One year ago, many Internet users were engaged in a contentious debate over the question of who should govern the Internet. The debate pitted the current model led by a United States based organization known as the Internet Corporation for Assigned Names and Numbers (supported by the U.S.) against a government-led, United Nations-style model under which countries such as China and Russia could assert greater control over Internet governance.
The differences between the two approaches were never as stark as some portrayed since the current model grants the U.S. considerable contractual power over ICANN, but the fear of greater foreign government control over the Internet led to strong political opposition to UN involvement.
While supporters of the current model ultimately prevailed at a UN conference in Dubai last December where most Western democracies, including Canada, strongly rejected major Internet governance reforms, the issue was fundamentally about trust. Given that all governments have become more vocal about Internet matters, the debate was never over whether government would be involved, but rather about who the global Internet community trusted to lead on governance matters.
My weekly technology law column (Toronto Star version, homepage version) argues that the Internet governance choice was a relatively easy one at the time, but in recent weeks the revelations about widespread U.S. secret surveillance of the Internet may cause many to rethink their views. Starting with the first disclosures in early June about the collection of phone metadata, the past two months have been marked by a dizzying array of reports that reveal a massive U.S. surveillance infrastructure that covers the globe and seeks access to virtually all Internet-based communications.
Not only do the surveillance programs themselves raise enormous privacy and civil liberties concerns, but oversight and review is conducted almost entirely in secret with little or no ability to guard against misuse. In fact, U.S. officials have now acknowledged providing inaccurate information on the programs to elected politicians, raising further questions about who is watching the watchers.
The surveillance programs have emerged as a contentious political issue in the U.S. and there are several reasons why the reverberations are likely to extend to the global Internet governance community.
First, the element of trust has been severely compromised. Supporters of the current Internet governance model frequently pointed to Internet surveillance and the lack of accountability within countries like China and Russia as evidence of the danger of a UN-led model. With the public now aware of the creation of a massive, secret U.S.-backed Internet surveillance program, the U.S. has ceded the moral high ground on the issue.
Second, as the scope of the surveillance becomes increasingly clear, many countries are likely to opt for a balkanized Internet in which they do not trust other countries with the security or privacy of their networked communications. This could lead to new laws requiring companies to store their information domestically to counter surveillance of the data as it crosses borders or resides on computer servers located in the U.S. In fact, some may go further by resisting the interoperability of the Internet that we now take for granted.
Third, some of those same countries may demand similar levels of access to personal information from the Internet giants. This could create a “privacy race to the bottom”, where governments around the world create parallel surveillance programs, ensuring that online privacy and co-operative Internet governance is a thing of the past.