Recently, many RIPE NCC members received an email titled “Download Review,” demanding confirmation of information within 48 hours. The email did not come from RIPE NCC. It was a phishing attempt, exploiting fear—specifically, fear of RIPE NCC’s perceived authority.

This incident exposes a deeper structural problem.

RIPE NCC is a private, member-based entity that maintains a registration database. Yet many members subconsciously treat it as a regulator with sovereign power, capable of shutting down their entire business overnight. That fear is precisely what scammers leveraged. And it exists for one reason: under current RIR policies, members do *not* truly own the IP addresses their businesses depend on.

If a registry can theoretically terminate a service agreement and alter registrations, the risk feels existential. A national telecom, an ISP serving millions, should never be structurally dependent on the discretion of a private company operating under foreign law. That is not a healthy foundation for critical infrastructure.

The real solution is policy reform. Ownership of number resources must be recognized. When members truly own their IP addresses, an email—real or fake—cannot threaten the survival of their business. Fear disappears the moment dependency disappears. RIRs are bottom-up, community-driven institutions. If the community wants ownership, it can achieve it—by participating, voting, and changing policy.

At the same time, members should understand reality as it stands today. RIPE NCC is not a government. It is not the Internet police. It is a private entity in a contractual relationship with its members. If it were to act unreasonably—terminating agreements and causing disproportionate harm—it would be legally liable. Courts exist precisely to prevent such abuse, and history shows that registries themselves are not immune to injunctions, freezes, or insolvency when they overstep.

In practice, RIPE NCC’s actual processes are procedural and reasonable. For example, Assisted Registry Checks exist to maintain data accuracy, but they are cooperative, scheduled at the member’s convenience, and explicitly non-hostile. No legitimate RIPE process demands action within 48 hours under threat. Such messages should immediately raise suspicion.

This incident is a reminder to reset perspective. Registries are bookkeepers. As one of RIPE’s founders put it: they exist to keep the book accurate. Nothing more. They do not command networks, police behavior, or exercise sovereign power.

The long-term fix is collective action: engage in policy processes, push for true ownership of IP addresses, and remove the structural fear that makes such phishing attacks effective in the first place. Once IP ownership is clear, this entire class of threat disappears.

Until then, treat registry communications as you would those from any vendor: calmly, contractually, and without fear.