How Russia and the UN Are Actually Planning to Take over the Internet

According to a countdown clock from Sen. Ted Cruz, there are less than three weeks until the Obama administration puts the Internet at risk from takeover and censorship by China, Russia, and Iran. This conspiratorial fearmongering is, frankly, absurd.

But just because this particular alleged conspiracy is insane doesn’t mean that there is no conspiracy. Of course authoritarian regimes want more control over the Internet, and at this very moment, they are working through the U.N. to get it. But instead of targeting the administration of the domain name system (which, thanks to the so-called “IANA transition” Sen. Cruz opposes, is nearly out of their reach), their chosen vehicle is next-generation Internet standards, particularly an arcane proposal called the Digital Object Architecture (DOA). The best way to stop authoritarian regimes and keep the Internet free is to go through with the transition.

DOA is the brainchild of the legendary Bob Kahn, co-inventor of the Internet’s TCP/IP protocol. The Internet does a great job of moving bits around the world, but it isn’t always so good at authentication, rights management, and access controls. Kahn’s idea, dating back to the early 1990s, is to bake “information management” directly into core protocols. What if every piece of data and every device that accessed the network had a permanent, trackable unique identifier? If you wanted to access information on the network, the system would decide if you were authorized to receive it and, if so, allow you to fetch it.

Only the academic publishing industry has enthusiastically adopted DOA in the form of its digital object identifier standard. Since 2000, journal articles are assigned permanent identifiers that point to digital versions of the articles. Metadata associated with journal article objects usually point to a traditional URL where the article can be accessed. In a more advanced DOA environment, the system might use the permanent identifier associated with your laptop to determine whether you had the right to access the article.

As it turns out, Russia, China, and Saudi Arabia all really like the idea of baking information management directly into next-generation protocols. These governments all believe that information flows a bit too freely on today’s Internet. Wouldn’t it be great, they reason, if tomorrow’s Internet allowed us to track all devices online as well as withhold access to any content we did not want to disseminate?

Authoritarian regimes missed the boat on influencing existing Internet standards, but so-called “next-generation networks” provide a new opportunity. The U.N.’s International Telecommunication Union (ITU) is an agency that, among other activities, hosts standards meetings between governments and telecom companies. Russia, China, and Saudi Arabia have used this forum to advance their vision for next-generation networks, including DOA.

The main point of attack is the ITU telecom sector’s Study Group 20, which focuses on the so-called “Internet of Things.” The authoritarian regimes have banded together to ensure that DOA is adopted as the overarching standard for IoT devices, ostensibly in the name of protecting against “device counterfeiting.” In reality, DOA will allow IoT devices to be pervasively and persistently tracked. Next-generation networks could deny access to any device without a valid identifier. And by requiring registration at the point of purchase, tracking will extend to people, not just the devices.

In the long run, these next-generation networks open the door to rethinking the Internet on territorial lines. Suppose the Russian government, as is likely, runs the authoritative DOA server for everyone in Russia. In addition to tracking activity online, they could control the flow of information into the country and censor information at the border.

What does the ITU get out of all of this? Relevance. The ITU missed out on the Internet revolution. Internet standards are made by private-sector engineers at the Internet Engineering Task Force. The “root zone” of the domain name system is run out of ICANN, a private non-profit corporation. There is no further compelling reason for the ITU, especially its telecommunication sector, to exist.

The ultimate root authority in the DOA system is something called the DONA Foundation, a Swiss non-profit with close ties to the ITU. The ITU is one of DONA’s initial “multi-primary administrators” (MPAs). In addition, should the DONA Foundation go under or Bob Kahn die (he is 77), the ITU will be waiting in the wings to take over root administration of the system.

Next month is the quadrennial meeting, known as the World Telecommunication Standardization Assembly (WTSA), of the ITU’s telecommunication sector. There are a number of DOA-related proposals that will be under consideration, among other mischief. The tenor of the meeting will depend significantly on what happens with the IANA transition that Sen. Cruz so opposes. If the transition goes through, the United States will have considerably more clout with the middle third of countries, neither liberal nor authoritarian, and should be able to stop most of the worst proposals. But if the transition fails or is delayed, the United States will go into the meeting—as well as crucial meetings in 2018 and 2020—from a position of weakness and embarrassment.

If we want to preserve, to the maximum extent possible, an open and borderless Internet, then the path is obvious: Allow the IANA transition to proceed, and then diplomatically twist arms to shut down the ITU’s telecommunication sector. This would keep Internet governance firmly in the hands of the private, multi-stakeholder community for several more decades. Alas, congressional Republicans seem eager to score one of the biggest own goals in Internet politics ever.