Digital Governance Book Review: Ruling the Root (2002)

Mueller, Milton (2002). Ruling the Root. Internet Governance and the Taming of Cyberspace. Cambridge, Mass.: MIT Press, 317 pages.

By Matthias Finger

With the discussion of this book, the C4DT begins a new publication series, the Digital Governance Book Review: Hereafter, every month, we will summarize and contextualize a book we consider relevant. The book will be either a classic, whose lessons are worth recalling, or a new publication our readers should become aware of. Over the next two years, we plan to present approximately 25 books that we think will help our readers understand the essence of digitalization.

I begin this series with Milton Mueller’s, by now, classic on the governance of “the root”. His book is structured into three parts: (1) the technicalities of internet names and address spaces, (2) the institutionalization of the internet domain-name system from inception (the late 60s) up to approximately the year 2002, when his book was published, and (3) the main issues raised by this quite unique way of governing a global resource. All this is meticulously researched, documented, analyzed and criticized by the author, through the lens of institutional economics. Overall, this book is a masterpiece of the social and political history of technology in the, now, unfortunately extinct tradition of STS (Science, Technology, Society) scholars. In this book review, I will mainly focus on Parts 2 and 3 of Mueller’s book.

The Story of the Root

Thanks to Mueller’s research, the history of internet governance has become well known. It all began in 1969, in California (specifically at UCLA, USC and Stanford University) with the creation of ARPANET, the Advanced Research Projects Agency Network of the US Department of Defense. ARPANET was the world’s first “packet-switched network” using distributed control due to the TCP/IP protocol suite (Transmission Control Protocol / Internet Protocol). IANA, the Internet Assigned Numbers Authority, started in 1972, first informally, by performing certain technical functions for ARPANET. The name that comes up all along the history of internet governance is Jon Postel (1943-1998) of UCLA and the USC Information Sciences Institute (USC-ISI). He proposed, governed, and originally operated the registry (catalogue) of port numbers related to network services. IANA was officialized, however only in 1988 with Jon Postel as its administrator until his death in 1998.

But in 1981,  the situation became more complicated when the US National Science Foundation (NSF) funded a parallel computer science network (CSNET) at several US Universities. In 1986, CSNET (and subsequently NSFNET) became interconnected with ARPANET. Over time, the NSF maneuvered itself into the driver’s seat by creating a partnership with the US telecommunications and the computer industry, thus leading to the creation of the Internet in 1990. Consequently, ARPANET was subsequently decommissioned. Yet, IANA remained at the core of the Internet as the “authority”. A power struggle was thus in the making, leading to the creation of ICANN as the compromise solution in 1998. At the heart of this struggle was the conflict between, on the one hand, Jon Postel controlling IANA and the Department of Defense (the regulators) and, on the other hand, Network Solutions Inc. (NSI, the operator and commercial part) and the NSF (the government or policy part) The NSF gradually gained the upper hand.

As of the early 1990s, the Internet and especially the WWW started to grow rapidly as did the interest and demand for domain names. As of 1991, NSI began to give out top-level domain (TLD) names for free, notably .com, .org, .net, .edu, .gov and .mil. In 1993, NSF (not the US Department of Defense) contracted with NSI to serve as the exclusive TLD name registrar for .com, .net and .org. In parallel and on its own initiative, NSI began to compile a database of assigned names and IP addresses, it was called WHOIS (“who is”). In 1995, the NSF allowed NSI to charge a hefty amount for domain-name registration, while taking for itself a 30% cut. This eventually led to a lawsuit for antitrust violations, which brought the US Department of Commerce and the US National Telecommunications and Information Administration (NTIA, an entity within the Department of Commerce) into the picture. As a result, domain-name registration fees were substantially lower so as to make them affordable also for users in the developing world.

Growing Pains

As a result, an institutional (governance) solution had to be found to overcome the tension between IANA as the authority (contracted and paid by the US Department of Defense) and NSI as the (profit-seeking) operator (contracted by the NSF). This was aggravated due to the way internet governance was handled increasingly drew global attention, at this time mainly from international organizations, such as the ITU (International Telecommunications Union) and WIPO, the World Intellectual Property Rights Organization; both questioning in particular the role of the US government in the rapidly globalizing internet and WWW.

Therefore, in 1998, ICANN, the Internet Corporation for Assigned Names and Numbers, was created as a compromise “solution” between the US Department of Defense, the NSF, the US Department of Commerce (DOC) and its NTIA. Mueller has some very nice formulas for these evolving institutional arrangements, calling them “a technical priesthood backed by federal largesse” or “a chaotic ménage à trois of government, academia and business”.

This compromise resulted in a “not-for-profit corporation under Californian law” with Jon Postel as the founder, who was to die three weeks after ICANN’s creation. Basically, the operational (operating the databases and registries), the policy making (setting rules and procedures), and the regulatory (supervisory) functions were all combined within ICANN, even though operations were outsourced by ICANN to NSI. At some point in time, NSI was acquired by Verisign, and the formerly separated regulatory function as performed by IANA became a unit of ICANN itself, yet under a separate Memorandum of Understanding with the Department of Commerce (DOC-NTIA). Overall, this became a quite convoluted corporate governance structure. In 2006, and beyond Mueller’s book, this MoU was changed to a contract between ICANN and the DOC. This gave the DOC some supervisory powers over certain activities of ICANN which was again abandoned in 2016 (see below).

Regardless of all these changes, since its inception and until today, ICANN has three functions. They were identified by Mueller (page 6): (1) to set policy for and manage the allocation and assignment of IP addresses (the policy making function), (2) to decide on top level domain names (the regulatory function), and (3) to be responsible for operating root servers. This third function is the operational one that, in turn, is outsourced to the private sector. In his book, Mueller is mainly interested in the second function that he considers to be a regulatory one and that he defines basically as attributing a scarce resource (domain names) to private actors (as governments worldwide have managed to obtain their own domain names). Regarding the regulation of domain names, he draws upon institutional and regulatory economics literature and compares the attribution of domain names to the attribution of radio frequencies and parts of the spectrum (by ITU and national telecommunications regulators). However, he is also of the opinion that this domain-name resource is made artificially scarce, unlike radio frequencies and the spectrum, that are physically scarce (given a certain technology). Hence, ”ruling the root” is mainly about managing artificially created scarcity for  profit.

What Are The Main Issues?

Profit derived from selling domain names, however, is by far not the only issue identified by Mueller. In this section, I will briefly highlight the main issues resulting from the ICANN way of governing the Internet, as identified by Mueller:(1) the governance of ICANN itself, (2) artificial scarcity and rent seeking, (3) control over the Internet, and (4) geopolitics. All except the last one has already been identified by Mueller. Yet, twenty years after his book was published, none of them has been solved, owing mainly to the lack of any form of global internet governance.

Corporate Governance of ICANN

As Mueller convincingly shows, corporate governance problems can be traced back to the very origins of the Internet, in other words, the conflicting interests between government, business and academia (which again was contracted by the military/government). The creation of ICANN hardly improved the matter, except for the military that has been removed from the internet’s governance.

The foundational governance problem stems from the fact that ICANN is set up as a corporation, albeit a not-for-profit corporation “for charitable and public purposes” (under Californian law). Indeed, one may ask whether an organization with regulatory powers should be a corporation to begin with. Back in 1998 when ICANN was created, Jon Postel personally appointed the sixteen members (voting directors) of the board. Upon their renewal, eight of the board members were subsequently selected by a nominating committee that supposedly represented the “constituencies” of ICANN, six of the board members represented the three “supporting organizations” (the Generic Names Supporting Organization, the Country Code Names Supporting Organization and the Address Supporting Organization), and one board member was nominated by all organizations at-large, i.e., the rest of the world. This board chooses its president, as well as the CEO who is also a member of the board. There are also numerous advisory committees that broadly represent the „internet community“, but they have no voting power. Mueller rightly highlights the discrepancy between this quite secretive and indeed undemocratic governance of ICANN and the prevalent discourse of the decentralized, participatory, and democratic nature of the Internet.

Even more problematic in corporate governance term, is the fact that this corporation is not regulated; in other words, it regulates itself. Yet, from the very beginning, the regulatory function had been clearly identified and attributed to IANA (the Internet Assigned Numbers Authority). First, IANA was separate from policy and operations and contracted by the DOC, but with the creation of ICANN, IANA became integrated into the corporation, yet still contracted by the DOC. Only in 2016, after the international controversy regarding the US dominance over ICANN (see geopolitics below), the DOC relinquished its supervisory power to some vaguely defined “internet multistakeholder community”. It is therefore easily understandable that ICANN is criticized still today for its lack of transparency and accountability, among others. It is now evident that ICANN is not regulated by an independent regulatory authority, not even an American one.


Rent-seeking and profit regulation are clearly the issues Mueller is most interested in. These are also the issues where he can bring to bear his experience from the telecommunications industry, as well as his theoretical background in institutional economics. ICANN is indeed an interesting case, specifically, according to Mueller, “a new institutional regime formed around a global shared resource; its purpose is to define property rights in internet identifiers and to regulate their consumption and supply” (page 217). For him, domain names, as a global shared resource, are analogous to radio frequencies in the media sector or the spectrum in the telecommunications sector. As such, ICANN “has exclusive control of a critical input into an industry und uses the leverage it has over access to that resource to regulate it” (page 218).

There is more to domain names than being a shared global resource, as domain names (unlike radio frequencies and the spectrum) are also brands and even identities and content (as we will see in the next section). Let us restrict ourselves to the intellectual property aspects of all the domain names, not just the top-level domain names. WIPO, the World Intellectual Property Organization, which represents mainly big brands, argued that domain names are the equivalent of property rights in the physical world. This is an argument ICANN agreed to from the beginning, as this argument strengthened ICANN’s power over registrars of such domain names and, more generally, its role as a shaper of the domain-name market, specifically, by justifying the creation of artificial scarcity. From a purely technical point of view, however, the domain-name system protocol “is just a framework for coordination … the protocol merely ensures that they are unique” (page 245). In principle, any domain – top or low level – is acceptable, as long as it is unique. In other words, domain-name scarcity cannot be justified on technical grounds.

Although the argument regarding artificial scarcity is still somewhat valid, the problem is less acute today. Indeed, in the very beginning, there were only six top-level domain names, whereas this number has grown over time as a result of pressure by internet users and governments. At the time Mueller published his book, there were less than 250 top-level domain names, most of them national acronyms.  But after ICANN removed most of the restrictions in 2011, this number grew to over 1500. As of 2012, ICANN also accepted applications for non-Latin character names. This changes nothing in terms of the costs of operating a top-level domain name, as this remains regulated by ICANN itself.

Control over the Internet

… and it changes even less in terms of ICANN’s control over domain-name identities and content. ICANN and internet governance, for that matter, are basically hierarchical constructs, whereby “regulation of conduct and market structure is imposed on registries and registrars via contracts with the root administrator”; this leads to “defining and enforcing rights to names, the regulation of the domain name supply industry; and the linkage of online identity to law enforcement” (page 218). It would therefore be more appropriate to speak about “internet government”, instead of internet governance, except that the “government” is a private corporation (ICANN). In the words of Muller, ICANN is “a conservative, corporatist regime founded on artificial scarcity and regulatory control” (page 267).

The still mildest form of such regulatory control is the authorization, or not, of certain domain names for any reasons, be they grounded in intellectual property considerations (see above) or on the grounds of political correctness or outright censorship. To recall, Mueller’s criticism was levelled before the debates about domain names such as .sucks or .tibet. But even more worrisome, and not only to Mueller, is the surveillance of the registrars and their clients. Interestingly, the enforcement of property rights has paved the way for exactly that. Already as of 1991, NSI, the private operator, began to compile a WHOIS database. Originally, the information was simply needed for technical purposes (linking the domain name to an IP address and a server). Later, the information proved useful for identifying hackers and spammers, but also for brands that wanted to know when an previously used domain name would expire and who owned it. It is worth quoting here Mueller’s premonitory insight in its full extent: “’technical coordination’ of the domain name system is already being leveraged to police the content of Web sites … Ultimately, the intent seems to be to make a domain name the cyberspace equivalent of a driver’s license … but unlike the driver’s license database, this one would be publicly accessible to anyone and everyone to rummage through as they pleased” (page 236). I think that we are there now.

Geopolitics and the Politization of Internet Governance

To conclude, let me briefly highlight an aspect that that Mueller was not able to foresee back in 2002, specifically, the geo-politization of internet governance. Indeed, he had already observed that some UN agencies – ITU and WIPO – wanted to be involved in such governance and, in particular, in the corporate governance of ICANN, on the grounds that domain names were a global resource and not US property. But he did not anticipate at that time that emerging countries would politicize the matter.

The first opportunity for doing this was the UN World Summit on the Information Society (WSIS) in Tunis in 2005, calling for, among other remedies, a much more active role of the UN in internet governance, and even for a new UN body replacing ICANN. Unfortunately, under US pressure, the UN merely managed to create the so-called Internet Governance Forum (IGF) to be based in Geneva and to be tasked with channeling the world’s governments’ “advice“ to ICANN. Needless to say, the IGF has turned into yet  another paper tiger.

In 2011, seeing that the IGF led nowhere, a summit between India, Brazil and South Africa called for a “UN Committee on Internet-Related Policy” (UN-CIRP) that eventually evolved into a new UN organization. But this initiative was stalled as well. Two years later, the global internet community, including ICANN, lamented in a so-called “Montevideo Statement” the internet’s growing national fragmentation and the “undermining of the trust and confidence of Internet users globally due to recent revelations of pervasive monitoring and surveillance”, thus calling for “accelerated globalization of ICANN and IANA functions, towards an environment in which all stakeholders, including all governments, participate on an equal footing.

In 2014 the Brazilian president Dilma Rousseff convened 1500 people to the so-called „NETmundial meeting“ in São Paulo „to discuss internet governance issues in light of mass surveillance by the US government“. For a follow up, ICANN, the World Economic Forum (WEF), and the Brazilian Internet Steering Committee set up a 25-member Inaugural Coordination Council in a step towards a new ICANN governance. But the three organizers had already attributed permanent seats to themselves on that council, a move that triggered strong criticism from the internet community and subsequently led to its demise.

This is where we are today: On the one hand, we have an Internet that is increasingly fragmented and controlled by the nation states whereas, we have a highly convoluted and increasingly politicized ICANN. Many, but not all of these problems were identified by Mueller.


This edition of the Digital Governance Book Review was authored by: Matthias Finger, Emeritus Professor, C4DT

Image credit: Cover of Ruling the Root: Internet Governance and the Taming of Cyberspace by Milton L. Mueller, published by the MIT Press.