What are technical standards?
The Internet technical standards and services form the infrastructure that makes the Internet work, and include the Transmission Control Protocol/Internet Protocol (TCP/IP), the domain name system (DNS), and the secure sockets layer (SSL). Standards ensure that hardware and software developed or manufactured by developed entities can work together as seamlessly as possible. Standards therefore guide the technical community, including manufacturers, to develop interoperable hardware and software.
TCP/IP is the main Internet technical standard. It is based on three principles: packet-switching, end-to-end networking, and robustness. Internet governance related to TCP/IP has two important aspects: the introduction of new standards - an aspect that is shared by technical standards in general - and the distribution of IP numbers, which is explained in more detail in the section on IP numbers.
Setting technical standards
Technical standards are increasingly being set by private and professional institutions. The Internet Architecture Board (IAB) oversees the technical and engineering development of the Internet, while most standards are set by the Internet Engineering Task Force (IETF) as Request for Comments (RFC). Both the IAB and the IETF have their institutional home within the Internet Society (ISOC).
Other institutions include: the Institute of Electrical and Electronic Engineers (IEEE), which develops standards such as the WiFi standard (IEEE 802.11b); the WiFi Internet Governance Alliance, which is the certification body for WiFi-compatible equipment; and the Groupe Speciale Mobile Association (GSMA), which develops standards for mobile networks.
Standards that are open (open Internet standards) allow developers to set up new services without requiring permission. Examples include the World Wide Web and a range of Internet protocols. The open approach to standards development has been affirmed by a number of institutions. One such affirmation is the Open Stand initiative, endorsed by bodies including IEEE, IETF, IAB, the World Wide Web Consortium (W3C), and the Internet Society.
Technology, standards, and policy
The relevance of setting or implementing standards in such a fast developing market gives standard-setting bodies a considerable amount of influence.
Technical standards could have far-reaching economic and social consequences, promoting specific interests and altering the balance of power between competing businesses and/or national interests. Standards are essential for the Internet. Through standards and software design, Internet developers can shape how human rights are used and protected (e.g. freedom of information, privacy, and data protection).
Efforts to create formal standards bring private technical decisions made by system builders into the public realm; in this way, standards battles can bring to light unspoken assumptions and conflicts of interest. The very passion with which stakeholders contest standards decisions should alert us to the deeper meaning beneath the nuts and bolts.
Possible gaps in dealing with technical standards
Non-technical aspects - such as security, human rights, and competition policy - may not be sufficiently covered during the process of developing technical standards. For instance, most of the past developments of Internet standards aimed at improving performance or introducing new applications, whereas security was not a priority. It is now unclear whether the IETF will be able to change standards to provide proper authentication and, ultimately, reduce the misuse of the Internet (e.g. spam, cybercrime).
Given the controversy surrounding any changes to basic Internet standards, it is likely that security-related improvements in the basic Internet protocol will be gradual and slow. Yet decisive steps are starting to be implemented in this direction, with the Domain Name System Security Extensions (DNSSEC) being a good illustrative example. Following almost 12 years of research, trials, and debates within the technical community, DNSSEC first started to be deployed for some ccTLDs and from 2010 it was also implemented at the root server level. However, further challenges reside in the large-scale adoption of this new security standard down the ladder by the domain name registrars, ISPs, and website owners.
As with web standards, there appears to be a gap in the participation of stakeholders in the development of technical standards. Even though participation is open to all stakeholders groups, some submissions to the WGEC/correspondence group have noted the need for more involvement from specific stakeholder groups such as governments.