[arin-ppml] ARIN board accountability to network operators (was: RE: [arin-discuss] Term Limit Proposal)
jcurran at arin.net
Thu Mar 27 05:15:33 EDT 2014
On Mar 27, 2014, at 3:37 PM, David Huberman <David.Huberman at microsoft.com> wrote:
> I think the true problem may a combination of:
> - the reality of how network operators are participating
> in ARIN; and
> - the brand new risks which the ARIN corporate governance
> model now presents to the network operator community in
> light of the United States Government's announcement of
> its plans to relinquish its oversight role; and in turn
> - the question of whether the American Registry for Internet
> Numbers Ltd., as currently incorporated in the Commonwealth
> of Virginia, is serving the network operator community in an
> accountable manner.
An excellent (and timely) set of topics for discussion!
> Point 1. - "low participation"
> Succinctly, the number of network operators actively participating
> in the PDP is frighteningly low, and thus ARIN as an administrative
> body with a mission of multi-stakeholder, bottoms-up participation,
> could be judged as modestly failing.
Interestingly, you conflate two items in the above logic - you have
equated the "level of network operators participating in the PDP"
to a measure of ARIN's success of accomplishing its mission.
This would imply that if we were to ever achieve extremely stable
policy, ARIN would not be successful unless we stimulated policy
development for its own sake, i.e. as an explicit goal of the system.
I do not believe that many would support that direction, and while I
do feel that getting increased levels of participation in the policy
development process is indeed desirable, that needs to be the result
of network operators finding it useful to participate and not as a
goal in and of itself.
> There have been many good effort made recently by ARIN to
> fix this, including the good idea to have a PPC at NANOG. But
> I have witnessed a few of these, and I think it's fair to say these
> are failing, too. The participants are mostly the same people who
> attend the ARIN PPM. The network operators ARIN is trying
> to engage are opting to not attend or participate in the PPCs.
> (The lack of participation at the PPC in Phoenix was especially
> troubling to me.)
The PPC's at NANOG are successful from the perspective of allowing for
additional face-to-face exploration of policy proposals and any related
issues. Understanding the nuances of a given proposal can be challenging
the mailing list, and so the face-to-face discussion can be quite useful
even if lightly attended. I do think that everyone realizes that the
number of participants is relatively low compared to an ARIN policy
consultation, and thus it may be better to hold off until an ARIN meeting
before attempting to measuring support for advancing or abandoning a
I'm very much interested in any suggestions that you might have for
improving participation in the policy development process, but again
I am not certain I'd agree that the level of disinterest in the work
involved in number policy development somehow equates with an ARIN
> Point 2. - "USG is leaving the nest"
> Today the Board is accountable for its actions not only by virtue
> of elections and recalls, but because there is an emergency lever
> to pull if things get ugly. Tomorrow, that lever will not be there.
> The buck will truly stop at the Board's doorstep.
You are correct with respect to the Board being accountable today due to
several factors: elections, recalls, and the potential, even if remote,
of USG intervention in case of severe ARIN misalignment with the community.
Note that there are also some other mechanisms which provide a form of
"hard" accountability which you omitted: contractual terms and arbitration
in the registration services agreements, the ability to seek redress in
a court if ARIN isn't performing per its incorporation and bylaws, etc.
(These are in addition to "soft' mechanisms such as reviews by ICANN
and stakeholders via ASO relationship, IETF or NANOG queries regarding
performance, RIR "peer pressure", etc. - let's omit these for now)
I believe that the Board, as an elected body, is indeed accountable
to this community, but it is my view as well that these mechanisms
are well worth reviewing, as the loss of the (largely symbolic) USG
oversight means that some future Board could indeed take rash actions
not supported by the community, and even if there are mechanisms today
in the Bylaws to provide recourse, I do not see any clear assurance
that they would be still be present or potent some time in the future.
There is also an excellent related question that applicable to the
entire Internet identifier system regarding whether there are hard
requirements for mechanisms such as "membership organizations" and
"open and transparent policy development", and if so, should these
be constitutionally mandated for all of these organizations, and
how exactly would that be implemented? Folks interested in such
should look at the IANA Transition mail that I sent earlier this
week and get involved, but there is no reason that ARIN can't be
proactive in strengthening its governance practice even while such
discussions are underway.
> Part 3. - "the board isn't sufficiently accountable"
> The first two parts ("low participation" and "USG is leaving the
> nest") neatly form the crux of the problem:
> - the ARIN board, under its current bylaws, may not be
> sufficiently accountable to the network operator community
> it is supposed to be serving.
Again, we've got a logic issue due to your use of policy development
participation as a measure, but let's substitute the 600 organizations
who participated in elections and then noting that is still a fairly
small subset of total resource holders in the region, I think your
problem statement is a reasonable question to ask. I would answer
"yes" (that the Board is accountable based on the presently existing
structures and ability for parties to participate; I understand you
might see it differently.
> In the hypothetical above where the Board wipes out inverse
> mappings for most of the north American internet, the
> community of network operators do not have a strong
> enough lever to stop malfeasance before ARIN does
> irreparable harm. And because the operator community
> is clearly NOT participating in significant numbers, the
> problem is worse than the hypothetical lays out.
You hypothecate an extreme case; one which is based on the community
first electing numerous persons whose judgement is apparently quite
different than expected - perhaps that is one place to start your
In addition, if there are certain principles which should be inherently
part of ARIN regarding how we operate or who we serve, perhaps these
should be discussed by the community to see if there is a common view.
If that exists, it would be possible to set up mechanisms which would
provide for community notice, consultation (or more) to change. Note
that we have been looking into such structures already for ARIN as a
result of last year's Mission Statement change - while it was primarily
administrative in nature, the community rightly raised that such changes
should not happen without prior community discussion.
> I don't have great answers to offer yet. Wiser and smarter
> heads than mine must be put to this task, I think. I really
> hope that we can find a way to open up ARIN participation
> in a meaningful way, and not fall back on the argument that
> we have a structure and people choose not to participate
> and that's on them. I hope we can conduct this task openly
> and transparently, and not assign a committee of three
> BOARD members to solve the problem.
I've provided a few suggestions to start above, and this list seems to
be quite open and transparent, so per above you just need to recruit
some "wiser and smarter heads" to put to the task... (while neither,
I am available if any questions arise during your efforts :-)
President and CEO
More information about the ARIN-PPML