[Chapter-delegates] Responses to questions (was Re: Fwd: Proposed agenda for ISOC CEO and ISOC UK England Leadership Team meeting - 20 Feb 2024)

Wed Mar 6 05:45:49 PST 2024

Andrew, ISOC support for IETF and IAB was the reason for forming ISOC, not
an accident! Long after ISOC was created, the IETF chose to create its own
foundation.

Vint

On Wed, Mar 6, 2024, 08:34 Andrew Sullivan via Chapter-delegates <
chapter-delegates at elists.isoc.org> wrote:

> Dear colleagues,
>
> Please see attached the responses I sent to the UK England chapter leaders
> after our meeting in London.
>
> Best regards,
>
> A
>
> --
> Andrew Sullivan, President & CEO, Internet Society
> e:sullivan at isoc.org m:+1 416 731 1261
> Help protect the Internet for everyone:
> https://www.internetsociety.org/donate/
>
>
>
> ---------- Forwarded message ----------
> From: Andrew Sullivan <sullivan at isoc.org>
> To: "Olivier MJ Crépin-Leblond" <ocl at gih.com>
> Cc: ISOC England <contact at isoc-e.org>
> Bcc:
> Date: Fri, 1 Mar 2024 15:27:19 -0500
> Subject: Re: Proposed agenda for ISOC CEO and ISOC UK England Leadership
> Team meeting - 20 Feb 2024
> Hi,
>
> Thanks again for our meeting in London.  I've tried to reply inline
> below.  Assuming you have no additional follow up questions, I'd like to
> provide these answers to the chapter-delegates list as well (as requested).
>
> Apologies; I didn't have time to write a short email, so I wrote a long
> one instead.
>
> On Fri, Feb 09, 2024 at 03:20:15PM +0100, Olivier MJ Crépin-Leblond wrote:
>
> >Topic 1: CEO renewal
>
> As discussed before, this topic appears really to be one best addressed by
> the board, so I'm setting it aside.
>
> >Topic 2: Internet Society Foundation
> >
> >ISOC's intentions on formation of the Foundation was to establish a
> >separate Board and governance for the Foundation. It was proposed that
> >the current arrangement of ISOC trustees also all being Foundation
> >Trustees as only viable as a stop gap. The evolution of the governance
> >of the Foundation appears to have stalled since the attempted sale of
> >PIR.
> >
> >Given that the current arrangement causes a serious conflict of
> >interest between the organisations:
>
> As I said before and emphasized in our meeting, I'm not in a position to
> discuss the governance of the Foundation.  I can't even comment on the
> plans that were in place at the Foundation's start, since I didn't work for
> the Internet Society then and was not privy to the discussion.
>
> I tried to lay out the way in which it was not possible for the Foundation
> and the Internet Society to be in a real conflict, because the Foundation
> is a supporting organization of the Internet Society and therefore a kind
> of instrument that can be used to pursue the mission of the Internet
> Society itself.
>
> The Foundation includes the philanthropy staff, and they are professionals
> who are expert in grant-making and in designing and administering grant
> programs.  This is all now done though our Fluxx platform, which gives a
> consistent interface for grant application and also provides the staff and
> board with long-term data that can be used as part of the evaluation and
> potential refinement of funding programs.
>
> The Foundation may not itself be the source of all money; who administers
> the grants is not necessarily who pays for them.  In the case of chapters,
> in particular, there are some difficulties in having the Foundation send
> money because not every chapter can qualify as a 501(c)(3).  The Foundation
> is only allowed to fund 501(c)(3) organizations (and their equivalents)
> under US tax law, because it is organized to support a charity (the
> Internet Society).  The Internet Society uses mechanisms like this
> supporting organization approach in order to enable operational advantages
> under US nonprofit tax law.
>
> Some chapters have benefitted from the Beyond the Net grant program and
> developed stronger grant administration skills, and then become able to
> apply for other grant programs offered both by the Internet Society and
> Foundation, and by other funders.  I didn't have this number when we met,
> but the unaudited value of all the grants and support sent to chapters in
> 2023 was nearly $ 1.5 million.
>
> >Topic 3: ISOC's future
> >
> >It is notable that in relation to other Internet organisations
> >referred to as I* including IETF, ICANN, IAB, Regional Internet
> >Registries. ISOC alone today has no operational responsibilities for
> >Internet resources, networks, or governance communities. This has
> >frequently led to comments by operators in those communities to ask
> >"What is the point of ISOC"?
> >
> >3.1 What is the Point of ISOC today and into the next five years in
> >the CEO's view?
>
> Unlike every other so-called I* organization, the Internet Society has
> never had a direct role in operational responsbilities.  It is true that
> for many years, the Internet Society formally had the responsibilities of
> the IETF and the IAB, but this was really just an accident of the
> organizational arrangements.  With the creation of the IETF Administration
> LLC, the contractual arrangements are a little different (though it is
> worth noting that the IETF Administration LLC remains a part of the
> Internet Society, that the IAB remains an advisory committee to the
> Internet Society Board of Trustees, and that 1/3 of the board is still
> appointed by the IETF through the IAB).
>
> So, what is the point of the Internet Society?  Well, look around at the
> world.  When most of us first got access to the Internet, everyone who knew
> about it thought it was a good idea.  Now there are a lot of people who
> doubt that.  The Internet needs a voice, and the Internet Society strives
> to be it.  Internet shutdowns have increased (hence our investment in tools
> like Pulse). Attacks on the Internet are rising (hence our work in 2024 on
> a framework for regulatory actions on intermediary liability as well as
> specific attention to the UN in the run-up to WSIS+20).  We have created
> frameworks for thinking about this, which is why we created the Internet
> Impact Assessment toolkit, and why we keep investing in training and
> education for policy makers as well as the next generation of Internet
> leaders.  If you look through our activities, at least half of them (and
> I'd argue all of them) are efforts to be advocates for the Internet and its
> way of connecting us all -- a way that has turned out to be cheaper, more
> resilient, and more flexible than other traditional network designs!
>
> One particular topic of discussion we had was around the direct discussion
> of "multi-stakeholder" and its cognates.  Part of the reason you don't hear
> us beating that drum so much is because the term has become so elastic as
> to carry, in my opinion, little meaning.  When authoritarian governments
> and the largest corporations in the history of corporations can both claim
> the mantle of "multi-stakeholderism," we have an abstraction that is no
> longer fit for purpose.  We need to concentrate on what we want.  What we
> want is an Internet that is for everyone, and not some set of special
> privileged interests.  That is, all the time, our focus.
>
> >3.1.1 Is there a 5 year strategic plan in place?
>
> Yes.  We're coming to the end of one, and starting a new one over the next
> 12 months; that new one is one that I know the board undertook extensive
> consultations with the community about.  The staff are working now to put
> in place the necessary documents to share with the community about how we
> intend to implement the board's direction, and the new materials will be
> announced as soon as the board has accepted them and they're ready for
> posting.
>
> >
> >3.2 2024 Action Plan
> >
> https://www.internetsociety.org/wp-content/uploads/2023/12/2024-Action-Plan-EN.pdf
> >
> >Focussing on two topics:
> >3.2.1 countering Internet threats
> >3.2.1.1 What kind of threats are in the cross-wires of this action
> >item? Threats from UN? Globally? Individual Governments (at national
> >level)? Regionally (for example European Commission)? Private Sector
> >(for example Network Neutrality or consolidation of Internet resources
> >and monopolies)? There number of threats to the Internet are numerous.
>
> Yes, all of these things.  It's tough for such a small organization!  This
> is why you see us trying to raise more funds, so that we're in a position
> to counter as much as possible.  The people who don't like the Internet are
> nation states who can literally print money, and some of the
> best-capitalized and best-funded corporations and political organizations
> in the history of capital.  Our army of staff and volunteers is mighty, for
> sure, but still too few and too small to win in this battle.
>
> >3.2.1.2 At what "layer" are these threats mostly going to be?
>
> I am extremely sceptical of the "layer" model. It is intuitive and simple,
> but it's wrong, since every layer can be encapsulated in any other layer.
> It was a tempting simplification and it was early on useful to engage
> policymakers.  But I think we're living with a hangover from this idea,
> because the policymakers decided that there had to be a layer where they
> could insert themselves.  There isn't.  The threats happen at every layer,
> which is why we see everything from literal shutdowns (basically, the
> elimination of the physical layer), through interference with Transport
> Layer Security, all the way up to attacks on protocols in the application
> layer.  All of these can endanger the ability of the Internet to be for
> everyone.
>
> >3.2.1.3 How are these threats going to be decided? Which threat is
> >"more important"? Which threat has priority?
>
> It's hard to answer this in the abstract.  "The one that can do the most
> damage," is hardly a satisfying answer, but it is mostly the one I think is
> right.  We usually have to take these things case by case.  Part of our
> advantage is that the same bad ideas come up over and over again, so we are
> often able to re-use tactics that worked in one place and take them to
> another.
>
> >3.2.2 defending the Internet in the UN.
> >This outward facing element of ISOC's advocacy has been missing in the
> >past and it would be good to understand what this will comprise,
> >particularly w/r/t IG.
> >Could you please elaborate on what processes will be followed? IGF?
> >WSIS? UNGA (with the UN Digital Cooperation Forum)? ECOSOC? UNESCO?
>
> These are all places we've been engaged with for the entire time I've been
> CEO, but given the number of things going on at the UN these days we've
> tried to highlight it in the 2024 agenda.  One thing that people don't
> always realize is that not everything the staff do is something we do in
> the wide open.  There are plenty of cases where the best strategy is to
> advocate quietly behind the scenes, and not make a fuss.  It feels good
> sometimes to be lobbing insults or worse from outside, but if one can be
> polite and get into the room sometimes one gets a better outcome.  I do
> think staff don't get enough public credit for this part of their work, but
> there's effectively no way to make a public deal about this without
> disclosing the very thing we were successful in not disclosing before!
>
> >3.2.3 Is ISOC planning to reinvigorate the I* and working with the
> >Internet technical community as a whole to mitigate these challenges?
>
> As I said in our meeting, I don't understand the idea that we have some
> sort of problem there.  We have very good, regular contact among our staff
> and the staff of all of these other organizations.  What is true is that we
> have had way fewer "I* CEO" meetings.  That's because there isn't some
> simple, clear, joint challenge that we are all facing at the moment that
> needs a CEO-level discussion.  The last one of those was the IANA
> transition.  Many of the challenges that we (the Internet Society) see for
> the Internet, for instance, may not have any implications for (say) an RIR
> or ICANN.  Domain names and IP addresses are likely to be needed for a long
> time even if the Internet ends up fragmented in various policy-driven ways
> across geographies, or gets completely controlled by a tiny oligarchy of
> interests.
>
> >3.3 ISOC Financials
> >
> https://www.internetsociety.org/about-internet-society/organization-reports/#financial-reports
> >2022 Financial Statements show the Internet Society making a loss for
> >that year.
>
> Yes, due overwhelmingly to financial losses in the markets.  Our (as yet
> unaudited) 2023 statements will show essentially all of it returning.  You
> may recall that 2022 was devastating in most public markets.
>
> >3.3.1 Is there oversight and reporting that is specific to keeping
> >track of the proportion of .org revenues being spent on internal
> >administration and staff compared to funding community works?
> >The annual financial statements do not show this.
>
> [we did not have time to discuss this matter in the meeting]
>
> No, because .org revenues do not get sent only to the Internet Society.
> We do track over all revenue and "Internet Society generated" revenue in
> order to give a good picture of just how dominant one part of our income
> is.  We are working hard to diversify our revenue streams.
>
> >3.3.2 With other I* organisations providing detailed information about
> >the management of their projects as well as per department
> >cross-referencing, is ISOC prepared to rise up to the levels of
> >transparency that are now expected in public benefit entities and to
> >produce an annual financial report that provides more information than
> >its minimal published financial statement?
>
> [we did not have time to discuss this matter in the meeting]
>
> It isn't clear to me exactly what is being requested here, but unless I'm
> very much mistaken I think you're asking for a board policy change about
> what is to be disclosed.  Ultimately, such a policy change would have to be
> adopted by the board, so I suggest you need to take that question up with
> them.
>
> I will note that our reporting is getting better in part because we have
> more infrastructure to do it.  I expect that will get still better over
> time.  But we do still have some deficiencies in our reporting
> infrastructure.  I would rather invest in making that infrastructure better
> than pay someone to produce such reports by hand, given our resource
> limitations.
>
> >3.3.3 Is ISOC ready to publish its financials on multi-year projects
> >including its forecasts going forward? Scrutiny of Form 990 appears to
> >show random continuity year on year and there is no way to find out
> >what is happening?
>
> I think this is also a question that needs to be directed to the board (or
> maybe more exactly, the finance committee; but the board is the right place
> to start).
>
> >3.4 MANRS
> >ISOC made a total divestment of its MANRS project to a US
> >not-for-profit, The Global Cyber Alliance (GCA) which has foundational
> >links to the City Police in UK and other similar agencies.
>
> "Divestment" (and cognates in what follows) is an inaccurate description
> of what has happened.  The Internet Society has not been (historically)
> terribly good at running long-term operations, but it is quite good at
> incubating efforts and making them successful.  That's what we did in this
> case, and we are providing more than $5 million over 5 years to ensure that
> MANRS continues to be successful as it turns into a long-term operation.
>
> GCA did have the City Police participating in its founding, but the City
> Police are no longer involved.
>
> >3.4.1 Why was this divestiture effected given that this was a
> >successful project which comforted the ISOC brand as being pertinent?
>
> See above.
>
> >3.4.2 Was a risk assessment done prior to moving MANRS elsewhere to an
> >organisation so close to law enforcement as to ensuring that the
> >Internet Society goals and principles in this important area remain at
> >the top of the routing security agenda?
>
> We do not believe GCA is especially close to law enforcement.
>
> >3.4.3 By what criteria was the GCA chosen as an suitable organisation
> >to run the MANRS project? Were there conditions imposed on Goals?
> […]
> >3.4.4 Are there Performance Agreements (SLAs) in place for the ongoing
> >conditional funding of the GCA?
> […]
> >3.4.4.1 If yes, are there clauses to cancel the GCA Secretarial and
> >Operational duties, should it fail in its SLAs?
>
> It is a participant in this work, and it is designed to do the kind of
> long-term operational work that we are not able to do.  Of course, our
> grant to GCA, just as any grant we make, contains performance and reporting
> requirements that mean the grant will be rescinded if the performance and
> reporting do not happen.
>
> >3.5 Concept of the Internet Society holding network related patents
> >
> >In a recent conversation on the Internet History Mailing List, Karl
> >Auerbach proposed that ISOC or the IETF established an arm that could
> >accept and hold network related patents and issue licenses (for
> >reasonable low fees and non-discriminatory terms). Vint Cerf replied
> >that he liked the idea and that the concept of ISOC being compensated
> >for doing so could ease its challenge demonstrating the level of
> >public support it has (the so-called IRS Public Support Test) that
> >requires it to show that at least 1/3 of its income comes from a broad
> >range of public sources.
> >Would you consider this as a potential responsibility to evolve ISOC?
>
> This would present an enormous litigation risk to the Internet Society.
> Patent pools are a great lawsuit target for "patent trolls".  (I didn't
> mention this in our meeting, but it also isn't clear to me how this would
> be compatible with our IRS charitable purpose, so we'd have to investigate
> that if it seemed at all a plausible way forward.)
>
> >Topic 4: Operational Issues
>
> [we were unable to get to most of this topic in person, so I'm going to
> respond to the best of my ability here.]
>
> >4.1 New Chapter Membership Administration System
> >
> >After more than one month in existence it is clear that the new
> >Chapter Membership Administration System is failing to achieve the
> >functions it was meant to achieve:
> >a. emailing members
> >b. hosting fora for community discussions like the Chapter Advisory
> >Council discussions and other fora
>
> There clearly have been some ways in which the system has not been ideal,
> but I think we have seen some responses on the chapter-delegates mailing
> list of how things can be working.  Please do continue to open tickets in
> the dedicated implementation queue, "AMSHelp at isoc.org".  Thanks.
>
> It is important, also, that chapters use the functionality that exists.
> Each chapter can appoint up to two communication officers who manage the
> one-way communication via email.  This assignment isn't automated, so it's
> something you have to do.
>
> The fora you're thinking of have been converted into Chatter groups.  You
> can post via email, and it is also possible to received each message as it
> is posted rather like a traditional email listserv.  There are still some
> ways this functionality does not work quite the way people used to mailing
> lists expect, I will note.  But we also have heard many complaints over
> time about our reliance on mailing lists: for lots of people, email is a
> legacy system they don't like to use.
>
> >To-date the failure of the emailing system is such that even ISOC
> >Staff have been unable to use it for any campaign whatsoever.
>
> I don't believe this is actually correct.  The Internet Society staff have
> been communicating with the community since the launch in December through
> this platform.
>
> I understand that there may have been some deficiencies in how SPF or DKIM
> or both were configured.
>
> >The discussion fora are completely empty.
>
> I also don't believe this is correct, though it is possible that the ones
> you attend to are in fact empty.  There is definitely a difference in the
> functionality of the Chatter groups and the old fora.  We are attempting to
> refine that experience.
>
> > The porting of old
> >discussions has lost all formatting, attached documents etc.
>
> It is definitely the case that some old formatting was lost: the Connect
> platform allowed HTML-tagged formatting and the new one doesn't.  In
> consultation with the chapters who participated in the focus groups around
> this transition, we decided to accept this limitation.  Also, it was only
> the former Connect data that was migrated to the new system: anything that
> was outside that necessarily stayed out.  I am unaware of any content that
> was lost, and this was one of the major focal points of post-migration
> testing, so if you can point to a specific case of data loss it would be
> very important to hear about it urgently, please.
>
> > Functions
> >like the emailing of the fora discussions are non existent.
>
> I think this is overstating the case, but there have been problems with
> the ways email interacts with all of this.  One issue is that the default
> was to send batches rather than each message.  We are diligently working to
> find new problematic cases.
>
> >The system appears to require lots of pre-established templates none
> >of which are available.
>
> You do need to template messages in advance.  There are different
> templates, but it's wise for each chapter to maintain their control over
> the templates they use.  If there is a gap that you need help with
> urgently, please open a ticket with AMSHelp at isoc.org.  Thanks.
>
> >The list of problems is too long to list here but the result is a loss
> >of community history as well as a complete hindrance on membership
> >management at Chapter level. ISOC is without a communications tool - a
> >tool that should have been at the centre of its operations and that
> >has failed to deliver.
> >
> >4.1.1 What is ISOC planning to do to fix this serious problem?
>
> We are doing monthly releases to refine and improve the platform.
>
> >4.1.2 How long will it take to fix?
>
> This depends on what we mean by "fix".  There are some issues that require
> more work than others, but I believe there are some fixes that have been
> publicly requested that are for things not actually broken in the system as
> designed, so it is hard for me to answer this fairly.  In particular, there
> have been some calls to revert to a state of affairs in respect of data
> sharing that we simply cannot do under various privacy laws today.  While I
> have sympathy with those frustrated by the loss of sometimes lower-friction
> ways of doing things, we cannot leave aside our obligtions to conform with
> privacy and anti-spam laws.
>
> There is a “Community Portal Updates” Chatter group.  All interested
> chapter leaders are invited to join that group. This will help everyone
> understand what the monthly releases include.
>
> >4.1.3 If the system is "born dead" would ISOC consider finding an
> >alternative system and dropping the current system on the basis that
> >it is a failure and immediately proposing an alternative?
>
> The system is not "born dead", as the success of some users has shown.
> This system went through an exhaustive selection process involving, among
> others, chapter leaders who could comment on the functionality.  This is a
> large change, however, which is always difficult.
>
> >4.2 Relationship between Chapters and HQ in matters of national importance
> >
> >4.2.1 Does ISOC have a rulebook regarding engagement relating to
> >Internet policy and advocacy in countries where there is a local
> >Chapter?
>
> We try always to engage in development of our positions in consultation
> with those locally on the ground in any country we attend to.  That does
> not always mean direct engagement by the person who is visiting: it often
> means that people come well-briefed with the Internet Society position. Of
> course, it has happened on some occasions that the Internet Society and a
> chapter in a country do not agree about something, though it is pretty rare.
>
> >4.2.2 How does ISOC align itself with the positions taken by a local
> >chapter in a specific territory when ISOC in intervening directly in
> >that territory? For example, your visit in the UK is triggered by your
> >participation at a conference. How will you align your narrative with
> >the Chapter's narrative?
>
> First, there is no actual requirement that a chapter must agree with the
> wider Internet Society (it has happened, as noted above).  But in general
> we try always to make sure we are well aligned.  I came to the UK, for
> instance, well-briefed ahout the topics I was likely to interact with
> people about.  It is not, of course, possible for any one person to meet
> with everyone in every chapter.  But in general we try to ensure the whole
> Internet Society, including the chapters, are largely aligned on these
> matters.  That might mean that there are tiny differences in the ways we
> talk about certain things, of course.  But the richness of a choir comes
> from the many voices coming together to sing the same musical piece.
>
> Best regards,
>
> Andrew
>
> --
> Andrew Sullivan, President & CEO, Internet Society
> e:sullivan at isoc.org m:+1 416 731 1261
> Help protect the Internet for everyone:
> https://www.internetsociety.org/donate/
> _______________________________________________
> As an Internet Society Chapter Officer you are automatically subscribed
> to this list, which is regularly synchronized with the Internet Society
> Chapter Portal (AMS):
> https://admin.internetsociety.org/622619/User/Login
> View the Internet Society Code of Conduct:
> https://www.internetsociety.org/become-a-member/code-of-conduct/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20240306/ac68c917/attachment.htm>