The Internet Corporation for Assigned Names and Numbers (ICANN) is a non-profit corporation organised under Californian law in 1998, originally operating under a Memorandum of Understanding with the US Department of Commerce. ICANN helps coordinate the Internet Assigned Numbers Authority (IANA) functions, which are key technical services critical to the continued operations of the Internet’s underlying address book, the Domain Name System (DNS). In other words, ICANN coordinates the Internet’s systems of unique identifiers by facilitating the process of associating website addresses with unique IP numbers. ICANN has been at the centre of many international discussions regarding Internet governance, as it is seen as one of the very few bodies that ‘controls’ a certain structure of the internet, which, by its nature, does not have a central coordination point.
Before ICANN was created, the IANA and other entities performed the aforementioned services under a United States (US) Government contract. In 1998, the IANA function was taken over by ICANN, but links with the US – viewed as the birthplace of the Internet – remained.
ICANN itself boasts a bottom-up, consensus-driven, multi-stakeholder governance model that includes all relevant actors, from states and intergovernmental organisations to civil society and the private sector. Nevertheless, ICANN’s complex structure and its relations with the US government have been criticised since its formation: on the one hand, there are governments such as Russia, China, or Brazil that have supported the prospect of an international/intergovernmental organisation (e.g., the ITU) taking over ICANN’s current mandate, and on the other, there are mostly Western governments which have advocated for more governmental influence within the current ICANN structure.
On 1 October 2016, the stewardship of Internet Assigned Numbers Authority (IANA) passed permanently to ICANN as the contract between ICANN and the US Government officially expired.
In 2018, the ICANN ran into a problem with regard to operating the Whois service, which provides the information about the owner of a domain name, an IP address, or an autonomous system number on the Internet. The European Data Protection Board (EDPB), which ensures the consistent application of the General Data Protection Regulation (GDPR), found ICANN’s proposal over the Whois service incompatible with the GDPR on 5 July 2018. If the Whois service becomes unavailable, this might have an adverse effect for cybersecurity; on the other hand, the amount of information provided by the Whois service to the general public was clearly superfluous.