Summary
- RIPE NCC's Articles of Association give each unsuspended member one vote. The standard service agreement defines a member as a natural person or legal entity, making the legal boundary of the member the unit of formal representation.
- RIPE NCC separately counts LIR accounts and members. Its June 2026 update reported 20,782 LIR accounts and 20,056 members, while its 2024 Annual Report expressly noted that one member can hold more than one LIR. The aggregate difference proves that the denominators are not identical, but does not reveal concentration or the number of networks behind any member.
- Equality by legal member is not equality by operational exposure. One member can support several LIR accounts, networks, autonomous systems, subsidiaries or customer groups, while another may operate a much smaller environment. Their users do not vote directly, and the ballot contains no measure of service criticality or harm if registry decisions go wrong.
- The May 2026 General Meeting recorded 3,421 members registered and 3,049 casting ballots against a contemporaneous membership of about 20,000. That roughly fifteen-percent participation level makes the composition of the active corporate electorate especially important, although one meeting does not establish a complete historical pattern.
- The answer is not to replace one-member-one-vote with votes purchased by fees, address holdings or traffic. RIPE NCC should preserve the member ballot while publishing privacy-protecting exposure bands, adding an affected-operator and user-impact chamber for high-consequence decisions, and requiring explicit legitimacy tests when a small corporate electorate decides risks borne far beyond itself.
The meeting room contains companies, not networks
At a RIPE NCC General Meeting, the ballot is attached to a member. The member may be a natural person, but in the ordinary commercial case it is a legal entity represented by an authorised human being. The voting system sees that entity, verifies its eligibility and records one choice. It does not open the company to count the networks, LIR accounts, customers or critical services inside.
That choice of unit is understandable. A legal person can sign an agreement, receive an invoice, appoint a representative and bear liability. Corporate registers provide evidence that an entity exists. The association can maintain a member register and determine whether fees are paid or rights suspended. Compared with a loosely defined network community, the legal member is administratively clear.
Clarity is not neutrality. Every representative system chooses a boundary around the interests it counts. A parliamentary constituency aggregates residents by geography. A shareholder ballot aggregates capital by shares. A cooperative may count one member regardless of contribution. RIPE NCC aggregates at the boundary of the contracting legal person. That boundary can contain one modest network or a complex set of operations serving many other organisations.
The corporate ballot therefore answers a precise question: what does this eligible legal member choose? It does not answer how many operational systems support that choice, how severe the consequences are for them, or whether downstream users agree. When the question is electing a director, corporate equality may be sufficient. When the question affects fees, service continuity, certification, sanctions, audits or resource administration, the mismatch between voter and exposure becomes more important.
The problem is not that large operators deserve control. Size can be a poor proxy for public interest, and a vote weighted by address holdings could entrench incumbents. The problem is that the current ballot presents corporate equality as if it exhausted representation. It counts one dimension accurately and leaves other relevant dimensions invisible.
This article calls that invisibility corporate aggregation. One member acts as the constitutional container for whatever networks, accounts, customers and users sit behind it. The association records the container. It does not systematically disclose the contents in a form that allows members to judge who bears the consequences of a decision.
The legal unit is explicit in the service agreement
The RIPE NCC Standard Service Agreement defines a Member as a natural person or legal entity that has entered into the agreement. Conclusion of the agreement establishes RIPE NCC membership, initially through candidate status before conversion to full membership under the stated rules. The contract connects the service relationship, fees and corporate membership.
This is more than terminology. It determines who receives notices, who owes payment, who may terminate and who becomes part of the association. The same boundary then structures representation. Employees, directors or authorised persons may act for the member, but they exercise the right belonging to that legal person. Several engineers from different divisions do not each acquire a ballot because they operate different networks.
Corporate organisation is variable. One company may centralise several business lines under one legal entity. Another group may place similar operations in separate subsidiaries. A public-sector network may be housed inside a ministry, a state enterprise or an independent body. A university system may contract centrally or through separate institutions. The technical footprint does not dictate the legal perimeter.
This variability means two operationally similar groups can appear differently in the electorate. If one consolidates service under a single member, its internal diversity becomes one vote. If another has several independently eligible legal entities, it may have several votes, subject to the actual membership facts. The Articles do not attempt to equalise ultimate corporate control or network scale across those structures.
No inference should be made about any named group without member-level evidence. The public aggregates reviewed here do not show how many corporate families hold multiple memberships, how voting instructions are coordinated or whether separate entities exercise votes independently. The structural point does not require that evidence. The legal boundary is capable of aggregating operational interests that do not map neatly onto it.
The service agreement also makes membership consequential beyond voting. It places the member under service duties and gives RIPE NCC defined powers over the relationship. A company may act for downstream customers who have no direct agreement. The contract is bilateral, while effects can be multilateral. Representation should recognise that gap rather than assume the member's signature captures every affected interest.
One vote is a deliberate corporate equality rule
The 2024 Articles of Association state in Article 16.7 that each unsuspended member has one vote and candidate members do not vote. Related provisions define who may represent a legal entity, how electronic participation can work and how proxy voting is limited. Resolutions ordinarily require an absolute majority of votes cast unless law or the Articles provide otherwise.
The rule has strong virtues. It prevents a member with a large address position from obtaining formal control merely because it holds more resources. It prevents the highest fee payer from purchasing a larger constitutional share. It gives a small provider the same ballot as a multinational member. In a technical community wary of capture, that equality deserves protection.
The Articles also create member initiative rights. Members meeting stated percentages of possible votes can place subjects on the agenda or require a meeting. These thresholds are calculated from legal members, which makes the same aggregation issue relevant before voting begins. A concern shared by many operational teams inside a few companies may fail to reach a member-count threshold, while a concern distributed across many small legal entities may clear it.
This does not make the thresholds defective. It identifies what they measure. Two percent of possible member votes is a share of eligible legal persons, not two percent of networks, customers or routed traffic. Ten percent is not ten percent of affected users. Governance debates become more precise when every percentage names its denominator.
Corporate equality can coexist with operational inequality. That is common in associations. The legitimacy question is whether decisions are confined to matters properly resolved by equal members, and whether additional safeguards exist when consequences are distributed on another basis. A club can set meeting times by member vote. It may need a stronger assessment before adopting a rule that places most safety risk on a small subset.
RIPE NCC's challenge is that many decisions cross the boundary. A charging scheme is corporate finance, but its structure can affect whether smaller operators maintain accounts. Audit policy is service administration, but an erroneous closure can affect customers. Certificate services are technical, but changes can influence signals used by relying networks. The ballot remains one per member even when the risk does not.
The correct criticism is therefore not that one-member-one-vote is false equality. It is real equality along one axis. The constitutional weakness is treating that axis as complete.
The member and LIR denominators are already different
RIPE NCC's own publications make the first mismatch visible. The June 2026 member update reported 20,782 LIR accounts and 20,056 members. The difference was 726. That arithmetic establishes that account and member totals were not identical at that snapshot.
The figure must be handled carefully. It does not mean exactly 726 members held a second account. One member may hold more than two, while other categories and timing details may affect the totals. It does not reveal which members hold additional accounts. It says nothing about autonomous systems, address space, customers, traffic or market power. It is a denominator warning, not a concentration result.
The RIPE NCC Annual Report 2024 is explicit: one member can hold more than one LIR. At 31 December 2024, it reported 19,993 active members and 20,991 active LIRs. Again, the 998 difference cannot be distributed from the aggregate alone. The report's warning prevents readers from treating an LIR count as a membership count.
This distinction matters because LIR is often used colloquially as if it identified one operating network. Under the registry architecture, an LIR is a role or account relationship through which address resources are administered for the organisation, customers or other consumers. One company can have additional LIR accounts. One account can support a varied set of technical and commercial relationships. The account is not a reliable unit of democratic personhood.
Nor is the member a reliable unit of technical operation. A legal entity may run several autonomous systems, brands, data centres or access networks. It may serve a small specialist customer base or millions of people. It may hold resources mainly for its own infrastructure or administer them downstream. The public totals do not join these dimensions.
The missing distribution is itself a governance finding. Members considering a charging model or service policy cannot see privacy-protecting percentiles for LIR accounts per member, resource registrations per member or downstream exposure. They can debate principles, but not the shape of the constituency those principles affect.
A basic disclosure would not need to name companies. RIPE NCC could publish bands: the percentage of members with one, two, three to five, six to ten and more than ten LIR accounts; the share of accounts in each band; and changes over time. Similar bands could cover autonomous systems and routed-resource measures with careful caveats. This would reveal aggregation without exposing confidential contracts.
Fees count accounts while votes count members
The RIPE NCC payment page states that members pay an annual service fee per LIR account and that existing members registering additional LIR accounts pay a sign-up fee. The 2026 Charging Scheme set the annual contribution at EUR 1,800 per LIR account, with separate fees for specified independent and legacy registrations.
The association therefore uses at least two units at once. It counts accounts for a major part of funding and members for voting. A company with several LIR accounts can owe several account-based contributions but retains one member vote under Article 16.7. A company with one account owes one contribution and receives one vote. Financial incidence and constitutional influence do not rise together.
This separation is defensible. Payment should not automatically buy votes. If every additional fee generated another ballot, larger account holders could dominate the association. The one-member rule prevents a direct conversion of spending into authority.
The separation nevertheless creates a representation question when members vote on the charging scheme itself. A member with several accounts experiences a per-account change several times, yet casts one vote. A member with one account experiences it once and also casts one vote. If the proposal shifts costs among account categories, the legal-member ballot aggregates unequal financial effects.
The 2027 charging debate made these distinctions visible. RIPE NCC published options including continuation of one LIR account, one fee and a category model differentiated by resource holdings. Members selected the existing account-fee model at the May 2026 meeting. That result is legitimate under the Articles. It still describes the preference of voting members, not an equalised measure of affected accounts or users.
The danger lies in rhetorical slippage. A majority of votes cast can be described as the membership deciding. Legally, that is correct. It should not be restated as a majority of LIRs, networks or customers approving. Those populations were neither separately counted nor necessarily consulted.
Good decision records should publish an incidence table beside the member ballot. How many members fall into each fee-change band? How many LIR accounts do they hold? What share of income comes from each band? How many voted, if privacy permits aggregation? The resolution can remain one member, one vote while readers see the other distributions.
Networks are not LIR accounts
RFC 7020 describes RIRs serving LIRs and other customers, with LIRs in turn serving consumers that may include providers, end users and child registries. This hierarchy shows why an LIR count cannot stand in for the number of networks affected by a RIPE NCC decision.
A network can be defined technically by routing policy, administration, infrastructure or service boundary. An autonomous system number may be one indicator, but one organisation can operate multiple autonomous systems and one operational service can span them. Address registrations provide another indicator, but holdings do not reveal active use, customer count or criticality. Traffic volume can show scale while missing dependency. No single metric captures the constituency.
An LIR account is an administrative relationship. It can support allocations and assignments under policy. Its boundaries may reflect history, billing, acquisitions or internal organisation rather than one coherent network. Counting it as one operational unit would replace corporate aggregation with account aggregation, not solve the problem.
The same caution applies to autonomous systems. Giving one vote per ASN would reward fragmentation and allow entities to multiply influence through technical structure. It would treat a dormant ASN like a national access network. It could also exclude networks whose dependency does not map cleanly to their own ASN.
Address-weighted voting would be worse. IPv4 scarcity and historical allocation mean holdings do not correspond fairly to current users or social value. Large incumbents would gain permanent constitutional advantage. IPv6 holdings are not directly comparable. A resource-weighted chamber might offer information, but should not control the association.
Traffic weighting creates incentives to exaggerate and raises confidentiality problems. Customer counts can be self-reported, difficult to audit and incomparable across wholesale, retail and enterprise services. Revenue weighting turns governance toward commercial size. Critical-infrastructure labels can be politicised.
The absence of a perfect metric does not justify blindness. Several imperfect indicators, published in bands and used for impact review rather than vote purchase, can reveal asymmetry. Governance routinely uses multiple measures when one denominator is inadequate. The aim is not a mathematically pure electorate. It is a decision process that knows whose operations are at stake.
Affected users sit behind the corporate vote
Most people affected by a registry decision are not RIPE NCC members. They use connectivity supplied by an access provider, hosting company, enterprise network, university, public service or downstream operator. Their relationship is with that organisation, not directly with the regional registry. They receive no General Meeting ballot.
Indirect representation is not inherently illegitimate. Companies routinely act for customers in technical coordination. Operators have expertise that individual users do not need to acquire. A registry meeting would become unmanageable if every subscriber voted on address policy.
The problem appears when the member's interests diverge from those of its users. A company may prefer lower fees even if a cheaper model reduces resilience. It may accept a service interruption risk that customers cannot observe. It may prioritise transfer flexibility over conservative verification, or the reverse. Corporate management has duties and incentives that do not always equal user welfare.
Aggregation can also silence internal operational teams. The person casting the member vote may be a director, policy specialist or authorised contact. Engineers responsible for several networks may hold different risk assessments. Customer-support teams may see harm not visible at corporate level. The Articles determine who may exercise the vote, not how the member reaches its internal instruction.
Large organisations can build consultation processes, but no common standard requires them to demonstrate that affected network teams or customers were heard before a high-impact vote. A ballot from a complex member may therefore represent a narrow executive choice while appearing constitutionally equal to a small owner-operated network whose voter directly manages the service.
User representation should not mean a public plebiscite on technical details. It can take the form of impact obligations. Before a high-consequence resolution, proposers should identify downstream groups, service dependencies, plausible failure modes and mitigation. Consumer organisations, public-interest networks and downstream operators should be able to submit structured evidence. The decision record should answer it.
Where effects are severe, an affected-user panel could issue a non-binding concurrence or objection. A member majority could still proceed, but overriding a reasoned objection would require an explicit explanation and perhaps a higher threshold. This makes unrepresented interests visible without handing technical control to unverifiable mass voting.
Operational risk is distributed unevenly
Registry services support different forms of dependence. A member may rely on database records, reverse DNS, transfer recognition, resource certification, portal access and administrative response. The consequence of delay or error varies with the network. A small internal network and a large access provider do not expose the same number of customers, yet the ballot gives each legal member one vote.
Risk also depends on substitutability. A member with extensive legal and technical staff may recover quickly from a disputed record. A small operator can be operationally fragile despite serving an important local community. A public-sector member may support hospitals or emergency services without holding the largest address position. A wholesale carrier's issue may cascade into many retail networks.
These examples show why size alone is inadequate. Operational exposure combines probability, consequence, recovery capacity and downstream dependency. A small organisation can carry high public risk. A large company can diversify. A useful governance assessment needs several dimensions.
RIPE NCC already has access to some relevant records, but not all. It can count accounts, registrations and service states. It may identify sponsoring relationships and resource contacts. It cannot infer customer populations or critical services accurately from registry data. Members and independent experts must contribute, subject to verification and confidentiality.
A risk register for governance need not identify every customer. It can classify proposed decisions. Does the measure affect billing only, or can it alter registration state? Can it interrupt a linked technical service? Is the effect reversible? How quickly? Are downstream parties notified? Does the burden fall evenly across members? Which evidence supports that conclusion?
The classification should determine procedure. A routine administrative resolution can pass under ordinary member rules. A decision capable of deregistration, certificate disruption or material service exclusion should require an exposure assessment, a longer consultation and review by an operational panel. The member ballot remains decisive, but it is informed and constrained by the kind of risk it allocates.
This is the same principle used in reliable network engineering: not every change receives the same change-control depth. Governance should be at least as sensitive to blast radius as operations.
Participation makes aggregation more consequential
The May 2026 General Meeting voting report says 3,421 members registered and 3,049 cast ballots. RIPE NCC's May 2026 update reported 20,029 members. The figures are not captured on precisely the same day, but they place ballot participation at roughly fifteen percent of the contemporaneous membership.
This should not be treated as a uniquely bad turnout without comparison. Members may rationally abstain, delegate attention to trusted entities or care differently about the agenda. Electronic voting reduces some barriers, and more than eighty-nine percent of registered members ultimately cast a ballot. One meeting cannot establish a permanent trend.
Still, the result means decisions were made by a minority of eligible legal members. That makes the composition of active voters important. Are members with multiple LIR accounts more likely to participate? Are large operators better represented? Do owner-managed small networks vote at higher rates because the decision is personal? Are some countries, sectors or business models persistently absent? Public totals do not answer.
Turnout by country is informative but incomplete. A country field tied to registration does not reveal operational reach, corporate ownership or customer location. A multinational member can operate across borders. Several legal entities in one group can appear in different jurisdictions. Geographic diversity should be measured, but not confused with operational diversity.
Participation inequality can amplify corporate aggregation. If a large member has one vote but consistently uses it, while many smaller members do not, its practical influence increases without any formal weight. Conversely, if members with complex operations find one vote too small relative to their account exposure, they may disengage or seek influence through informal channels. Both possibilities require evidence.
RIPE NCC should publish longitudinal, privacy-preserving participation bands. Registration and ballot rates could be compared by one-account versus multi-account members, member age, country band and broad organisation type. Results should be designed to prevent identification. The objective is to test whether the active electorate differs systematically from the full membership.
Quorum rules deserve discussion, but a high mandatory quorum can let abstention block necessary decisions. A better response may be a legitimacy ladder. Ordinary resolutions pass under current rules. Decisions with high asymmetric impact require minimum participation, an extended voting period or a confirmatory ballot if turnout falls below a published threshold. The procedure should match consequence.
Corporate groups complicate the equality claim
The legal member is not always the ultimate centre of control. Companies form groups with parents, subsidiaries, joint ventures and acquired entities. Some subsidiaries operate independently; others follow central instructions. Membership may reflect historical acquisitions rather than current control. A one-company rule applied only to the immediate legal entity does not necessarily produce one vote per economic group.
The public materials reviewed here do not provide a reliable map from RIPE NCC members to ultimate beneficial control. It would be wrong to claim a measured concentration or coordinated voting bloc without that evidence. Names alone are limited public evidence; similar brands can have different ownership, and ownership can change.
The lack of a map nonetheless creates a constitutional ambiguity. Is the principle one legal member, one vote, even if several members share ultimate control? If so, formal equality can be multiplied through corporate structure. Is the principle one corporate group, one vote? If so, the association needs a definition of control, evidence, appeal rights and treatment of genuinely independent subsidiaries.
Neither answer is simple. Consolidating votes by parent could disenfranchise separately managed networks and minority owners. Ignoring control could permit deliberate vote multiplication. Requiring detailed ownership disclosure creates privacy and compliance burdens. The issue becomes more sensitive where sanctions, state ownership or cross-border groups are involved.
A proportionate starting point is transparency rather than automatic disenfranchisement. Members could disclose controlling entities and coordinated voting arrangements confidentially to an independent verifier. RIPE NCC could publish aggregate counts of memberships linked to common control without naming them. Election reports could state whether group-linked memberships materially affected a close result, under a rule approved in advance.
For specific high-impact votes, a conflict declaration may be more useful than group consolidation. Members with a direct commercial interest in a narrow outcome would retain their vote but disclose the category of interest. The meeting could then see whether a resolution rests on a broad coalition or a concentrated beneficiary group.
The guiding principle should be consistency. Corporate form should not be used opportunistically: ignored when counting representation, invoked when limiting liability, and rearranged when allocating fees. The association needs a stable account of why the legal entity is the right unit and where supplementary group information is necessary.
The case against resource-weighted voting
Once corporate aggregation is recognised, the tempting response is to weight votes by operational scale. That cure could be worse than the defect. Address holdings are historically unequal. Larger incumbents would gain a constitutional advantage difficult for new operators to overcome. Scarcity would become political power.
Fee weighting is equally problematic. The association is funded by members for a public-interest coordination role. Turning contributions into votes would make it resemble a capital company and encourage pricing decisions that preserve control. A member's ability to pay is not evidence that its policy judgment is superior.
Customer weighting appears more democratic, but customer counts are unstable and strategically reported. A wholesale provider may serve a few customers that each serve millions. A hosting company may count accounts rather than people. An enterprise network may support employees and public services without retail subscribers. Verification would be intrusive.
Traffic weighting privileges high-volume services and can be manipulated by measurement choices. It also treats volume as value. A low-bandwidth emergency service may be more socially important than entertainment traffic. Measurements vary by time and observation point.
Autonomous-system weighting encourages technical fragmentation. LIR-account weighting encourages administrative fragmentation. Country weighting creates difficult questions for multinationals and cross-border infrastructure. Every single-factor vote would invite entities to reorganise around the metric.
One-member-one-vote is therefore worth retaining as the association's final corporate ballot. Its anti-plutocratic protection is real. Reform should add information and supplementary checks rather than auction power through a new weight.
The distinction between decision and concurrence is useful. Members can continue to elect the board and approve ordinary resolutions equally. For high-impact measures, a separate operational panel can test feasibility and risk, while a user-impact panel can test downstream consequence. Neither needs votes proportional to raw size. They can be selected for diversity, expertise, independence and declared interests.
If either panel issues a reasoned objection, the General Meeting can reconsider or proceed under a heightened threshold. Final authority remains with members, but the corporation must confront evidence that its legal electorate does not embody every affected constituency. This is constitutional friction by design, not a rival ownership class.
Four denominators should appear in every major proposal
RIPE NCC could improve governance immediately by requiring four denominator statements in major proposals. The first is the member denominator: how many eligible legal members are affected, how many submitted views and how many voted. This is the existing constitutional base.
The second is the account denominator: how many LIR accounts and other direct service relationships are affected, distributed across members. This shows whether a proposal has repeated financial or administrative effects inside some companies. It must not be presented as a second electorate.
The third is the operational denominator: verified bands for networks, autonomous systems, registrations, service dependencies and recovery risk. No one metric should dominate. The proposal should explain what is known, unknown and self-reported.
The fourth is the affected-user denominator: reasonable estimates of downstream organisations, customers or critical services exposed to the change. Exact counts may be impossible. Proposers should state ranges and methods rather than omit the dimension.
Each denominator answers a different question. Member count tests corporate legitimacy. Account count tests administrative incidence. Operational measures test blast radius. User measures test external consequence. Agreement among all four strengthens a decision. Divergence signals a need for caution.
For example, a fee adjustment might affect nearly all members and accounts similarly, with little direct user impact. Ordinary voting is adequate. A certificate-service change might affect a smaller member subset but a large operational footprint. It deserves staged deployment and an operational concurrence. A closure rule might apply to few members yet expose many downstream users. It requires due process and continuity measures beyond a simple majority.
The statements should be published before voting, not reconstructed afterward. Members need time to challenge assumptions. Independent researchers should be able to reproduce public calculations. Confidential information can be reviewed by a trusted auditor that releases ranges and methodology.
This reform does not require perfect data. It requires disciplined ignorance. Where the user denominator is unavailable, the proposal should say so and explain how uncertainty changes the decision. Unknown exposure is a risk factor, not a zero.
A second chamber for consequence, not wealth
A supplementary chamber need not resemble a legislature. It could be a standing Operational Consequence Council with rotating seats for small access providers, large carriers, hosting networks, public-interest infrastructure, enterprise networks, security specialists and independent resource holders. Selection would emphasise diversity and conflicts rather than holdings.
Members of the council would review only proposals classified as materially affecting registration continuity, certification, sanctions, audit, closure or other high-impact services. They would not set the ordinary budget or elect the board. Their task would be to test failure modes, transition plans, reversibility and downstream notice.
A separate Affected Users Forum could gather evidence from consumer groups, downstream network customers, civil-society organisations and public services. It would not vote on technical settings. It would issue impact findings: who depends on the service, who lacks a direct contract, what notice is possible and what remedy exists if the decision is wrong.
The two bodies should publish reasons. They should disclose conflicts, rotate membership and avoid permanent sector seats captured by incumbents. Their objections should be specific enough for the General Meeting to answer. A vague claim of public interest should not stop a decision.
The General Meeting could override an objection, but only after a second reading or a supermajority on the contested elements. Urgent security measures could proceed temporarily with a short sunset and retrospective review. This balances speed with consequence.
The design avoids converting scale into formal ownership. A large network receives no extra corporate ballot. It can present evidence of blast radius to the operational council, where claims are tested. A small network serving a critical community can do the same. A user group can identify harm without pretending to administer the registry.
Most importantly, the second chamber would make the corporate boundary visible. The member remains the association's legal constituent. Networks and users become recognised affected constituencies rather than invisible contents of the member's folder.
Internal democracy inside the member matters too
RIPE NCC can improve its own institutions, but each member also has responsibilities. A company that aggregates several networks should not treat its vote as the private preference of one executive. It should have a repeatable method for consulting operational teams and recording how customer or public-interest effects were considered.
The association could publish a voluntary member voting standard. For major resolutions, members would identify the accountable decision-maker, relevant internal teams, conflicts of interest and the basis for the instruction. No confidential vote need be disclosed before polling closes. Afterward, members could choose to publish a short rationale.
Large members might create an internal committee spanning network engineering, legal, security, finance and customer impact. Smaller members could use a short checklist. The standard should scale without turning participation into a compliance exercise only large companies can afford.
Proxy voting deserves similar care. The Articles limit proxy concentration, which protects against one attendee collecting an excessive share. A proxy still represents legal members, not the operational populations behind them. Members granting proxies should provide instructions or confirm that the proxy understands their exposure.
Trade associations and informal coalitions can help smaller operators develop positions. Their role should be transparent. Coordinated advocacy is legitimate; hidden commercial sponsorship or undisclosed control is not. Public meeting records should distinguish an individual member's view from a coalition statement.
Internal democracy cannot replace external safeguards. Customers may never know that a vote occurred. Engineers may be overruled. The purpose is to improve the fidelity of the corporate ballot, not to certify that every downstream interest consents.
The larger principle is that one-member-one-vote should mean one accountable institutional judgment, not one unexplained click. Equality becomes more legitimate when each equal vote carries a visible duty of care.
Better data without building a surveillance system
The evidence gap is large, but the solution must respect privacy and security. Publishing a member-by-member map of resources, customers and critical services could create commercial and operational risks. Governance transparency should not become an inventory for attackers or competitors.
Aggregation bands offer a safer path. An independent auditor can receive member-level data, test it and publish percentiles. Small cells can be suppressed. Values can be rounded. Categories can be combined where identification is possible. Historical releases can be delayed.
Methodology should remain public. Readers should know whether a network count uses ASNs, declared operations or another measure. They should know how corporate control is defined and when data was captured. Uncertainty intervals should accompany user estimates.
Self-reported data needs verification. Members could attest to bands rather than exact values, with random audits and penalties for deliberate misstatement. Registry-held facts, such as LIR accounts and registered resources, can be joined by the auditor without broad publication. Public companies' reports and regulator data may supply additional context, but inconsistent sources should not be forced into false precision.
The system should collect only what governance needs. Exact customer identities are rarely necessary. A band indicating fewer than ten thousand, ten thousand to one hundred thousand, or more than one million affected users may be sufficient for impact review. Critical-service categories can be declared without publishing facility addresses.
Data retention should be bounded. Operational exposure snapshots used for a vote can be archived in aggregate while underlying confidential submissions expire under a defined schedule, except where litigation or audit requires preservation. Access logs and independent oversight should protect the repository.
Trust is central. Members will not disclose exposure if they fear competitive use, sanctions screening beyond lawful purpose or public embarrassment. The auditor should be structurally separate from teams making contested service decisions. Governance data must not become leverage over members.
A reform package that preserves the best feature
The first reform is a constitutional clarification. RIPE NCC should state plainly that one-member-one-vote establishes equality among eligible legal members and does not claim to equalise LIR accounts, networks, operational risk or users. Naming the limit prevents overstatement.
The second is an annual aggregation report. It should publish the distribution of LIR accounts per member, broad resource and service bands, and the relationship between membership and account totals. Corporate-control concentration can be reported in protected aggregate where reliable.
The third is a participation report. General Meeting registration and ballot rates should be compared across safe member bands over several years. The report should identify persistent underrepresentation and evaluate whether meeting timing, language, agenda complexity or member capacity contributes.
The fourth is the four-denominator statement for major resolutions. No proposal with material service or financial impact should reach a vote without member, account, operational and user incidence sections. Unknowns must be explicit.
The fifth is consequence review. A diverse operational council and affected-user forum should review high-impact measures. Their reasoned objections trigger reconsideration, a higher threshold or a temporary sunset.
The sixth is internal voting guidance for members, especially those aggregating multiple accounts or networks. Members should consult relevant teams, disclose categorical conflicts and retain a rationale for major votes.
The seventh is a post-decision audit. After implementation, RIPE NCC should compare predicted and actual effects across the four denominators. Unexpected concentration of cost or harm should trigger adjustment. Governance improves when forecasts face evidence.
None of these changes gives large incumbents more votes. None lets customer counts purchase authority. The member ballot remains equal. The reform adds institutional sight around it.
What the evidence can and cannot prove
The public record proves that RIPE NCC distinguishes members from LIR accounts and that one member can hold more than one LIR. It proves that eligible members receive one vote. It proves that fees are assessed substantially per account. It provides recent totals and meeting participation figures.
It does not prove the distribution of multiple LIR accounts across members. It does not identify which companies operate many distinct networks. It does not show ultimate corporate control, coordinated voting, customer populations or critical-service exposure. It cannot support a claim that a named member has disproportionate influence merely because it is large or well known.
The difference between 20,782 LIR accounts and 20,056 members is therefore not a measure of capture. It is evidence that the units diverge. The roughly fifteen-percent ballot participation in May 2026 is not proof that outcomes are unrepresentative. It is evidence that the active electorate is much smaller than the eligible corporate population and should be studied.
The analysis is institutional, not accusatory. RIPE NCC publishes unusually useful documents, reports and voting records. Those disclosures make the aggregation problem visible. The appropriate response is to extend transparency to the distributions that current totals cannot show.
There may be countervailing evidence. Members with many accounts may vote less often. Small operators may dominate active participation. Corporate groups may decentralise decisions genuinely. Downstream users may prefer their provider to represent them. A proper data programme could narrow or reverse some concerns.
Governance quality lies in making those propositions testable. Formal equality should not require the public to assume that every legal member contains comparable operational stakes. Nor should critics assume the opposite without evidence.
Equality needs more than one denominator
One-member-one-vote remains a strong protection against wealth and resource concentration. RIPE NCC should not discard it. The rule gives a small eligible member the same formal voice as a large company and prevents fees from becoming shares in the registry.
But the vote is equal only at the corporate boundary. Behind that boundary, one member may contain several LIR accounts, networks and user constituencies. Another may contain one. Separate legal entities under common control may appear as several members, while independent operational teams inside one company appear as none. The ballot cannot describe these differences.
For routine association business, that simplification may be acceptable. For decisions that allocate operational risk, it is limited public evidence on its own. The association needs to know account incidence, network exposure and downstream consequence before an active minority of legal members binds the whole service community.
The reform is not weighted voting. It is layered legitimacy. Equal members decide, operational reviewers test blast radius, affected users supply evidence, and public denominator statements reveal who carries the result. A higher-impact decision receives stronger process.
This approach also improves accountability inside companies. A member with many networks should arrive with one considered institutional judgment, not one unexplained corporate preference. It should be able to say which operations were consulted, what risks were accepted and how downstream harm will be mitigated.
The principle can be stated simply: legal equality is necessary, but operational consequence is not legally equal. RIPE NCC's constitution counts the first. Its next stage of governance should learn to see the second.
Public sources
- RIPE NCC Articles of Association, ripe-818
- RIPE NCC Standard Service Agreement, ripe-812
- RIPE NCC Billing, Payment and Fees
- RIPE NCC Charging Scheme 2026, ripe-848
- RIPE NCC Annual Report 2024
- RIPE NCC Member Update: June 2026
- RIPE NCC General Meeting May 2026 Voting Report
- RIPE NCC General Meetings
- RFC 7020: The Internet Numbers Registry System

