US govt: Why we're OK with letting control of the internet slip into ICANN's hands

A highly anticipated report from the US Government Accountability Office (GAO) has given the green light to a shift of critical internet functions away from the government to domain overseer ICANN.

The report [PDF], published Friday, provides a neutral and explanatory rundown of the decision by the Department of Commerce (DoC) to transition the IANA functions out of its control, as well as the subsequent process that has been followed to devise a replacement for the US government role.

Significantly, it notes that all federal agencies are in line with the move and that there is significant support for the transition from other key groups such as the internet community and business.

The only time the GAO exerts its considerable influence is when it notes that the arm of the DoC responsible for the transition, the National Telecommunications and Information Administration (NTIA), has "not determined how it will evaluate the transition proposal against its goals."

In response, it recommends that the NTIA use two specific evaluation frameworks to do so, and notes that the NTIA has already agreed to. Those frameworks are:

• The Committee of Sponsoring Organizations of the Treadway Commission Internal Control—Integrated Framework (COSO framework)
• International Organization for Standardization's quality management principles (ISO quality management principles)

The only other criticism of the process and/or current results in the report come in a note over concerns about the Whois service.

The reports states: "Officials at one agency expressed concern that without NTIA's contract, ICANN might be less likely to enforce its contracts with registrars, and that this could reduce Internet reliability and transparency and diminish law enforcement's ability to tackle cybercrime.

"In particular, officials at this agency stated that the requirement that registrars record accurate contact information of each domain name holder is important to help law enforcement officials investigate and prosecute a range of crimes facilitated by the Internet."

We have previously noted that Whois has again become a big topic of conversation around ICANN, most notably because it seems unwilling or unable to do anything about it.

Is that it?

The report will be a disappointment to some, who hoped that it would give sufficient ammunition to delay or disrupt the IANA transition process.

The GAO was originally asked to look at the process back in June 2014, soon after it was announced. At the time, the Republican party in particular was against the idea and posed a series of aggressive questions for the GAO to answer, including:

• What are the US national security implications of relinquishing NTIA's role in IANA?
• Is there a risk that despite NTIA assurances, another government would assume this role?
• What affirmative commitments should the US government require from ICANN before finalizing its transition of control of the IANA function? How can the US government ensure that these commitments are enforceable?
• What are the risks if the US retains NTIA's role?

Those questions were softened before the GAO asked a wide range of people about the plan, and the final report shows that it decided not to push for any changes to the plan or the process, but merely highlight what may be helpful to look at going forward.

The fact that the IANA transition has moved from aggressive efforts to disrupt it through to increasingly conciliatory language from all sides of the political spectrum and federal agencies shows just how effective the NTIA's team has been in getting the US government on board, even while the ICANN Board continues to frustrate and infuriate the internet community itself by trying to force its solutions on them.

With the GAO report taking a soft stance, only if IANA becomes an issue in the presidential elections is the process likely to be derailed. ®