[arin-ppml] Fraud reporting question

Owen DeLong owen at delong.com
Wed Jun 24 11:51:48 EDT 2015


> On Jun 24, 2015, at 05:53 , Martin Hannigan <hannigan at gmail.com> wrote:
> 
> 
> 
> On Tue, Jun 23, 2015 at 11:45 PM, Owen DeLong <owen at delong.com <mailto:owen at delong.com>> wrote:
> 
>> On Jun 23, 2015, at 19:34 , Martin Hannigan <hannigan at gmail.com <mailto:hannigan at gmail.com>> wrote:
>> 
>> 
>> 
>> On Tue, Jun 23, 2015 at 6:11 PM, Richard Jimmerson <richardj at arin.net <mailto:richardj at arin.net>> wrote:
>> Hello Adam,
>> 
>> Thank you for submitting these questions about fraud reporting. 
>> 
>> We have found the fraud reporting system to be very helpful over the past few years. We receive many different types of fraud reports through this system. Some of them have helped ARIN begin investigations that have resulted in both the recovery of falsely registered resources and the denial of some IPv4 requests that might have otherwise been issued resources.
>> 
>> According to the fraud results page, ~2% (of 146) resulted in further investigation.
>> 
>>  That''s a problem. Either. There is no real fraud or, ARIN is powerless to deal with it. The last time ARIN updated the "Results" page appears to be September 2014 based on the last noted ticket number of ARIN-20140929-F1760.
> 
> There’s another possibility which seems entirely likely to me.
> 
> Of 146 fraud reports, 2% cover legitimate fraud. Most fraud likely goes unreported.
> 
> 
> That's possible, but I think this raises a  question. What exactly is fraud? Generally, my guess is the only person who has any clue as to what a fraud is or if its been committed is the person filling out the application. The numbers are generally null because it's near undetectable other than a whistle blower coming forward.

I’ll let ARIN staff give the definitive answer, but my understanding (which may not be 100% correct but should be relatively close) is addresses obtained or held in a manner inconsistent with the policies stated in the NRPM and/or in violation of the RSA.

> On this we agree… The form letter I suggested should contain a link to this FAQ, as should the fraud report filing page.
> 
> 
> 
> That's seems more like an abuse like auto-responder which is easy to fire and forget. I'd like to see more eyes on the complaints, but an attempt to increase the quality of what they will put eyes to.

No, I’m specifically not suggesting an auto-responder. I’m suggesting a form letter where once the eyeballs have determined the complaint is out of scope, they don’t spend a bunch of time composing a message that may or may not be 100% correct, they pull up the stock message, maybe add a couple of details relevant to why this specific report was considered out of scope, and then send it off to the requestor.

It shouldn’t be automatically sent to every requestor.

Owen

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20150624/cd61684c/attachment-0001.html>


More information about the ARIN-PPML mailing list