[arin-ppml] Response to the ARIN counsel's assessment of 2014-1 (Out of region use)

Eliot Lear lear at cisco.com
Mon Apr 13 03:02:39 EDT 2015

Hi Milton and others,

I don't generally comment on these sorts of things, and so please excuse
me if this comment is untimely.  I have a single comment about your
response to counsel.

On 4/12/15 10:53 PM, Milton L Mueller wrote:
> Counsel asserts:
> "...if the policy were adopted, ARIN could arguably become subject to
> the jurisdiction and laws passed by governments outside our service
> region. This may lead to ARIN being a litigant in courts of nations
> outside its service region and subject to their requirements and
> judgments. ARIN will need to accept greater legal expenditures and
> risks, as well as potentially larger costs in order to take this
> greater scope into consideration in ARIN's registry activities on an
> ongoing basis."
> Questionable. As long as ARIN permits its number resources to be used
> outside of the region, as it currently does, the same risk exists
> regardless of whether 2014-1 passes or not. Note that even ARIN’s
> Counsel states that he supports allowing network operators
> headquartered in ARIN's region to make use of ARIN-registered
> resources out of the North American region. Such cases would pose the
> same jurisdictional risks, if indeed those risks are significant. Thus
> it is unclear how 2014-1 changes anything in this regard. Note also
> that a RIPE policy in place for the past 2 and a half years has not
> led to any such problems.

If I understand what counsel is claiming, it is in a way a
contrapositive inference.  That is- because ARIN does not assign
resources to applicants who do not have a presence within its region,
there is no logical basis for assertion of jurisdiction beyond that
region.  That is- the RIR system acts as a sort of legal and political
circuit breaker so that governments do not overreach, and this proposal
would remove that isolation.

In the "What Could Possibly Go Wrong" department, there are two general
classes of things going wrong:

 1. ARIN applies local jurisdiction rules for the country of the
    applicant, in which case ARIN policies risk becoming potentially
    conflicting country-specific policies; or
 2. ARIN ignores any such jurisdictional mandate.  Further thoughts on
    this case follow.

It seems to me that there are three risks of actions a country could
take if ARIN did not apply their rules :

  * A country bans its citizens from transacting with ARIN.
  * A country bans origination of announcement of ARIN-assigned blocks
    within its borders.
  * A country either attempts a comprehensive control of the
    infrastructure through multilateral agreements with other countries,
    or simply joins in existing efforts to do so.

Today the risk is bound to countries within a region.  It is the third
case that would do the most harm to the Internet, as has been
demonstrated in previous attempts.  The way RIRs have addressed the
third case has been to engage with governments in region to discuss
their concerns.  Since you cite them in your email, I'll mention that
RIPE, for instance, has an extremely effective and useful government
roundtable.  To do so at a worldwide level leads to ICANN-like
structures.  While those structures may be necessary for ICANN, I would
hope we could avoid them here.

To your point that there is no evidence to counsel's claim, I agree with
you that the best policy is made through practical experience (a'la
"rough consensus and running code").  That has to be balanced with what
could happen if you get it wrong the first time.  This brings to the
fore whether the problem is sufficiently important to take on those
risks.  I have no opinion at this time as to that balance, nor do I have
a feel for the level of risk we are talking about.  RIPE's experience
thus far seems to indicate it's pretty low, as you point out, but that
may be because they have excellent relationships with governments in region.

Warm regards,

Eliot Lear

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20150413/05c5cf6d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 481 bytes
Desc: OpenPGP digital signature
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20150413/05c5cf6d/attachment-0001.sig>

More information about the ARIN-PPML mailing list