Summary

  • The stable public record does not reveal one self-contained notice issued in June 2021: it reveals a chain beginning with a 23 June 2020 letter, followed by a 10 March 2021 show-cause letter and an 8 July 2021 decision to terminate membership and reclaim resources.
  • That fragmented chronology matters because a member cannot answer a case fairly unless the institution identifies the controlling agreement, alleged facts, supporting evidence, required cure, decision-maker and operational consequence in a coherent record.
  • The Supreme Court judgment of 7 July 2021 disposed of an interim application on preliminary procedural grounds; it did not establish the merits of AFRINIC's underlying contractual allegations and should not have been narrated as if it had done so.
  • A 90-day allowance for affected users was a continuity measure, not a substitute for a remedy available to Cloud Innovation before account access, registration authority and resource status were altered.
  • The durable lesson is institutional rather than partisan: registry revocation should pass through independent, suspensive and technically informed review before disputed authority is converted into operational fact.

There was no single clean notice

The title by which this episode is remembered is tidier than the documentary record. The available public material does not establish a discrete, comprehensive revocation notice dated in June 2021. It establishes several different acts that are often compressed into one. AFRINIC wrote to Cloud Innovation on 23 June 2020 about alleged breaches. Cloud Innovation answered on 13 July 2020. AFRINIC sent a further letter on 10 March 2021, required a response or remedial action within 30 days, and reserved a decision on termination and reclamation. Litigation began later that month.

On 7 July 2021, a Judge in Chambers set aside interim protection on preliminary objections. On 8 July, AFRINIC's board resolved to terminate the resource membership, freeze the member account and allow 90 days before actual reclamation. A public notice followed.

This is not pedantry over dates. A coercive administrative process has to tell the affected party when investigation ended, when a charge crystallised, when the response period began, when the decision was made and when consequences would occur. If those moments are dispersed across letters, litigation, minutes and public announcements, no entity can easily identify the record that had to be answered. A later institutional chronology may assemble the dates, but it cannot retrospectively supply whatever evidence, reasons or remedy instructions were absent when the power was exercised.

The distinction also protects factual integrity. AFRINIC's current litigation account characterises the dispute in firm terms. Cloud Innovation's releases characterise it in the opposite direction. Each is evidence of a party's position, not a neutral finding. The letters, board minutes and judgments carry different evidentiary weight. They should not be fused into a morality tale in which one date proves the next. The task is to reconstruct who knew what, under which instrument, before which consequence.

The core defect is therefore visible before anyone decides whether Cloud Innovation complied with its contractual obligations. A registry capable of changing the authoritative administrative status of millions of addresses needs a notice process that can be understood without retrospective archaeology. If the case cannot be stated cleanly, the exercise of power cannot be audited cleanly either.

Merits and procedure answer different questions

Cloud Innovation may have breached its agreement, or AFRINIC may have interpreted the agreement too broadly, or different blocks and periods may yield different answers. Those are merits questions. They require the applicable contract version, allocation requests, representations, actual use, policy text, correspondence and evidence linking each alleged fact to each contractual obligation. This article does not decide them.

Procedure asks a prior set of questions. Was the member given the case it had to meet? Could it inspect enough of the supporting material to answer intelligently? Was a cure possible, and if so was the required act specified? Did the decision-maker consider the response actually given? Were reasons recorded? Could a reviewer preserve the position while examining the dispute? Did the institution distinguish membership termination from account restrictions, registration changes and eventual reclamation?

A strong merits case does not make those questions decorative. On the contrary, concentrated administrative power requires stronger procedure precisely when officials are convinced of the result. Confidence can compress inquiry. An allegation repeated for months can begin to feel proved. A court victory on a preliminary point can be mistaken for judicial endorsement of the underlying charge. A board can read the expiry of a contractual period as a licence to move, even when the dispute over what was required remains unresolved.

Good procedure benefits the institution as well as the member. It creates a contemporaneous record showing that the relevant version of the agreement was identified, evidence was disclosed to the extent possible, counterevidence was considered and the remedy was matched to the proved breach. If the decision later reaches court, the registry can defend an intelligible act rather than a sequence of escalating communications. If the decision is reversed, a suspensive process prevents avoidable harm.

The proposition is not that procedure defeats substance. It is that substance becomes institutionally trustworthy only through a process capable of exposing error. A registry that treats review as obstruction weakens the legitimacy of every correct enforcement decision it makes.

The 10 March letter was a charge, a demand and a threat

The publicly available 10 March 2021 letter is the most concrete starting point. It referred back to the June 2020 exchange. It asserted that AFRINIC's assessment showed address space originating services outside the registered country and outside the AFRINIC service region. It invoked section 6 of the bylaws and several clauses of the Registration Service Agreement. It also contended that current use was inconsistent with needs expressed when resources were requested and that changes had not been properly notified.

The letter then required Cloud Innovation to submit a change request, ensure compliance and provide supporting information. It stated that AFRINIC would consider the merits of any request and decide, in its sole discretion, whether to terminate the agreement and reclaim the resources. It disclaimed liability for loss arising from the notice or action taken under it.

That combination matters. A notice can perform at least four functions: identify alleged facts, state the legal or contractual rule, specify a cure, and warn of a consequence. When these functions are bundled, clarity about each is essential. The recipient must know whether the institution is still investigating, has made provisional findings, or has already concluded that a breach occurred. It must know whether the change request is a genuine route to compliance or merely material to mitigation. It must know which use could continue, which had to stop and what proof would satisfy the decision-maker.

The public letter states conclusions about an extensive assessment, but the stable copy does not itself display the underlying dataset, sampling frame, address-by-address findings or method for inferring service origin. That does not prove the evidence did not exist or was not separately available. It defines an evidentiary limit. The notice's fairness cannot be judged merely from the confidence of its wording. The relevant inquiry is what Cloud Innovation actually received in time to answer and whether it could test the method.

The liability disclaimer also exposes an imbalance. The registry reserved broad discretion and attempted to exclude responsibility while contemplating action with foreseeable effects on customers. Even if valid as a contractual clause, such wording cannot substitute for disciplined decision-making. The more extensive the asserted immunity, the more important independent review becomes.

A conclusion is not the evidence for the conclusion

Internet-number disputes tempt institutions to rely on technical authority. A registry can inspect allocation records, contact data, routing observations and submitted justifications. It therefore possesses information that a court or member may not readily assemble. That expertise is necessary. It is not self-authenticating.

The phrase that resources were originating services outside a region can conceal several different measurements. A route may be announced by an autonomous system associated with one country while serving users elsewhere. Geolocation databases can disagree. A customer may operate equipment, users and contractual entities across borders. Registration fields can describe an organisation rather than packet destination. A historical application may describe intended use at allocation while later commercial arrangements change the footprint. Each fact may be relevant, but none is interchangeable with another.

A procedurally adequate notice would identify the unit of allegation. Which prefixes were examined? During what period? Was the concern route origin, physical infrastructure, customer location, contracting entity, intended use or failure to disclose a changed business model? Which provision made that fact a breach for the contract version in force? What exceptions or tolerances were considered? What part of Cloud Innovation's earlier answer was rejected, and why?

Confidentiality does not prevent meaningful disclosure. Sensitive customer information can be aggregated, redacted or reviewed under controlled conditions. Security-relevant data can be described without exposing credentials. If the registry relies on a sample, it can disclose methodology and representative records. If it relies on information supplied by third parties, it can separate source protection from the factual proposition the member must answer.

Without that discipline, the member faces an asymmetrical demand: disprove an institutional conclusion without knowing the observations from which it was drawn. A 30-day clock then measures not an opportunity to respond but an opportunity to guess. Enforcement based on hidden or indeterminate evidence may still reach the right result, but the institution cannot demonstrate why.

The controlling text had to be fixed before the clock ran

The merits depended on more than contemporary policy preference. Cloud Innovation's allocations, resource requests and contractual relationship developed over time. The applicable obligations therefore had to be identified by version and date. A general reference to the Registration Service Agreement, bylaws and policy manual is not enough where language changed or where an allocation was made under earlier conditions.

This does not mean that an old allocation is immune from current administrative duties. Contact accuracy, fees, security obligations and validly incorporated updates may continue. Nor does it mean that a member can transform the use of resources without disclosure where the agreement requires a change request. It means the registry must show how each obligation attached. A power derived from contract cannot be broader than the contract merely because the institution's public mission is important.

The notice process should therefore contain an instrument schedule: the signed agreement or proved governing form, the allocation request and approval, applicable policy provisions at relevant dates, later amendments and the mechanism by which those amendments became binding. The schedule should distinguish an original eligibility representation from an ongoing covenant. It should also distinguish a policy developed by the community from a corporate bylaw and a bilateral contractual term. They may point in the same direction, but they do different legal work.

This discipline would have narrowed the dispute. If the alleged breach was failure to file a change request, the cure could focus on accurate disclosure and a decision under the agreement. If the allegation was that out-of-region service was categorically prohibited, AFRINIC needed to identify the provision and its temporal application. If the issue was inconsistency with stated need, the notice needed to show the representation, current facts and contractual consequence.

Procedure fails when institutional purpose is used to bridge missing text. Africa's scarcity and AFRINIC's regional mandate are relevant context. They do not prove that a particular member breached a particular promise. A legitimate steward must be able to move from mission to rule to fact without skipping a step.

Thirty days can be long on paper and short in reality

AFRINIC's account says the March letter allowed 30 days to remedy the alleged breaches or show cause. A month is not inherently unreasonable. Its adequacy depends on the work required, evidence supplied, operational scale and availability of an effective decision before the threatened action.

Some defects can be cured quickly. A missing corporate record, outdated contact or unpaid invoice may need days. Reconstructing the use and customer dependencies of large address holdings is different. It may require information from resellers, customers and technical operators in several jurisdictions. A change request may require the member to describe a business model whose acceptability is itself disputed. During pandemic restrictions, access to records, legal advisers and personnel may have been impaired. Those facts do not automatically entitle the member to delay, but they belong in a reasoned timetable.

The period also loses value if the case is insufficiently particularised. Ten days spent asking what evidence supports the allegation are ten days unavailable for cure. If the registry answers late or not at all, the nominal clock overstates the practical opportunity. A fair process pauses or resets the period when decisive particulars are supplied. It separates an acknowledgement deadline from the later deadline for complete evidence.

Most importantly, the expiry of 30 days should not automatically convert allegation into proof. Default can justify a decision where the member truly fails to engage. But Cloud Innovation had already answered the June 2020 letter and went to court after the March 2021 notice. Litigation is not itself a substantive answer, yet it is evidence that the allegation and authority were contested. The decision-maker still had to record what response existed, what remained unanswered and why termination rather than a narrower measure followed.

A calendar is a procedural control only if it structures genuine exchange. Otherwise it is an alarm attached to a decision already made.

The 7 July judgment did not decide the contractual merits

The public notice issued on 8 July connected the board's action to the Supreme Court judgment delivered the previous day. That framing risks giving the judgment more substantive weight than it bore. The 2021 judgment set aside the interim application after upholding preliminary objections concerning the affidavits and powers of attorney. The later appellate judgment expressly said it did not propose to deal with the merits of the remaining grounds before disposing of the appeal for reasons connected to subsequent relief and abuse of process.

An interim injunction and the merits of a contract dispute are different legal questions. A court may refuse or dissolve interim protection because an application is defective, because the legal test is not met, because damages are adequate, or because another procedural route exists. None necessarily establishes that the respondent's allegations are true. Conversely, granting interim protection does not establish that the applicant will win at trial.

The board was entitled to note that the restraint in force had been set aside and to seek legal advice about what it could do next. It was not entitled, as a matter of sound governance, to treat procedural victory as independent proof of breach. Its decision record still needed to stand on the contract and evidence. The proximity of the judgment and resolution made that separation particularly important.

Board minutes published later show a resolution to terminate membership, freeze the account, inform users and reclaim resources after 90 days. The minutes do not, in the publicly visible resolution text, set out an address-by-address evidentiary analysis or a reasoned response to Cloud Innovation's position. More material may have been considered in executive session. The public record cannot establish that it was not. But members and reviewers were left to infer the bridge between the unresolved merits and the operational measures.

Institutional communications should state the boundary plainly: the court has lifted a restraint on specified grounds; the registry's merits decision rests on separately identified evidence; that decision remains subject to a named review. Without the boundary, judicial procedure becomes rhetorical validation.

One decision produced several different sanctions

The July resolution did not contemplate one consequence. It contemplated termination of resource membership, freezing the member account, informing users, and eventual reclamation after a grace period. The public announcement said resources would be frozen in WHOIS and Cloud Innovation would lose access. These acts operate on different legal and technical surfaces.

Membership termination changes a corporate or contractual relationship. Account freezing changes the member's ability to use registry tools. A WHOIS status or access change affects public records and administrative control. Reclamation can eventually support reassignment or a different authoritative status. Reverse DNS and routing-security administration may be implicated depending on implementation. Actual packet forwarding is performed by networks, not by an RIR switch, but registry changes can alter the evidence and credentials on which operators rely.

Procedural proportionality requires each measure to have its own justification. If the concern was that Cloud Innovation might transfer or modify disputed records, a transaction lock could preserve the position without disabling accurate contact maintenance. If the breach related to use, the registry could require reporting and restrict new requests while review continued. If immediate public harm was proved, a narrowly tailored suspension might be justified. A single finding should not silently authorise every available control.

This is where registry power becomes operational risk. The institution can describe an action as contractual termination while implementing it through systems used by customers and network operators. The legal label does not measure the effect. Before acting, the decision-maker should produce an effects schedule identifying what changes immediately, what remains available, what third parties may experience and how reversal will work if the member succeeds.

Bundling sanctions also complicates remedy. A court may preserve membership but not know that account credentials, entities or delegations changed in the interval. A later reinstatement may restore the label while leaving operational damage unresolved. The process must therefore preserve a state snapshot and specify restoration duties for every affected layer.

The 90-day grace period protected users, not due process

AFRINIC's decision to postpone actual reclamation for 90 days was a meaningful acknowledgment of downstream dependence. Its public account presents the period as an exceptional measure intended to avoid disruption during the pandemic. That may have reduced immediate risk. It should be credited for what it was, not treated as proof that the member received adequate process.

Notice to customers and notice to the accused party serve different purposes. Customers need time to assess dependencies, contact providers, adjust routing arrangements and understand whether registration services will change. The member needs an opportunity to inspect evidence, answer the charge and obtain review before sanctions take effect. A customer transition period can coexist with an unfair adjudicative process.

The distinction is sharpened by immediate account measures. If Cloud Innovation lost access or resources were marked frozen before the 90 days elapsed, the process had already crossed into operations. The ability to correct records, support customers or demonstrate compliance could be impaired during the supposed grace period. A period is not suspensive merely because final reclamation comes later.

Nor should affected users carry the burden of resolving a dispute they cannot examine. Public notice may alarm customers while telling them little about what services will continue. Some may migrate defensively, creating commercial loss even if the decision is later reversed. Others may wait because packets continue to flow, only to discover that registry credentials or route-origin administration have changed. A continuity notice should state the exact services, dates, fallback and restoration plan.

The stronger model separates three clocks. The adjudication clock runs while the member answers and an independent body reviews. The protection clock allows emergency interim controls only where evidence supports them. The transition clock begins after a final or provisionally enforceable decision and gives third parties time to adapt. Combining them into one 90-day announcement obscures whose rights the time is meant to protect.

An appeal that cannot hold the position is not an effective remedy

A right to complain after an irreversible change is not equivalent to review before that change. Effective registry review needs authority, independence, speed, technical competence and the ability to preserve the status quo where the balance of harm requires it. Remove any one of those elements and the formal remedy can become illusory.

Authority means the reviewer can obtain the complete record, vary the measure and order restoration. Independence means the same officers who investigated and decided do not control the result. Speed means review finishes before the operational event, not months after. Technical competence means the reviewer understands the difference between membership, registration, routing-security entities, reverse DNS and packet forwarding. Interim power means a disputed action can be paused without rewarding delay.

The 2021 record instead moved rapidly into court. Cloud Innovation sought an injunction in March, obtained interim protection, lost it on preliminary objections in July, filed further applications, and obtained another interim order. AFRINIC gave an undertaking on 15 July. Whatever view one takes of the parties' litigation choices, the pattern shows that the corporate process did not contain a mutually credible, suspensive remedy capable of keeping the dispute within the institution.

Courts remain necessary. They should not have to construct the first complete administrative record under emergency conditions. A registry review body should already possess the notice, evidence schedule, member response, reasons, effects assessment and proposed safeguards. Judicial review can then examine a bounded decision rather than mediate an escalating technical confrontation.

An internal appeal is not automatically sufficient. If board members authorised the original action, asking the same board to reconsider may correct obvious error but does not provide structural independence. A panel could include legally qualified and technically experienced members subject to conflict rules, fixed deadlines and published reason summaries. In a high-impact case, its decision should precede operational alteration unless immediate harm is demonstrated.

Litigation was a symptom of an incomplete administrative constitution

It is easy to describe repeated applications as aggressive litigation or to describe enforcement as institutional overreach. Both descriptions may capture conduct in particular moments. Neither explains why the dispute repeatedly returned to urgent judicial relief.

An administrative constitution is the set of rules by which an institution investigates, charges, decides, reviews and implements coercive action. AFRINIC had contractual terms, bylaws, board authority and access to court. The 2021 episode suggests that those elements did not combine into a sufficiently detailed process for a dispute with enormous operational stakes. The gap was filled by letters, executive deliberation, public communications and injunction applications.

That architecture creates perverse incentives. The member has reason to litigate early because waiting may allow the registry to alter authoritative records. The registry has reason to act quickly after a restraint is lifted because another application may follow. Each procedural move is interpreted as proof of the other's bad faith. Evidence about the original breach receives less attention while emergency posture dominates.

A complete internal process would not eliminate litigation. It would change its shape. The member could seek review of a reasoned final decision rather than emergency protection against an uncertain bundle of consequences. The registry could show that narrower measures were considered and that the member had access to evidence. Courts could distinguish delay tactics from legitimate requests by looking at whether a real remedy existed.

Institutional maturity is measured by performance under adversarial pressure, not by harmony in routine cases. Rules designed only for cooperative members fail when they are most needed. A registry should assume that a high-value enforcement case will be contested by capable counsel and should design a record that becomes clearer under scrutiny rather than more fragmented.

The board needed an adjudicative record, not merely executive confidence

Boards often receive disputes as management reports. Executives summarise correspondence, lawyers explain options and technical staff describe concerns. That may suffice for ordinary oversight. A decision to terminate a major resource member and touch operational controls requires something closer to an adjudicative record.

The record should identify the decision question, applicable instruments, uncontested facts, disputed facts, evidence for each finding, member submissions, conflicts, alternatives and expected effects. Directors should record whether they are deciding facts, approving a remedy or merely authorising management to proceed after independent findings. They should know which assertions come from the institution, which a court has adopted and which remain allegations.

The published July minutes show that the relevant matter was discussed under an assisted-review item, with an executive session, and that the resulting resolution was unanimous. Unanimity proves agreement among those voting. It does not prove the evidentiary record was complete. Indeed, unanimous confidence can heighten the need for a written dissent test: what is the strongest contrary case, which fact would change the result and what uncertainty remains?

The resolution's application to Cloud Innovation "or other cases of similar nature" raises an additional governance concern. A response crafted during one heated dispute can become a general precedent without public criteria for similarity. Does similarity mean contractual breach, failed response, large holdings, customer dependence or active litigation? A general rule should be developed deliberately, not emerge as a by-product of an individual case.

Directors also needed to separate institutional defence from adjudication. AFRINIC was a litigant facing legal and reputational pressure. Its board still had to exercise contractual power fairly. A conflict does not make decision impossible, but it supports independent findings, recorded reasons and external review. The legitimacy of a regional registry cannot depend on the proposition that its own conviction settles a dispute about its own authority.

Restoration had to be designed before revocation

Every reversible sanction should have a tested reversal path. This is especially important for registry actions because different systems can change on different schedules. Reinstating a member in a corporate register may not restore portal credentials. Unfreezing a status may not recreate deleted entities. Reissuing access may not repair customer losses or reverse operational decisions taken in reliance on the original notice.

Before enforcement, the registry should preserve a signed snapshot of resource records, contacts, delegations, route-origin attestations, permissions and pending requests. It should identify which changes are automatic and which require manual action. It should prevent reassignment while review remains possible. If interim restrictions are needed, they should be logged and capable of prompt removal.

Restoration planning is not an admission that the decision is doubtful. Appeals exist because institutions can err and circumstances can change. A decision-maker confident enough to exercise concentrated power should be equally confident in specifying how to undo the act if a reviewer disagrees. Failure to plan reversal transfers the cost of institutional error to the member and downstream users.

The July sequence demonstrated the point. A court order on 13 July and AFRINIC's undertaking on 15 July required preservation or reinstatement of the position. Public party accounts disagree about aspects of compliance and timing. A prewritten restoration protocol would have reduced ambiguity. It could have defined the responsible officer, exact services, verification tests and report to the court.

Reversal also needs public communication. If customers were warned that resources faced reclamation, they should be told with equal clarity when the measure is suspended. Otherwise the first warning continues to influence market behaviour after the legal position changes. Procedural fairness includes correcting the operational signal, not only the internal record.

Public communications should not prosecute the case

In a contested enforcement matter, public explanation is necessary. Members and dependent networks need dates, service effects and routes for urgent support. Yet communications can easily become advocacy. AFRINIC's notice described its board as acting reasonably and in good faith and linked its action to the court judgment. Cloud Innovation's releases used equally categorical language in the opposite direction. Neither party's confidence resolved the dispute.

A registry occupies a special position because its statements may influence operators, customers and other institutions. It should therefore communicate with evidentiary restraint. A public notice can say that the board found specified breaches after a named process, that the member disputes them, that the cited judgment concerned identified procedural questions, and that review is pending. It can describe operational measures without publishing confidential material.

The institution should avoid presenting allegations as judicial findings unless the judgment actually made them. It should also avoid using community protection as proof that the member was wrong. Protecting continuity may justify a safeguard; it does not decide contractual interpretation. Similarly, the member should not present interim relief as final vindication.

Neutral language is not weakness. It protects the registry's authority from being invested in a public-relations contest. If later evidence changes the result, the institution can update the facts without appearing to reverse a moral judgment. Members are more likely to trust enforcement when communications distinguish what is known, decided, alleged and still under review.

The public record should also preserve source hierarchy. Board minutes show what the board resolved. A letter shows what its author asserted. A judgment shows what the court ordered and found within its scope. A technical standard shows system design, not contractual liability. Responsible analysis never lets one document pretend to be another.

The member also carried procedural obligations

Due process is reciprocal. It does not require a registry to tolerate silence, evasion or endless document requests. A member receiving a sufficiently clear notice should acknowledge it, preserve records, identify disputed propositions, supply information within its control and propose a cure where possible. It should not use customer dependence as a blanket shield from accountability.

If Cloud Innovation believed the wrong contract version applied, it needed to identify the right one. If it disputed geographic findings, it needed to provide an alternative factual account. If business use had changed, it needed to explain whether and when notification occurred. If disclosure risked customer confidentiality, it could propose controlled review. Court proceedings could preserve rights while substantive answers continued.

The stable public record does not contain every private exchange, so it cannot support a complete verdict on the adequacy of Cloud Innovation's engagement. AFRINIC says the member failed to remedy or explain within the contractual period. Cloud Innovation says it had answered earlier allegations and disputed the institution's interpretation. Those positions cannot be resolved by repeating either side's summary.

What procedure should do is make reciprocal performance measurable. The notice identifies numbered questions. The response answers each or states why it cannot. The registry requests missing material. A decision table records what is accepted, rejected and unresolved. Delay attributable to either party becomes visible. Review then concerns evidence rather than character.

This reciprocity protects enforcement from strategic misuse. A member cannot generate indefinite suspension merely by filing an appeal if it refuses to engage. The reviewer can require a prompt prima facie case and impose targeted controls. Equally, the registry cannot claim default where it withheld the particulars needed to answer. Fairness is a disciplined exchange, not institutional surrender.

A better revocation protocol begins before the notice

The strongest reform is not a longer letter. It is a staged protocol that begins with investigation and ends with verified restoration or transition. Before notice, the registry should preserve evidence, identify the governing instruments, test conflicts and classify the alleged harm. Investigators should separate observed facts from inferences and policy judgments.

The notice should contain a charge table. Each row would identify a resource set, time period, alleged fact, evidence reference, governing provision, proposed cure and possible consequence. The member would answer the same table. This format does not replace narrative reasons, but it prevents one broad allegation from migrating across millions of addresses without differentiation.

After response, a decision officer or panel independent from the investigation should conduct a conference where ambiguity can be narrowed. The written decision should address each material answer, explain evidentiary weight and choose the least disruptive measure capable of curing the proved problem. It should include an effects schedule and restoration plan.

Review should be automatic for high-impact termination, not dependent on whether the member can mobilise emergency litigation. The measure should be suspended during a short appeal unless the registry demonstrates immediate and material risk. Emergency controls should be narrow, time-limited and reviewed quickly. Customer notice should begin only when there is a sufficiently settled operational event to communicate, except where immediate protective information is necessary.

Finally, the registry should publish anonymised statistics: notices, cures, withdrawals, terminations, review outcomes, reversals, average times and continuity incidents. Case-specific confidentiality can be preserved. Aggregate evidence would show whether revocation is exceptional, consistent and correctable. Authority gains legitimacy when the public can see not only that it acts, but how often it changes its mind.

Members should govern the coercive architecture

Revocation power affects all resource members, not only the litigant of the moment. Its procedure should therefore be established through visible member governance rather than improvised during a dispute. Members can debate notice content, evidence disclosure, conflicts, review composition, emergency standards and continuity safeguards without deciding Cloud Innovation's merits.

This is not a policy vote on whether contracts may be enforced. It is constitutional design for the institution that enforces them. Members have an interest in preventing both arbitrary revocation and capture by an uncooperative holder. A credible procedure serves both. It allows rapid containment of demonstrable harm while making ordinary compliance decisions contestable before irreversible effects.

The board should propose rules with examples. One example might concern stale contacts; another, disputed regional use; another, fraud; another, active route hijacking; another, court-ordered restraint. The examples would show when immediate action is justified and which services remain protected. Consultation should include network operators, legal experts, customer representatives and technical staff.

Conflict rules are essential. Reviewers should disclose relationships with the registry, member, competitors and interested policy groups. Terms should be fixed, removal protected and reasons published at an appropriate level. Funding should not depend on the outcome of individual cases. A small permanent secretariat could maintain records without controlling decisions.

Member accountability also means the registry reports its own mistakes. A reversed notice should produce a short lessons review: which fact was wrong, which safeguard worked, what was restored and what rule changed. Concealing reversals to preserve authority has the opposite effect. Institutions become credible when correction is designed rather than humiliating.

Courts need an operationally precise record

When a dispute reaches a Judge in Chambers, legal urgency and technical complexity collide. The applicant describes imminent harm; the registry describes stewardship duties; neither may present a complete map of systems and dependencies. The court should not have to infer whether membership termination changes routing, WHOIS access, reverse DNS or route-origin administration.

A standard court schedule could identify the exact challenged decision, current state, proposed changes, affected services, third-party exposure, reversible steps and minimum safe interim conditions. Affidavits should name the person with authority over each act. Technical claims should state evidence and uncertainty. Sensitive details can be sealed while the functional map remains intelligible.

Such a schedule would also prevent overreading judgments. If an application is disposed of on a power-of-attorney defect, the order can state what operational restraints lapse without implying a merits finding. If interim relief is granted, the order can specify whether the registry may maintain security controls, preserve records and process unrelated member requests. Precision reduces the opportunity for each party to announce total victory.

Courts can require the registry to keep disputed resources unchanged while permitting routine maintenance. They can require the member to avoid transfers, preserve customer records and answer defined questions. They can order rapid independent review and a return date. The point is not judicial management of number resources. It is preservation of a fair contest until authority is determined.

The 2021 litigation shows the cost of forcing all safeguards into emergency orders. Better institutional procedure would give the court a ready record and narrower choices. Better court orders would, in turn, reinforce the institution's duty to distinguish adjudication from operations.

The unanswered questions are themselves governance evidence

Several decisive facts remain unavailable in stable public material. The full 23 June 2020 letter and response may exist in filed exhibits, but the public record reviewed here does not provide a neutral adjudication of their substance. The 10 March 2021 letter is public, yet the underlying technical assessment is not presented with enough detail to replicate its conclusions. The public board resolution records the action but not the complete evidentiary reasoning considered in executive session.

There is no need to fill those gaps with inference. They define the limits of any confident narrative. It cannot responsibly say that Cloud Innovation's compliance was proved merely because interim relief was set aside. It cannot say AFRINIC lacked evidence merely because the evidence is not public. It cannot treat Cloud Innovation's customer claims as verified counts. It cannot assume that every operational effect described by either party occurred.

Those limits do not make analysis impossible. They show why a regional registry needs a public decision format. The institution's authority should not depend on outsiders trusting that undisclosed material answers every concern. Confidential annexes may be necessary, but public reasons can still identify the proposition proved, standard applied, response considered and measure selected.

Future researchers should look for the signed agreement version, complete allocation applications, the June 2020 exchange, disclosure accompanying the March 2021 letter, the board's decision paper, system-change logs and the exact restoration record after July's orders. Each document would answer a specific question. None should be treated as a talisman that settles all others.

Uncertainty is not neutrality between unequal claims. It is a demand to match confidence to evidence. An institution controlling consequential records should model that discipline before asking members and courts to trust its conclusions.

Procedure is part of registry continuity

Continuity is often discussed as backups, redundant servers and emergency funding. Those controls matter. But a service can remain technically online while governance becomes unstable. If members cannot predict how evidence will be assessed, if courts repeatedly intervene to preserve the position, or if operational controls change immediately after procedural rulings, continuity is already impaired.

Procedural continuity means the same rule applies under pressure; decision rights remain clear; records are preserved; review occurs on a known timetable; and a contested action can be paused without disabling unrelated services. It reduces the commercial incentive to race to court and the institutional incentive to exploit a temporary legal opening.

This is why the 2021 notice sequence matters beyond Cloud Innovation. AFRINIC's stewardship role gave its decisions public effect. That effect demanded more than contractual confidence. It demanded an administrative path proportionate to the operational reliance placed on registry records.

The design principle is straightforward. First make the allegation inspectable. Then make cure practicable. Then make reasons answer the response. Then provide independent review capable of holding the position. Only after those stages, or after a documented emergency exception, should the institution convert disputed authority into changed operational state.

That sequence does not decide who was right about address use. It determines whether the eventual answer can command trust. Regardless of merits, inadequate notice, undisclosed evidence and a remedy that arrives after operational action turn registry authority into uncontrolled risk. Procedure is not the obstacle to stewardship. It is the mechanism that keeps stewardship from becoming discretion without a brake.