November 6, 2005

Internet tug-o-war

By: Tim Lee

There’s a battle brewing over control of the Internet.

On the one side is the United States government, which created the Internet Corporation for Assigned Names and Numbers (ICANN), a California non-profit, to manage the Internet’s address infrastructure. On the other side is the UN, and one of its agencies, the International Telecommunications Union, which is holding a World Summit on the Information Society next week to discuss the future of Internet governance. Many developing countries, including China, India, and Brazil, want ICANN’s powers placed in the hands of an international body such as the United Nations. The European Union traditionally supported the existing arrangement, but recently it has signalled that it, too, would like to strip the United States of its current authority.

So far, most of the debate has been focused on who should be “in charge of” the Internet. ICANN is often portrayed as the Ma Bell of the information age, with expansive powers to re-assign web addresses, monitor and censor users, and promulgate new regulations. Given those awesome powers, many people conclude, it’s dangerous to put them in the hands of any one government.

This view is badly mistaken. The reality is that ICANN has much less power than the pundits imagine, and what power they do have is largely contingent on the acquiescence of the Internet community. Moreover, with occasional exceptions, ICANN’s decisions are technical, not political in nature. There’s no reason to worry that the United States will abuse its power over the Internet, because that power is already very, very limited.

To see why, we need a quick primer on how the Internet’s virtual architecture–the “assigned names and numbers” of ICANN’s title–works. Every computer on the Internet requires a number called an IP address to allow it to communicate with other computers on the network. The IP address for the Brainwash web server, for example, is For the Internet to work properly, it’s vital that every IP address be unique. Theoretically, ICANN is in charge of allocating IP addresses to ensure there are no conflicts.

That gives ICANN a lot of power, right? Not really. The actual allocation of IP addresses is carried out by an organization called the Internet Assigned Numbers Authority. The IANA, in turn, has allocated substantial chunks of available addresses to Regional Internet Registries, which are self-governing associations of ISPs who distribute IP addresses among themselves. There are five RIRs, one for each continent.

So IP address allocations are already largely decentralized, with each region of the world controlling its own block of IP addresses. ICANN has no control over the allocation policies of the five regions. If ICANN wanted to revoke Brainwash’s IP address, it couldn’t do so without the cooperation of ARIN, the regional authority for North America. Likewise, if it wanted to revoke the IP address of a European web site, it couldn’t do so without the help of RIPE, the regional authority for Europe, the Middle East, and Central Asia. RIPE is not in any sense under the control of the U.S. government.

In principle, ICANN could revoke entire blocks of IP addresses and re-assign them to another organization. But if it tried to do so over the objections of the affected ISPs, all that would do is spawn chaos. ICANN doesn’t own the infrastructure that connects ISPs to each other, so they can’t to force the old users of the IP addresses to relinquish them. And if large numbers of new Internet users began using the IP addresses before the old ones had relinquished them, it could confuse the Internet’s backbone routers and cripple the Internet. It’s unlikely that even the Bush administration would have the stomach for such a reckless stunt.

So in practice, ICANN’s ability to re-assign IP addresses is very limited. But of course, you don’t type when you want to visit Brainwash. Instead, you point your browser to “” The service that translates a domain name (“”) to an IP address ( is called the Domain Name System. The official nerve center of that system is 13 “root name servers” that are chosen by ICANN. It is often said, that ICANN could shut down web sites by removing their addresses from the root name server files.

This, too, is nonsense. To understand why, we have to examine how the DNS system works. The domain name actually has three parts: “www,” “affbrainwash,” and “com.” Each part of the address is administered by a separate name server. So to find the IP address for “,” your computer would first connect to one of the 13 root name servers and request the IP address of the “com” name server. Then, it would contact the “com” name server, and request the IP address of the “” name server. Finally, it would contact the “” name server and ask for the IP address of “” (It’s actually more complicated than that, but the conclusion would be the same.)

The upshot is that all that the root name servers do is delegate authority over top-level domains to other servers, which are usually run by independent organizations. The “.com” domain, for example, is managed by a private company called VeriSign. Likewise, the “.uk” top-level domain, which is designed for Internet users in the United Kingdom, is administered by Nominet, a non-profit organization founded by British Internet users in 1996.

ICANN has no way to re-assign a “.uk” domain name, because those servers are controlled by Nominet. The most it could do is to attempt to re-assign management of the “.uk” domain to another organization. But if such a move were seen as a political power grab, the effort would probably fail. ICANN can’t force anyone to use its root name servers. Outraged British ISPs would likely set up their own root name servers that continued to recognize Nominet’s servers as the authority for “.uk” domains. ICANN could certainly create chaos and confusion in the short term, but it’s unlikely it would end up with meaningful control of the “.uk” domain.

In short, ICANN’s direct authority over the Internet’s address systems–both IP addresses and domain names–is extremely limited. What about Internet censorship, privacy, and Internet taxation? A recent TechCentralStation column warns that a UN regulatory body would have “unlimited powers to regulate international and national commerce, research and freedom of speech” and “immense unrestrained powers to collect, store and distribute private information.” Those concerns, too, reflect an ignorance of how the Internet works. Most of the Internet’s infrastructure is privately owned and essentially none of it is owned by ICANN. ICANN has neither the means or the authority to monitor or control Internet traffic.

That isn’t to say that a UN attempt to take over ICANN’s functions would be harmless. The Internet’s entire governance structure relies on a kind of gentleman’s agreement among the world’s network administrators. They have built a decentralized, cooperative network whose stability depends on everyone following the rules. The system works because the people making the decisions are computer geeks with a deep understanding of the technical challenges facing the network.

A power struggle between the UN and the U.S. government could inject political tensions into what has, until now, been a governance structure largely of, by, and for computer geeks. That could irreparably harm the spirit of cooperation that now makes the Internet run smoothly. If network administrators found it difficult to trust one another and collaborate to solve common problems, the reliability and stability of the Internet could be harmed.

That’s why major technology companies like IBM, Google, and Microsoft back the current arrangement. It’s not that the United States government manages the Internet better than other countries would. It’s that the United States government barely manages the Internet at all, and it’s important that it stay that way.

Tim Lee is the science and technology editor of Brainwash and the editor at the Show-Me Institute, a Missouri think tank. His website is

Shares 0