Introduction
ICANN84 convened in Dublin in October 2025 as the organization’s annual general meeting (AGM), the broader, more public-facing gathering compared to the focused meetings held at other points in the year. AGMs serve as occasions for leadership elections, organizational transitions, and community engagement on governance questions that extend beyond routine technical coordination. This meeting arrived as the Internet Corporation for Assigned Names and Numbers (ICANN) continues navigating persistent challenges around DNS abuse, organizational effectiveness, and its position within an evolving geopolitical landscape for internet governance.
ICANN manages critical internet infrastructure, specifically the Domain Name System (DNS) that translates human-readable web addresses into the numerical identifiers computers use to route traffic. To most internet users, this is either something they never think about (that means it is working) or is just magic. And although far from “magic,” there is a complex technical system of ICANN that coordinates domain name policy, manages the root zone file, and oversees the application of IP addresses. This is what allows us to maintain one connected and functional internet.
What does this recent meeting have to do with cyber accountability? Infrastructure is never merely technical. The DNS enables both legitimate activity and malicious operations, and questions around who should act and when reflect broader cyber governance challenges around norms and accountability frameworks. ICANN operates through a multistakeholder model where governments, private sector entities, civil society organizations, and technical experts participate in policy development processes. This structure creates both opportunities and complexities for accountability, requiring coordination across varying actors and stakeholder interests.
Technical Signals: Infrastructure and Stability
Technical working groups at ICANN84 continued work on DNS abuse and data access issues that have plagued the community for many years, issues with direct implications for combating the global scam economy and ensuring the DNS remains both operational and reliable. DNS Abuse Policy Development Processes are in the works (see a preliminary issue report on the topic here), with discussions of their appropriate scope, as well as debates about the intensity of measures to address malicious activity conducted through domain registration, abundant. These discussions are often deemed siloed within the ICANN community, and to some extent they are, but it is important to understand their implications for real-world online safety.
For example, the infrastructure decisions made in ICANN policy processes have direct consequences for cybercrime scams and online fraud network operations. When scammers register domains mimicking banks, government agencies, or popular services, they exploit the DNS’s fundamental function of creating trusted-looking addresses that victims recognize and click. When they rapidly cycle through domains to stay ahead of DNS abuse mitigation efforts, they take advantage of registration systems designed for legitimate commerce and innovation. When they obscure ownership information to frustrate investigators, they benefit from privacy protections created with entirely different use cases in mind. What appears as narrow technical debate within ICANN working groups translates into operational capabilities for criminal enterprises targeting millions of victims globally.
The challenge ICANN faces involves defining its role in disrupting these operations while respecting its technical coordination mandate. Some stakeholders argue that ICANN’s current approach — defining DNS abuse narrowly to exclude content-based judgments — leaves critical gaps in addressing scam infrastructure. Others contend that expanding ICANN’s enforcement role risks mission creep that could undermine the organization’s technical focus, create censorship vulnerabilities, and lead to increased politicization of the technical body. The debate around DNS blocking is a prime example of attempting to use a technical mechanism to prevent scams at the DNS level but has been widely criticized for its negative impact on access to end-users. Stimson’s recent analysis of national measures to combat online scams gives a broader understanding of both technical and policy measures addressing this same issue.
Understanding DNS abuse through the lens of scam economics reveals why technical solutions alone prove insufficient. Scam operations function as sophisticated criminal enterprises with resources to exploit gaps in policy, navigate enforcement limitations, and adapt to technical countermeasures. Effective disruption requires coordination across registrars, registries, law enforcement, and financial systems — precisely the kind of multi-stakeholder coordination ICANN’s model theoretically enables but struggles to operationalize at the speed and scale that scam networks demand.
Institutional Signals: The Ongoing Debate on the Future of the Multistakeholder Model
ICANN84 occurred against the backdrop of the recent WSIS+20 review process, which revisits the frameworks that originally constructed the multistakeholder model for internet governance. The recent first revision of the WSIS+20 outcomes document emphasized that “Internet governance must continue to be global and multistakeholder in nature with the full involvement of governments, the private sector, civil society, technical and academic communities, international organisations, and all other relevant stakeholders” and that “to full benefit all, [the internet] much be open, global, interoperable, stable and secure.” Language in the document also reflects a desire for increased government participation, particularly from countries that have not yet contributed to the drafting process, and some interpret this as an argument for greater state control. Many stakeholders in Dublin agreed that the most effective path forward for ICANN in the WSIS process is to continue to promote the multistakeholder model by first and foremost remaining effective and showcasing how the model works in practice.
This challenge to the multistakeholder model is not limited to the WSIS process. The recently concluded UN Open-Ended Working Group on ICTs, although affirming the applicability of international law in cyberspace and achieving consensus, left much of civil society feeling as if their participation in the process was symbolic and, at times, even challenged by a small but vocal group of Member States. This reflects a broader trend toward state‑centric negotiations and global processes on technology issues, echoed in the UN Convention on Cybercrime negotiations. While the participation modalities were not overly limiting, concerns raised by civil society were ultimately overlooked and downplayed, leading to overly expansive Treaty provisions that raise concerns about surveillance and rights. Together, these developments signal growing pressure on the multistakeholder model that has long underpinned Internet governance.
Beyond external processes, internal community concerns about organizational reviews, legitimacy, and representation surfaced repeatedly in Dublin. Questions about whether ICANN’s accountability mechanisms, drafted when the United States Department of Commerce maintained the coordination and management of the domain name system, adequately reflect stakeholder interests and whether organizational reviews produce meaningful change rather than procedural exercises highlighted persistent institutional design tensions. These debates reflect, depending on who you talk to, either a broader uncertainty about whether multistakeholder governance can adapt quickly enough to address contemporary challenges, or are reflective themselves of the model working and changing, as intended.
Conclusion: Technical Decisions, Governance Consequences
ICANN84 ultimately illustrated that technical coordination cannot be separated from the governance questions it generates. The Dublin discussions, whether focused on DNS abuse policies, the multistakeholder model of governance, or organizational accountability, all converged on fundamental tensions about who decides, how quickly decisions happen, and whether consensus-driven processes can match the operational tempo that contemporary challenges demand. This legitimacy test to the multistakeholder model speaks directly to broader cyber accountability principles: the expectation that governance measures can not only hold up their inclusive principles rhetorically but also deliver tangible results. Accountability here means demonstrating that the model can combat scam infrastructure effectively, balance privacy and security across conflicting legal regimes, and maintain global coordination when states increasingly view internet governance through sovereignty lenses. ICANN’s path forward depends less on defending the model rhetorically than on proving it can deliver results that satisfy diverse stakeholders with competing priorities. Whether the organization can navigate these tensions while preserving the inclusive processes that distinguish multistakeholder governance from traditional intergovernmental approaches remains the central question emerging from Dublin, one with implications extending far beyond domain name coordination to the broader architecture of internet governance.
Signals from Dublin: ICANN84 and the Evolution of Internet Governance
By Kathleen Scoggin
Emerging Technology
ICANN84 unfolded at a pivotal moment for Internet governance, where technical coordination intersects with questions of institutional design and global legitimacy. Discussions in Dublin revealed operational challenges such as DNS abuse and scam infrastructure as well as the difficulty of aligning consensus-driven processes with the speed and scale of contemporary threats. The seemingly never-ending question of whether multistakeholder governance can deliver results that satisfy diverse priorities while preserving inclusivity persists. These issues resonate beyond ICANN: As states increasingly frame Internet governance through sovereignty and security lenses, the legitimacy of multistakeholderism is being tested both by principle and by performance. Can these processes demonstrate cyber accountability, ensuring transparency, responsiveness, and measurable impact at a time when other global fora are making it more challenging for stakeholders to participate? ICANN’s future will hinge on its ability to prove that collaborative governance can adapt without abandoning its core ethos. The stakes extend far beyond domain name coordination, touching the credibility of multistakeholder approaches as a viable architecture.
Introduction
ICANN84 convened in Dublin in October 2025 as the organization’s annual general meeting (AGM), the broader, more public-facing gathering compared to the focused meetings held at other points in the year. AGMs serve as occasions for leadership elections, organizational transitions, and community engagement on governance questions that extend beyond routine technical coordination. This meeting arrived as the Internet Corporation for Assigned Names and Numbers (ICANN) continues navigating persistent challenges around DNS abuse, organizational effectiveness, and its position within an evolving geopolitical landscape for internet governance.
ICANN manages critical internet infrastructure, specifically the Domain Name System (DNS) that translates human-readable web addresses into the numerical identifiers computers use to route traffic. To most internet users, this is either something they never think about (that means it is working) or is just magic. And although far from “magic,” there is a complex technical system of ICANN that coordinates domain name policy, manages the root zone file, and oversees the application of IP addresses. This is what allows us to maintain one connected and functional internet.
What does this recent meeting have to do with cyber accountability? Infrastructure is never merely technical. The DNS enables both legitimate activity and malicious operations, and questions around who should act and when reflect broader cyber governance challenges around norms and accountability frameworks. ICANN operates through a multistakeholder model where governments, private sector entities, civil society organizations, and technical experts participate in policy development processes. This structure creates both opportunities and complexities for accountability, requiring coordination across varying actors and stakeholder interests.
Technical Signals: Infrastructure and Stability
Technical working groups at ICANN84 continued work on DNS abuse and data access issues that have plagued the community for many years, issues with direct implications for combating the global scam economy and ensuring the DNS remains both operational and reliable. DNS Abuse Policy Development Processes are in the works (see a preliminary issue report on the topic here), with discussions of their appropriate scope, as well as debates about the intensity of measures to address malicious activity conducted through domain registration, abundant. These discussions are often deemed siloed within the ICANN community, and to some extent they are, but it is important to understand their implications for real-world online safety.
For example, the infrastructure decisions made in ICANN policy processes have direct consequences for cybercrime scams and online fraud network operations. When scammers register domains mimicking banks, government agencies, or popular services, they exploit the DNS’s fundamental function of creating trusted-looking addresses that victims recognize and click. When they rapidly cycle through domains to stay ahead of DNS abuse mitigation efforts, they take advantage of registration systems designed for legitimate commerce and innovation. When they obscure ownership information to frustrate investigators, they benefit from privacy protections created with entirely different use cases in mind. What appears as narrow technical debate within ICANN working groups translates into operational capabilities for criminal enterprises targeting millions of victims globally.
The challenge ICANN faces involves defining its role in disrupting these operations while respecting its technical coordination mandate. Some stakeholders argue that ICANN’s current approach — defining DNS abuse narrowly to exclude content-based judgments — leaves critical gaps in addressing scam infrastructure. Others contend that expanding ICANN’s enforcement role risks mission creep that could undermine the organization’s technical focus, create censorship vulnerabilities, and lead to increased politicization of the technical body. The debate around DNS blocking is a prime example of attempting to use a technical mechanism to prevent scams at the DNS level but has been widely criticized for its negative impact on access to end-users. Stimson’s recent analysis of national measures to combat online scams gives a broader understanding of both technical and policy measures addressing this same issue.
Understanding DNS abuse through the lens of scam economics reveals why technical solutions alone prove insufficient. Scam operations function as sophisticated criminal enterprises with resources to exploit gaps in policy, navigate enforcement limitations, and adapt to technical countermeasures. Effective disruption requires coordination across registrars, registries, law enforcement, and financial systems — precisely the kind of multi-stakeholder coordination ICANN’s model theoretically enables but struggles to operationalize at the speed and scale that scam networks demand.
Institutional Signals: The Ongoing Debate on the Future of the Multistakeholder Model
ICANN84 occurred against the backdrop of the recent WSIS+20 review process, which revisits the frameworks that originally constructed the multistakeholder model for internet governance. The recent first revision of the WSIS+20 outcomes document emphasized that “Internet governance must continue to be global and multistakeholder in nature with the full involvement of governments, the private sector, civil society, technical and academic communities, international organisations, and all other relevant stakeholders” and that “to full benefit all, [the internet] much be open, global, interoperable, stable and secure.” Language in the document also reflects a desire for increased government participation, particularly from countries that have not yet contributed to the drafting process, and some interpret this as an argument for greater state control. Many stakeholders in Dublin agreed that the most effective path forward for ICANN in the WSIS process is to continue to promote the multistakeholder model by first and foremost remaining effective and showcasing how the model works in practice.
This challenge to the multistakeholder model is not limited to the WSIS process. The recently concluded UN Open-Ended Working Group on ICTs, although affirming the applicability of international law in cyberspace and achieving consensus, left much of civil society feeling as if their participation in the process was symbolic and, at times, even challenged by a small but vocal group of Member States. This reflects a broader trend toward state‑centric negotiations and global processes on technology issues, echoed in the UN Convention on Cybercrime negotiations. While the participation modalities were not overly limiting, concerns raised by civil society were ultimately overlooked and downplayed, leading to overly expansive Treaty provisions that raise concerns about surveillance and rights. Together, these developments signal growing pressure on the multistakeholder model that has long underpinned Internet governance.
Beyond external processes, internal community concerns about organizational reviews, legitimacy, and representation surfaced repeatedly in Dublin. Questions about whether ICANN’s accountability mechanisms, drafted when the United States Department of Commerce maintained the coordination and management of the domain name system, adequately reflect stakeholder interests and whether organizational reviews produce meaningful change rather than procedural exercises highlighted persistent institutional design tensions. These debates reflect, depending on who you talk to, either a broader uncertainty about whether multistakeholder governance can adapt quickly enough to address contemporary challenges, or are reflective themselves of the model working and changing, as intended.
Conclusion: Technical Decisions, Governance Consequences
ICANN84 ultimately illustrated that technical coordination cannot be separated from the governance questions it generates. The Dublin discussions, whether focused on DNS abuse policies, the multistakeholder model of governance, or organizational accountability, all converged on fundamental tensions about who decides, how quickly decisions happen, and whether consensus-driven processes can match the operational tempo that contemporary challenges demand. This legitimacy test to the multistakeholder model speaks directly to broader cyber accountability principles: the expectation that governance measures can not only hold up their inclusive principles rhetorically but also deliver tangible results. Accountability here means demonstrating that the model can combat scam infrastructure effectively, balance privacy and security across conflicting legal regimes, and maintain global coordination when states increasingly view internet governance through sovereignty lenses. ICANN’s path forward depends less on defending the model rhetorically than on proving it can deliver results that satisfy diverse stakeholders with competing priorities. Whether the organization can navigate these tensions while preserving the inclusive processes that distinguish multistakeholder governance from traditional intergovernmental approaches remains the central question emerging from Dublin, one with implications extending far beyond domain name coordination to the broader architecture of internet governance.
Recent & Related