one week. you can go to millicenter.org and see all of you on camera. c-span has covered this conference last night and today. i was suggest you check your local listings and we will produce a printed report and due course. thanks again. we stand adjourned. [applause] ..

>> host: this week on "the communicators" were pleased to have the president and ceo of icann, rod beckstrom. mr. beckstrom, thank you for being with us. art by explaining what icann is that he would hear it >> guest: icann is the corporation for assigned names and numbers -underscore things we do that are related here diu said the global policies for all 200 million internet domain names while names in the world have to be unique. we enforce that integrity to our partners around the world. we keep the master listing of all internet addresses where we have the allocation policies to distribute those internationally. the names and addresses and a system that links names and addresses of the internet works when you type in say c-span.org or you type in google.com. so you actually get to the right

internet out stress. that's called the domain system. we hope to communicate that with all partners around the world. and finally, where the master repository for all the internet standards. they're called parameters and protocols they keep the internet together. there's over a thousand standards. those are developed by engineers around the world to the internet engineering task force for where the official publisher of that. so if names, network addresses, domain name system on in the standards and protocols. some of the good hope keeps the web in the internet together. >> host: how win-win did icann start? >> guest: is founded in 1998 by the u.s. government at the request of international countries and other partners to spend these name and address at dvds out of the government into a private site your multi-stakeholder body. so we're a nonprofit organization based in california, but our board of directors is very international. sixteen out of the 22 r. from around the world.

so we're very international although we are headquartered in the united states. >> host: how is it funded? as go where funded by fees on the registration of domain names. so, when a registry such as a.com or.org or.net or .edu registers a name come and typically that registry pays around 20 cents per name per year and then we also got a small fee per name from the registrar, an entity like go daddy at consumers think about a register.com. when you go register that domain name about another 18 cents or so goes to icann. so that's how we get our funding is not the registration of domain names primarily. or some other minor sources. >> host: said no government funding at this point? >> guest: zero government funding. >> host: is their government oversight? a >> guest: well, there was some in a form until october 1 from the u.s. government where we published reviews to the u.s. government on a periodic resave

and that was done to make sure that we lived up to a standard of becoming this multi-stakeholder group because we were performed only 11 years ago, peter, there was only one real commercial registry van and one registrar. we were supposed to create the ecosystem of competitive parties reactors now 11 different domain registries, 269 in total and over 900 registrars. so we had to prove we could create that ecosystem. since we do not come a u.s. government said fine, you can't push that. now you should be responsible to the world to be accountable and transparent in how you helped to administer your part of the ecosystem. >> host: joining us also in the questioning of rod beckstrom is crisp roads from "the wall street journal." he's in new york. mr. rhoads, your first question for rod beckstrom. >> guest: i know that icann is going to this internationalized main name program where be the

part of the domain name to the right of the dot for the first time will be an non-roman characters such as hindi and chinese and so forth. why is icann doing that now? >> guest: the reason we're doing that, chris, is there's been a consistent -- you know, when the internet got designed there was a big debate or discussion about whether it should support international script or just latin-based scripts which we think of as english characters, but they're actually latin based. they're used by most of the latin european mind would give others. at the time, the engineers and this is about two decades ago decided to make it last and only because there was not a standard for the other languages and scripts. so the internet protocol itself that was developed in 73 and other things got crede ran latin script. of coarse, people from around the world that we want everything in our own language. we should be able to write our domain names in arabic or chinese. so, about 11 years ago a researcher in switzerland can up

with the idea saying let's go introduce domain and which is on top of that latin-based architecture. that got picked up in singapore, china, 11 years of technical work later, there is a standard emerging called idna or international domain name for applications, which the ietf has developed engineers. in nine years of policy work later were finally ready to roll it out. there's been about two years of technical testing accompanies international domain names in the internet and what we call the root is dumb for testing. that is gone successfully so it's taken although sears chris. finally we are ready to begin rolling that out. so will start accepting applications november 16 in just a few days here and then hope to put those into the internet routes mid next year. >> we here in the u.s. where the internet was created have had a big advantage of coarse ib

english speakers and other english speakers around the world with that same advantage in terms of using the internet. and now with going to give non-roman carrot errors, is something lost? obviously something is gained in those countries, but a something lost in the sense of the universality of the internet, where we might now start to get a more segmented internet store to focus more in individual countries, rather than the more global foreign? >> guest: both yes and no, chris. yes in ways we're probably going to see larger pockets of content in communities developing and languages that you and i might not recognize. so from our standpoint as westerners it might seem fragmented and yet on the other point, in choosing to the 300 million chinese users can use domain names in their language can hold the internet's

unity together. there's been some discussions of art is developing alternative routes to the internet or what we call forking the root. one of the primary cause is people have cited for the interested match was was their inability to use their own native language and scripts in the internet. so, they'll be both a proliferation of different communities that you and i may not recognize with our language skills and characters that. at the same time, it will help the overall unity technically of the internet to continue. it'll be interesting to see. >> yeah, do you think that on that point, do you think it will by going with these internationalized domain names that will really have a real practical effect in terms of how people use the internet? or is it, excuse me, or is it more of a cosmetic change for sort of a symbolic change where your same to the rest of the world, we see you, we recognize that most of the users now are outside of the u.s., outside of

english-speaking countries so we're making this step for you recognizing that? but in terms of the practical effect, creating more internet users and so forth. do you really think there will be much big difference? >> guest: you know, we'll see. i figure we'll be a little bit about. let's talk about the symbolism. i mean, this is really important to people. i think it national pride cultural pride that people want to be able to use as global shared resource, the internet, fully in there'll make widgets. let's talk about the practical side as well. on the practical file untracked sidecome if you're a housewife in korea or businessmen in china who only speaks korean or chinese, your keyboard is laid out for korean or chinese. when you do your word processing, you would write in korean or chinese on your keyboard and then to go to a domain name you would have to flip your keyboard mode and work in a second language. that's quite an inconvenience for people and it makes it

nonintuitive and just a little bit of a barrier. the other thing that we've learned some of the testing, chris, is that the biggest uptake of the international domain names as small local businesses. so it's not the big global brands, you know, that's everyone knows and latin characters. if the local restaurant or the park or the police station that has a local identity that people think of in chinese characters, for example, that they would never think of a police station or local restaurant and a latin character. so, we'll see. chris, i would expect to see more proliferation there initially and the smaller businesses and groups around the world. but ultimately will see whether this is just a psychic issue, you know, in a pride issue or whether it really opens up the floodgates for a lot of the domain names and content and sites. >> host: mr. beckstrom, is there a security issue or concern involved with opening this up? >> guest: there are, peter. and anytime you do anything on the internet we tend to use open

standards and open internet. most people are good so they'll use the new open standards and the new capabilities. some people are bad. some people are very bad and they'll try to take any new technology, and a new standard and find a way to use that to steal money or extort money or cyber crimes are a really serious problem. and concerns around some of the security issues on international domain names as part of why it's taken nine years to develop the policies. a symbolic sample would he, in a script like cyrillic which the russians use, there are some letters, they have a letter that looks like our letter at, but it's a different letter. if you allow someone to make english script with russian script in a name, they can put the letter a in something and make it look like ebay, for example, when it really wasn't. it was a different site with an e., p., fresh and modern something else. so in international domain names the string has to be consistently international

characters to avoid what we call spoofing. spoofing is when someone tries to make a website look like someone else's website to get their password or steal their money. so, a lot of the policy development in idm, international domain names has been the design to reduce some of the security risk and fraud. so will there be security issues? always with new technology. but the policy work has been created in cooperation with law enforcement participation in many other parties to try to at least minimize those effects. >> host: where does icann authority derived from? >> guest: our authority derives from the community and from the fact that we have registrars active in our community, isps, registries, governments. we have 99 governments and our government advisory committee. we have private-sector groups, civil society, privacy groups, you know, environment.

i mean, everybody. there's probably somewhere between ten and 20,000, and participate in these policy processes and meetings each year. >> host: but are there governments that don't recognize icann authority? >> guest: in general, i would say they accept icann role because icann is facilitating the internet functioning from a name for an adversary standpoint. there are some governments who might like to see that formal government controlled by some sort of other governmental body. but i say in general the buy-in is quite good. we were very pleased when china just aim and formally rejoined our government advisory committee, just in june of this year. this was a big development. one of the other few major countries that's not yet formally at the table as russia and that's because of some very subtle legal issues and perhaps that's something that will change. >> host: does that prevent them from using the internet?

>> guest: the russians is a very actively. they're active in processes and there seems to be an expression of interest in international domain names. in fact, resident vignette as just got a briefing two years days ago that's on a live television broadcast of him being briefed by the minister of telecommunications on international domain names and how they intend to work on the cyrillic alphabet, which of course meant a lot to them. so, in general we see very good governments buy into what we're doing. but sometimes governments are used to private corporations and the nonprofit and in many ways having an equal seat at the table in policy formation. >> host: this is "the communicators" program. our guest is rob ekstrom was president of the internet corporation for assigned names and numbers, also known as icann. joining us from new york is chris rose of "the wall street journal." mr. rose, next question. >> on the point that peter raised a minute ago about the security side of this broad, of

course this is a area you know well outside of cyber security for the human defense. how big of an issue is this going to be for icann and will that be part of icann's role to play a bigger role, bigger part in the cyber security area? >> guest: is a great question. what role we play in cyber security? we have certain touch points. there are certain things we can do in cyber security and certain things we absolutely cannot do. we're fundamentally a bottom up community driven organization and so we have to be sensitive to the role that isps want us to be engaged in, governments around the world and all the stakeholders. the piece that we are charged with focusing on is the security of the domain name system. the system that when we type in c-span.org, for example, into a browser it invokes the domain name system that comes back with

a network address. that system has used hundreds of billions of times per day. it can be used by hackers. in particular, and these new what are called.net attacks. they can command them to do bad things. those botnet systems tend to leverage the domain name system. i have to move their control point, otherwise you can shut them down if you know what the control point is and you can shut down a web address or that domain address in that network address. so, we have a special focus on the domain name system. the other thing about icann that you make is we have to be like switzerland. so they're cyber defense and cyber offense. we have nothing to do with offense anywhere. we can focus only on defense and we have to remain as neutral to switzerland because we have 240 countries around the world do we deal with and territories. everything from u.s. to other european partners to syria,

iran, north korea, everyone has some presence on the internet and their relationship for their country code domains is with icann. so we effectively work with everyone in the world. we have to stay very neutral and we have to focus on supporting security of the domain name system through and with our partners. so it's a tricky game we have to play stand in the middle. >> host: chris rhoades. >> the computer viruses and other types of computer attacks of course are nothing new. they've existed since the beginning of the internet. but it seems like they are getting more sophisticated by the minute and just the power of these things, growing exponentially. what's your current assessment of the state of where things are right now in terms of the level of this cyber at dvd, illegal activity, or tax, and the

ability of the good guys to fight against that? obviously, it's an up-and-down situation, but what's your sense of the current situation and how serious is this for -- before using the internet as we know it? >> guest: sure, well, it's a very serious issue, chris, as you point out. i would say in the short-term things have been any worse. the trendline in the last 24 months have been many more viruses, more sophisticated botnet. there's one out there that is really bad called conficker that the world has been fighting for a year. conficker is on at least three or 5 million machines and it's a very vicious botnet. it hasn't been used for bad yet, do could be. icann is helping getting other hundred countries to join the battle against conficker. i think in the short-term,

chris, i think the bad guys are getting a bit of the upper hand. they're not working very well internationally. so you're seeing european cyber criminals linking with latin america or the middle east and asia. very cystic and techniques. a lot of financial crimes taking place and others. and this is really a world-class problem and it's one i think can only be solved by better international cooperation or two in the parties. but as consumers, we've got to be very careful in our machines. i think we should all think, you know, twice before doing all of our banking online, for example. you want to be very careful in how you approach. i do my online banking with a separate machine that is only plugged in for maybe two minutes a week to execute those transactions and otherwise there's no financial records on any of my other computers. by the dedicated laptop for only that. >> host: do you advise that for everyone? >> guest: though good thing about networks and pcs getting cheap i think it's not a bad

practice. but am trying to do is limit access people might have to my financial director. now an alternative is to stop using online banking completely. i'm not advocating that but there are programs now called keystroke loggers that can get loaded onto your machine by looking at one image or one video and then someone has the ability to track every keystroke you are doing, including your passwords. and so, they can look at turkey strokes and go to your bank website and then use that to take your funds. >> host: millions of people online bank on their normal computers. or on a remote computer, work in pewter, whatever it is. >> guest: gas. >> host: has the danger increased her what's been done to stop that? >> guest: maybe my paranoia increased. when you work on this kind of problems you really get a sense of the scale by committee and how pernicious it can be. so maybe i'm in a school of

overly paranoid people. having that experience or even more aware. i think people should be, you know, quite cautious. other banks and credit card companies have been very good in general to cover most of the customer losses that have come from this. it even like i learned on one of my credit cards last months is nothing i did as told your credit card has been compromised among no explanation of how and where and why, that's probably my guess is someone broke into a computer system somewhere and might've gotten a copy of the credit card data, whether from a credit card company or one of their vendors or someone else. so, look him in there's a lot of good work going on in industry and those parties around the world. but cyber crime is a very real thing and i just encourage people to use caution. by the way, there's a good online program on how to do some training online called "anti-phishing phil." it's a game online that teaches

you to avoid certain web links in certain names that might come up, just as an fyi. >> host: or his rhoades, next question for rod beckstrom. >> one thing that's coming down the pipeline for icann is this opening up for domain name process of meaning making it a lot easier to create new top-level domain names, the part of the domain name to the right of the.that just.com or.net. and if i understand correctly, we are going to soon have the ability to create a whole host of possibilities,.airport.coke.ibm . com or, whatever. as it relates to the security issue were just talking about, some i know are worried that having this increase of domain names that make it a lot easier for the bad guys out there to

trick people and do their bad things. what do you think about that? >> guest: limit doctors on the factors and then i'll give you my sword of god sent on it. my gut overall having top-level domains will be two more security, but let me explain why and then also say why that's uncertain. one is that new parties that create what we call a generic lady.airport or whatever will have to sign a formal contract with icann a previous domains did not have to. you're going to have to use what's called dns secure or dnssec that uses certificates so you'll know you're getting the website you want. that's a higher security.gtld will have to do. the program is still under development. they will have to be able to do ipv6 which is internet protocol version six, which has some

further attributes that can be useful to security. and moreover, they have a contract with us where they're going to have to avoid certain practices that they might have been able to do another domains in the past. for example, the country code domains around the world with many of the country groups. we have no contracts. we have a working relationship, but for sovereignty issue, many communities and countries have said were not produced on a contract with icann. so over this country code domains with which there's roughly 240 we do not have contracts in many cases. so we can't dictate or develop security standards. it totally optional. so there's that set of issues. there's another issue chris if we look at typosquatting. so if you misspell a common name trying to go to you mentioned coke.com or ibm.com. what do you misspell those words.com. in some cases you will go to a site that's held by hostile parties trying to generate transactions off of that. that's called typosquatting.

typosquatting won't be possible in a top-level domain unless your browser is not working properly. when a falsified request goes to the domain name system it will be good. we're not going to approve any applications of typosquatting parties. in fact, to approve a new gtld were going to do background checks on the individual, officers of the company. were going to look at the history of litigation of the companies, how many disputes they got over domain names. do we get to do a lot of quality control around these new offerings that we have not been able to do historically. so my gut sense is that consumers will not be that confused. in fact, by going directly to the name with a habit that akeley feedback got a domain. they wouldn't go to c-span.org anymore they would just go to c-span. so teeter at the end. so arguably there could be a high level of security. my gut sense is they will be

because of the quality control mechanisms. all these issues are complex, there multivariate. you know, these, criminals who try to figure out any system to create harm and so we're going to have to keep an eye on it and possibly evolve the practices and policies as well. >> host: mr. beckstrom, how did you get into this work? >> guest: i was a high-tech ceo historically and started a company, took a public and sold it when i was fairly done. and i did different social service projects mostly. i was in new york on 9/11 and my life changed that day. and i stopped on my business work and for three and a half years i worked on building a network of ceos to work on peace across the middle east at around the world. that work led to insights about how decentralized human and technical networks work here we were studying al qaeda into building our new decentralized network that led to a book

called "the starfish and the spider." i got required by the government for counter terrorism and cyber security, did my job in the u.s. government for a while, mistakenly went home and icann was looking for a new ceo and their search gave me a call and said we've got the perfect job for you and all you have to do is move to la instead of commuting to d.c. and i said i'm not moving to la, so fortunately we cannot with an understanding and they allowed me to work out of palo alto. and of course, palo alto is the second site in the world ever connected by the internet. a bit appropriate. >> host: the first being? >> guest: the first was la at ucla campus. the first connection of these are the next four october 69. >> host: chris rhoades come a time for one more question.

>> icann is obviously a unique beast and you've been there now for i guess for four or five months or so. what has been your biggest surprise either positive or negative since you've been there? >> guest: the biggest surprise, chris, is just the massive volume of communications, activity. the stakeholder groups are generating roughly we have a board meeting every month. there's 350 pages of new material every month, policy work on subtle issues around the world, whether it's gtld. massive amount of documents, thousands of people involved in economic states are so massive and we're this tiny little nonprofit organization in the middle. i mean come where only $60 million figure nonprofit with this gargantuan multi-trillion dollar industry and billion-dollar players all fighting over kind of the economic outcomes of these policies. so i guess was really surprised me, chris, is the power of these

technomic forces in us having a little role in the middle of names and numbers protocols and dns and how that's all coming together. i'm thrilled to be here. it's a really fascinating. >> host: i don't mean to keep driving this point, but again, how do you get this authority? what makes you keep that authority and do you foresee that in organizations such as icann going out of business because of all these forces? >> guest: no actually, the forces are coming to the table and getting more engaged. so even like gtld has a lot of business concerns about the upside and downside am i bringing more business into the icann community, getting much more involved. no one ultimately has authority over the internet. it is the ultimate collaboration environment. if we're not doing our job at the end of the day or the chinese are upset or another party is upset, they can always create their own internet root, okay. the network tends to bring people back in, the benefits of being connected to the rest of the world