The Star Monitor: Statistics, news and analysis in internet governance

The Star Monitor: Statistics, news and analysis in internet governance
Photo by Salah Ait Mokhtar / Unsplash

This week's newsletter catches you up on the last three months in internet standards.

The Star Monitor is a cooperative effort between Global Partners Digital and the Center for Democracy and Technology. Its aim is to help civil society organisations track discussions at internet standards bodies on a quarterly basis. Participation and leadership statistics of major plenary meetings are included, with links to each full report, when available. Hits in mainstream news, provided with context, link to their original sources. Lastly deeper analysis on key developments at each of the core fora round out the monitor. We always welcome feedback from readers to make this quarterly publication as useful as possible: You can write to or

Participation and leadership statistics

For a handy guide to internet standards and infrastructure acronyms, use ARTICLE 19’s Internet Standards Almanac. Here is a table that tracks the I-star meetings that occurred in this past quarter:

Meeting participants


All active engagement

IETF 118
4-10 Nov, Prague
(no sponsor)

32% US, 10% China, 58% all other

Google, 4

Cisco, 4

Huawei, 4

Netapp (Chair)


ICANN 78 General
21-26 Oct, Hamburg

24% NA, 41% Europe, 35% all other


20 Nov-15 Dec, Dubai

> 3900

IEEE 802.11 202
11-17 Nov, Hawaii

Huawei, < 65
MediaTek, 30
Qualcomm, < 30
Apple, < 30

NXP, 25

Intel, 5

Huawei, 4

Qualcomm, 4

HP (Chair)

< 500

21 Nov-1 Dec, Rome

DE, 127; IT, 62; NL, 79; GB 41; US 39


2-6 Oct, Brazil


19-20 Oct, San Diego

ARIN, 31


Other notable governance-level happenings during this period include a representative of Intel taking up the chairship at ETSI and 3GPP holding a meeting in Chicago in November.

News monitor

The following pulls together a curated list of the top news clips about any of the I-stars that made the industry or mainstream news, with a focus on sharing reports and reporting rather than press-release style items.


Broken down by forum, below is a deeper dive into the top items that touch on public interest issues. We include a non-exhaustive list of what’s being discussed and what’s considered controversial, whether the proposal is new or part of a broader effort. We make sure that each brief analysis ends with some action and where to go to learn more from a primary source like a version controlled document or a discussion mailing list.


Published RFCs of note:

  • A working-group document in the IETF, RFC 9501, establishes that attendees should now be able to attend IETF meetings virtually for free.
  • RFC 9505 is an informational document from the Internet Research Task Force that "describes technical mechanisms employed in network censorship that regimes around the world use for blocking or impairing Internet traffic."

In the last quarter several countries were talking about the perils of end-to-end encryption, which is something that the IETF works on quite extensively. “Messaging und Gruppen-Chats: Wie die IETF Sicherheit für Milliarden Menschen schafft.”, October 31, 2023. and Knodel, Mallory. “‘Eaten by the Internet’: A New Publication on Infrastructure.” Center for Democracy and Technology (blog), November 27, 2023. 

The threat of undermining end-to-end encryption through regulation is compounded by conversations within the IETF that challenge strong privacy assurances in standards. The IETF has been working extensively to roll out end-to-end encryption, pro-privacy protocols and more recently ensure that e2ee messaging is compliant with interoperability requirements (e.g of the Digital Markets Act). Undermining encryption would strengthen the ability of governments to carry out unchecked surveillance.

Inclusive language has been a consistent yet unresolved topic of debate in standards bodies for a few years. At the IEEE there is a current standardisation process, and as with others among SDOs, it was mostly sparked by the debate within the IETF. See also: Magby, Jamal. “Tech Talk: Talking Tech with Mallory Knodel and Niels Ten Oever On Inclusive Language in Internet Standards.” Center for Democracy and Technology (blog), December 5, 2023.

ECH was standardized at the IETF and with a growing number of implementations, centralized security solutions situated on the network– as opposed to the ends– are beginning to feel the negative effects. Moriarty, Kathleen. “Security Control Changes Due to TLS Encrypted ClientHello.” RIPE Labs, December 11, 2023.

ICANN and the RIRs

ICANN’s policy processes led to guidance in May 2019 about the issues with WHOIS vis a vis the GDPR, though this guidance was slow to implement and registries and registrars increasingly focused on compliance with local and regional jurisdictional law. In November ICANN launched a service to facilitate look up requests that meet certain requirements, but unlike WHOIS it’s a service that ICANN doesn’t really provide: the Registration Data Request Service (RDRS) simply connects requestors with registrars. See: Carlson, Gwen. “Press Release: ICANN Launches Global Service to Simplify Requests for Nonpublic Domain Name Registration Data - ICANN,” November 28, 2023.

At the end of October RIPE NCC published a new policy document on Voluntary Transfer Lock, motivated by Ukrainian internet operators who were losing their IP and ASN space to Russia.

For the past few years AFRINIC, the regional internet registry responsible for IP address allocation in Africa, has been effectively dysfunctional due to dozens of legal suits that have exploited the loose, community-driven structure of the RIR system. Last quarter, the Mauritius court, where AFRINIC is registered, has ruled that AFRINIC will be placed under receivership ( The decision is currently being challenged, but brings potential resolution to a case brought by Cloud Innovation. Regardless of outcome the community should be ready to build back in strong numbers. The AfriNIC situation has created uncertainty in the internet governance ecosystem, regionally but also globally, and it is therefore necessary for a resolution to the case to be carried out in a way that strengthens trust and reinforces a transparent community driven structure. 


At the WRC-23 there was a heated debate about the use of the 6GHz band for unlicensed spectrum, which given the particular physical characteristics of this frequency, would be ideal for expansion of new kinds of wireless networks that small internet service providers and community networks might provide to extend internet and telecommunications access. Sadly the WRC-23 outcome seems to have built toward consensus to give 6GHz to mobile operators. This will have the impact of consolidating this spectrum among a few providers and reduce market share, and ability for new entrants to the market.

The ITU was swift and vocal in denouncing the internet shutdown in Gaza, but during the opening of WRC23 Secretary General Doreen Bogdan-Martin's speech delivers a "both-sides" on the lives lost.


The Global Privacy Control (GPC) is a browser setting that allows a user to communicate their preference – and to exercise their legal rights where they have them – to opt out of sharing and selling of their personal information. This single method of opt-out gives internet users an easier way to control how their data is used for online behavioral advertising or whether their data is sold to data brokers. Today, multiple browsers, including Brave, DuckDuckGo and Mozilla’s Firefox, provide a GPC built-in setting. For other browsers, users can download a browser extension. Many websites advertise their support of the control already, and many more will do so in complying with privacy regulations. Residents of California, for example, can use GPC in their browsers today to automatically opt-out of sharing of their data when visiting publishers like the New York Times and Washington Post, or retail company websites like Nike or L.L. Bean. But in order to benefit more users and websites in more places, GPC needs to become a standard.


The implications of an architectural model that any "sender pays" ISPs, too, in addition to client subscribers, include: unequal delivery speeds, content providers avoid entering the market, higher prices for subscribers, and all without guaranteeing more and better networks. They are also far reaching: South Korea, India and the EU might enact these proposals, but the entire fabric of the global internet would be impacted, as per the Internet Architecture Board. The proposal was ultimately rejected due to its unpopularity.

The Internet Architecture Board also signed a letter against EU's eIDAS legislation: See also: Hoffman-Andrews, Jacob. “Article 45 Will Roll Back Web Security by 12 Years.” Electronic Frontier Foundation, November 7, 2023. 

Subscribe to Internet Exchange

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.