The network is the story: News on the latest Internet standards and struggles
The agreement comes after months of discussions, meetings and whitepapers that have had as their common goal the formation of a new entity to replace the Internet Assigned Names Authority. IANA is the U.S. government-funded organization that currently handles the back-end administration of so-called top-level domain names, such as .com, .net and .org. The international Internet community has called for a new, global non-profit organization to be put into place to allocate and manage top-level domain names.
The way top-level domain names are allocated, registered and managed has caused heated debate over the past two years, after the existing U.S.-controlled system came under fire for its non-international approach.
As it stands now, the U.S. government-funded Internet Network Information Center (InterNIC) registers top-level domain names, while IANA maintains the technical architecture behind the names and has the power to issue new ones. Individual countries register their own domain names, such as .fr for France, but InterNIC has a monopoly on the registration of the coveted .com and .net names.
When the U.S. government released a greenpaper earlier this year suggesting the formation of a new, U.S.-based organization to handle the tasks of IANA, including the delegation of several new top-level domains, the international community angrily called for a more global approach. In return, the U.S. government issued a whitepaper in June suggesting that the private sector should handle the task of creating a private, international organization to take IANA's place.
The U.S. government whitepaper stipulated that this new organization, sometimes referred to as the New IANA, would have to be put in place by Sept. 30, when IANA's and InterNIC's contracts expire. Because the job of creating the New IANA was given to the private sector, interested members of the Internet community, members of the existing IANA, businesses and academics have spent the last two months scrambling to come up with a plan.
Yesterday, IANA issued a whitepaper on its Web site outlining the structure of the new organization. While the paper is not a final plan, it comes close to what will be the structure of the new organization, said Jon Postel, director of IANA, in a mass e-mailing to interested parties. However, the plan is still open to comment and could change slightly before the new organization is put into place at the end of September, he said.
"We hope and believe that this third version is essentially the final version and that it will be endorsed and supported by nearly all of those stakeholders participating in this process, and will protect the legitimate interests of the millions of individuals and groups that have an interest in the outcome of this process but have not been able to directly participate in it," Postel said in his e-mail.
Some of the main points made in the whitepaper include:
--Kristi Essick, IDG News Service
Medical records and credit information are targeted in the initiative, in which the vice president also called for the U.S. Congress to make it a federal crime to steal someone's identity by obtaining Social Security numbers and the like from electronic sources. Gore further said that Congress should make it illegal for World Wide Web sites to solicit personal information from children under 13 without receiving prior parental approval.
"Let's begin with a simple premise: Privacy is a basic American value in the information age and every age. It must be protected," Gore said during his speech in Washington, D.C.
In May, the vice president proposed an "electronic bill of rights" to protect citizens and today's announcements are intended to build on that privacy plan, Gore said.
Citizens have the right to choose if personal information is disclosed, the right to know how, when and how much information is being used, the right to see the information and the right to know that the information is accurate, Gore said today, outlining four basic principles guiding the privacy initiative.
"These rights do not have sufficient protection by a long shot," Gore said, adding that in the course of an average day, a citizen might use a credit card to buy groceries, provide information to a physician who then puts those personal details into a computer and have a child who gives out personal information on a computer.
This process leaves an electronic trail of information "that can be used and abused by people you've never met, in places you've never been," he said.
To safeguard against that, Gore urged Congress to take these steps to safeguard U.S. citizens and conveyed the following related administrative actions:
"And here's a message for them: If you don't find a way quickly to regulate your own industry, we will take action," Gore said.
The FTC last week made that same point and an alliance of businesses and associations also presented a proposal to protect citizens' privacy online.
"Today, we say very clearly that if you even think of passing yourself off as someone else to trick a bank to give you personal information about someone else, think again," Gore said, adding that con artists who pose as others will be tracked down and prosecuted.
"Before children innocently forfeit personal information, parents should have a say," he said.
The ongoing focus on electronic privacy underscores the importance of the issue, Gore said, adding that the administrative message is clear: "No matter how our technology grows and changes, your fundamental right to privacy is something that will never change."
--Nancy Weil, IDG News Service
"I think thus far the administration has been one of the obstacles to strong and effective privacy legislation," said David Sobel, general counsel for the Electronic Privacy Information Center (EPIC), who attended Gore's speech today in Washington, D.C. "Without the support of the administration, it's unlikely that kind of legislation is going to move very far in Congress."
Gore talked about new administration policies regarding electronic privacy, but he also called on the U.S. Congress to pass tougher laws to safeguard personal information and to protect children's privacy while they are online. He also underscored the administration's desire to have the industry regulate itself.
"The administration appears to remain committed to the self-regulatory approach that has been a notable failure thus far," Sobel said. "So I guess the question is why they believe a self-regulatory approach is going to be successful in the future when it has not been successful in the past."
Following through on the recent U.S. Federal Trade Commission (FTC) stance that if the industry does not take steps to truly regulate itself, the government will step in, Gore pledged: "If you don't find a way to quickly regulate your own industry, we will take action."
Sobel wasn't impressed by the threat.
"We've heard that before -- I think it's getting to be a little bit like the boy who cried wolf," he said. "I think that the industry has heard this threat so many times that it has less impact every time it's repeated with no follow up."
While Sobel from EPIC and Barry Steinhardt, president of the Electronic Frontier Foundation (EFF), criticized Gore's proposals overall, they both did applaud the vice president's announcement that the administration will not implement the use of medical identification numbers for U.S. citizens until additional privacy protections also are approved by lawmakers.
Congress directed the U.S. Department of Health and Human Services (HHS) to develop standards for the identification system two years ago in the Health Insurance Portability and Accountability Act. There is an effort underway among some lawmakers to repeal the identification number provision, but the U.S. House of Representatives also has approved a patient's rights bill that Gore said does not provide adequate protection of private medical information.
And while it's good news to the non-profit policy advocacy groups that the administration appears to be taking a stand on the identification number issue, Gore should have gone farther, Steinhardt said.
"They should simply abandon the universal identifier," he said.
Steinhardt and Sobol both also took exception to Gore's call for legislation making it illegal for World Wide Web sites to solicit personal information from children under the age of 13. Online privacy rights should extend to all age groups, they contend.
"Our feeling is that there shouldn't be an age limit to a right to privacy on the Internet," said Sobol, who also criticized Gore for not specifically addressing more Internet-related privacy issues.
The children's protection initiative raises more questions than it addresses, Sobol and Steinhardt both said. For example, how Web sites can tell the age of a person is one problem, and how it can be determined that permission for the child to provide personal information actually is coming from a parent is another.
What the administration needs, Steinhardt said, is a baseline of rights. Gore did outline four basic principles -- the right to choose if personal information is disclosed, the right to know how, when and how much information is being used, the right to see the information and the right to know that the information is accurate.
Again, though, the vice president did not go far enough, his critics said.
"The question is how is that baseline going to be more than just rhetoric," Steinhardt said. "How are those principles going to become real, enforceable."
Gore's speech had been expected to address that issue, but he did not specifically talk about it. However, a written statement from his office says that the administration will launch a "privacy dialogue" among state and local governments to discuss how to reach a balance between privacy and collection of personal information by governments and also will direct the Office of Management and Budget (OMB) to take responsibility for coordinating privacy issues.
OMB is to call on the expertise and resources of other government agencies to coordinate privacy concerns, according to the statement. But no mention was made of the appointment of a privacy liaison to head up the government's privacy oversight.
"The EU directive is the dead horse in the room that the administration doesn't want to talk about," Steinhardt said. "The other dead horse in the room is the encryption policy."
The EFF recently built a supercomputer and broke the government's widely used encryption standard in record time and never has received a response about that feat from the government, Steinhardt said.
Overall, today's set of announcements from Gore amounted to "much ado about nothing," Steinhardt said.
--Nancy Weil IDG News Service, Boston Bureau
The Commission document, "Analysis and Assessment from the European Commission of the United States Department of Commerce White Paper," sets out six priority actions for European industry and governments over the next two months. The aim is to ensure that the planned IANA (Internet Assigned Numbers Authority) is up and running and can take over the responsibility for domain name registration at the end of September.
The question of membership in IANA is at the top of the Commission's list due to its belief that since European public sector organizations rank among the biggest users of the Internet, they must ensure they are represented, a Commission official told IDG.
"The biggest users here are public administrations and research institutes, so they should organize themselves to ensure membership on the (IANA) board," he said. The Commission therefore envisions convening a meeting of civil servants responsible for the Internet in national and Europe-wide administrations, according to the document.
Due to the limited time available to prepare participation, the document also urges member states to activate their own national registries and to organize them to ensure appropriate representation in the IANA Names Council and possibly on the IANA Board of Directors.
--Elizabeth de Bony, IDG News Service
The meeting, second in a series of three sponsored by the International Forum on the Whitepaper, aimed to gather people interested in the domain name game in order to discuss the development of the "new IANA", or Internet Assigned Names Association, according to the Internet Society (ISOC), one of the sponsors of the free event.
"I am encouraged by the active participation of so many divergent, and formerly opposing forces," said Dr. Jon Postel, director of IANA, in an ISOC statement.
The way top-level domain names, such as .com, .org and .net, are assigned and managed came under fire two years ago when it became apparent to the growing worldwide Internet community that the U.S. government controlled almost the entire process. As it stands now, the U.S. government-funded Internet Network Information Center (InterNIC) registers top-level domain names, while another government-funded organization, IANA, maintains the technical architecture behind the names. Individual countries register their own domain names, such as .uk for the United Kingdom, but IANA and InterNIC handle the coveted .com and .net names.
Earlier this year, the U.S. government released a green paper suggesting that a new, U.S.-based organization be set up to handle the tasks of IANA, including the delegation of several new top-level domains. The international community quickly rejected the U.S.-centric plan, calling for a more global approach.
In return, the U.S. government issued a white paper in June that suggested that the private sector handle the task of creating a private, international organization to take IANA's place. Dubbed the New Organization, it would have to be put in place by Sept. 30, when IANA and InterNIC's contracts expire, the U.S. said. The New Organization would handle the creation and allocation of new top-level domain names, while private companies would compete to register the names for a fee.
The idea of the meetings to discuss the International Forum on the Whitepaper (IFWP) is to come up with a plan for the New Organization. The IFWP meeting took place last month in Reston, Virginia, the second took place this past weekend in Geneva and the third be held in Singapore on August 12-13.
While no major decisions were made at the Geneva meeting, some basic agreements were reached, ISOC said in a statement on its Web site. Specifically, steps were taken concerning the structure of the New Organization, the establishment of an interim board of directors before Sept. 30 and the relationship between trademarks and domain names.
"Discussions were constructive, sometimes heated, but the consensus demonstrated that the Internet community is very willing to self-regulate the industry," said one of the attendees of the meeting, Paul Kane, general manager of Nic.SH and Nic.AC, private registrars of country code top-level domain names based in the U.K.
This interim board, for which nominations are now being sought, will be replaced by a permanent one before Sept. 30, 2000, agreed the participants. The board will work with special councils set up to deal with certain issues, such as names and number assigning and protocols. These councils will make proposals that will then be subject to the approval of the board.
But it wasn't all rosy agreement at the Geneva IFWP meeting. Discussions were heated between those worried about trademark infringement vs. those interested in becoming registrars of new generic top-level domains, said one meeting attendee who asked to not be identified. The registrars want many new domains to join .com and company, while trademark watchers think this will create a lawsuit nightmare.
Some of the chairs of the meeting included Ira Magaziner, senior advisor on U.S. Internet policy to President Clinton, IANA's Jon Postel, Christopher Wilkinson of the European Commission and Michael Schneider, vice president of EuroISPA, a European Internet service provider organization. More than 300 people participated in the Geneva meeting.
A final consensus won't come until sometime at the end of September, but most are confident that the IANA and other interested parties can come up with a plan in time.
"I am optimistic that industry will get the New Organization formed by Sept. 30," said Ira Magaziner last week at the INET '98 conference in Geneva, which preceded the IFWP meeting. "I believe the private sector is moving toward an agreement."
--Kristi Essick, IDG News Service
If you have technical problems with this magazine, contact firstname.lastname@example.org