IS THE UN TAKING OVER THE INTERNET?

I’ve been getting lots of questions on the Dubai ITU conference, which begins next Monday (12/03-14). There are a lot of misleading stories floating around. Each group in this fight has journalists that they control, and these "noble servants of the fourth estate" are dutifully raising concerns from several different angles at the same time.

Now, before I explain what’s happening, let me warn you that it’s an ugly mess, and that none of the players are clearly "the good guys." 

THE PLAYERS

ITU: The International Telecommunications Union. This is a UN Agency — the group that sets telephone system specifications and country interactions. Aside from getting telephone systems to interact and allocating some international bands of radio spectrum, they do very little. (They do manage the SSL standard for session encryption.)  Some of these people would be thrilled to have massive power handed to them.

ITR: International Telecommunications Regulations. This is the telephone cooperation agreement.

The rest of the players you know: Google and the other huge Internet companies like Verizon, AT&T, etc. Then we have the various states: The US, the EU and Israel more or less on one side; Russia and China more or less on another, and the small countries (especially the Arabs) whose votes are being traded for various considerations.

I think you can see from this where a lot of the commotion comes from. Everyone is trying to bring public pressure down on their opponents.

THE FIGHTS

Briefly, here’s a breakdown of the simultaneous fights:

Taking over ICANN

Let me start with the fight that matters: A considerable group of states want to put the ITU in charge of the Internet. They want it to become the regulatory body.

Up till now, the Internet has generally been managed by multiple "stakeholders" (the big telecoms, some governments, etc.) sitting down at a table and making agreements. In general, it has worked well.  This has always been a cooperative, not coercive, means of managing the net.

Probably the most important group for Internet management is called ICANN, the group responsible giving out Internet addresses, which they do through regional groups called RIRs. They also manage the Internet’s 16 root servers. IETF, the group that sets Internet protocols, is also included in this.

The problem with ICANN is that it has allowed the US government to throw its weight around and hog Internet addresses. China can barely get any IP addresses and even the Europeans are being badly pinched. Because of this, everyone outside of the US alliance has thoughts of taking it over. (Well, they all want to take over everything at all times, but the US acting stupidly is driving this issue over the edge.)

This is the important fight, and the one that must be won. But the US government is not wearing the white hat in this ring. They are the bully.

Peering agreements

The next big fight is over what is being falsely called a tax. What this is, really, is an effort by the small Internet services (many of them small state systems), to force the big telecom companies under the control of the ITU. The problem here is what are called "peering agreements." These are contracts between companies like Deutsche Telecom and AT&T, clarifying how they will send signal between themselves and how they will pay each other. The big issue is that the big countries and companies have been pushing the little countries and companies around.

Can you see here why a lack of good faith (i.e., piggish, manipulative business) always leads to  problems?

Anyway, the smalls want the ITU to lord it over the bigs. They want standard contracts for everyone, so Google has to stop screwing them. (More or less every server on the planet is over-priced because incoming and outgoing traffic are charged the same, allowing Google to index everyone’s web site at the web site’s expense.) These new contracts would charge separately for initiating traffic, which Google is trying hard to squash.

Perhaps even worse, from Google’s perspective, is that these contracts would allow the smalls to sue Google in the US. (Right now they must hire law firms in multiple jurisdictions to sue them.)

Again, this would have been no problem if the big businesses had integrity, rather than pushing others around simply because they could.

Cyber-security

There are lots of nation-to-nation cyber-security deals in place already, and much stronger ones than are involved in these discussions. The difference is that cyber-security agreements overseen by the ITU would require all the warring countries (including the US, EU and Israel) to cooperate. Here’s what that means:

Let’s say that a cyber attack hits Iran, Russia’s ally. By contract, the US must help them find the attacker. There would be no more hiding of cyber attacks.

Russia and China are worried about this because the US and its allies are very good at cyber attacks. You remember Stuxnet (along with it’s cousin, Duqu) and perhaps Flame, and there have probably been others. In addition, the US has been amassing a huge cyberwar force.

Russia, China and their proxy states are pushing this proposal to level the playing field. There is little reason to think that the Russians or Chinese would keep the agreement themselves, but having a moral failing to hold over the US has worked very well for them in the past. May as well forge another tool.

Routing of IP Packets

The Arab countries want a mechanism to make sure their traffic does not go through Israel. Some of the South American countries want to make sure that their traffic doesn’t go through the US. Why? Because their traffic is spied upon in those places, and sometimes altered.

Caller ID

This is a proposal to create a type of Caller ID for the Internet: to make sure that traffic is coming from one party only; to know which household is sending the signal. The ITU wants to take it over from the nations, centralize it and make it world-wide. This is a huge privacy issue, but privacy is dead anyway.

Disconnect contracts

Under this proposal, the ITU gives each nation the ability to disconnect itself, automatically and "per contract." The nations already have the ability to cut the Internet, but they want to legitimize pulling the plug: "Don’t complain. We all signed a contract that clearly allows us to do this."

WHAT WILL HAPPEN

These are our guesses, and we’re not involved in any of this, so please take them for what they’re worth:

·         Probably, ICANN will remain intact, at least mostly. The Internet will not be handed to the ITU. Probably the US will back-off and promise to play nice. And as I say, this is the crucial issue: ICANN must not be owned by states.

·         The peering agreement is a toss-up. Probably Google will twist enough arms to avoid "initiator pays," but they may lose on the "suing at home" provision.

·         On cyber-security we again see a toss-up. Perhaps the US block will agree to limited cooperation.  

·         Routing doesn’t really matter; it can’t be implemented anyway.

·         Caller ID will probably fail because of EU privacy concerns and technical issues. (It’s a hard thing to do.)

·         Disconnect contracts will probably go through.

There will, of course, be massive horse-trading involved. And, FYI, this cannot be vetoed in the Security Council – it’s a different set of UN operations.

AND PRIVACY?

None of this really has anything to do with privacy, censorship or free speech. This is about politics, economic issues and the usual jockeying for dominance. It won’t change a thing in terms of privacy.

All of these parties are already spying and censoring. Cyber Monday (11/26) saw 132 web sites pulled down by the US and UN. If you want privacy, well… use Cryptohippie or become a Cypherpunk.

STUPIDITY & VENALITY, NOT INTENT

It’s funny how often things like this show up when studying history: Something wonderful gets trashed,  leaving you looking for the big, bad monster who did it. But in the end all you find is a group of stupid, immoral people, scratching for an extra bit of power that is almost meaningless to them anyway. Then it all devolves into a mass brawl and they destroy it all.

It’s almost Biblical to watch: Venality and avarice are super-charged by power. Pride reigns and fights are inevitable among those who can brook no diminishment of their power or status. And thus they mindlessly destroy that which they cannot rebuild.

Paul Rosenberg is a computer security specialist and founder of Cryptohippie.  TTP endorses Cryptohippie for your personal online security.