[arin-ppml] New Version of ARIN-prop-126: Compliance Requirement
On Feb 16, 2011, at 11:53 AM, Martin Hannigan wrote:
> It's expensive and complex to respond to section 12 audits. This
> increases that expense for member orgs.
This is definitely an accurate statement; we have heard from multiple
organizations that responding to an audit can involve quite a significant
amount of work. It also requires a similar level on behalf of the ARIN
staff to process the information received.
> It gives the Corporation too much leeway to do harm to its members,
> more than the substantial amount that we already allow through
> "discretion". Discretion also results in unpredictability. Policy
> should be as predictable as possible.
Fully agreed as well. To the extent that policy requires staff discretion,
it creates significantly more exposure then those policy statements that do
not require staff discretion.
> These audits take time and people. Some of these audits also "appear"
> to be being conducted with what might be questionable "probable
> cause" as a result of tip-line like fraud reporting activity. A
> majority of the fraud reports seem to be false positives. Revocation
> is the ultimate hammer and ARIN already has that power.
The false positive rate is to be expected, as we tend to error on
the side of caution given the potential impact, and our standards
for clear violations is likely quite higher than many of those
I have no view on the policy proposal itself, but wanted to make
sure that the PPML community was apprised of the validity and
of the above statements.
President and CEO