The Internet Corporation for Assigned Names and Numbers (ICANN) is a California-registered nonprofit public benefit corporation that since 1998 has served as the policy administrator of the root of the global Domain Name System (DNS), under contract from the United States National Telecommunications and Information Administration (NTIA). Under a separate contract with the NTIA, and under the name IANA, ICANN also maintains a registry that contains not only the root DNS database, but also various other Internet protocol and number assignments.
Domain names at the second and following levels underneath the root (for example .com, .ninja and .io) are not managed by ICANN, but by independent wholesale registries, who in turn deal with the public through retail-level registrars. ICANN has a contractual relationship with most of these registries and registrars—which gives ICANN a high degree of control over their operations, such as how they respond to disputes and law enforcement requests, and prohibiting them from allowing domains to be registered anonymously. (As an exception to this, most countries in the world determine their own policies for the country-code top-level domains (ccTLDs) that they maintain underneath the ICANN-administered DNS root.)
In theory, ICANN exercises its policy development functions through a bottom-up and transparent multi-stakeholder process that incorporates the perspectives of a wide range of affected interests—including governments, through a Governmental Advisory Committee (GAC). In practice, ICANN's very complex structure has made for a process that is liable to capture by particular stakeholders, and to undue influence by ICANN staff.
ICANN's susceptibility to capture has been no more evident than in the excessive deference given to the interests of intellectual property owners. Examples of this include:
- The Uniform Dispute Resolution Policy (UDRP), which for most registrars provides a compulsory arbitration process for the resolution of disputes over domain names that are alleged to infringe trademark rights. This policy has been used to clamp down on legitimate parody and criticism in ways that domestic trademark law would not allow—yet the U.S. Trade Representative would like to see this policy extended to all ccTLDs around the world.
- The Uniform Rapid Suspension System (URS), an even more rightsholder-friendly policy applicable to the newest generic top-level domains (gTLDs) that ICANN began rolling out in 2013, which was one of a range of new conditions that ICANN attached to those domains. The URS gives even fewer due process rights to domain owners than the UDRP, and there are worrying moves afoot to extend it to legacy registries [PDF] that EFF has opposed.
- Copyright lobbyists were also behind a proposal to limit the ability for domain name owners to protect their personal information from public view. EFF and users from around the world have been speaking out against this proposal, which endangers the privacy and safety of small website owners. We also support the development of a new domain name registration database that embeds privacy by design.
- The 2013 registration agreement that governs registrars' contractual relationship with ICANN goes further than the previous version in requiring them to take steps against those who "abuse" domain names. Copyright industry lobbyists and the USTR have seized on these provisions to demand that registrars cancel domain names allegedly used to host infringing content—even if no court order to support their allegation has been made.