Proposal
1.0 Summary of the Problem Being Addressed by this Policy Proposal
As Internet Number resources are finite, their allocation is based on the operational needs of end-users and Internet Services Providers, while avoiding stockpiling in accordance with RFC7020, IPv4 Allocation Policy CPM 5.5, IPv6 Allocation and assignment policy CPM 6.5 and Policy for Autonomous System Numbers (ASN) Management in the AFRINIC region CPM 7.0.Section 4 of the Registration Service Agreement (RSA) provides the framework for investigations of the usage of allocated Internet Number resources, defines members’ obligation to cooperate and the measures to be taken by AFRINIC in case of failure to comply. The lack of such investigation or regular control can lead to inefficient usage of the Internet Number resources, to stockpiling and other type of abuses.
2.0 Summary of How this Proposal Addresses the Problem
In order to ensure efficient and appropriate use of resources, AFRINIC shall conduct regular reviews of resource utilization held by its members. This would allow recovery of any type of resource, where usage is not in compliance with the RSA. Those resources can be reallocated for better usage.
3.0 Proposal
The policy proposal will modify the CPM by inserting a new section 13 as follows:
13.0 Internet Number Resources Review
Regular reviews of resource utilization are conducted by AFRINIC to ensure efficient and appropriate usage of resources. This allows for recovery of any type of resource where usage is not in compliance with the RSA; to allow such resources to be reallocated for better usage.
13.1 Reviews shall be based on compliance with the terms outlined in the RSA and Allocation/Assignment Policies.
13.2 Reviews cover all allocated/Assigned resources, but priority goes to IPv4 and ASN mappable to two-octet ASNs.
13.3 Classes of review: Members to be reviewed shall be selected according to the following classes:
13.3.1 Random
The member is chosen by AFRINIC at random between members of the following categories:
- Medium and above
- IPv6-only Large
- EU-AS
13.3.2 Selected
A member is selected because of an internal report or due to a lack of contact between the AFRINIC and the member.
13.3.3 Reported: Here, members are reviewed either because:
- They have requested the review themselves or;
- There has been a community complaint made against them that warrants investigation. Complaints shall be backed by evidence and AFRINIC staff shall evaluate the facts as appropriate to conduct the review. However, this review is not applicable to a member with the same resources portfolio on which a full review has been completed in the preceding 24 months.
13.4 In case of non-compliance and if evidence has been established in accordance with:
- Breach of AFRINIC policies
- Breach of the provisions of the registration service agreement or other legal agreements between the organization holding the resource and AFRINIC.
AFRNIC shall initiate the resource recovery process. AFRINIC shall attempt to contact the organization and correct any discrepancy towards the RSA. If the situation cannot be rectified, AFRINIC shall publish the resources to be recovered for a period of three (3) months; during which the organization may at any time, seek compliance. After this period, the resource shall be recovered and therefore the records of the previous holder of the recovered resource shall be updated in AFRINIC’s databases. Any Internet Number Resources recovered under this policy may be assigned/allocated under existing Allocation and Assignment Policies.
13.5 Appeal procedure
The review shall be conducted in full transparency and neutrality.
Reviewed members who are not satisfied have the right to appeal against the result.
Appeals shall follow an arbitration process as defined by AFRINIC, which shall publish the process and the pool of arbitrators whom shall be knowledgeable volunteers from the community. The outcome of the arbitration process is unequivocal.
13.6 Compliance Report
AFRINIC shall publish an annual report describing review activities, in accordance with Mauritius Data Protection Act and NDA with members.
The authors thank Mr. Alain AINA for his contribution in the development of this Policy proposal.
The authors also thank the community for the discussions and contributions.