Ericsson

P.O. Box 6049 Leesburg VA 20178 United States of America joel.halpern@ericsson.com

IETF Administration LLC

1000 N. West Street, Suite 1200 Wilmington DE 19801 United States of America jay@staff.ietf.org

anticompetitive competition law policy compliance recommendations This document provides education and guidance for IETF participants on compliance with antitrust laws and how to reduce antitrust risks in connection with IETF activities.

Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are candidates for any level of Internet Standard; see Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at .

Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents () in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.

Table of Contents

• .  Introduction
• .  Background
  • .  A Note About Terminology
  • .  Purpose of Antitrust or Competition Law
  • .  Overlapping Areas of Concern
• .  Existing IETF Antitrust Compliance Strategy
• .  Additional Recommendations
  • .  Topics to Avoid
  • .  Obtaining Independent Legal Advice
  • .  Escalating Antitrust-Related Concerns
• .  IANA Considerations
• .  Security Considerations
• .  References
  • .  Normative References
  • .  Informative References
• Authors' Addresses

Introduction Standards development frequently requires collaboration between competitors. Cooperation among competitors can spark concerns about antitrust law or competition law violations. This document is intended to educate IETF participants about how to reduce antitrust risks in connection with IETF activities. Nothing in this document changes existing IETF policies.

Background

A Note About Terminology "Antitrust law" and "competition law" are used synonymously in this document. "Antitrust" is the word that is used in the US and in several other jurisdictions; "competition law" is the terminology used in Europe and in many other jurisdictions. There can be some nuanced differences between how different jurisdictions address this general area of law, and sometimes people use the terminology differently to highlight these nuances, but here they are being used as synonyms.

Purpose of Antitrust or Competition Law The U.S. Department of Justice states that "the goal of the antitrust laws is to protect economic freedom and opportunity by promoting free and fair competition in the marketplace. Competition in a free market benefits consumers through lower prices, better quality and greater choice. Competition provides businesses the opportunity to compete on price and quality, in an open market and on a level playing field, unhampered by anticompetitive restraints" . Similarly, the European Commission states that the purpose of its competition law rules is "to make EU markets work better, by ensuring that all companies compete equally and fairly on their merits" which "benefits consumers, businesses and the European economy as a whole" . Fundamentally, antitrust or competition laws are designed to facilitate open, fair, robust competition, ultimately to benefit consumers.

Overlapping Areas of Concern There are two overlapping areas of concern the IETF has in connection with antitrust compliance:

• Most acutely, the IETF cannot have anyone who is officially representing the IETF, in any capacity, engage in anticompetitive behavior and create liability for the IETF.
• Additionally, the IETF cannot be a forum where participants engage in anticompetitive behavior, even if direct liability for that behavior falls on those participants and not the IETF, to avoid reputational harm to the IETF.

Existing IETF Antitrust Compliance Strategy Compliance with the BCPs and other relevant policies that document the established rules and norms of the IETF facilitates compliance with antitrust law, as the IETF structure and processes are designed to mitigate antitrust risks. As a reminder, participants are required to comply with the following policies:

• The Internet Standards Process as described in BCP 9 , which is designed to "provide a fair, open, and objective basis for developing, evaluating, and adopting Internet Standards" (RFC 2026) and provides robust procedural rules, including an appeals process.
• The Working Group Guidelines and Procedures described in BCP 25 , which emphasize requirements for "open and fair participation and for thorough consideration of technical alternatives" (RFC 2418) and describe the IETF's consensus-based decision-making processes.
• The IETF framework that participants engage in their individual capacity, not as company representatives (see and ), and "use their best engineering judgment to find the best solution for the whole Internet, not just the best solution for any particular network, technology, vendor, or user," as described in RFC 7154 .
• The IETF's intellectual property rights policies as set forth in BCP 78 and BCP 79 . These policies are carefully designed to "benefit the Internet community and the public at large, while respecting the legitimate rights of others" (RFC 8179).
• The established conflict of interest policies, such as the IESG Conflict of Interest Policy, the IAB Conflict of Interest Policy, or the IETF LLC Conflict of Interest Policy, if and when applicable.

Additional Recommendations The most important recommendation is for IETF participants to rigorously follow all applicable IETF policies as set out in . This section provides more information about:

• certain topics that are generally inappropriate for discussion in a standards-setting environment,
• the importance of participants obtaining independent legal advice, as appropriate, and
• paths to escalate antitrust-related concerns.

Topics to Avoid While IETF participants are expected to participate as individuals, their actions could still be construed as representing their employer, whatever their role. Therefore, participants should be aware that some topics are generally inappropriate for discussion in a standards-setting environment where representatives from competitors to their employer are likely to be present. These topics include the following:

• discussion about product pricing or profit margins among potential competitors,
• the details of business relationships between specific vendors and customers,
• details about the supply chains of specific companies,
• discussions about market opportunities for specific companies, and
• employee compensation or benefits among potentially competitive employers.

While not all discussions of these topics would necessarily be antitrust violations, and recognizing that analysis of antitrust considerations will be different for differently positioned participants, prudence suggests that avoiding these specific topics in the context of the collaborative IETF process best mitigates antitrust risks for the IETF and its participants. Note that antitrust law reaches beyond these topics, however. For example, any behavior that amounts to an agreement to restrain marketplace competition, or that facilitates monopolization of particular markets, raises potential antitrust risks. Participants are responsible for ensuring that their conduct does not violate any antitrust laws or regulations.

Obtaining Independent Legal Advice All IETF participants are expected to behave lawfully when engaged in IETF activities, including by following applicable antitrust law. The IETF does not provide legal advice to participants, and instead recommends that participants obtain independent legal advice as needed.

Escalating Antitrust-Related Concerns Participants can report potential antitrust issues in the context of IETF activities by contacting IETF legal counsel (legal@ietf.org) or via the IETF LLC whistleblower service . Note that reports will only be assessed for their impact upon the IETF; participants directly impacted by an antitrust issue are responsible for obtaining their own legal advice.

IANA Considerations This document has no IANA actions.

Security Considerations This document introduces no known security aspects to the IETF or IETF participants.

References Normative References This memo documents the process used by the Internet community for the standardization of protocols and procedures. It defines the stages in the standardization process, the requirements for moving a document between stages and the types of documents used during this process. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Advancing a protocol to Draft Standard requires documentation of the interoperation and implementation of the protocol. Historic reports have varied widely in form and level of content and there is little guidance available to new report preparers. This document updates the existing processes and provides more detail on what is appropriate in an interoperability and implementation report. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. This document updates the Internet Engineering Task Force (IETF) Standards Process defined in RFC 2026. Primarily, it reduces the Standards Process from three Standards Track maturity levels to two. This memo documents an Internet Best Current Practice. This document updates RFC 2026 to no longer use STD 1 as a summary of "Internet Official Protocol Standards". It obsoletes RFC 5000 and requests the IESG to move RFC 5000 (and therefore STD 1) to Historic status. RFC 2026 describes the review performed by the Internet Engineering Steering Group (IESG) on IETF Proposed Standard RFCs and characterizes the maturity level of those documents. This document updates RFC 2026 by providing a current and more accurate characterization of Proposed Standards. This document removes a limit on the number of Area Directors who manage an Area in the definition of "IETF Area". This document updates RFC 2026 (BCP 9) and RFC 2418 (BCP 25). This document requires that the IETF never publish any IETF Stream RFCs without IETF rough consensus. This updates RFC 2026. In RFC 9280, responsibility for the RFC Series moved to the RFC Series Working Group and the RFC Series Approval Board. It is no longer the responsibility of the RFC Editor, and the role of the IAB in the RFC Series is altered. Accordingly, in Section 2.1 of RFC 2026, the sentence "RFC publication is the direct responsibility of the RFC Editor, under the general direction of the IAB" is deleted. This document describes the guidelines and procedures for formation and operation of IETF working groups. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. This document is an update to RFC 2418 that gives WG chairs explicit responsibility for managing WG mailing lists. In particular, it gives WG chairs the authority to temporarily suspend the mailing list posting privileges of disruptive individuals. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. IETF Participants must not engage in harassment while at IETF meetings, virtual meetings, or social events or while participating in mailing lists. This document lays out procedures for managing and enforcing this policy. This document updates RFC 2418 by defining new working group guidelines and procedures. This document updates RFC 7437 by allowing the Ombudsteam to form a recall petition without further signatories. The IETF Anti-Harassment Procedures are described in RFC 7776. The IETF Administrative Oversight Committee (IAOC) has been replaced by the IETF Administration LLC, and the IETF Administrative Director has been replaced by the IETF LLC Executive Director. This document updates RFC 7776 to amend these terms. RFC 7776 contained updates to RFC 7437. RFC 8713 has incorporated those updates, so this document also updates RFC 7776 to remove those updates. This document provides a set of guidelines for personal interaction in the Internet Engineering Task Force. The guidelines recognize the diversity of IETF participants, emphasize the value of mutual respect, and stress the broad applicability of our work. This document is an updated version of the guidelines for conduct originally published in RFC 3184. The IETF policies about rights in Contributions to the IETF are designed to ensure that such Contributions can be made available to the IETF and Internet communities while permitting the authors to retain as many rights as possible. This memo details the IETF policies on rights in Contributions to the IETF. It also describes the objectives that the policies are designed to meet. This memo obsoletes RFCs 3978 and 4748 and, with BCP 79 and RFC 5377, replaces Section 10 of RFC 2026. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. The IETF policies about Intellectual Property Rights (IPR), such as patent rights, relative to technologies developed in the IETF are designed to ensure that IETF working groups and participants have as much information as possible about any IPR constraints on a technical proposal as early as possible in the development process. The policies are intended to benefit the Internet community and the public at large, while respecting the legitimate rights of IPR holders. This document sets out the IETF policies concerning IPR related to technology worked on within the IETF. It also describes the objectives that the policies are designed to meet. This document updates RFC 2026 and, with RFC 5378, replaces Section 10 of RFC 2026. This document also obsoletes RFCs 3979 and 4879. Informative References U.S. Department of Justice Antitrust Division European Commission IETF Administration LLC IETF Administration LLC

Authors' Addresses Ericsson

P.O. Box 6049 Leesburg VA 20178 United States of America joel.halpern@ericsson.com

IETF Administration LLC

1000 N. West Street, Suite 1200 Wilmington DE 19801 United States of America jay@staff.ietf.org