[arin-ppml] Revision to 2007-14 -- Minor edits requested by ARIN Counsel and staff

Apologies for the late revision. Authors have been communicating with  
ARIN
counsel in an effort to refine language and try to achieve agreement  
on the content
of the policy proposal.

Changes in this revision:

	Minor edits to bring the language closer to compliance with requests  
from staff
	and legal.  Authors do not believe these edits constitute substantive  
change
	to the intent of the policy.

	Minor changes to language to improve clarity and sentence structure.
	Authors do not believe these edits constitute a substantive change to  
the
	intent of the policy.

	In fairness, not all of the requests from legal were addressed the  
way legal
	wanted.  There are limitations on ARIN contained in this proposal which
	counsel opposed. I'll leave it to legal to present those in their  
analysis
	which should come out shortly because I do not want to mis-characterize
	them.

	However, the authors have been in contact with legal and the places  
where
	we have agreed to disagree are not new to this version of the policy.


#################################################################
Policy Proposal 2007-14
Resource Review Process
Author: Owen DeLong, Stephen Sprunk
Proposal Version: 3.1
Date: 14 August 2008
Proposal type: modify
Policy term: permanent
Policy statement:
Add the following to the NRPM:
Resource Review
1. ARIN may review the current usage of any resources maintained in  
the ARIN database. The organization shall cooperate with any request  
from ARIN for reasonable related documentation.
2. ARIN may conduct such reviews:
a. when any new resource is requested,
b. whenever ARIN has reason to believe that the resources were  
originally obtained fraudulently or in contravention of existing  
policy, or
c. at any other time without having to establish cause unless a prior  
review has been completed in the preceding 24 months.
3. ARIN shall communicate the results of the review to the organization.
4. Organizations found by ARIN to be  materially out of compliance  
with current ARIN policy shall be requested or required to return  
resources as needed to bring them into (or reasonably close to)  
compliance.
4a. The degree to which an organization may remain out of compliance  
shall be based on the reasonable judgment of the ARIN staff and shall  
balance all facts known, including the organization’s utilization rate,
available address pool, and other factors as appropriate so as to  
avoid forcing returns which will result in near-term additional  
requests or unnecessary route de-aggregation.
4b. To the extent possible, entire blocks should be returned. Partial  
address blocks shall be returned in such a way that the portion  
retained will comprise a single aggregate block.
5. If the organization does not voluntarily return resources as  
requested, ARIN may revoke any resources issued by ARIN as required to  
bring the organization into overall compliance. ARIN shall follow the  
same guidelines for revocation that are required for voluntary return  
in the previous paragraph.
6. Except in cases of fraud, or violations of policy, an organization  
shall be given a minimum of six months to effect a return. ARIN shall  
negotiate a longer term with the organization if ARIN believes the  
organization is working in good faith to substantially restore  
compliance and has a valid need for additional time to renumber out of  
the affected blocks.
7. ARIN shall continue to provide services for the resource(s) while  
their return or revocation is pending, however, any maintenance fees  
assessed during that period shall be calculated as if the return or  
revocation was complete.
8. ARIN will not reclaim or revoke Legacy resources in active use,  
regardless of utilization. However, the utilization of legacy  
resources shall be considered during a review to assess overall  
compliance.
9. In considering compliance with policies which allow a timeframe  
(such as a requirement to assign some number of prefixes within 5  
years), failure to comply cannot be measured until after the timeframe  
specified in the applicable policy has elapsed. Blocks subject to such  
a policy shall be assumed in compliance with that policy until such  
time as the specified time since issuance has elapsed.

Delete NRPM sections 4.1.2, 4.1.3, 4.1.4

Remove the sentence "In extreme cases, existing allocations may be  
affected." from NRPM section 4.2.3.1.

Rationale:
Under current policy and existing RSAs, ARIN has an unlimited  
authority to audit or review a resource holder's utilization for  
compliance at any time and no requirement to communicate the results  
of any such review to the resource holder.

This policy attempts to balance the needs of the community and the  
potential for abuse of process by ARIN in a way that better clarifies  
the purpose, scope, and capabilities of ARIN and codifies some  
appropriate protections for resource holders while still preserving  
the ability for ARIN to address cases of fraud and abuse on an  
expedited basis.

The intended nature of the review is to be no more invasive than what  
usually happens when an organization applies for additional resources.  
Additionally, paragraph 2c prevents ARIN from doing excessive without- 
cause reviews.

The authors believe that this update addresses the majority of the  
feedback received from the community to date and addresses most of the  
concerns expressed.
#####

















-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.arin.net/pipermail/arin-ppml/attachments/20081006/c732cbf7/attachment-0001.html