Because the weakness that endangered it is still there.

Some of the things that keep the modern world up and running (well or not, is another matter) are digital. Most of us don’t even realize that those things exist, or they don’t care, even when those things are single points of failure, in plain sight, and quite fragile.

This post is about one of those things, the serious risk it faced in 2020, and how it was saved (for now). It is a story that everybody should know, and to make this easier, I am summarizing it from here.

Protect .ORG. Do not sell .ORG

That thing that was saved in 2020 is the “.ORG” Top Level Domain. This is the naming register, managed by an organization called Public Interest Registry (PIR) that makes it easy to find the websites of non-profit/non government organizations (NGOs), by assigning them domain names like www.example.org.

In November 2020, the Internet Society (ISOC) announced that it had agreed to sell PIR to private equity firm Ethos Capital. Many people were outraged, and so should you.

Why “selling” .ORG and PIR in this way is bad

Earlier in 2020, the Electronic Frontier Foundation (EFF) had spent months protesting a 2019 “.ORG Registry Agreement”, which gave the owner of .ORG new powers to censor nonprofits' websites, AND abolished a longstanding price cap on .ORG fees.

Under that agreement, it would be possible for the controller of .ORG to autonomously disable the domain name of any organization it serve, that is make it almost unreachable online, based on accusations of “activity contrary to applicable law.”

At first sight, it may seem there could be nothing wrong with this. In practice, such a policy would make it much easier, for any government or corporation bothered by some NGO, to silence it by convincing the .ORG controllers, instead of a real, much more independent court.

As usual, follow the money

Still in 2020, it became evident that Ethos Capital was paying so much to control .ORG ($1.135 billion) that, no matter how well-meaning it was, it could hardly make any profit without some drastic changes in the management of .ORG. Ethos' obligation to produce profits would make it much harder to, as EFF put it, sell “censorship as a service”. That’s why organizations like Amnesty International, Access Now or the Sierra Club declared that “selling .ORG threatens civil society”.

During 2020, EFF and other nonprofit advocacy groups launched several initiatives to stop the .ORG sale and create protections for nonprofits. Even some members of the US Congress stepped in, demanding to know more.

Ethos Capital and PIR tried to control the damage, but failed to provide sufficient guarantees that things wouldn’t turn bad, or even just too expensive, for NGOs. Finally, in April 2020, the ICANN board rejected the transfer of ownership of .ORG.

.ORG is safe (for now) but the main problem remains

So far, that is in early February 2021, .ORG is “safe”. The general problem that its sale would have exposed, however, is as alive and serious as ever. Control of the naming schemes for all kinds of websites, not just the .org ones, bot also those ending in .com, .net like this one, or with any country code, is a “single point of failure”. Both for free speech, and for any other online activity, from e-commerce to social networking.

That is why you want to know that “.ORG was saved”. Solutions applicable to the whole Web without reinventing it are still missing, because they should be much, much more political than technical. But it is impossible to find them, if the majority of ordinary internet users doesn’t even realize what and where the problem is. To know much more about how “.ORG was saved”, and what may happen next, read what EFF says about it. I remain dubious about EFF’s “one-sided attitude about online privacy”; but it seems to me that on .ORG they did a good, necessary job, and for that I am grateful.