WCIT WATCH: Why one word can matter: The ROA v. OA debate at the WCIT
10:55am | 10 December 2012 | by Matt Friedman,
Whether the revised International Telecommunication Regulations (ITRs) should use the term “Recognized Operating Agency” (ROA) or “Operating Agency” (OA), while a seemingly esoteric debate to many, is proving to be a controversial topic at the World Conference on International Telecommunications (WCIT). Currently, the debate is being addressed by a high-level working group reporting directly to the Conference Chairman. The result of this debate will determine whether the ITRs are going to apply only to large companies with operating licenses (like telecoms and broadcasters) or anyone with a wifi hotspot.
The current ITRs, adopted in 1988, ultimately regulate governments. Some provisions directly regulate the behavior of member states, while others regulate “administrations,” which are confined solely to governmental departments or services. As “administrations” is defined in the ITU’s Constitution, it cannot be redefined at the WCIT. However, the international telecommunications regulatory environment has changed drastically over the last 25 years and the use of “administrations” no longer accurately reflects how telecommunications traffic is handled in practice. Indeed, most international telecommunications traffic is handled by mutual agreement between private (corporate) entities. Accordingly, there is consensus among member states that a change in language is needed. The fight though, is over the new terminology that should be used - ROA or OA.
Like “administration,” both of these terms are defined in the ITU Constitution. An OA is “[a]ny individual, company, corporation, or governmental agency which operates a telecommunication installation intended for an international telecommunication service or capable of causing harmful interference with such a service.” An ROA, in turn, is any OA that operates a public correspondence or broadcasting service, and which has been licensed by a member state to operate telecommunications. The fundamental difference then, between these terms, is simple. An OA includes virtually any actor that operates a server, router, or other telecommunication installation or a device capable of causing interference, while ROAs are entities -- almost entirely companies -- that have been granted a specific license by a member state (think telecoms and TV broadcasters).
Yet, as Portugal has noted on the floor of the WCIT, use of the term OA would sweep in private network operators, private leased line networks of commercial providers, and amateur radio operators. For example, consider the Society for Worldwide Interbank Financial Telecommunication (SWIFT), which hosts a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardized and reliable environment. In other words, an international wire transfer. As a members-only global network that only banks meeting strict security standards can join, SWIFT’s network is a private one. Further, this transmission of information undoubtedly qualifies as telecommunication as defined by the ITU Constitution, thus making SWIFT an operating agency. However, as they are not licensed by member states to operate telecommunications, they would not qualify as an ROA.
We at Access do not believe that regulating these entities is a proper role of the ITRs, and by extension, the ITU. A proposal by Cameroon, for example, calls for OAs to determine by mutual agreement the international routes to be used, and then grants member states the “right to know how its traffic is routed” and “the right to impose any routing regulations in this regard.” Together, these proposals appear to grant member states the right to know and the right to regulate the routes that SWIFT, an entity running a private network entirely disconnected from public communications networks, uses. It is unclear what benefits would derive from granting member states this right; while allowing member states to surveil and restrict the routes used to carry sensitive information such as this opens the door to “arbitrary or unlawful interference with...privacy,” in violation of Article 17 of the International Covenant on Civil and Political Rights.
Other entities who would be brought under the ITR framework if the OA terminology is used, such as amateur radio operators, are generally small in scale. This is reflected in the fact that they are unlicensed and therefore largely unregulated by the member states in whose territory they exist. Falling within the scope of the ITRs could subject these entities to burdensome regulatory mandates, such as taking “appropriate measures” for ensuring network security and preventing the propagation of spam, which would almost assuredly chill engagement in these activities.
Further, use of ROA more accurately retains the original scope of the current ITRs, which focus on regulating governments, because only entities that member states have specifically designated for international regulation, through licensing agreements, would fall under the scope of the ITRs if this definition is used.
By becoming party to the ITRs, member states necessarily give up some sovereignty. However, through limiting the applications of the ITRs to only those entities a member state specifically believes should be regulated, some of this sovereignty is maintained. As member states can better account for the activities of entities in their territory, and thus determine whether regulation is necessary, requiring member state action through licensing before an entity can fall under the scope of the ITRs better ensures that minor entities are not threatened by burdensome regulation. For these reasons, we recommend in the most emphatic terms that the term ROA, and not OA, should be used throughout the revised ITRs.