The old boys know it and so do the young upstarts. The world of the internet is never going to be the same. That’s the gist of two fascinating days of debates, discussions and breakout sessions at CyFy 2014: The India Conference on Cyber Security and Cyber Governance. Every single expert from almost every single corner of the networked world said the nuts and bolts of the internet governance and policy have to change.

That disruptive big picture has been hovering in the background for close to two years. What is adding an increasing sense of urgency is the recent context provided by the decision of the US commerce department’s national telecommunications and information administration (NTIA) to give up its rather cosy arrangement with ICANN to oversee global internet protocol (IP) address allocation and root zone management in the domain name system (DNS). Currently the arrangement works something like this. The NTIA, which is the sovereign US government for all practical purposes, has a contract with ICANN, which is a non-profit entity but registered in the US and hence completely governed by US laws. ICANN, in turn, has handed over that responsibility to its department called the internet assigned numbers authority (IANA), which needless to say is fully controlled by ICANN. 

NTIA also has what it calls a ‘cooperative agreement’ with VeriSign, again an American company, to perform root zone management functions. VeriSign controls two of the internet’s 13 root names servers and is the go-to registry for .com, .net and .name generic top level domains (gTLDs), the .cc and .tv and country-code top level domains (ccTLDs). It also provides backend systems for the .jobs, .gov and .edu TLDs.

The long and short of it is that the US does decisively control the internet. But to be fair to the Americans, such a system is also a product of a time and age when the internet had not become the overarching and overbearing presence that it is today. Moreover, again in the interest of objective assessment, it must be mentioned that transitioning NTIA out of its role marks the final phase of the privatisation of the DNS as outlined by the US government in 1997.

Of course, one can quibble that it has taken the US a good 17 years to loosen its grip, but that would obscure the larger tussle at play; one that is going to determine the future power structure of who, how and in what way will the internet be controlled and modulated.

As things stand today, the US wants to divest itself of this ‘responsibility’ by September 2015 and give it over to what it calls the ‘global multi-stakeholder community’. ICANN has been given the mandate to collaboratively work with the internet engineering task force (IETF), the internet architecture board (IAB), the internet society (ISOC), the regional internet registries (RIRs), top level domain name operators, VeriSign, and other interested global stakeholders. The NetMundial initiative in Brazil in April has been the biggest effort till date with over 850 stakeholders, including individuals like Tim Berners-Lee, the father of the internet, attending it.

On the face of it, the US decision to let go of the internet, in a way, and the emerging broad consensus for evolving a multi-stakeholder community to take care of the internet in the future are positive developments. The real power tussle, despite what many may consider as needless hair splitting, lies in the semantics. There are two arenas of contestation that need to be mapped, and the implications of each marker in the landscape clearly pegged, for any kind of informed debate.

The first revolves around the term multi-stakeholderism. Journalist Suhasini Haider, who was one of the moderators for a session in CyFy, asked everyone around, half seriously, as to how multi-stakeholderism can even be a word. The English grammar aside, the varying power architecture of the term indicates a different kind of grammar that each of the stakeholders wants to impose on the ongoing discussions. In itself, multi-stakeholderism is an inclusive term with the potential to encompass all the interested parties and players in the internet world. The problem begins when the specific form of multi-stakeholderism advocated by the US and the western world gets juxtaposed with multilateralism and democracy. The basic assumption behind this particular multi-stakeholder approach is that every single interested party is given the space to come and congregate on the same platform. It does not, however, explicitly specify two things. The first is whether each stakeholder will have equal rights. The second is how these rights, equal or otherwise, translate into leverage, jurisdiction and decision-making responsibility.

These inconsistencies are amplified when compared with the multilateral approach, advocated by many countries, where the internet is seen as a collective world resource that needs to be mandated and managed by sovereign entities. Russia and China are strong advocates for the multilateral approach. It has its strong points, equality among stakeholders (countries) for one. But it is also a framework that fundamentally strengthens the hands of states and, as several civil society organisations and corporate entities have pointed out with justification, can be used to muzzle dissent, control the flow of information, people participation and mobilisation in undemocratic ways. The US and the western world have gone all chips in for a multi-stakeholder approach.

From a realist geopolitics point of view, some will say cynical, the specific form of multi-stakeholderism advocated by the western countries will only serve to maintain the current asymmetries of the internet power structure, albeit in a different form. The Edward Snowden revelations and the existence of massive US government-sponsored surveillance that cut across borders have finally brought to light the elephant in the room: something that several civil society groups have been alluding to for a long time.

For all the rulebooks and rules of law that big private firms throw at Asian governments like India and China when asked for access to information and servers, the Snowden affair has revealed that companies like Google, Yahoo! and Microsoft actually ended up crawling when asked to bend by the US government. It is in the American and western interest to specifically define the internet as a global resource that does not have any boundaries and hence be kept away from any multilateral mechanism or state control. The west, in more ways than one, controls the internet infrastructure: from codes and algorithms to standards and protocols to undersea cables and massive server and traffic infrastructure. It is easier to control corporate houses than sovereign entities.

In this tussle between multi-stakeholderism and multilateralism, a few countries led by India have suggested a third path. The Indian suggestion, articulated quite beautifully at NetMundial, was to look at a ‘democratic multi-stakeholderism’. The introduction of the term ‘democratic’ completely changes the power dynamics and quite decisively answers the question of equal rights and how each of those rights will be leveraged for decision making roles and responsibilities.

Not surprisingly, it has not gone down well with the western world, nor has it found any takers in the multilateralism camp.  Democratic multi-stakeholderism has the potential to mitigate the genuine concerns of sovereign nations in terms of protection of their cyber resources and infrastructure – not only from anonymous hackers and non-state actors, but also from the overarching surveillance mounted by the US and its allies. (The NetMundial statement, disappointingly, does not explicitly or implicitly take a stand on the American surveillance of cyber assets, resources, infrastructure and communication of other sovereign nations and countries.)

The second argument revolves around the arena of technology, standards, protocols, processes, technical specifications, hardware and software. The internet is a technology-intensive set of resources. There can be no disputing that basic fact. So, in a sense the school of thought that wants to create and maintain some sort of a gated enclave, an engine room so to speak, of the nuts and bolts of the internet seems reasonable and justifiable in the first instance. After all, what could an average user of internet possibly know about the finer nuances of creating a framework for the allocation of IPv6 internet addresses? Point taken. But it starts becoming a complex power play when the school of thought transforms itself into a technocratic singularity where engineers and scientists are seen as the Holy Grail and social scientists and policy makers as ‘corrupting influences’ bent on damaging the proverbial Garden of Eden. Such technocratic singularity was also amply in evidence in the CyFy conference where, ironically, both policy makers and technocrats used popcorn terms like ‘bad actors’ and ‘lack of understanding’ and seemingly chocolate-coated ones like ‘capacity building’ and ‘bringing up everyone to the same level’, amplifying the divide between the western world, which controls the cyber forces of production, and the emerging world that is justifiably demanding a greater control and role in the shaping of the internet.

So a bad actor, for instance, which could mean any country from Russia to Iran to China, or an individual like Edward Snowden, will invariably be used to try and keep as many of the current power players, stakeholders if one goes by the new lingo, within the system while systematically keeping out the newer emerging players. Similarly, the term ‘capacity building’, a benign expression usually denoting facilitation, hand holding and empowerment, is often used to keep countries, institutions and people on the margins by categorising them as not having the ability to contribute to a process of decision making that has to be completed by September 2015. Such countries and institutions are implicitly positioned as ‘disrupters and delayers’. Unfortunately, some of the speakers at CyFY, unwittingly, displayed similar structural semantics used by early European colonisers to ‘civilise native populations’.

No doubt, a technocratic approach has its strengths, and some areas of internet governance have to be completely technocratic. But there are areas that cannot justifiably be left to the apparently superior engineering mindset of technologists, programmers and technology policy makers. Many are, today, simply focused on meta-concerns of cybersecurity, information protocols, authentication procedures and big data: concerns that are shared by the institutional structures of state, market and civil society (or government, corporations and NGOs if you want the depoliticised avatar). Voice web, for instance, already has a separate protocol, hyper speech transfer protocol (HSTP), yet the technocratic ecosystem that manages the internet today has not given it the kind of attention that it deserves. It is heart-breaking because voice web does have genuine potential to break the literacy barrier, which has been a constraining factor in increasing the adoption of the internet and mobile-based services in several Asian and African countries.

Technology by itself is inert. One needs a particular socio-economic logic to be embedded, almost like a code, for it to become proactive and transformative. It is here that the concepts of multi-stakeholderism and technical independence need to be revisited and redefined. It is not going to please powerful institutional and corporate players in the internet space. It may also not completely please actors proposing a multilateral approach. But the key conundrum in all these debates remains the same. All of us are supposedly representing and acting for the last mile user. Can we, then, genuinely start bringing everyone on board and giving each one of them substantial voice and a vote?

Swaminathan is senior fellow of Observer Research Foundation, fellow of the National Internet Exchange of India and contributing editor of Governance Now.