Self-regulation, internet domains and Indian Ocean territories

ABSTRACT

In this article we survey the digital geography of seven Indian Ocean overseas territories. We examine the country code Top-Level Domains (ccTLD) of Australia (.cc – Cocos (Keeling) Islands,.cx – Christmas Island and.hm – Heard and McDonald Islands), Britain (.io – British Indian Ocean Territory) and France (.re – Réunion,.yt – Mayotte and.tf – French Southern and Antarctic Lands). We find there exists divides between the management of digital geography between differing colonial inheritances – broadly, that islands historically tied to the Anglophone states are managed by the private sector, and those that are Francophone are managed with far more central government oversight. This difference has implications for ccTLD use, disputes and who benefits from domain sale profits. We assert these administrative differences are due to France's active and conscious involvement in the internet administration of its territories, an important difference given the importance of self-regulation in current ccTLD management.

KEYWORDS:

• Internet politics
• internet governance
• Indian Ocean
• ccTLD
• territories

Decided long before the Internet's global significance emerged, the number of TLDs [Top-Level Domains] and the meanings attached to them would have lasting consequences (Klein 2002, 199).

Introduction

In this paper, we survey the ‘digital geography’ of several overseas territories in the Indian Ocean, namely the overseas holdings of France, the United Kingdom (UK) and Australia. Decisions made early in the internet's history has meant that each of these islands was granted its own digital ‘sovereignty’ through unique domain identifiers or ‘country code Top-Level Domains’ (ccTLD). Through this survey, we find that there exists clear divides between the management of this digital geography between differing colonial inheritances – broadly, that islands historically tied to the Anglophone states are left to be regulated without the involvement of their sovereign countries, and those that are Francophone are managed with far more oversight from their sovereign government. By mapping these differences, we hope to inform future studies of the political, economic and cultural realities of Indian Ocean territories, as well as provide a basis on which to build deeper explorations of the historical use (and dispute) of the digital spaces tied to these traditionally isolated islands.

In order to do this, we first discuss the historical decisions made by engineers and administrators of the early internet that lead to the creation of this digital geography. Following this analysis, we provide a historical analysis of the four Anglophone territories relevant to this study: Christmas Island (.cx), Cocos (Keeling) Islands (.cc), Heard and McDonald Islands (.hm), and the British Indian Ocean Territory (.io). We then turn to the Francophone territories of Mayotte (.yt), Réunion (.re), and the French Southern and Antarctic Lands (.tf). Finally, the paper highlights the differences in management apparent between the various territories, and offers a number of paradigms that shed light on why these differences have arisen and will endure. We assert that these differences are due to France's active and conscious historic and ongoing involvement in its internet administration, and the flow-on effects this involvement has given the largely self-regulatory environment ccTLD policy occupies. In so doing, the paper will lay the groundwork for further study, especially in the areas of Indian Ocean studies and internet governance.

The internet, and ccTLD history and allocation in practice

While a technical understanding of the Domain Name System (DNS) is not required to engage with this article, a brief overview is helpful to understand its policy and theoretical implications. In the early days of the internet in the 1980s, the DNS was established as the technical protocol for organising the global namespace. The DNS allows for server addresses, represented numerically by an Internet Protocol (IP) address (such as 192.168.1.254), to be connected to human-legible domain names (such as www.internet.com.au). This function essentially turns a string of numbers into an accessible, recognizable and convenient domain name.

DNS functions are coordinated by the American multistakeholder non-profit ICANN (the Internet Corporation for Assigned Names and Numbers), and other actors include registries (TLD managers), registrars (TLD sellers) and registrants (a company or individual which registers a domain name) (ICANN Acronyms and Terms n.d.). The Internet Assigned Numbers Authority (IANA) was formerly under ICANN until 2016. The Authority is now run by ICANN affiliate Public Technical Identifiers (PTI, itself also an American non-profit organisation) and its role includes maintaining naming functions, including domain names, number resources and protocol parameter assignments (Home Page n.d.).

This article will engage with two TLD categories: country code Top-Level Domains (ccTLD) and generic Top-Level Domains (gTLD).¹ While a ccTLD code is reserved for the country or territory it designates, a gTLD is created for a specific purpose, for example,.com for commercial,.org for organisations and.gov for governments. While in the United States (US), gTLDs are more common (e.g..com rather than.us), ccTLDs are more widely accepted and used in most other countries (such as.fr for France,.au for Australia,.uk for the United Kingdom, and.de for Germany) (Janc 2016, 569).

How ccTLDs were assigned and administered has had a profound impact on Internet politics. As Jon Postel, American computer scientist and early internet pioneer, noted in a 1994 Memo entitled Domain Name System Structure and Delegation: ‘The IANA is not in the business of deciding what is and what is not a country’, and that

the selection of the ISO [International Organization for Standardization] 3166 list as a basis for country code top-level domain names was made with the knowledge that ISO has a procedure for determining which entities should be and should not be on that list (Postel 1994).

Essentially, IANA's decision to refer to the ISO standard meant that ccTLDs would be created, maintained and disestablished in accordance with ISO 3166-1 alpha-2 codes (see Figure 1). This considered delegation of expertise to ISO regarding the status of countries tied the hands of ICANN regarding disputes, and the flow on effects for ccTLDs.

Figure 1. Territory ccTLDs in the Indian Ocean. Note that islands of the French Southern and Antarctic Lands are geographically dispersed around the southwest Indian Ocean.

However, geographically defining the DNS was not the only option available to the internet's founders. According to Hans Klein, there existed no technical requirements or basis for ‘national monopolies’ in ccTLD naming conventions (Klein 2002, 199). Klein notes that organisationally, the system of national ccTLDs resembled national telephone companies (postal, telegraph and telephone service) – a popular monopolistic model at the time (Klein 2002, 199). Once these ccTLDs were created, each code was assigned to ‘responsible persons’ by Jon Postel (who undertook IANA functions) to act as registrars. Between the mid-1980s and mid-1990s, ccTLD registry responsibilities were usually delegated by Postel² to ‘internet pioneers’, primarily from the academic and research sectors (Administering the Root: Delegations and Redelegations – Every Country Is Unique 2003, 1). These delegates were selected ‘based on trust, placing responsibility ahead of any notion of ownership (Administering the Root: Delegations and Redelegations – Every Country Is Unique 2003, 2).

In 1984, Postel defined ‘responsible persons’ in Request for Comments³: 920 entitled Domain Requirements as:

An individual must be identified who has authority for the administration of the names within the domain, and who seriously takes on the responsibility for the behaviour of the hosts in the domain, plus their interactions with hosts outside the domain. This person must have some technical expertise and the authority within the domain to see that problems are fixed (Postel and Reynolds 1984, 4).

These ‘responsible persons’ varied between ccTLDs, often not-for-profit organisations, most affiliated with university research centres (Klein 2002, 199). While at this time many national governments were unaware of the DNS’ creation, governments eventually began to claim jurisdiction over ccTLDs using their country codes, sometimes provoked by IANA's perceived ‘proactive exercise of policy authority’ in their jurisdiction (Klein 2002, 200). As a consequence, ccTLD administrators were subject to ICANN (as administrator of the root and with the ability to redelegate ccTLD authority), governments (claiming the ccTLD as a public resource located within a jurisdiction) and to an extent themselves (ICANN policy-placed authority in the local internet community – meaning the administrators are accountable to local internet users) (Klein 2002, 202). In the intervening years, a spectrum of government involvement in ccTLD administration has emerged – some government agencies administer ccTLDs following nationalisation, some contract administration to the private sector, some simply regulate its operation, and some leave ccTLD affairs entirely to the market.

The relationship between ccTLDs and physical geography differs and can be differentiated by analysing the ways in which TLDs are managed. Marketa Trimble identifies three general approaches ccTLD administrators take in managing the relationship between domains and physical geography. First, the ‘indifference’ approach disregards the physical world from cyberspace, and does not apply territorial limits to activities in the digital realm (Trimble 2018, 630). The second approach views cyberspace as ‘complement of the physical world’, meaning the digital sphere is a ‘complement or add-on that enlarges physical space beyond its natural limitations’, and those who wish to join this digital territory can do so, regardless of their citizenship or relationship to the territory (sometimes on application) (Trimble 2018, 631). The final approach views cyberspace and physical geography as ‘one of perfect identity’, meaning that the internet matches the places and activities of the physical world, and is exemplified by geofencing, location-based services, and territory-based restrictions on domain registration (Trimble 2018, 631–32).

These three distinctions are pertinent as both a theoretical internet governance idea, but also to conceptualise the three methods in which ccTLD registries limit domain sales and allocations. For instance, while.in (.In Domain Names n.d.) (India) and.uk (.Co.UK Domain Names n.d.) (United Kingdom) domains are registerable by anyone, anywhere,.au (Who Can Apply for a Domain Name in the.Au CcTLD? n.d.) (Australia) and.ca (What Are the Requirements to Buy a.CA? Requirements for Registering a.CA Domain n.d.) (Canada) impose eligibility requirements, including the need to prove a presence or specific connection to the physical jurisdiction. Eligibility requirements for ccTLD registration fall generally within this spectrum. For ccTLDs which do not impose geography-based requirements for domain registration, registrants may elect to use the particular ccTLD to be associated with that country (exemplifying the second approach outlined above), or simply as a domain hack. According to ICANN, the organisation ‘does not accredit registrars or set registration policies for ccTLDs’, rather leaving these policy decisions to the individual registrars (FAQs - ICANN n.d.). As such, there is no one accepted approach to understanding or implementing cyberspace's relationship with the physical world, and domain registration policies reflect in general the above approaches.

Dependent territory ccTLDs

One by-product of using ISO 3166-1 alpha-2 codes to create ccTLDs derives from the curious fact that not only countries (in the traditional nation-state sense) are defined, but also so-called ‘dependent territories’. As a result, a range of ccTLDs were created for these territories, such as.mp for the United States’ Northern Mariana Islands and.pn for Britain's Pitcairn Islands. Some dependent territories are uninhabited (or have no permanent populations), such as Norway's subantarctic Bouvet Island (assigned.bv) and the British Overseas Territory of South Georgia and the South Sandwich Islands (assigned.gs). Even Antarctica was assigned.aq. In the Indian Ocean Region, seven dependent territories were assigned ccTLDs. Australia's territories of Cocos (Keeling) Islands, Christmas Island and Heard and McDonald Islands were assigned.cc,.cx and.hm respectively. The French territories of Réunion, Mayotte and the French Southern and Antarctic Lands were assigned.re,.yt and.tf respectively. Also, the British Indian Ocean Territory – comprising the Chagos Archipelago – was assigned.io.

IANA acknowledged the added difficulties in administering ccTLDs for dependent territories. According to the IANA's website:

For sub-national territories, it is considered acceptable (with the consent of the local internet community)⁴ if the [ccTLD] manager and the administrative contact are located elsewhere in the country so long as they are still subject to applicable law (IANA – Common Questions on Delegating and Transferring Country-Code Top-Level Domains (CcTLDs) n.d.).

ccTLD symbolism and geopolitical usage

As Starosielski (2015) argued in relation to the internet-enabling submarine cable networks, ‘territorial politics’ too have shaped DNS dynamics. By virtue of organising a large proportion of TLDs on political entities – countries and dependent territories – ccTLD affairs has developed a distinct political, symbolic and geopolitical character. As early as 2003, the UN-sponsored World Summit on the Information Society in Tunis (2003) and Geneva (2005) (re)affirmed that ‘policy authority for internet-related public policy issues is the sovereign right of States. They have rights and responsibilities for international internet-related public policy issues (Declaration of Principles: Building the Information Society: A Global Challenge in the New Millennium 2003, 7; Tunis Agenda for the Information Society 2005). These summits were attended by representatives of 175 and 174 countries respectively, and given political support from various heads of state, ministers and vice-ministers (World Summit on the Information Society (WSIS) n.d.). Thus, by 2003, the public policy implications of the DNS was acknowledged by the majority of countries.

Further, the DNS has wider symbolic and geopolitical uses. According to the experts of the Organisation for Economic Co-operation and Development (OECD) working party on telecommunication and information services policies:

The country's top-level domain represents the national or territorial interests of a domain, and is often viewed as the flagship of a country's internet participation and as a strategic asset with symbolic, socio-economic and/or internet stability and security implications (Evolution in the Management of Country Code Top-Level Domain Names (CcTLDs) 2006, 4).

According to Samantha Bradshaw and Laura DeNardis, DNS administration is not just a ‘clerical or neutral function’, but a system employed as ‘a proxy for broader geopolitical conflict’, and its governance is ‘a critical public policy concern (Bradshaw and DeNardis 2016, 345). Bradshaw and DeNardis assert that the DNS is of particular concern to public policy for five reasons. First, the DNS embeds text as content, which raises contests over language, speech and property; second, the DNS incorporates various chokepoints which can control access; third, the DNS is a central element of the internet ecosystem; fourth, the DNS can be viewed as a pool of finite resources raising issues of equity and scarcity; and fifth, the requirement for globally unique identifiers creates the need for some ‘centralized coordination’ to function (Bradshaw and DeNardis 2016, 334–335). All of these factors result in the Internet's politicisation and potential use as a tool of statecraft. Further, DNS misuse and impropriety can have a serious impact on a nation's ability to preserve sovereignty and further its national interests. Indeed, ICANN convenes a Governmental Advisory Committee, which regularly advises ICANN on public policy matters, ‘especially where there may be an interaction between ICANN's activities or policies and national laws or international agreements’ (Governmental Advisory Committee Official Web Presence n.d.). It can be concluded that national government oversight and control (to a varying degree) of its ccTLD administration not only improves internet usability, accessibility and security, but can also be used as a policy lever.

Indian Ocean ccTLD survey

Anglophone Indian Ocean ccTLDs

While approaches to ccTLDs vary across countries and jurisdictions, the four ccTLDs attributed to Anglophone Indian Ocean territories share key trends – private ownership, histories of questioned delegation, and opaque relationships between the territory itself and the use of the ccTLD. Three of these territories are controlled by Australia – Christmas Island (.cx), Cocos (Keeling) Islands (.cc), and Heard and McDonald Islands (.hm) – while the remaining territory (The British Indian Ocean Territory, or.io) is held by the British Government. Regardless of their respective sovereign governments, all four of these domains is held by a private concern, and three of them (.io,.cc and.cx) have been subject to scrutiny regarding the ownership and/or resultant profits of the domain.

.cc

Australia’s Cocos (Keeling) Islands consist of 27 coral islands, with a combined land area of approximately 15.6 square kilometres, and is located 2936 kilometres north-west of Perth (Cocos (Keeling) Islands 2021). The Cocos Islands are closer to Jakarta than to Australia. According to a 2016 census, Cocos Islands’ total population was 544 and the most common religion was Islam (Cocos (Keeling) Islands Census Data 2021). Despite being an Australian territory since 1955 (administered prior as part of the Colony of Singapore), the domain allocated to the Cocos Islands was not delegated to an Australian agent or organisation. Instead, the domain was originally delegated to a company started for the purpose called eNIC. Formed by a tech entrepreneur from Seattle, eNIC sought to use domain sales as a business model – under eNIC's administration, the domain was marketed as a.com alternative, but cheaper to register, and with more available names (Testimony of Brian R. Cartmell, Chief Executive Officer, ENIC Corporation on the Governance of the Domain Name System by the Internet Corporation for Assigned Names and Numbers 2001).

In 2001, eNIC's CEO claimed before a US senate committee that eNIC was the second largest registry in the United States (topped only by Verisign) (Testimony of Brian R. Cartmell, Chief Executive Officer, ENIC Corporation on the Governance of the Domain Name System by the Internet Corporation for Assigned Names and Numbers 2001). In this context, it is noteworthy that in his 2001 testimony to the US Senate, eNIC's CEO claims that at the time he took control of.cc, the Cocos Islands ‘ … were privately owned … ’ (which they were not) (Testimony of Brian R. Cartmell, Chief Executive Officer, ENIC Corporation on the Governance of the Domain Name System by the Internet Corporation for Assigned Names and Numbers 2001). The committee was meeting to discuss ICANN governance, including the delegation of ccTLDs to respective nations (instead of being controlled by ICANN, which was at that stage operated under the auspices of the US Government). In that context, eNIC's CEO argued that further involvement by relevant governments in the policies and affairs of ccTLDs would ‘ … have significant ramifications … ’, harming the entrepreneurial spirit of the internet. In eNIC's CEO's view, decisions on policy that would be delegated to the host nation of a ccTLD would be best left to the US Government instead (Testimony of Brian R. Cartmell, Chief Executive Officer, ENIC Corporation on the Governance of the Domain Name System by the Internet Corporation for Assigned Names and Numbers 2001).

While eNIC's CEO testified as to the success of eNIC before Congress on 14 February 2001, within months of that testimony he sold the company – and its status as registrar of.cc – to Verisign. While many of the details of the deal were undisclosed (it was reported publicly as an ‘undisclosed stock deal’ (Olsen 2001)), eNIC remained the public face of.cc registrations for a number of years. While the deal to purchase.cc and eNIC was publicly undisclosed, details of the deal were soon under scrutiny. In 2002, Verisign was sued by shareholders for artificially manipulating share prices though a number of means, including through the improper registration of barter transactions. A settlement was reached in 2006 in favour of the plaintiffs for $80,000,000 (Securities Class Action Clearinghouse: Case Page n.d.). The settlement included in the list of improper dealings that contributed to breach was the acquisition of.cc (VeriSign, Inc. Securities Litigation 2008). Despite the domain nominally being a public good serving the Cocos community, its effective status as a private asset allowed its implication in this corporate dispute.

As well as being questionably delegated in its early operation and alleged use in share price inflation, the Cocos domain has appeared on spam and child exploitation watch lists in the last decade (Botnet Threat Report 2019; IWF Annual Report 2019; Spamhaus Botnet Threat Report 2017; Spamhaus Botnet Threat Update: Q2-2020 2020; Szathmari 2018; Waterman 2017). Additionally, the domain has come under scrutiny for malware (Google Removes Co.Cc Sub-Domain from Search Engine Results, Citing Malware and Spam Issues 2011), and hosting unregulated gambling sites, some of which were found to contravene Australian law (Kerr 2018). Despite this, the Australian government has been aware of the.cc domain, at least in part.

Indeed, in 2008 it entered an agreement with eNIC (on behalf of Verisign) allowing eNIC to continue its hold on the domain (Dahlquist 2008), an arrangement that continues today (Taylor 2021). Notably, however, in the view of the Australian Government, this memorandum does not constitute endorsement or support – such support being, in the government's view outside of its responsibility. When issues of.cc's administration were raised publicly in 2021 (Mortensen and Bashfield 2021), Australia's then Department of Infrastructure, Transport, Regional Development and Communications stated that:

The Australian Government has not endorsed any party to run the.cc top-level domain. The management of the.cc domain is a matter for the Cocos (Keeling) Islands Shire Council. If there are concerns about any breaches of Australia laws in the management of the.cc country code Top Level Domain, these should be directed to the Australian Federal Police (Department of Infrastructure, Transport, Regional Development and Communications 2021).

Thus the details of exactly what status.cc holds as sovereign responsibility of Australia remains unclear. As of the time of writing we are unable to ascertain the specific details of that memorandum, however, as of 2010, Verisign supplied $22,000 per month for the provision of internet to the Cocos, an amount that was necessary for keeping internet services running, given the lack of government support (Inquiry into the Changing Economic Environment in the Indian Ocean Territories, Chapter 5: Information Communication Technology 2010).

.cx

Christmas Island, consisting of 137.4 square kilometres, is located just 490 kilometres south-west of Jakarta, and had a population of 1843 people in 2016 (Christmas Island 2021). The Christmas Island domain was first delegated in 1997, when the University of Southern California's Information Sciences Institute (USC-ISI) approved a request from Karinna Love, a representative of London-based company, Planet Three Ltd. The company would operate for only a few years before shutting down operations around the year 2000. While the.cx domain was not commercially successful, it would however host what was perhaps the most famous shock site on the internet – goatse.cx. The website – which greeted users with an image of a gaping anus – enjoyed widespread global use in ‘bait and switch’ pranks online, in which users would encourage unsuspecting victims to visit the site on the promise of more relevant content (Chen 2013).

Planet Three attempted to voluntarily give control of the domain to ‘Dot CX Ltd’ (later renamed CIIA – Christmas Island Internet Administration Limited), a local organisation seeking to administer the domain; however, IANA would not action this request for almost six years. Despite Planet Three giving the domain registration up voluntarily, IANA refused to redelegate the domain. In a letter dated February 2001, representatives of Dot CX suggested that the ultimate roadblock seemed to be that IANA now wanted Australian government approval to action such requests (Newman 2001).

This went on for six years. By IANA's own account, this delay featured ‘ … numerous efforts to conclude an agreement’, though it offers no further detail (IANA Report on the Redelegation of the.CX Top-Level Domain 2016). IANA did however process server requests that originated from Dot CX in the interim following support from the Australian Government sometime after the year 2000. However, despite this de facto control,

… The requested changes to the Sponsoring Organization, Administrative Contact or Technical Contact were not fulfilled pending further coordination between the Christmas Island Shire Council, Australia's then Department of Communications, Information Technology and the Arts, and the individuals requesting the redelegation (IANA Report on the Redelegation of the.CX Top-Level Domain 2016).

It was during this time that Goatse was removed from the.cx domain. Registered in 1999 and active for five years, under the management of Dot CX, the site was eventually removed from the domain in 2004 following complaints by Christmas Island residents (Miller 2004).

Despite the voluntary transition to Dot CX, government support and the effective management of the.cx domain, it would be six years until the domain was finally transferred to local registrars. By the end of the process, IANA had received supporting evidence not only from Planet Three, but also numerous approvals from the Australian Government and Christmas Island Shire Council. On 10 January 2006, the ICANN board of directors finally approved the change (IANA Report on the Redelegation of the.CX Top-Level Domain 2016). ICANN's delay in recognising the new registrars was attributed to their perceived technical and commercial suitability to operate the registry; despite the community's outcry and the support of the relevant governments, it was this technical and commercial elements that seem to have been the major contributing factor to ICANN's notion of ‘responsible’ registry maintenance.

Currently, the ccTLD is registered to Christmas Island Domain Administration Limited (cxDA), a non-profit organisation relying on domain registrations (..Cx Domain Delegation Data 2022). The ccTLD holds approximately 12,000 domains, and relies on volunteers to operate (About n.d.).

.hm

Australia’s uninhabited subantarctic islands Heard and McDonald are 4000 kilometres south-west of Western Australia, and are dominated by the active Big Ben volcano, measuring 2745 metres elevation (Location and Geography 2005). The.hm ccTLD was first registered on 24 September 1997, and was subsequently delegated to Edward Sweeney, an Australian tech entrepreneur. Using current publicly available resources, including the public records of IANA/ICANN, it is unclear how the domain came to be delegated to Sweeney, since speculation regarding the domain's registrar was extant as early as September 2000 (.Hm Domain Delegation Data 2021; McCarthy 2000).

Since its delegation, the ccTLD and its registry have remained largely obscure, with the registry website itself seemingly remaining in its original configuration, dated 2001. While the registry website is active, several important details have remain unchanged – and thus now become obsolete – in the prevailing years. Complaints for the registry management are directed to be submitted by fax, and contact telephone numbers are for a since-defunct company in the US state of Colorado (Complaints n.d.). Indeed, maintenance of the registry became an issue in 2019, when the entire domain – and thus any site situated on it – became inaccessible for several months. Efforts to contact Sweeney and diagnose the issue were unsuccessful until publicised by journalists, at which point the registry was put back online. According to Sweeney, the registry suffered from ‘ … an issue concerning processing via one of our payment processors … ’(McCarthy 2019). Besides the short explanation above, little light was shed on the registry and its maintenance.

.hm remains an obscure registry with no heavily trafficked sites, expensive domains or associated industries or communities. Further, with no indigenous population, no challenges to Sweeney's control of the domain seem to have been mounted. Indeed, even the official site for the Heard and McDonald Islands resides on a.gov.au domain (Heard Island and McDonald Islands 2022).

.io

Assigned to the British Indian Ocean Territory (comprising the Chagos Archipelago's some 58 islands and 640,000 square kilometres of ocean).io is another Indian Ocean ccTLD whose delegation is held outside the control of the relevant government or (former/future) inhabitants. The territory, subject of a fierce sovereignty dispute between Mauritius and the UK, and host of a strategically critical US military base on Diego Garcia, is a contentious element of Indian Ocean geopolitical affairs (Bashfield 2020). While much of this contention rests on wider considerations of sovereignty, the rights to.io have become a feature of the wider geopolitical dispute.

First granted to British company Internet Computer Bureau LTD (ICB) by IANA in 1997,.io has remained in private hands ever since..io was sold to internet giant Afilias for $70 million in 2017 (Afilias Bought.Io for $70 Million 2018). In late-2020 Afilias was acquired by Donuts Inc (Donuts Acquires Afilias 2020), and in December 2020 ICB filings with the UK government's Company House show three top Donuts Inc executives appointed director positions with ICB.⁵ ICB in turn uses Sure (Diego Garcia) Limited, a telecommunications services operating on Diego Garcia (the largest and only inhabited BIOT island), as its local representative organisation in the territory. Sure Ltd has operated since 1982, providing basic telecommunications services to the local population of the Archipelago (exclusively made up of military service personnel and support staff on Diego Garcia), and was acquired in 2013 by the Bahraini Batelco Group (Company Information | Sure Diego Garcia n.d.).

Despite its obscure geography,.io is a popular ccTLD worldwide in the tech start-up and crypto currency sector due to its semblance with the ‘input/output’ programming maxim. While not commanding as high a price as.com domains, single word.io domains command higher prices than many alternative ccTLDs – for example, ‘market.io’ sold in April 2022 for $36,000 (Pandit 2022). While the UK claims control over the Chagos Archipelago, the management, maintenance – and presumably profit – resulting from the domain sits with ICB. Regardless, in the past it had been claimed that the British government received profits from the sale of.io domains, but the British government has repeatedly denied this (Milmo 2014). Indeed, there is no reason to believe that a formal agreement exists between the UK government and ICB, nor between ICANN or ICB.

The profits gained from sales of.io domains has come under increasing scrutiny given that the UK's control over the archipelago itself is under threat. Chagossian refugee groups (former inhabitants forcibly removed in the 1960s and 1970s) petitioning the UK government for the right of return have recently extended their grievances to the return of the.io domain as well (Chagos Refugees Group United Kingdom et al. vs. Internet Computer Bureau Limited 2021). Additionally, Mauritius is also attempting to gain control over.io by petitioning IANA for redelegation (Bowcott 2022). However, while these groups fight for control over the.io domain, a recent UN ruling challenging British sovereignty over the island threatens the existence of the ccTLD itself. The United Nations ruling delegitimises British control over the territory, thus making the Chagos part of Mauritius (in theory but not yet in practice). As of late-2022, Britain and Mauritius are currently negotiating the Chagos’ sovereignty and the islands are expected to be returned to Mauritius within the year. Given that ccTLDs are dispensed on the basis of ISO 3166-1 alpha-2 codes, if the British Indian Ocean Territory ceases to satisfy the ISO standard, then there is no justification for the.io domain to continue.

French territories: central coordination under AFNIC

While Australia and the UK leaves administration of.io,.cc,.cx and.hm to the market, France manages its territory domains centrally through its ‘State-appointed Registry’, the ‘Association Française pour le Nommage Internet en Coopération’ (the French Network Information Centre or AFNIC) (Presentation - AFNIC n.d.). AFNIC – manager of the.fr (France) ccTLD since 1986 – is a non-profit association, governed by French law, which ‘work[s] for the common good of the French internet (About AFNIC - AFNIC n.d.)’. In addition to ccTLDs, AFNIC also manages various gTLDs, including.paris and.bzh (designated for Brittany and the Breton culture and languages) (About AFNIC - AFNIC n.d.). AFNIC, established in 1997, assumed management of.fr and its subdomains from the Network Information Center (NIC France, at the Institut National de Recherche en Informatique et en Automatique (National Institute for Research in Digital Science and Technology), which had administered the domains since 1987 (Schafer and Thierry 2016, 1146).

AFNIC manages these three ccTLDs in line with its management of.fr. On 6 December 2011 AFNIC enacted a new naming charter for.yt,.re and.tf (in addition to.wf (Wallis and Futuna) and.pm (St. Pierre and Miquelon)) management, applying the same registration policies as.fr (L’AFNIC Met En Ligne La Nouvelle Charte de Nommage Des Extensions Françaises 2011). At the same time, AFNIC domain registration was opened up to entities domiciled in the European Union, not just those who could prove a link to France (Opening to Europe of the.Fr and Other TLDs Operated by AFNIC 2011). This change was prompted by France's new legal framework (Law No. 2011-302) which applied to all French ccTLDs (with the exception of.pf (French Polynesia) and.nc (New Caledonia)) (AFNIC Business Report 2011, 6).

We acknowledge that French overseas territories differ in various important ways from their UK and Australian contemporaries. Specifically, while the French Southern and Antarctic Lands are classified as a ‘territory’, Réunion and Mayotte⁶ are technically defined as a French ‘overseas department and region’.⁷ This important distinction means that unlike traditional territories, French departments and regions, such as Réunion and Mayotte, share the same political status as mainland departments, and are represented in the French and European parliaments. While acknowledging the above political distinction, for the purpose of this study, France's Indian Ocean possessions will be described similarly to Australian and British possessions as ‘dependent territories’ or simply as ‘territories’.

.re

Réunion Island, a French territory of 2512 square kilometres and a population of approximately 855,700 is located about 180 kilometres southwest of Mauritius (Réunion Facts 2022)..re was created on 7 April 1997, managed by NIC France, before being transferred to AFNIC on 1 January 1998 where it is still managed. On 25 June 2001,.re registrations were opened to citizens and residents of Réunion (AFNIC Opens.Re for Reunion Island 2001). By the end of 2011.re was opened up to those domiciled within the European Union (Opening to Europe of the.Fr and Other TLDs Operated by AFNIC 2011). According to an October 2020 report by AFNIC, the.re domain is mostly used for professional purposes, although private individuals are also using the TLD. Most holders are located in Réunion, with just over 70% of them being French (Damilaville 2020). The report adds that:

.re appears to have huge potential, firstly as the moderate volume of its stock – 30,000 names, of which some 20,000 registered for professional purposes – suggests that there is still plenty of scope for development in the context of the acceleration of the digital transition. The growing adoption of the TLD by private individuals is also a guarantee of sustained development in the future (Damilaville 2020).

Under AFNIC management,.re had 31,000 registered names in late-2020 and a growth rate of about 15%. We could not find any public allegations of misuse or impropriety related to.re.

.yt

Mayotte, an island comprising 374 square kilometres and a population of 270,372 is located in the Mozambique Channel, in the western Indian Ocean (Mayotte n.d.). Mayotte, colonially administered by France along with modern day Comoros, was controversially detached from Comoros upon its independence in the mid-1970s, and remains a French territory today (Trinidad 2018, 74)..yt was launched in November 1997, and very little is known publicly about the history of this ccTLD. It is assumed that.yt was delegated to NIC France in November 1997 and became part of AFNIC upon its founding in 1998. Internet archives demonstrate that as early as August 2000.yt was managed by AFNIC (AFNIC: Home Page 2000). AFNIC opened.yt to registration in December 2011 but until today the domain remains unpopular (TLDs for French Overseas Collectivities: French Overseas Top-Level Domain Names 2022). According to.yt on seller shopify, the ccTLD is useful as a domain hack for businesses and individuals associated with YouTube, yoga teaching and youth theatres (Buy.YT Domain - Register.Yt Domain Name 2022). This little used ccTLD is managed by AFNIC at the time of writing in late-2022 and has not been implicated in allegations of misuse that we can find.

.tf

.tf is designated to represent the various islands comprising the French Southern and Antarctic Lands, which is void of a permanent population..tf is another ccTLD of France, managed by AFNIC. Between 23 October 1997 and 23 October 2004 the administrative and technical management of.tf was carried out by AdamsNames⁸, a British firm based in Cambridge. In 2004 when AFNIC took control of.tf, the domain had 1550 registrations.

In rationalizing.tf’s redelegation, AFNIC in 2004 noted that:

Even though AdamsNames did offer a reliable technical service, the.tf administration would not involve French authorities nor consider French law. Besides, it did not bring to the residents the services they needed (i.e. use of French language, official registration policy). That is why French authorities requested from ICANN redelegation of.tf ccTLD to AFNIC (AFNIC is the New Registry for.Tf 2004).

IANA in 2004 noted that AdamsNames had administered the ccTLD since it was allocated to the firm by Postel in 1997, and that AdamsNames expressed support for the redelegation request to AFNIC (IANA Report on Redelegation of the.Tf Top-Level Domain 2004). Also, of note, this transfer was prompted by two expressions of interest submitted to ICANN to redelegate.tf to AFNIC (March 2000 and July 2003), which were supported by the French Government (IANA Report on Redelegation of the.Tf Top-Level Domain 2004). Since this redelegation to AFNIC,.tf does not feature on lists of spam domains or other cybercrime reports and is subject to the same registration policies at.fr. Notably,.tf is a popular ccTLD used for websites related to Team Fortress – a multiplayer first-person shooter video game (.Tf Domains | French Southern and Antarctic Lands Domain Registration n.d.).

The state, regulation, and risks

The logical question this survey raises is why Francophone and Anglophone dependent territory ccTLD governance in the Indian Ocean is so different. We posit two interrelated reasons: (1) France's conception that its ‘overseas regions’ be held under the same political conditions as the mainland, and (2) France's active and conscious historic involvement in its internet administration as a publicly held good.

Regarding the first point, the French constitution is such that regardless of their geographic location, overseas regions share mainland France's political rights and responsibilities as much as feasible. More specifically, Article 73 of the French constitution holds that both Réunion and Mayotte share France's core legal and civil environment, especially given its lack of inhabitants. This equality of civil expectations is important given the French Government has explicitly noted that ccTLD management is the responsibility of the state. According to the French Government at a 2003 International Telecommunication Union workshop:

The ccTLD is held to be a public or collective resource that cannot come under the heading of private property and must be managed in the general interest, and that governments in the final instance have authority over the ccTLDs pertaining to their territory (Document for CcTLD Workshop 2003, 2).

Thus, French government delegates to internet governance meetings in the early-2000s were of the opinion that ccTLDs were a national resource, which should not be left solely to the private sector, as many ccTLDs were then, and indeed still are now. Further, more generally, some argue that France's avant-garde internet asset management – via AFNIC – symbolises France's preference for ccTLD active management. According to George Christou and Seamus Simpson:

The significant presence of the state in AFNIC suggests that the French system contains important elements of ‘concerted action’ and ‘subcontracting’. The French government has promoted the public–private hybrid nature of the dot fr governance system as an innovative model, stemming from a pragmatic realization that the French ccTLD could not be managed through a public institution, given the evolutionary history of the Internet (Christou and Simpson 2009, 616).

In comparison, Britain has left.uk to the private sector, and Australia manages.au via.au Domain Administration Limited (auDA), a self-described ‘not for profit organisation that works with a range of stakeholders including industry, government and the Australian and international community (About.Au Domain Administration 2022)’. AFNIC and auDA share many similarities, but while AFNIC manages France's Indian Ocean dependent territory ccTLDs, auDA only manages.au. Thus it is the Anglophone countries that differ in the management of their national ccTLDs, suggesting that the difference between Anglophone and French management of Indian Ocean territorial domains is not simply one of national regulators or private sector involvement. Instead, the difference comes down to the insistence of France to manage its territory ccTLDs on the same footing as its national ccTLDs, rather than allow a process of self-regulation for each domain.

France's ‘equal treatment’ of its territorial and national domains makes such an impact due to the nature of self-regulation, and the realisation of that regulation. In an environment of ‘self-regulation’, what regulation is possible for any specific domain is reliant on the challenges and capacities of various stakeholders involved. In any given domain, outcomes for communities, business, bodies such as ICANN, and relevant governments will depend upon the relationship between these stakeholders. As such, the ability to guide, monitor or action regulation will depend on the size, culture, and various capacities of each stakeholder (Price and Verhulst 2004, 16).

Further, in ‘self-regulation’ that involves differing stakeholders, what sort of regulation each stakeholder desires may be quite different. Where governments have certain interests regarding community management, liabilities and expectations, private sector actors may in some instances have interests and liabilities that differ considerably, or have different capacities and capabilities in enacting said regulation. To be clear, this is not to suggest that governments are always for regulation and private sector stakeholders are not; indeed in some cases, it may be that an otherwise capable government may opt out of regulation with the expectation that the private sector pick up the slack. In the case of.io for example, the British Government made clear in a 2015 Freedom of Information Request response that:

There is no agreement between the UK Government and ICB regarding the administration of the.io domain. ICB independently registered the.io domain through the internet governing process – the Internet Assigned Numbers Authority (IANA) – in the late 1990s … The BIOT Administration tasks its telecoms provider to ensure a reliable and secure service. The telecoms provider has in turn asked ICB to ensure that rules are in place to ensure security and good governance of the domain [emphasis added] (Freedom of Information Act 2000 Request Ref: 0347-15 2015).

Thus, much like the Australian government’s ‘opting out’ of the regulation of.cc, the British Government opts to rely on the private sector to regulate.io.

We can see that at the very least the difference between France's expectation to actively manage its overseas territories under the same policies as its national ccTLD (compared to Anglophone tendencies to view them as separate) has led to vastly different outcomes for the ccTLDs themselves. A prime example of this is in the comparison of redelegation (or lack thereof) between Australia's.cc and.cx domains, and France's redelegation of.tf. The redelegation of.tf was made with full political and logistical support of France, and resulted in the delegation of.tf to AFNIC. However the redelegation of.cx on the basis of community request took six years and repeated local requests, despite support from the private sector delegate who held the domain. From the Australian perspective, the government was slow to support the move, and even when it did, did not take responsibility for the domain. As we have seen above, the notion that the Australian government is not ultimately responsible for the domains of its territories continues in its response to concerns over the delegation of.cc; it may well be that this differing notion of responsibility is a crucial factor in how these domains are managed, and if necessary, redelegated.

Conclusion

Jon Postel’s 1994 memo which outlined that ‘The IANA is not in the business of deciding what is and what is not a country (Postel 1994)’ has had lasting and peculiar implications for the Indian Ocean's digital geography. Likewise, the 1994 decision to use ISO standards to create ccTLDs has resulted in quite specific challenges in areas that have historically been defined by their colonial ties. The historical decisions of the early engineers of the DNS system lead to the creation of a number of ccTLDs for geographic areas that did not have sovereign government, and indeed in some cases did not have a population at all.

In this paper we have surveyed the ‘digital geography’ of Indian Ocean territories, and found a clear divide between the management of territories held by Anglophone states and those that are Francophone. Where Anglophone states have left the running of ccTLDs of territorial holdings to private corporations, France's territories have been run uniformly – and by the same organisation – as France's own ccTLD. We assert that this differing approach is largely down to French political expectation that external territories should share the same rights and standards as mainland France.

However, while the cause of this difference may be political, notable effects have been felt in the digital space. Anglophone ccTLDs have seen comparatively more dispute, and in some key cases the local communities of Anglophone ccTLDs have petitioned for the redelegation of their domains (with varying levels of success). Such disputes have featured varying levels of national government involvement (i.e. the involvement of the state to whom the external territory belongs). By comparison, France maintains active involvement in its internet administration, which seems to have garnered more stability regarding DNS regulation; given the self-regulatory environment of DNS, it is likely that France's well-established policies and status as an active participant in DNS governance has assisted its external territorial ccTLDs. It is this question of ability and capacity of smaller ccTLDs to maintain self-regulatory standards, and to shape the DNS environment more broadly that deserves wider consideration – further longitudinal study of a wider grouping of external territories and small island nations may shed further light on this issue.

Disclosure statement

No potential conflict of interest was reported by the author(s).

Correction Statement

This article has been republished with minor changes. These changes do not impact the academic content of the article.

Additional information

Notes on contributors

Samuel Bashfield

Sam Bashfield is a PhD candidate and research officer at the ANU National Security College. His research engages with Indian Ocean security issues, with a focus on the past, present and future of the Chagos Archipelago (British Indian Ocean Territory). He also supports the NSC’s Indo-Pacific Strategy: Undersea Deterrence Project and the Indo-Pacific Strategy: Indian Ocean Project.

James Mortensen

James Mortensen is a Lecturer at the ANU National Security College. His research areas include cyber, environmental security, and political philosophy, especially the philosophy of security and authority. Prior to working at the National Security College, he held the position of Research Fellow at the ANU’s Research School of Computing.

Notes

1 Other TLD categories include Sponsored Top-level Domains (sTLDs), Infrastructure Top-Level Domains (ARPA) and Test Top-Level Domains (tTLDs).

2 Postel's role can be characterized as more passive than active. In this sense, Postel would usually respond to requests from a territory or country, then assign the ccTLD manager.

3 Despite being named ‘Request for Comments’, or RFC, these documents are essentially standard documents. The humble name was assigned to such documents in the internet's early days in an effort to not offend and to document decisions and actions without imposing on the internet community (see Froomkin 2002, 784).

4 According to IANA, consent of ‘the local internet community’ can be demonstrated by the ccTLD manager through one, or a combination of community consultation, a written articulation of options considered, and statements of support from internet community representatives (see IANA – Common Questions on Delegating and Transferring Country-Code Top-Level Domains (CcTLDs) n.d.).

5 Appointments included Mr Akram Joseph Atallah (Donuts Inc CEO), Mr Alvaro Madrigal Alvarez (Donuts Inc Executive Vice President, General Counsel and Secretary) and Mr Randy Paul Hass (Donuts Inc Executive Vice President and Chief Financial Officer) (see Internet Computer Bureau Limited People 2022).

6 Mayotte only acceded to full French (and by extension European) status in 2011. Previously Mayotte was formally classed as an ‘overseas collectivity’. This status change made Mayotte France's 101st department, and its fifth department located overseas (see Saint-Mézard 2013, 55; Wood 2019, 434).

7 France also governs some territories as ‘overseas collectivities’, but as these collectivities are not located in the Indian Ocean, they are outside the scope of this study.

8 Incidentally, in 2013 AdamsNames (then registry for current and former British territories including .tc (Turks and Caicos Islands), .gd (Grenada) and .vc (Saint Vincent and the Grenadines)) was reportedly subject to a ‘corporate hijack’ by firm Key-Systems GmbH – run by a former associate of AdamsNames’ management (see Berkens 2013).