ones:

• The Associated Press details the story and talks about the technical aspects of the takedown.

• Boing Boing only has an excerpt. Nothing too detailed.

• Panda Labs, who assisted in the disruption, has their own blog about their participation and the actions that they took.

• Symantec adds something to the discussion with their analysis on the chief piece of malware in the botnets (W32.Pilleuz, aka Win32/Rimecud.R)

• Gary Warner, over at the University of Alabama, has a great discussion on botnets. He urges the anti-botnet community to move from a model of taking botnets with technology to taking down spammers within the legal framework.

In case you haven't been reading through the security space lately, here's the 411 rundown: Spanish authorities, working with researchers from Panda Labs, Defence Intelligence and a couple of other educational institutions, took down the Mariposa botnet (Mariposa is the Spanish word for "butterfly"). The Mariposa botnet is an absolutely enormous with around 12 million (!) nodes doing its bidding. It was involved in things like credit card phishing and identity fraud.

Yet the thing about the Mariposa botnet was not its sophistication, but rather its lack of sophistication of the people running it. It wasn't a bunch of cybercrooks in Eastern Europe running it, but everyday ham-and-eggers like you and me. To be sure, the infrastructure of Mariposa was sophisticated with VPN traffic and hiding behind other drones, but what ultimately led to its downfall was one of its operators making a mistake. In December, the botnet was knocked offline and the people running it weren't making money. Driven by hubris, one operator attempted to regain control of it—by connecting to it via his home computer. That was his critical mistake; he sent a flood of DOS traffic to Defence Intelligence, the Canada-based organization responsible for assisting in taking it offline. However, it was this direct connection that left a trail to him and allowed authorities in Spain the chance to move in and make the arrest.

The people behind it were not tech-heavy hackers, but instead were cyber criminals who outsourced most of the work in an attempt to move to crime online.

Is such a takedown effective? Here's Gary Warner's take:

Those of you have heard me speak in person know that I believe the answer to these botnets and their continued survival must be the Criminal Justice process. When McColo was shut down (see Analyzing the Aftermath of the McColo Shutdown or Brian Krebs' Major Source of Online Scams and Spams Knocked Offline) spam had a significant world-wide drop in volume, but it rebounded. Why? Because no bad guys went to jail.

Our friends at FireEye are doing amazing botnet work (see their blog @ FireEye Malware Intelligence Lab, but without convictions, even the successful botnet takedowns, like their work on Smashing the Mega-D/Ozdok Botnet eventually rebound.

Cautions are already being expressed as a result of the Waledac take-down, that by using TECHNOLOGY to do the takedowns instead of CRIMINAL JUSTICE APPROACHES that we are just helping to rapidly evolve the capabilities of the various cyber criminals who make their living through spam.

We have to move from DISABLING the C&C networks, to MONITORING the C&C networks. Bad guys need to stop worrying about having to lease new servers, and start worrying about the long arm of the law knocking at their door.

My own approach is that the fight against spammers is a multi-pronged approach. No one company really has a handle on it and instead a combination of techniques is required. In no particular order:

Vendors must build software that is secure.
Users must make sure that their software is up to date with latest patches.
Users must use security software.
Anti-abuse technology (spam filters, corporate firewalls) must be effective to disrupt the spammers' cost models.
Law enforcement must move to take down cyber criminals.
Governments must pass laws clearly defining and/or updating laws surrounding electronic abuse.
Spammer infrastructure must be disrupted.
Organizations need to monitor and mitigate abuse, reactively and proactively.

So, realistically, advocating one solution over another has its merits but we are still a long ways away from stamping out abuse. If spammers can hit users with different types of threats (Black SEO, rogue A/V, spam, DOS attacks, etc), then anti-abuse proponents must similarly have a large arrow full of quivers with which they can use to strike back.

Written by Terry Zink, Program Manager

Follow CircleID on Twitter

More under: Cybercrime, Security, Spam

ICANN Nairobi Kicks Off This Weekend - So What Is Cooking? .XXX , New TLDs and More

2010-03-04T10:36:00-08:00

The ICANN meeting in Nairobi starts officially next Monday. However, as is normally the case, by the time Monday rolls around people will already have been working since Saturday morning (if not earlier).

All ICANN meetings seem to be surrounded by some bit of controversy and excitement, but the Nairobi meeting is possibly more dramatic than many others. The last attempt to hold a meeting in Nairobi failed, with ICANN opting to hold the meeting near LA's airport, LAX, instead. This time round there was quite a bit of controversy and tension surrounding the meeting's location.

The end result of the tension, security worries and everything else is that quite a large number of people who would normally attend the meeting will be staying at home.

Others will be traveling to Reston, VA, where Neustar has organised a US offsite location. Though with the time difference between VA and Nairobi anyone in attendance will end up working through the night!

So what's on the agenda?

New TLDs—this time round the focus will be on "EOI"—the concept of "expressions of interest" that was mooted at the last meeting in Seoul.

DNS SEC will be on the agenda again, but getting excited about it is far from easy - sorry!

IPv4 depletion will probably get a look in, but it's still a "hard sell". Until ISPs "buy in" and start deploying v6 on their public networks it's going to be nigh on impossible to make any tangible or meaningful movement in this area.

IDN ccTLDs. You can expect updates from the various countries that have applied using the "fast track". There might be more applications from other countries, as the meeting will have attracted its usual media circus.

But the real "hot potato" for ICANN is going to be .xxx

Following on from the recent decision which found that ICANN had "dropped the ball", the ICANN board will be voting on the Friday of the public meeting.

In reality you can expect to see board members being canvassed / briefed / harassed by interested parties pretty much all week. How will they vote?

Will the US government try to intervene?

If ICANN do move ahead with .xxx, will that have any impact on new TLDs?

If ICANN's board doesn't move ahead with .xxx this time round there is little or no chance that Stuart Lawley and ICM Registry are going to throw in the towel.

To start with they've no reason to. They have just won a legal battle that shows that ICANN was in the wrong. Sure, it may not be "binding", but any decision that so much as casts a doubt on ICANN's processes and procedures is a "win" for ICM—and rightly so.

So how would ICANN fare if ICM were to pursue this through to the next level?

ICANN stakeholders probably don't want to see their money being poured down a legal drain ... I know I don't.

Written by Michele Neylon, MD of Blacknight Solutions

Follow CircleID on Twitter

More under: Domain Names, ICANN, Internet Governance, Top-Level Domains

Regional Internet Registries Conducting Internet Community Consultation on ITU IPv6 CIR Proposal

2010-03-03T18:52:00-08:00

The Regional Internet Registries are conducting a Internet community consultation process regarding the recent ITU IPv6 Country Internet Registry (CIR) proposal. In collaboration with the other Regional Internet Registries, APNIC hosted a special session at APNIC 29 / APRICOT 2010 to give the global Internet Community an opportunity to discuss the issues and ramifications of the alternative model proposed by the ITU.

For those interested in the outcome of the recent face-to-face session, a raw transcript and session summary statement are available here:

http://meetings.apnic.net/29/program/consultation

I'd like to thank APNIC for hosting this session as it is important to discuss these issues publicly in timely manner so that input can be brought to the the March 15-16 ITU IPv6 study group meeting in Geneva. By having a public discussion of these important issues, APNIC (as an ITU-D sector member) can submit the outcome for further consideration in this process.

While the ITU IPv6 study group is a closed meeting, I have received an invitation to participate on March 15-16 in Geneva on ARIN's behalf as an "invited expert", and at that session I will focus on the comments covered in the public consultation that was just held. If you have additional input on this topic that you would like to have considered, please review session materials and then contact your regional internet registry, or your organization/company/government ITU representative if you are aware of one. I will also take comments on the CIR proposal until the ITU IPv6 study group meeting start on 15 March, and will try to do my best to convey the input received.

As you can tell, we're attempting to be as accommodating as possible to the ITU as they explore the issues in this area, and their processes are significantly different than Internet Registry System regarding how input is received and considered. At this point, ARIN considers it very important to support these educational efforts, and hope that it will result in better overall understanding of the success that is today's Internet Registry System.

I hope this post helps the Internet community understand where we are in this interesting process.

Thank you for your feedback and support!

Written by John Curran, President and CEO at American Registry for Internet Numbers (ARIN)

Follow CircleID on Twitter

More under: Internet Governance, IP Addressing, IPv6, Regional Registries

More Available Wireless Spectrum and Higher Market Entry Barriers

2010-03-03T12:17:00-08:00

The tremendous demand for, and profitability of mobile telephony supports legislative and regulatory efforts to refarm spectrum with an eye toward reallocating as much as possible for wireless telephony and data services. But there is a downside that no one seems to acknowledge.

In light of past FCC practice and the behavior of incumbent wireless carriers I expect two anticompetitive outcomes to occur with the onset of any more spectrum. To maximize current contributions to the national treasury the FCC won't likely encumber any spectrum with open access requirements much less reserve some of the new spectrum for new bidders. Years ago the FCC removed a spectrum cap on any single carrier ostensibly to enable to improve service and accrue scale economies. We can expect the Big Four incumbent wireless carriers, now sharing over 90% market share, to acquire most of the spectrum.

In the 700 MHz spectrum auction (reallocation of UHF television spectrum) AT&T and Verizon spent $16 billion of the $19.6 billion collected by the U.S. government:

"According to an analysis by The Associated Press, the two telecom companies bid more than $16 billion, constituting the vast majority of the overall $19.6 billion that was bid in the FCC auction. With Verizon Wireless and AT&T dominating the auction so completely, hopes that the auction would allow for the creation of a new nationwide wireless service provider were dashed." W. David Gardner, Verizon, AT&T Big Winners in 700 MHz Auction, Information Week (March 20, 2008, Link); see also, Saul Hansell, Verizon and AT&T Win Big in Auction of Spectrum, The New York Times (March 21, 2008, Link); FCC, Auction 73, 700 MHz Band, Fact Sheet (Link)

Can anyone refute the conclusion that as incumbent carriers control more spectrum, the prospects for market entry and commensurately greater competition wanes? Regardless whether incumbent carriers warehouse the spectrum, or put it to immediate use, their opportunity to consolidate market control grows. Who would have the financial and management resources to take on the incumbents?

So 4 is the highest number of facilities-based carriers we can expect for many markets. If you think a regional carrier or pre-paid reseller can match the expanding service wingspan from the Big Four, think again.

Written by Rob Frieden, Pioneers Chair and Professor of Telecommunications and Law

Follow CircleID on Twitter

More under: Broadband, Policy & Regulation, White Space, Wireless

The Internet is Interconnection

2010-03-03T09:51:00-08:00

There's a scene in the Steven Soderbergh movie, Traffic, where the widow of a drug dealer brings a doll to the Columbian drug kingpin. "The doll is stuffed with cocaine. Big deal, we've been doing that for years," he says dismissively. "No," she answers, "the doll is cocaine." The whole toy is a heat-treated, compression-molded block of cocaine, undetectable to sniffing dogs. The drug lord becomes very interested.

The Internet is like that doll… and not because it's used by some for smuggling drugs! Rather, the Internet is seen as a thing filled with interconnection relationships, when in fact the Internet is interconnection. The relationships make the internetwork. They are more significant than the TCP/IP protocol, the end-to-end design philosophy, the bandwidth, or the routing algorithms, as important as all those things are. Kill interconnection, and a network disappears from the Internet. Kill the culture of interconnection, and the Internet dies. Another analogy is Arthur Koestler's concept of a holon—something that is both a whole and a part of the whole. (Thanks to Miko Matsumura for the pointer at a recent retreat.)

The value of interconnection is often missed, because it's the space between networks. It's much easier to grasp the impacts of those individual networks on their customers. Every piece of the Internet, however, must interconnect to serve its users, which means its internal policies and practices are never the whole story. Interconnection is generally reciprocal, so if you want to benefit from a link with a network, you take on some obligations in return. The details get complicated, and network interconnection is constantly evolving, but that's the core magic.

Today, John Markoff published a New York Times article on how Internet interconnection may be changing. (The short version is that private peering is short-circuiting the major backbones, with unpredictable consequences.) Markoff deserves credit for giving a serious summary of academic network science research that bears on Internet structure. You usually don't see these concepts in the popular press. It matters whether or not the Internet is a scale-free network, however, as esoteric as that may sound. As Markoff notes, even the experts can't agree on what the Internet looks like today, raising serious questions about its performance going forward. They just know that it's changing. One reason is the lack of public traffic data on Internet-connected networks, which KC Claffy of CAIDA has been warning about for years.

I wrote three law review articles about interconnection over the past three years. I didn't realize it, but they form a trilogy. Only Connect argues that interconnection, not non-discrimination, should be the central focus of telecommunications policy today. The Centripetal Network delves into the network science that Markoff's article summarizes, raising the concern that the Internet's interconnectivity may not be as robust as it seems. And in Off the Hook, coming out shortly, I develop a detailed legal theory for an interconnection-based policy regime under the Communications Act.

Interconnection is poised to become even more important, because it's not just a factor at the network layer. Internet applications and content are increasingly becoming interconnected, moving toward the syndication model of business I proposed a decade ago. Twitter interconnects with Google for real-time search, while YouTube interconnects with blogs for content distribution. Everyone's a platform, and virtually everyone is both a consumer and a producer of external information. I'm firmly convinced that the dynamics of interconnection will keep policy-makers and business executives busy for years to come. All the more reason to make it a focal point now.

Written by Kevin Werbach, Professor at the Wharton School and Organizer of the Supernova Conference

Follow CircleID on Twitter

More under: Access Providers, Broadband, Internet Governance, Policy & Regulation, Web

Creditor Can Execute Against Domain Name Where Registry is Located: Office Depot v. Zuccarini

2010-03-02T19:10:00-08:00

The Ninth Circuit affirmed the district court's ruling in Office Depot v. Zuccarini [Scribd link], agreeing that a creditor may levy against a domain name in the jurisdiction where the domain name registry is located. The decision is significant for two reasons. First, it affirms (or reaffirms) that domain names are property subject to the claims of creditors. Second, it allows creditors to proceed against domain names where the registry is located, thus allowing creditors to proceed against domain names in one proceeding and more importantly levy against domain names located abroad (where the registry is located in the United States). Overall, this makes getting at a domain name much easier for creditors.

Background: Office Depot originally obtained a judgment against frequent cybersquatting defendant John Zuccarini. Office Depot then assigned the judgment to DS Holdings. Office Depot obtained the judgment in 2000 and it's surprising that 10 years later the judgment is finally being enforced against something. Although Zuccarini is proceeding pro se, it seems like he was or became well versed in putting up roadblocks and delaying resolution of the litigation.

DS went after 190 .com domain names that were registered in Zuccarini's name. DS originally tried unsuccessfully to have the domain names transferred directly to it. (This was the technique successfully used by the plaintiff in Bosh v. Zavala.) Later, DS sought to have a receiver appointed over the domain names. The district court granted DS's request to have the receiver appointed, and Zuccarini appealed. Zuccarini's appeal focused on whether it was proper to appoint the receiver in the Northern District of California, since the domain names were not necessarily "located" there.

The court's ruling: The court runs through basic principles of in rem jurisdiction and what rules apply. The court then looks to federal rules to determine where the receiver should be appointed in this case. Finding no applicable federal rule, the court looks to California law. California law provides that a writ of execution may be issued "in the county where the levy is to be made." With this in the background, the two questions presented by the court are: (1) "are domain names property that is subject to execution?" and (2) "if so, where are the domain names located for purposes of execution?"

With respect to the first question, the court cites to Kremen v. Cohen, and easily concludes that (under California law) "domain names are intangible property subject to a writ of execution." Kremen undermined Network Solutions, Inc. v. Umbro Int'l, Inc., 259 Va. 759, 770 (Va. 2000), a Virginia case widely cited for the proposition that creditors cannot get at domain names because domain names are contract rights rather then property. To the extent Kremen did not refute Umbro, this decision definitely provides the necessary ammunition to creditors. (Again, collection is state-specific, and apart from the analysis of the nature of domain names, the outcome in these cases turns on the statute in question, which vary from state to state. That said, I think given the robust marketplace in domain names, Umbro's conception of the domain name as a personal services agreement seems outdated, and most courts will easily recognize this.)

With respect to the second question, the court acknowledges that "attaching a situs to intangible property is ... a legal fiction," and the determination must be made in a "context-specific" manner. Fairness was relevant to the court's determination of the appropriate situs, and the court was understandably not receptive to Zuccarini's policy arguments that allowing a court to issue an order directed to the registry would mean that every .com and .net domain name could be levied through courts in the Northern District of California. The court also looked to the ACPA, which provides for in rem jurisdiction over certain cases where the "registrar, registry, or other domain name authority" is located. Although this was not an ACPA case, the court found the structure set up by the statute persuasive and that the writ was appropriately issued from Northern District of California since VeriSign (the registry for .com domains) is located there.

My reaction: The decision clears up two things. Although post Kremen v. Cohen there shouldn't have been much dispute that domain names are property which are subject to the claims of creditors, the case clears up any lingering doubt that may have existed. (Kremen and this case applied California law, but the result shouldn't vary much across other states.) Second, the decision makes clear that a court which has jurisdiction over the registry can issue an order allowing the creditor to get at the domain names. The case also implicitly affirms that getting a receiver appointed to sell the domain names is the appropriate route for the creditor. Getting the name transferred to the creditor is not a remedy allowed under California law (Palacio Del Mar Homeowners Ass'n, Inc. v. McMahon). Additionally, a transfer of domain names from a cybersquatter to a judgment creditor raises some issues around potential infringement of third party rights through sales or other exploitation of the domain names. (See this post on Bosh v. Zavala for some discussion of those issues.) The method ultimately used by DS in this case (a receiver) avoids all of these issues, or at least shifts them over to the receiver rather than the creditor.

Finally, as mentioned above, this ruling makes clear that regardless of whether a domain name is registered through a foreign registrar, a court having jurisdiction over the registry can issue an order directing transfer of the domain names to a receiver. With respect to .com and .net domain names, this means that creditors can try to get at these domain names through proceeding in the Northern District of California (as the court notes, VeriSign is the registry for .com and .net domain names and is headquartered in Mountain View). While the ACPA allows plaintiffs to file in rem suits where the registry is located, it's nice (for creditors) to have a similar ruling in the post-judgment context, and one from the Ninth Circuit as well.

Will this cause a rush of similar claims to be filed in the Northern District of California? It's tough to say, but even post Kremen, it does not seem like there's been a ton of post-judgment collections activity with respect to domain names. From a practitioner's standpoint, it's certainly nice to have this rule on the books.

An odd footnote: Zuccarini is a colorful character whose internet exploits have gotten him in trouble with the law. He was arrested in 2003. (Here's a post at CircleID rounding up reactions to his arrest.) According to his Wikipedia entry which contains a link to a Bureau of Prisons search, he was released in 2005.

Written by Venkat Balasubramani, Tech-Internet Lawyer at Focal PLLC

Follow CircleID on Twitter

More under: Domain Names, Domain Registries, ICANN, Law, Top-Level Domains

Web Application Delivery: The Challenge of Managing Thousands of Web Applications in the Cloud

2010-03-01T10:13:00-08:00

Cloud Computing is a hot topic. Some say it is already here, most agree that it will be much bigger in the coming years. It is pushed forward by the economic benefits of virtualization and consolidation. Take a heterogeneous data center, full of many kinds of servers, running a myriad of applications and consolidate it into a uniform farm of virtual machines, where each application is services by one or more VMs and you have a cloud, what is called a private cloud. I can see many companies turning to this model to better utilize their computing resources and lower their IT management expenses. Taking the next step and trusting these functions to an external provider—what we call the public cloud—may come at a later time.

Cloud environment provides compute power and storage. For web applications it also provides bandwidth allocation, both inside the data center and towards the end customers. Virtual servers are prone to performance degradation just like physical servers are, and when the load goes up, user experience goes down. An application Delivery Controller (ADC) can be very useful in such an environment bringing several benefits—It can offload the servers by handling TCP connections, compression and encryption, and it can save bandwidth by compressing the content that is sent to the end customers. The load on the servers and on the internal network can be further reduced by utilizing the caching mechanism in the ADC.

A Cloud Provider needs to support many applications at once. For a private cloud it could be several dozen enterprise applications, and for a public cloud it could mean thousands of web applications that are hosted in the data center. To add ADC capabilities for all these applications, he now has two choices: place an ADC device before each and every application (or at least those that would benefit from it), which can be a CAPEX and OPEX nightmare, or place just a few ADC devices and aggregate many applications on each, hoping that they all live happily together and don't disrupt each other by hogging ADC resources.

One way to tackle this problem is to have a virtual software ADC, running on a VM. This way there can be hundreds or even thousands of virtual ADCs, each serving one application and running under the same Hypervisor as the rest of the data center. I can spot three problems with this approach: one is that the performance of a software ADC is limited and un-predictable, the other is the challenge of managing hundreds and thousands of different instances and the third is the cost associated with running all these extra VMs.

A different approach would be to use a hardware ADC and virtualize it by creating many virtual ADC machines on it. To make it happen one needs to manage its resources in a way that one service does not affect another. There is also a need to afford the cloud provider clients with a way to view and configure their 'Virtual ADC' without knowing or interfering with other clients. Once these technical issues are met, the benefits of such a machine are its superior and predictable performance and its relative ease of management, leading to CAPEX and OPEX saving which are critical for hosting or cloud provider.

An ADC would obviously need to interact with the Hypervisor running the VMs. One direction is mandatory—the ADC needs to know when new VMs are made available so he can add them to his load balancing pool. The other direction is more interesting—when the ADC identifies a breach of SLA on one of the services, it can alert the Hypervisor that more VMs are required. And when the load diminishes, it can instruct the Hypervisor to take down VMs to conserve data center resources.

In summary clouds, both private and public are coming and with them a challenge of managing the load of thousands of web applications. An Application Delivery Controller can greatly help in alleviating these loads but it needs to evolve for this environment. Virtual software ADC and Virtualized hardware ADC are two possible solutions, with the latter probably being more optimized for the task.

Written by Amit Fridman, Vice President Engineering at Crescendo Networks

Follow CircleID on Twitter

More under: Cloud Computing, Data Center

IPv6 and the 5 Billionth Customer

2010-03-01T08:44:00-08:00

The POPClock tells us that there are 6,807,230,170 of us on this planet when I looked it up at 22:26 UTC (EST+5) Feb 26, 2010. In the meantime we are about to connect the 5 billionth cell phone user this year according to ITU Secretary-General Dr. Hamadoun Toure. At the Mobile World Congress in Barcelona he also mentioned that the current recession hardly put a dent in the subscriber growth. Gartner Research shows 1.2 billion cell phones sold in 2009, down 0.9 from the previous year but a strong growth in smart phones which saw sales of 172.4 million units growing by 23.8 % for the year, 58 % in the fourth quarter only! On the network side a February 26th press release from the GSA association announced that 59 operators in 28 countries are now committed to LTE compared to 39 operators in 19 countries six months ago. A further 16 operators are running technology trials. By the end of 2010 22 LTE networks will have entered commercial service. The first 2 commercial LTE networks were launched last December in Sweden and Norway. And let us not forget Mobile Wimax which is also gaining some momentum.

As Global Insight speculates, we are indeed likely to see the smart phone war starting to get more acrimonious in 2010 as software platforms and manufactures slug it out, hopefully to the benefit of the consumer. Mobile web browsing for the masses should not be that far away as smart phone prices start dropping seriously. On the network side we are likely to witness a titanic battle amongst mobile network operators trying to walk the fine line between the cost of G4 licenses and network upgrades, affordable end-user pricing, growth in market share and EBITDA. The only certainty is a decoupling between the growth in traffic volumes and the growth in revenue.

As markets and technologies evolved so fast it was rather interesting to see the sudden scramble on how to do voice and SMS over LTE. The most basic, and let us admit, most lucrative, services seemed forgotten in the data deluge. Would it be Volga (Voice over LTE with generic access) using existing circuit switched networks or would it be One Voice which is IMS based with real VoIP calls. One Voice now seems to be gaining the upper hand.

IMS implies addressable IP addresses, lots of them, no need to say more.

Time has come for an IPv6 address population clock to complement the IPv4 address exhaustion clock.

Written by Yves Poppe, Director, Business Development IP Strategy

Follow CircleID on Twitter

More under: IPv6, Mobile

Taking Permission

2010-02-26T12:17:00-08:00

Permission is always a hot topic in email marketing. Permission is key! the experts tell us. Get permission to send email! the ISPs tell us.

Marketers have responded by setting up processes to "get" permission from recipients before adding them to mailing lists. They point to their privacy polices and signup forms and say "Look! the recipient gave us permission."

In many cases, though, the permission isn't given to the sender, permission is taken from the recipient.

Yes, permission is being TAKEN by the sender. At the point of address collection many senders set the default to be the recipient gets mail. These processes take any notion of giving permission out of the equation. The recipient doesn't have to give permission, permission is assumed.

This isn't real permission. No process that requires the user to take action to stop themselves from being opted in is real permission. A default state of yes takes the actual opt-in step away from the recipient.

Permission just isn't about saying "well, we told the user if they gave us an email address we'd send them mail and they gave us an email address anyway." Permission is about giving the recipients a choice in what they want to receive. All too often senders take permission from recipients instead of asking for permission to be given.

Written by Laura Atkins, Founding partner of anti-spam consultancy & software firm Word to the Wise

Follow CircleID on Twitter

More under: Privacy, Spam

Nominet Passes Governance Test With Flying Colours

2010-02-25T20:09:00-08:00

The dot-uk registry Nominet has passed a crucial governance test with flying colours, voting yes [pdf] on eight Board resolutions with more than 93 percent member support.

The resolutions will make a variety of changes to the organisation, ranging from an increase in the number of Board members to an explicit statement that Nominet will work in the public interest. The vote was a crucial test for both Nominet's Board and members: trust and confidence in the Board had been damaged by an acrimonious internal battle, which had subsequently led to the UK government threatening to end self-regulation of the UK's registry operations.

Overwhelmingly support for the changes will help put Nominet back on the right path and, members hope, enable work to begin on a range of pragmatic issues surrounding the registration of dot-uk domains, such as the ability to register domains for terms other than two years.

Nominet itself called the votes "a defining moment for the UK domain market and the UK Internet landscape" with CEO Lesley Cowley saying that she believed Nominet's members had "proven their commitment to considering the needs of all stakeholders" and that the changes would demonstrate to the UK government that the reserve powers currently contained in a Bill going through Parliament "will not be necessary".

Here's a quick rundown of the changes with what they mean for Nominet and dot-uk:

Public purpose

Nominet's articles have been changed to include that fact that the organisation works in the public interest i.e. the dot-uk registry has a duty beyond its members to make decisions that work in the overall best interests of the UK.

Upside: This change was highlighted in particular by the UK government as being crucial for continued self-regulation. Nominet's unusual member model means that those who register dot-uk domains are the only people entitled to vote on changes. This worries people because dot-uk has a far bigger impact than just a market for selling Internet addresses. With this change (with was made up of three separate resolutions that got 95, 96 and 97 percent support), the threat of government regulation should be quashed. It also demonstrates a willingness by Nominet's members to be pragmatic. All of this is excellent news for a healthy, independent dot-uk registry.

Downside: You can expect the public purpose clause to be quoted by the Board in future for decisions unpopular with members. The public benefit aspect of Nominet's work was also used as justification for the suspension of several thousand dot-uk domains which the UK police said were being used to sell counterfeit goods. The decision raised concerns that the UK police may be provided with an effective bypass of the law courts when dealing with dot-uk domains.

Board and vote changes

The Board will be expanded from the current six (four non-exec directors plus CEO and chairman) to 11 (three independent directors and up to two more Nominet executives). And the voting threshold for ordinary Board resolutions will be reduced from two-thirds to a simple majority, which is in line with standard company law (measures passed with 94 and 96 percent approval).

Upside: You get a bigger Board, which allows for more expertise and helps spread the load. You also get more day-to-day managers on the Board—which is crucial with helping to introducing pragmatic information and advice (although I think the plan is to add only one more Nominet exec at this time). This should help Nominet deal with its expansion and make the whole outfit more robust and professional.

The voting change should also make the organisation more flexible, which is crucial in an increasingly competitive registry market—particularly with ICANN about to introduce potentiually hundreds of new top-level domains. Nominet's low turnout problems are also lifted slightly by lowering the voting percentage. And it reduces the possibility for large members to effectively hold a veto over the organisation—which is not in the wider interests of anyone.

Downside: The three new directors are not directly elected but are chosen by the Board and then put to the membership for approval. This approach was specifically designed to prevent possible capture by a determined group. In this case, it was domainers frustrated with what they viewed as unfair decisions, who started using Nominet's own systems to put representatives on Nominet's Board and Public Advisory Body. And it was this action that led to the Board crisis, worried the UK government and eventually led to this whole voting situation.

So while having three directors chosen by the Board should effectively prevent the situation from happening again, so making Nominet itself more stable and robust, there is a risk that this approach could cause resentment and, over time, pressure may start building up again. Hopefully what will happen is that Nominet members and Board will settle down, introduce more balancing mechanisms and start addressing domainer concerns—at which point the three directors can be made directly electable.

There is a potential downside in reducing the voting threshold. Nominet largely survived the dotcom boom and crash intact because it had been set up with tight rules that shielded it from speculation. As Nominet opens itself up more to making changes, it is conceivable that there could be a repeat of the crazy dotcom days and the organization be on shakier ground. However, considering where the registry world is now, considering where Nominet is now and considering the other changes made, this is a pretty unlikely scenario.

Also, one important aspect that I believe I'm right in saying still hasn't been tackled is that there is *still* a 90 percent voting approval requirement. That is something that needs to be dealt with some where down the line. A 90 percent voting restriction just doesn't make sense.

Pricing

This was the riskiest one. The Board was asking for the right to change prices without requiring a formal vote from members. The logic was good: the current system provides no flexibility and the Board was effectively unable to steer the organisation. The approach where members' consent was required to make changes to prices was potentially destabilising, and it meant that several large companies had an effective veto over Board action.

Nonetheless, asking people to give up a power that has a direct impact on their businesses and hand it to a Board in whom some do not currently have confidence was a tall order. Incredibly, it passed with a hefty 93 and 95 percent.

I think here was a clear example of the Board listening and explaining and gaining the confidence of its members. The Board dropped initial plans to also give itself the right to change member pricing after a few members said they were uncomfortable with it. Calm reason has prevailed in this case.

Upside: Nominet can start playing more effectively in its market. The Board is also put in a situation where it can act like a Board. And the effective veto over finances by some members, which is not a healthy dynamic, is largely pulled out. The vote also demonstrates that members are willing to hand over some power in the expectation of a Nominet Board making good decisions. It will also please the UK government which in its darker moods looked at Nominet as a price-fixing cartel.

Downside: The Board needs to use its new power carefully and only with respectful engagement with members. This is a big trust issue. The current Board has already said it has no plans to change prices, but a Board in a few years may do so and if the new Board doesn't have sufficient institutional memory it may make changes bluntly and cause tremendous ill-feeling in its members—who will probably be the same people and so remember the trust that provided in this vote.

Membership

A slightly vague resolution was passed that Nominet would look at its membership model. A 95 percent vote agreed "in principle" that Nominet's constitution should be "further revised to provide for wider stakeholder involvement". And that the Board should develop "one or more proposals to achieve this" which it will then put out to public consultation.

This is a big issue. In fact, it is the biggest issue in terms of Nominet's future. Whichever way it goes, members will at some point have to vote to give themselves less power. This will be a good thing because dot-uk is much, much more than just those companies that sell domains, but a large number of members will need to be persuaded of the greater good and why handing over some power is in their own interests.

I think Nominet risks underestimating the trickiness of this task, especially since it will need to combine gentle persuasion with hard rulemaking, carrots and sticks, to make it work. The best example of this is the voter turnout for these resolutions.

Of 2,727 members, only 1,055 or 39 percent of them actually voted. Nominet went to great lengths to engage its membership on these votes and was very successful in that double the number of people that normally vote turned out this time. And 72 percent of all possible votes were received (there is a vote weighting system in place).

Now, a 72 percent vote turnout is good (although considering its importance you would really want 80+ percent), but a 39 percent voter turnout is terrible.

It's not hard to figure out why: if you randomly pick Nominet members from its list, chances are that a third of them don't even have functioning websites, or have websites that haven't been touched in 10 years.

A HUGE number of Nominet members aren't really doing anything. And the reason for that is Nominet's member pricing model. You pay a big upfront fee for joining of £400, and then after that a £100 annual subscription. The problem with this is that people will think the £100 is worth it each year even if they do nothing because they paid such a large amount upfront. So you end up with large numbers of completely disinterested members.

Nominet also does a pretty poor job of engaging its members (although it has hugely improved in recent years) explaining to them why they should get involved and how to get involved. The company also doesn't actively canvass for members so it is a little out-of-tune with why people would want to become members, and what it is that the silent majority actually want from Nominet.

There are a number of things the organisation could do, but the risk is that it could end up upsetting members but penalising some unnecessarily. I think there are two initial solutions:

Change the membership pricing model—decrease the initial fee and pay for it by increasing the annual fee. The problem here of course is that the Board specifically pulled out the right to change membership fees from this round of votes after members got nervous.
Start enforcing some compliance. If members haven't updated their websites or contact details, they can be given a warning. Likewise if their website doesn't exist. Give people a reasonable period of time to update details and if they don't, cancel their membership when it comes up for renewal.

It would take 12 months for these two changes to work themselves through the system but at the end of it you would have cut out the huge amount of member dead wood that Nominet carries, and it will have put members in the position of deciding whether they really want to engage with Nominet.

But that is just one side of the membership coin—dealing with existing members. The other side is pulling in people that are not Nominet members, and may not even wish to register domains, into Nominet so that the organisation can become more representative and make decisions on behalf of a broader cross-section of people (its public purpose aspect).

Fortunately there are plenty of case studies here—ICANN and the IGF being the most obvious. And, fortunately Nominet's management and some of its members, know both ICANN and the IGF and the whole idea of "multi-stakeholder" decision-making pretty well. There are also some organisations that would help, such as the Internet Society, who president Lynn St Amour specifically mentioned her interest in this aspect in a supporting quote to the votes.

But that doesn't mean it will be easy—Nominet will need to develop a hybrid system that accounts for Nominet's unique membership model and the fact that it has a direct relationship with registrants.

It is possible that recently announced changes to the Policy Advisory Body—where people self-create in order to help develop new policy rather than leave to a selected group—may be helpful in developing a way to get Nominet members working with those that share a common interest.

But at some point you will need to give people who are not Nominet registrars the right to vote on decisions—and most likely without paying for the priviledge. This is not going to be an easy model to create, and it will be the next stage in the evolution of Nominet as the dot-uk registry operator.

In conclusion

Stepping back from the details to the fact that eight Board resolutions were passed with 93 percent and up member approval, this is great news for Nominet and its members. The issues garnered huge support. Vital changes can now be made. The UK government should get off Nominet's back. And it will be possible to start rebuilding trust and heal wounds. And, most vitally, it means that Nominet can now focus its attention on doing what it is there to do—making the dot-uk registry work better.

Written by Kieren McCarthy, Internet consultant, journalist and author

Follow CircleID on Twitter

More under: Domain Names, Internet Governance, Top-Level Domains