Islamic Republic v. Starlink: Will the ITU fragment satellite Internet?

For a long time, the Internet community feared the International Telecommunication Union (ITU), anticipating its takeover of Internet governance organizations. While some of those threats and concerns were realistic, overall ITU did not have the resources, the mandate or the legitimacy to coordinate some of the critical parts of the Internet.

There is still no real threat of ITU taking over Internet governance institutes, but a recent case of Islamic Republic v. Starlink shows so well why we need to have open, bottom up and multistakeholder processes for Internet governance and especially Internet access.

Islamic Republic v Starlink: an ITU case

During the uprising last year in Iran, there was extreme Internet disruption by the Islamic Republic, to control people and stop assemblies, protests and oppress the dissidents’ voice. Even for the Islamic Republic, the disruption was unprecedented, depriving people from using the Internet to do the simplest things, such as communicating via the Internet with their loved ones. Since most of the Internet disruption can happen through local Internet Service Providers and network operators that must crack down on access, due to governmental pressure, there were talks about how Iranians can have access to the Internet through satellite services, Starlink in specific.

The usage of Starlink is not widespread in Iran at this stage and the estimate is that only around 100 portals are active. People get Starlink devices through smugglers, and it is perilous. Though the usage of Starlink is not widespread, the Islamic Republic took a preemptive action at the international level and brought a complaint to the ITU, requesting that the Starlink portals that connect from Iran to be disabled. The full complaint does not seem to be available to the public. By reviewing the meeting minutes and the additional responses, it is possible to gain a basic understanding of what transpired and the factors the Board considers when deciding. These processes at the ITU are very opaque, and it is not clear how they work, however the complaint process is something purely multilateral and is:

ITU formed a Radio Regulations Board, which works with the Radiocommunications Regulation Bureau, which seems to be the executive arm of the Board. The ITU formed the Radio Regulations Board because it could not act on urgent matters fast enough. So they formed the Board to process complaints and come up with resolutions and decisions. How binding these decisions are is very much disputed, and it is not clear at this stage how the decisions can be appealed. 

The Board has 12 members, all government appointees (from Saudi Arabia, Azerbaijan, France, Egypt, Ghana, Italy, India, Morocco, Kazakhstan, Canada, China, Brazil). There are no expert testimonies and no academic or civil society participation in the processes. 

We can guess from the resolution that was issued in March that the Islamic Republic provided some evidence that Starlink was being used in Iran. Therefore, the Board requested the Administration of the Islamic Republic of Iran to present details of their investigation into unauthorized transmitting earth station transmissions during the 93rd Board meeting. 

During the 93rd meeting, the Board discussed Islamic Republic v. Starlink. It had asked Norway, the notifying administration of Starlink, and the US, an associated administration to the notifying administration for the satellite systems that provide STARLINK services, to provide responses to the Islamic Republic’s claims. In this meeting, the Board again asked the Bureau to assist the Administration of the Islamic Republic of Iran in its efforts and to report any progress to the 94th Board meeting.

The October “Decision”

In October 2023, the Board had its 94th meeting. Islamic Republic provided some evidence and clearly asked for Internet access through Starlink to be disabled because it contravened its national regulations (unclear how) and were operating under subscription associated addresses outside the territory, and the Islamic Republic had not received an application to grant access. 

Norway and the US provided responses to the Board. They argued ‌the Islamic Republic testing Starlink devices in Iran actually violated Starlink terms and conditions, so the tests themselves were invalid and illegal. But the Board members had difficulties accepting the answer. 

Arguments against open, free and secure Internet

Some board members (for example the representative of Morocco)argued that it is important to know if Starlink can actually geolocate access and disable access to its services where it does not provide services. But that advice was not considered. Mr. Fianko (Board member from Ghana) even went further and added that not only Starlink knows, but it actively attempts to provide its services to the Iranians he “was inclined to think an active attempt had been made to create certain opportunities for the use of Starlink in Iranian territory; that attempt was in contravention of the Radio Regulations as appropriate authorization had not been given by the administration concerned.” (Paragraph 6.5)

• Localized content and access to global Internet 

The Administration of Ghana stated it had experienced similar issues and Starlink obtained landing rights and that this rule should apply in every country worldwide. The representative then raised a concern that “It must be remembered that some administrations had concerns about the future of indigenous stations and were eager to promote local content. In that respect, he considered that the Board should clearly request Starlink to apply its conclusion in every country worldwide.” 

• Compulsory geolocation to disable access to a global, secure Internet

Some Board members also argued for compulsory geolocation. Mr Linhares de Souza Filho said: “The Board had the elements it needed to propose a straightforward

conclusion on the case: no matter where the equipment had been obtained, companies must have ways to disable operations in countries in which they were not authorized to operate.”

The Board’s decision

The Board decided that the Islamic Republic presented sufficient evidence. The evidence indicated that Starlink terminals could transmit from within its territory, and the system could determine the origin of the satellite user’s transmission. The terminals were imported illegally, and the subscription had a foreign address. Starlink also in its terms and conditions stipulates that the utilization of terminals in territories where they are not authorized is prohibited. Hence the Board argued: “the provision of transmissions from within any territories where they had not been authorized, was in direct contravention of the provisions of RR Article 18 and of, resolves 1 and 2 of Resolution 22 (WRC-19) and the resolves of Resolution 25 (WRC03) and requested the Administration of Norway, acting as the notifying administrator.” 

Why is ITU not the right venue for discussing access to Internet infrastructure? 

We have now established that this specific ITU Board in this specific case does not really care about access to a global, free, open and secure Internet. Through a scenario, we can illustrate why bottom-up and open processes really matter in Internet governance.  Imagine if this was about the domain names operated by Iranians but the services were provided from abroad. The scenario is:

• Islamic republic files a complaint to ITU (which has now in our hypothetical case taken over Internet Corporation for Assigned Names and Numbers), and asks for disabling people’s access to domain names that are issued outside of Iran. For each domain name, people should receive a license. 
• The ITU Board that receives the complaint is a multilateral process and ignores all comments from external stakeholders. Also, the evidence and processes that it has in place are more about protecting nation states’ sovereignty and not about people. 
• Nobody else from academia, civil society or technical community can provide evidence or openly take part. 
• The Board’s decision will be very clear: providing services in a territory needs a license, find ways to geolocate access and block access to domain names as the respective authoritarian regime needs.

If the satellite Internet issue was raised in an open, bottom-up process, what would happen?

Imagine this complaint had been raised in an open, bottom-up Internet governance process. Let’s say the Internet Corporation for Assigned Names and Numbers or even Internet Society was in charge of this matter. 

• Islamic Republic files a complaint to the Board against Starlink 
• The Board sends it down to a multistakeholder council that includes: the operators, civil society and academics, businesses and people with technical and legal knowledge to come up with a policy. 
• Everybody can participate in that policy-development process. Everyone, including activists and the impacted community.
• The Government Advisory Committee is mostly in favor of keeping the Internet open and secure and globally accessible, so will not side with the Islamic Republic. 
• The policy that this multistakeholder body, transparently, has come up with is more balanced. It might consider human rights (something ITU rarely considers) and a host of other operational issues. 
• The policy will be very clear: Starlink will not deny access to its services based on nationality, creed, or gender. Providers must follow their local laws only. 

Why is ITU not the right place to govern access to the Internet?

• ITU’s setup aims to protect sovereignty and facilitate a multilateral process for important decisions about access which can result in depriving other stakeholders from participating equally in some of the processes. 
• ITU disregards human rights in favor of sovereignty
• ITU disregards other stakeholders’ petitions and does not have processes in place to effectively bring those viewpoints forward

The pressing question now is: where should we govern satellite Internet, and how can we free it from the ITU?