Photo:VCG

 
Editor's Note: "Who has stolen Africa's internet protocol (IP) addresses? Some people point fingers at China." The Associated Press (AP) and some other Western media recently reported a dispute over IP addresses in Africa in a biased way and labelled China as a "digital colonialist," despite the fact that no official Chinese agency was involved in the dispute. Such rhetoric has become a cliché and is not worth refuting. However, barring current international political situation, it is indeed a significant internet governance issue that cannot be ignored from a technological perspective. UN's 16th Internet Governance Forum wrapped up on December 10, it thus raised a question:  Who has the right to confiscate end-users' IP addresses? 
 

Two IP seizure incidents

This year has witnessed two IP seizure incidents. In the first case, a dispute over IP addresses took place between AFRINIC, a Mauritius-registered private company that is one of the five Regional Internet Registries (RIR) responsible for IP address allocation among its registered members, and Cloud Innovation, a company that became an AFRINIC member in 2013. Over the next four years, Cloud Innovation applied for a total of 6.2 million IP addresses, which were then leased to their clients through its Hong Kong-based affiliated company, LARUS Limited. In 2020, AFRINIC noticed some "irregularities” that Cloud Innovation had used their IP addresses beyond the service area of AFRINIC, some were even used in Asia-Pacific and North America areas. AFRINIC thus requested Cloud Innovation to correct these "irregularities." 

In response, Cloud Innovation said that no rules in AFRINIC's bylaws, membership policies, as well as the Registration Service Agreement signed with AFRINIC stipulate the use scope of the IP addresses allocated by AFRINIC, thus AFRINIC is skewing its mandate and policy to make baseless accusations. 
 
Verbal battles soon escalated into a series of lawsuits between AFRINIC and its members. At one point this year, Cloud Innovation's membership was revoked by AFRINIC, and its IP addresses confiscated, whereas AFRINIC got its bank account frozen for several months by Injunction imposed by Cloud Innovation. Consequently, the entire internet registry system in Africa was on the brink of collapse as a result of this dispute. For now, Cloud Innovation's membership is restored, and AFRINIC's bank account resumed operations. To date, the lawsuit between the two parties is still ongoing.  Hundreds of enterprises in Asia Pacific and North America who are subscribers of Cloud Innovation's IP addresses were left with their subnets' fate in limbo.

The lawsuit between AFRINIC and Cloud Innovation is just a dispute between companies, whereas the US' confiscation of Iranian IP addresses this year reminded us of its hegemony on the internet. On June 22, the US Department of Justice "confiscated" about 30 foreign websites, including Press TV, a well-known Iranian News website, and several other Iranian news websites. As of press time, when readers browse the home page of these websites, they can still find a notice written as follows, "the US government has seized these websites according to US law." The seals of the FBI and the Bureau of Industry and Security of the US Department of Commerce follow the notice.
 
The US claimed that such acts were based on US laws. According to US laws, the forfeiture of assets related to "technology or materials for the production, export, sale, or distribution of restricted substances linked to trafficking in nuclear, chemical, biological, or radiological weapons" is legally allowed. According to the US Department of Justice, these websites are owned by the Islamic Republic of Iran Broadcasting and controlled by Iran's Islamic Revolutionary Guard Corps. Both organizations are on the US sanction list. Hence it is illegal for any US citizens, US firms or firms that own US subsidiaries to do business with them.
 

How the US ‘blocks’ IP addresses or domain names?

Domain names and IP addresses are the two core internet resources needed for internet operations. 

An IP address is a set of numbers used to identify the "address" of a computer on the internet. Computers rely on IP addresses to communicate with each other. The current version of IP addresses that is commonly used is IPv4, which consists of four octets in decimal numbers and is separated by periods.

Since IP addresses are a set of numeric identifiers that are hard to remember and write, another group of identifiers based on semantics was developed – domain names system (DNS). Each domain name corresponds to a specific IP address. For example, the domain name of the Iranian news website confiscated by the US is presstv.com.

Although it's well-known that it is the US who has the ultimate control over domain names and IP address allocation, how does it "confiscate" domain names from other countries, technically speaking?

According to Wang Wei, a researcher from the Computer Network Information Center of the Chinese Academy of Sciences, websites are accessed through their domain names, and domain names are linked to a particular set of IP addresses. This entire process is conducted through a system called DNS. The Iran-related news websites which were shut down by the US government consist of four domain suffixes: .com, .net, .tv, and .org – and they are managed by two US companies, Verisign and PIR. 

So how did the US “confiscate” these domain names? Taking presstv.com as an example, Verisign, the company which manages ‘’.com’’ domain names, changed the address of DNS on June 22. This is like twisting a signpost that previously pointed east to the west. By doing so, even if you enter a domain name, you will not be directed to the original IP address (208.93.18.215) but rather to another server controlled by the US government. 
 
Apart from this, Verisign also changed the domain name's corresponding IP address to Amazon’s server room in the US.

Researchers at the Computer Network Information Centre of Chinese Academy of Sciences (CNNIC) found that Verisign and PIR changed the NS data (NS refers to a record in DNS database which is used to record the relationship between domain names and IP addresses) of the domain names without the consent of its users just because of a single order from the US Department of Justice. This is how the Iranian websites disappeared from the internet.
 
Is there any risk for Chinese nationals' domain names or IP addresses being confiscated? The answer is YES. There is a risk for domain names registered as ".com" and ".net" because international companies manage them. However, if the domain name is registered as ".cn," which is managed by the CNNIC, it will be difficult, if not impossible, for the US to "confiscate" it, at least there is no precedence. However, the "IP confiscation" case involving AFRINIC has set a dangerous precedence, which directly jeopardizes the stability and interoperability of the internet as we know it.
 
Any country with an ambition, it is unacceptable to leave its fate to another’s mercy. As a matter of fact, some countries already have drafted contingency plans. Russia has been working on creating a "sovereign internet" that has complete autonomy and control of its own data and reducing the country's excessive dependence on foreign network services.
 

Global internet governance faces challenges
 
These two incidences, the US’ confiscation of Iranian website domains and the freezing of AFRINIC’s IP addresses, have exposed the importance of basic internet resources, as well as the weaknesses of the current internet governance mechanism.
 
"One of the most fundamental problems of internet basic resources has not been solved, that is, whether IP addresses, domain names are digital assets, if not, then what are they and who owns them?" said Wang. Previously, the internet community said that IP addresses belong to all its users. IP addresses are for allocation, not for sale. However, once an IP address allocation agency takes back the IP address due to policy or legal reasons, as is manifested in the AFRINIC's dispute, it is still unclear how this should be handled. Do internet users have the right to fight against it? This was not a concern when the internet was still a new concept and when internet resources were plenty. Nowadays, IPv4 addresses have become scarce, and the price of an IP address in the secondary market has skyrocketed, the intentional or unintentional competition for these resources threatens the ability to establish an internet governance model.

When internet engineers designed the IPv4 protocol 40 years ago, it had 3.7 billion assignable IPv4 addresses. At the time, it was considered more than enough. Yet two decades later, the resources are nearly used up. As the network expanded and the digital economy grew, competition followed when the internet's basic resources became scarce. The internet governance model, the so-called multi-stakeholderism, which has been applauded and widely promoted, has proved to be flawed. 
 
Lang Ping, a researcher at the Institute of World Economics and Politics of Chinese Social Sciences Academy, said that there is a tension between the governance of the internet's basic resources and national interests from the perspective of good governance. On the one hand, due to the internet's essential resources being limited, there is a lot of competition for allocating resources. On the other hand, the DNS policy is managed by ICANN, an entity recently independent from US’ overseeing, whereas the companies and individuals who engaged in the activities related to domain names have sovereign attribute.
 
Lang noted that considering the current governance model over domain names and IP addresses, when it’s put in the context of global governance with the countries competing for hegemony, we should seriously think “whether it can still fit the new era."