Public Comment on WHOIS Review Report - The True Will Do

[What Do You Want <whichwhite@xxxxxxxxxxx>]

Dear
Internet community,




When
surfing the web on the subject of “Internet regulation” I came
across this WHOIS report. 



The
report is a serious indictment of the ICANN leadership. Alarm bells
should ring for all governments and Internet users around the world.
After all, how can one have trust and confidence in the DNS if one
cannot even trust the very organization that is tasked to oversee and
regulate the DNS marketplace? 




Is
ICANN a regulator? Of course, it is.



The
report paints a systematic failure on multiple fronts: policy
development failure, policy enforcement failure, management failure
and corporate governance failure. 



It
is to be hoped that the ICANN Board members take the time to read, in
detail, this highly unflattering report.  In fact, those responsible
for bringing the corporation into such disrepute should be held
accountable.  




The
report confirms “…that
the current system is broken and needs to be repaired”.
 More importantly, the report reveals that what are broken are not
just the WHOIS system, but ICANN’s current organizational structure
and management, especially when it comes to its compliance function:
where it fits within the organization and how it has been funded,
resourced and managed.



As
an organization, ICANN has failed to recognize the critical function
of its contract compliance department, which has all the hallmarks of
a regulator, absent the coercive power that a state or public
regulator normally has.  As far as domain name regulation is
concerned, ICANN is undeniably “a global regulator” that has far
reaching impact on domain names and the Internet. 




Actually,
many regulators around the world rely on a certain level of
self-regulation as part of their regulatory compliance strategies.
ICANN is no exception, but that does not diminish ICANN’s role and
responsibility as a global DNS regulator. As the report rightly
points out:




“Finally,
we note the sensitivity from some sections of the community about use
of the term “regulator” to describe ICANN’s role within the
industry.  We have tried to avoid the term in our final
recommendations.  However, we do not fully understand the
sensitivity: ICANN is part of a self-regulatory ecosystem.  It
accredits some actors (registries and registrars) and requires
certain behaviours of them.  It has an operational function to
enforce contractual requirements.  These activities can be properly
described as regulation in the sense of private sector,
self-regulation.  If they were not done effectively, they would need
to be done by someone – or something – else.”



ICANN’s
self-denial of its global regulatory role appears to have resulted in
its contract compliance function operating within the legal
department of the organization, under-resourced and mismanaged. 


1. Resource
        – Value-for-money of a regulator  


Resourcing
is a constant challenge for most, if not all, regulators. While
adequate resource and funding is important, it appears that over the
years the community has been provided with a distorted view of
compliance’s budgets. According to the Review Team’s Final Report
– Addendum
http://www.icann.org/en/about/aoc-review/whois/final-report-addendum-25may12-en.htm:




“Since
that chapter was completed, the Review Team was provided with this
document
[http://www.icann.org/en/resources/compliance/reports/fy11-activities-25may12-en.pdf]
[PDF, 52 KB] by ICANN staff, which sets out the levels of
contributions to Compliance from other departments for the Financial
Year 2011. The document indicates that, not including overhead, 38%
of Compliance's actual spend for 2011 was contribution from other
departments (unspecified). Overhead (unspecified) accounts for 20% of
total spend. In total, 57% of the $3,218,000 actual spend is
comprised of contributions or overhead.”



What
sort of creative accounting is this?  How would any self-respecting
organization operate in this manner, especially a not-for-profit
organization that is required to be fully transparent and
accountable?  




How
can one determine the real cost of any of the functions in the
organization with this kind of jumble?  Without a true and fair view
of funding and resourcing arrangements for the compliance function,
it is not possible to evaluate its performance, i.e., the
value-for-money question. Perhaps the accounting department needs to
be reviewed next.

2. Structure





It
seems strange that it took the review team 18 months to find out that
the compliance team reports to the General Counsel. This structure
indicates that ICANN’s management fails to grasp its public
interest mandate. As the report cited a comment from a Ms. Kristina
Rosette:




“…Because the
fact of the matter is that the General Counsel who heads the legal
department has an ethical and fiduciary obligation to the corporation
to minimize risk.  And as a fundamental matter, that is going to be
antithetical in many cases to an aggressive enforcement of
contracts.”




This
review team has made a clear and direct recommendation on structural
change for the compliance function to report to an “independent”
board sub-committee. To ensure true independence, the sub-committee
should NOT include the ICANN CEO – that is “separation of powers
101” or simply common sense. 




Many
regulators or quasi-regulator organizations around the world are
funded by the very industry they seek to regulate or derive income
from them, but these organizations go out of their way to have
adequate arrangements in place to manage perceived or actual
conflicts of interest. This is not rocket science, but corporate
governance basic. 




3.
Compliance leadership 


The
Review Team’s recommendation for leadership change at ICANN
Compliance states:


“There should
be clear and appropriate lines of reporting and accountability, to
allow compliance activities to be pursued pro-actively and
independently of other interests. To help achieve this, ICANN should
appoint a senior executive whose sole responsibility would be to
oversee and manage ICANN’s compliance function. This senior
executive should report directly and solely to a sub-committee of the
ICANN Board. This sub-committee should include Board members with a
range of relevant skills, and should include the CEO. The
sub-committee should not include any representatives from the
regulated industry, or any other Board members who could have
conflicts of interest in this area.”



This
recommendation is critical to the future success of the compliance
function and it should be implemented as soon as possible. 




As
noted above, ICANN’s contract compliance function is akin to a
global DNS marketplace regulator. Indeed, the Internet is such an
important part of modern society that the person to head this
department should be an internationally recognized regulatory expert.
ICANN should conduct a global executive search for candidates with
impeccable integrity to fill this senior executive role. 


The
report notes that the current head of the compliance team is Ms Maguy
Serad. Viewing her credentials available on the Internet, it makes
one wonder how her background in IT project management could possibly
fit this role. Was the hiring process flawed and should the Human
Resources Department also be reviewed? 



But
that is not all. It would appear that the CEO can’t figure out
staff numbers, according to footnote #29 of the review team’s
report:


29
Rod Beckstrom to Jon Leibowitz, 10 January 2012
http://www.icann.org/en/news/correspondence/beckstrom-to-leibowitz-10jan12-en
Footnote 9 : “Today’s Contractual Compliance team has four
additional members than it did a year ago, nearly doubling in size”.
While (considered narrowly) this may be an accurate statement, it
does not acknowledge that staff numbers in 2011 (a “year ago”)
were around half that of the previous year 2010.

The
report stops short of saying the obvious, which is that Mr.
Beckstrom’s statement is indeed misleading. The credibility and
integrity of those who misstate facts or overstate their
qualifications are subject to public scrutiny and should be held
accountable. Yahoo’s former CEO, Scott
Thompson was forced to resign over claiming a degree he didn't have,
http://blogs.computerworld.com/20162/yahoo_ceo_resigns_over_resume_cv_error_thompson_fired_by_loeb.








Conclusion



This
damning report clearly shows that ICANN has failed to meet its
commitment to promote competition, consumer trust, and consumer
choice in the DNS marketplace. 



Domain
names and the Internet are critical public resources and cannot
continue to have such a dysfunctional organization at its core.
Urgent repair is required.






Respectfully,

Sean
White