Time To Make The Donuts: Self-Help Agreements and ICANN Accountability

Kristian Stout —  19 February 2016

It seems like debates that involve the ability to access the Internet fall into absolutism very quickly. One could almost construct a corollary of Godwin’s law:

As the length of a policy discussion involving the Internet increases, the probability of someone claiming a nefarious plot to destroy the Internet approaches 1.

Should there be zero-rated services for underserved populations? NO! It’s just Facebook trying to remake the Internet in its own image. Should broadband operators be able to intelligently optimize their networks and have some manner of allowing smaller players to purchase guaranteed bandwidth? HORRORS! That’s just cable companies creating fast-lanes and data caps in order to extort money out of poor defenseless consumers! Should we perhaps prevent companies from using clever tricks to circumvent our patent system and import laws? YOU CANNOT! Preventing infringing digital articles from entering the U.S. will close the Internet!

And of course, any effort to curb illegal content online can be attributable only to a cabal of content owners trying to give themselves an Internet kill switch.

Only, it’s just not true. There is nothing at all legally necessary — or even reasonable — about a per se protection of one right at the expense of any other right. But that’s just what some would have us believe. Online, the right to expression simply must trump all other values — law enforcement and property owners be damned.

But it’s hardly novel or controversial to understand that rights are balanced against each other and — with very rare exceptions — no right is absolute. Just as in the offline world, any one person’s rights online are circumscribed by the scope of everyone else’s rights. My ability to speak is not limited just by the principles of defamation and public safety, but also by the location where I speak. I am not entitled to limitless speech rights in all manner of private fora. Similarly, my right to travel does not entail my use of your privately owned vehicle – my rights are firmly delineated by at least the harm principle.

And I think that, for the most part, everyone gets this. For instance, ICANN – the organization responsible for managing the domain name system (“DNS”) added some basic “public interest commitments” (“PIC”) into its registry and registrar agreements that are intended to discourage “distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law.”

Of course even though these PICs sounds eminently reasonable, the free expression absolutists are there to claim that these provisions are just attempted “governance-by-infrastructure.” But, as elsewhere, this view gets the whole situation wrong.

At root, it is exceedingly improbable that DNS providers can avoid having some role in preventing the proliferation of illegal content. After all, ICANN, its registries, and its registrars are creatures of contract and statute, and as such are embedded in a social and legal context that expects certain minimal compliance from its institutions. Like, for instance, not facilitating thievery or the sale of unregulated and dangerous medicines.

That’s why it was particularly heartening to read about the Donuts-MPAA agreement last week: A private arrangement that finds a resolute middle ground that protects both expression rights as well as property rights. Donuts — the largest of the new gTLD registries — announced that it would be regarding the MPAA as a “Trusted Notifier” in its efforts to combat illegal content hosted through any of its TLDs. Essentially, this arrangement gives the MPAA an expedited method for submitting vetted complaints about widespread infringement being conducted through a Donuts-issued domain. Also as part of this arrangement, Donuts will implement a set of procedures, including the ability of affected registrants to protest, before any sanctions (e.g. domain name suspension) are imposed.

“Self-help” mechanisms like Donuts’ “Trusted Notifier” are very important — not just for what they accomplish, but for what they say about the interests of ICANN and its registrars and registries in maintaining credibility by minimizing harmful behaviors. And, the real story here is that this sort of voluntary arrangement is in fact possible between these organizations.

Frequently, rightsholders are vilified for any attempt to introduce reasonable accountability that might result in domain name suspensions because, naturally, only greedy, short-sighted groups like the MPAA and the RIAA would ever think of suspending domains where clear, pervasive property theft or other patently illegal conduct is occurring. This is of course a fantasy, and it is roundly rebutted by the Donuts-MPAA arrangement.

Interested in maintaining its credibility, both with the public, as well as with ICANN stakeholders, Donuts is motivated to ensure that it is a good corporate citizen. And this is where the Donuts-MPAA agreement really breaks new ground. This is a voluntary, arm’s-length arrangement reached through negotiation and mutual assent. This is not a master Internet switch that rights-holders get to flip at their whim, and it’s not a scattershot approach. It seems to be — at least from this early view — a fairly well-balanced, targeted, responsive and moderate approach to combating illicit use of the DNS.

Going forward, I think Congress and ICANN should take a lesson from Donuts’ approach to dealing with illegal content. Continuing to rely on the PIC provisions of the registry agreement is a no-brainer. But more broadly, the PICs should be woven into a larger enforcement “ecosystem” that ideally has ICANN in more of a supervisory role.

ICANN sets up the rules of the road that everyone is expected to follow, and can leave it to the registries to operationalize the basic PICs. If done correctly, the accountability regime could be realized through a simple respect for contracts — which ICANN could then guarantee as one of the few positive commitments for enforcement that it makes.

Kristian Stout


Kristian Stout is the Associate Director for Innovation Policy at the International Center for Law and Economics (ICLE). As a technology professional and entrepreneur for over ten years, Kristian’s scholarship is influenced by a practical understanding of the challenges facing innovators in the modern economy. Kristian has previously been a lecturer in the computer science department of Rutgers University, is frequently invited to speak on law and technology topics, and has been published in law journals and legal treatises. Kristian is an attorney licensed to practice law in New Jersey and Pennsylvania, is a partner at A&S Technologies, a software services firm, and sits on the board of CodedByKids, a nonprofit organization that provides STEM education to underprivileged children.