Summary

  • In today's regional registry model, an operator can usually change connectivity providers while retaining portable allocations, but it cannot simply replace its authoritative Regional Internet Registry relationship with a competing registry-service provider on equivalent terms.
  • Number Resource Society advocacy for ownership, decentralisation, exit rights and reduced dependency identifies a powerful accountability idea. It should be understood as a reform proposition, not as proof that a complete multi-provider registry system already exists.
  • Genuine portability would separate stable resource recognition from the service organisation maintaining records, credentials and governance relations. That separation would change voting, fees, discipline, appeals and the bargaining position of smaller operators.
  • Portability cannot mean competing claims to the same identifiers. It needs one authoritative state, interoperable updates, secure transfer, continuity for routing authorisations, public accountability and a receiver obliged to accept qualified entrants.

Exit is the right behind the other rights

Membership associations normally emphasise voice. Members vote, elect directors, propose resolutions, attend meetings and complain about services. These rights matter because they allow an institution to correct itself without forcing every dissatisfied entity to leave. Yet voice acquires much of its force from what happens when correction fails.

In an ordinary market, a customer can change suppliers. In an ordinary association, a member can resign, although resignation may mean losing benefits attached to the association. Internet number-resource governance combines both relationships with something harder to move: the authoritative recognition of addresses and autonomous system numbers on which networks, customers, contracts and security arrangements depend.

An operator may be able to change transit providers while continuing to announce portable address space. That is network portability. It does not imply that the operator can choose a different institution to maintain the authoritative registration relationship for the same resources. The Regional Internet Registry remains embedded in allocation history, contractual status, database authority, transfer rules and routing-security credentials.

This makes exit unusually costly. Leaving a membership relationship can threaten access to the administrative functions needed to demonstrate authority over identifiers. Even when a dispute never reaches revocation, the possibility shapes bargaining. An operator challenging fees, procedure or governance acts under the shadow of dependence on the institution it challenges.

A right to move the registry-service relationship while preserving resource continuity would change that structure. Voice would no longer be the only practical restraint. The institution would know that persistent failure could cause members to transfer service rather than abandon their network identity. Every other membership right would operate against a credible alternative.

Portability has two meanings that must not be confused

Internet engineers already use portable and non-portable to describe number resources. APNIC's registration guidance explains, for example, that direct delegations to members or customers can be portable across upstream providers, while non-portable assignments made by a provider generally must be returned when the customer leaves that provider.

That distinction concerns the relationship between an address holder and its connectivity provider. A network with portable space can change transit without renumbering every system. It can multihome, negotiate with carriers and preserve customer-facing identifiers. This is already a profound form of operational independence.

Registry-service portability is different. It would allow the recognised holder to change the organisation providing authoritative registration, credential, support and related governance services while the identifiers and their global status remain stable. The move resembles changing the custodian of a record, not changing where packets travel.

Confusing the two leads to false claims. The existence of provider-independent address space does not prove competition among registries. Nor would a choice among registry-service providers automatically change routing policy. The Border Gateway Protocol does not ask which association collected a membership fee; networks still decide what routes to accept, increasingly informed by registration and cryptographic evidence.

The reform question is therefore narrow but consequential: can a globally unique resource remain recognised while its holder changes the accountable service institution? Answering yes requires a design for authority. It cannot be achieved merely by calling existing address space portable.

NRS identifies the dependency problem more clearly than the implementation

The Number Resource Society presents itself as a global non-profit membership organisation advocating IP ownership, open infrastructure and decentralised governance. Its public writing links centralised registry discretion to continuity and economic risk. A March 2026 NRS article on safer Internet governance explicitly promotes exit rights, redundancy and portability as safeguards against single points of control.

That advocacy is valuable because it directs attention away from meeting participation alone. An operator may hold a vote and still face a single institutional dependency. NRS asks what governance looks like when recognition of a scarce operational asset can be separated from one organisation's continuing discretion.

The public material does not by itself establish that NRS operates a complete alternative registry capable of receiving an RIR relationship while preserving all global recognition, database, transfer and RPKI functions. Its published membership terms govern admission to NRS as an association and state that membership is personal to the accepted entity and cannot be transferred. That membership is not the same thing as portability of number-resource registration.

Precision strengthens rather than weakens the idea. NRS can serve as an advocate, organiser and source of institutional pressure without being described as infrastructure it has not publicly demonstrated. The important contribution is the design demand: exit should not require operational self-destruction.

Turning that demand into a right requires specifications, agreements, liability, interoperability and public tests. Advocacy names the missing control. Engineering and law must make it safe.

The present model bundles recognition, service and politics

A Regional Internet Registry relationship contains several functions. The registry maintains authoritative records, verifies organisations, implements community policy, supports transfers, provides portal access, handles abuse and contact data, operates routing-security services, charges fees and convenes governance. These functions reinforce each other.

Bundling has advantages. One institution can reconcile membership status with resource records. Staff understand the history of allocations. Policy applies consistently across a service region. Security teams can respond across connected systems. Global coordination has a clear counterpart in each region.

The same bundle concentrates leverage. A dispute about fees can affect portal access. A disagreement about documentation can delay a transfer. Termination of a service agreement can have consequences for registration and certification. The organisation that sets administrative demands also judges compliance and maintains the evidence on which outside parties rely.

Internal governance is meant to constrain this power. Members elect directors and adopt specified resolutions; open communities develop policy; courts and arbiters may review some disputes. But remedies can be slow, expensive or collective when the harm is immediate and individual.

Portability would unbundle at least one dimension. The global system would continue to recognise a unique holder and resource status, while the operator could select an accredited institution to deliver defined registry services. Political membership might follow the service relationship, remain regional or become a separate choice. Each option changes who votes and why.

The hardest question is not whether competition sounds attractive. It is which functions can move without fragmenting the authoritative state that makes addresses usable.

Global uniqueness is the non-negotiable constraint

Internet number resources coordinate independent networks because the same identifier is not authoritatively assigned to incompatible holders. A portability regime that allows two service providers to assert conflicting control would destroy the asset it aims to protect. Competition must occur around one source of recognised state, not between rival truths.

This requirement separates number resources from ordinary customer records. Two banks can each maintain an account for the same company. Two registries cannot each validly authorise different organisations to originate the same prefix. The receiving provider must inherit an uncontested relationship, and the previous provider must lose the ability to issue current authority.

A shared recognition layer could record the resource, holder, service provider, status, effective time and relevant constraints. Providers would submit changes through authenticated interfaces. The layer would enforce uniqueness and preserve a history sufficient to resolve disputes. Public data could remain privacy-limited while audit bodies inspect protected evidence.

Control of that layer would itself be a major governance power. If one incumbent RIR owns it unilaterally, portability may simply move the interface while leaving the original dependency intact. If a new global body owns it without accountability, reform creates a larger chokepoint. Federation can distribute operation, but it still needs common rules for conflict.

The design principle should be thin authority: enough central or jointly governed state to prevent duplicate recognition, not enough discretionary service detail to recreate a monopoly. Every additional field should be justified by a coordination need.

Portability is legitimate only if the Internet sees one valid answer before, during and after the move.

The transfer event is a constitutional moment

Moving a registry relationship changes who may update records, authenticate contacts, approve later transfers and issue credentials. It is more than a customer-service request. A flawed move can hijack an organisation's network identity; an obstructed move can trap a legitimate holder.

The process therefore needs dual protections. The current holder must authorise the change through verified representatives and strong credentials. The current provider must confirm the state of the record and disclose unresolved restrictions. The receiving provider must complete due diligence and accept responsibility. The recognition layer must execute an atomic change so there is no period of ambiguous control.

The losing provider cannot possess an unrestricted veto. Otherwise, the very institution being left decides whether exit is allowed. Its objections should be confined to published grounds such as identity uncertainty, active fraud investigation, court order, sanctions obligation, unpaid charges directly tied to the defined service, or a pending competing claim.

Each ground needs time limits and independent review. A vague assertion of risk can delay a move indefinitely. Emergency holds may be necessary, but they should expire unless confirmed by a reviewer with authority to examine protected evidence.

The receiving provider also requires obligations. It should not accept a relationship through weaker checks simply to gain fees. Accreditation, insurance, audit and sanctions for misconduct make competition credible. Exit from one provider must not become entry into a race to the bottom.

A completed move should produce a signed receipt showing the effective time, transferred functions, retained history and route for correcting error. Portability becomes a right when the exceptional refusal is more accountable than the ordinary transfer.

Routing security turns portability into a live operational test

Resource Public Key Infrastructure allows authorised holders to create Route Origin Authorisations that networks can use in route validation. Registry systems commonly sit in the certificate chain and provide hosted or delegated arrangements. Changing registry-service providers must not cause valid routes to become invalid or leave old credentials active ambiguously.

A safe move needs a credential transition plan. Existing authorisations should remain valid through a bounded overlap or be recreated under the receiving authority before the old chain ends. The system must prevent both a gap and double control. Operators need machine-readable notice and a rollback path if validation changes unexpectedly.

Delegated certificate authorities add complexity. An operator may control its own keys while depending on the parent for continuing recognition. The move must preserve child resources, publication points and revocation semantics. Hosted users need an accessible way to reproduce their authorisations at the destination.

Security logs should permit independent reconstruction without exposing private keys. Tests should cover clocks, stale caches, partial network reachability and providers in different jurisdictions. A transfer that succeeds in a portal but causes global route invalidity is not portable in any meaningful sense.

The routing-security requirement also disciplines rhetoric. Ownership language can imply a self-executing property right, but operational authority is expressed through coordinated technical systems. A holder's protection depends on institutions recognising and distributing current state.

Portability should improve that protection by reducing dependence on one service provider. It must not weaken the shared security evidence on which other networks rely.

Records must move without losing history

Authoritative registration is not only a current name beside a prefix. It includes allocation lineage, transfers, status changes, contacts, supporting evidence, disputes and policy conditions. A move that copies only the visible record can erase context needed for later verification.

The receiving provider needs enough history to serve the holder and assess future requests. The recognition layer needs enough to prove continuity. Auditors and dispute bodies may need protected access to older evidence. The former provider should not retain unnecessary personal data indefinitely merely because it once supplied the service.

A portability standard should define a minimum transfer record. It could include resource identifiers, validated legal entity, authority chain, current contacts, status, active restrictions, credential state, transfer history and evidence hashes. Sensitive documents may remain encrypted or under escrow with controlled access rather than copied broadly.

Data quality disputes need separate treatment from portability. A former provider should be able to flag a documented inconsistency without blocking every move. The destination can accept responsibility for correction under supervision. Otherwise, poor records become a lock-in mechanism.

Members should be able to inspect the package before transfer and challenge errors. After transfer, they should know which provider holds each category and when residual copies will be deleted. Privacy follows the data across institutional boundaries.

Historical continuity is one of portability's quiet benefits. A common transfer format would force registries to define what evidence actually sustains recognition, reducing reliance on institutional memory and undocumented local practice.

Fees become prices only when exit is feasible

Registry charges are often adopted through membership governance rather than set through direct provider competition. Members can vote on a charging scheme, but an individual member dissatisfied with the result cannot usually take the same authoritative relationship to a competitor. The fee is a collective decision within a regional monopoly-like service structure.

Portability would change the character of charging. An accredited provider could offer service levels, support, tools or governance terms at a stated price. Operators could compare the full cost of moving, not merely the annual fee. Inefficient or unresponsive providers would risk losing relationships.

Competition would not remove the need to fund shared coordination. The recognition layer, policy functions, security infrastructure and audits are public or collective goods within the system. A portable model needs a transparent common charge or contribution formula so providers cannot underprice by free-riding.

Nor should price become the only measure. A low-cost provider might weaken verification, privacy or resilience. Accreditation can establish a floor, while public performance data lets operators compare delivery, complaint outcomes, incidents and financial health.

Exit also strengthens voice within the incumbent. A member negotiating a disputed charge knows that rejection is not its only collective tool. The board knows that a fee rise must retain members through value and trust, not only through lack of alternatives.

The discipline works only if switching cost is controlled. Excessive common fees, long delays or proprietary data formats can preserve lock-in while creating the appearance of a market.

Voting rights would need a new foundation

If political membership follows the chosen service provider, portability can rapidly change electorates. A registry offering favourable governance terms might attract members and gain greater regional influence. An incumbent could lose voters after an unpopular decision. This is part of the intended accountability effect, but it creates new risks.

Providers could compete for votes rather than service quality. A sponsor might subsidise memberships to capture a governing body. Corporate groups could distribute relationships across providers. Rapid migration before an election could turn operational choice into tactical enfranchisement.

The system must decide what a vote represents. Is it oversight of the provider receiving the fee? Participation in policy affecting the resource? Voice in the shared recognition layer? Regional association membership? These are distinct constituencies.

One model separates them. Customers vote in their service provider's corporate governance. Resource holders participate in policy through a provider-neutral forum. The shared recognition layer is overseen by a multi-stakeholder or federated body with narrowly defined powers. Rights follow functions rather than travelling as an indivisible bundle.

Another model retains regional membership while permitting a different accredited provider to perform administrative service. That preserves the electorate but weakens the link between payment, service and voting. It may be appropriate if regional policy remains central.

Whatever model is chosen, eligibility snapshots and anti-manipulation rules should be public. Portability should make institutions answerable to operators, not make elections purchasable through temporary migration.

Voice becomes sharper when exit is credible

Albert Hirschman's familiar distinction between exit and voice is useful here: entities can respond to decline by leaving or by trying to improve the institution. The mechanisms are complements as often as substitutes. A credible exit option can make voice more attentive because leaders know dissatisfaction has consequences.

RIR elections often suffer from limited participation relative to the full membership. A board can interpret low turnout in several ways: satisfaction, indifference, information cost or weak competition. Exit adds another observable signal. Sustained movement to another provider would reveal a problem that survey answers or ballots might not capture.

Migration data must be interpreted cautiously. Operators may move for price, language, tools or corporate restructuring rather than governance. Providers should publish aggregated reasons selected voluntarily, alongside service and complaint data. No single metric is a mandate.

Exit can also reduce voice if the most dissatisfied leave and stop participating. The incumbent electorate may become more homogeneous. Rules should allow former customers to raise transition disputes and contribute evidence about shared standards even after migration.

Providers should not retaliate against critics by accelerating termination or impeding a move. The portability right is especially important for members using governance rights. A cooling-off rule around elections or disputes can prevent administrative action from being used as political pressure while preserving genuine security responses.

The aim is a productive tension: voice offers correction without disruption; exit ensures that voice cannot be ignored indefinitely.

Smaller operators gain bargaining power only if entry is open

Large networks can absorb legal advice, maintain direct relationships and escalate disputes publicly. Smaller operators may depend on one portal contact and lack staff dedicated to registry governance. Portability promises the greatest relative benefit to them, but only if receiving providers must serve them.

A market can become selective. Providers may seek large, low-risk customers and reject small organisations, difficult jurisdictions or legacy records. An operator leaving a disputed incumbent could find no accredited destination willing to accept it. The formal right would then exist only for attractive members.

Accreditation should include fair-access obligations. Providers may use risk-based checks and charge cost-reflective fees, but refusal grounds must be objective, written and reviewable. A provider of last resort may be necessary for qualified holders unable to obtain service, funded by the shared system rather than controlled by the incumbent they seek to leave.

Assisted portability can reduce technical barriers. Standard tools should inventory contacts, routing authorisations, dependencies and documents before the move. Grants or pooled support may help small non-profit and community networks meet verification costs without weakening checks.

Language and time-zone coverage are legitimate dimensions of competition. A provider close to an operator's working context may deliver better support than a distant regional institution. Diversity can improve inclusion if common standards prevent fragmentation.

Portability should be measured by successful moves across member sizes and jurisdictions, not by the existence of a transfer button used mainly by sophisticated firms.

Jurisdictional choice is useful and dangerous

Registry relationships are legal relationships. Changing providers may change governing law, data location, sanctions exposure, insolvency treatment and routes for court review. Operators can gain resilience by selecting a jurisdiction suited to their risk. They can also create conflict among legal orders.

A court might direct one provider to freeze a record while another jurisdiction requires transfer. Sanctions applicable to the losing provider may not bind the receiver, or vice versa. Privacy law may restrict movement of personal evidence. A globally recognised resource cannot be subjected to incompatible secret orders without a conflict rule.

The portability framework should identify which law governs the shared recognition state, which governs the service contract and how mandatory local law is handled. Providers should publish legal transparency reports in comparable categories. Holders need notice where lawful and an avenue to contest measures.

Jurisdiction shopping should not become evasion. An operator cannot erase a valid court order simply by moving. Restrictions should attach to the resource state when issued by a competent authority under agreed standards, while disputed or overbroad orders receive independent review.

Geographic diversity can improve continuity if no single government can disable every provider. It can also fragment legitimacy if providers advertise immunity from lawful accountability. Resilience requires both distribution and a principled recognition rule.

The goal is not a lawless registry market. It is to prevent one jurisdiction or institution from being the sole practical route to operational existence.

Failure of a provider must not strand its members

Exit rights are most valuable when a service provider fails financially, technically or institutionally. Waiting for each holder to initiate a move during collapse would be dangerous. The system needs automatic continuity.

Accredited providers should maintain escrowed state, tested recovery procedures and financial reserves or insurance proportionate to their responsibilities. The shared recognition layer must be able to suspend a failed provider's update authority without invalidating the holders it served.

A receiver or temporary administrator can take over essential functions while members choose a destination. Routing-security credentials and public records should continue through the transition. Changes may be restricted to urgent corrections until authority is verified, but ordinary network operation should not depend on the failed company's systems.

Failure criteria and intervention powers must be narrow. A coordinating body should not remove a provider merely because it is unpopular or challenges incumbent policy. Objective triggers could include insolvency, sustained service unavailability, loss of accreditation after due review, security compromise or abandonment.

Members need representation during administration. They should receive status information, retain access to their records and be able to contest allocation to a receiver. Costs should be covered by pre-funded arrangements rather than an emergency ransom.

A portability regime without failure portability is incomplete. Routine switching demonstrates choice; orderly rescue demonstrates that the architecture has actually reduced systemic dependence.

Dispute resolution must outrun operational harm

Registry disputes can move faster than courts. A portal credential can be disabled, a transfer paused or a certificate changed while legal review takes months. Portability adds another urgent event: a provider may block departure, or an attacker may attempt an unauthorised move.

The system needs tiered remedies. An immediate technical hold protects the status quo for a short period. A specialist reviewer then examines identity, authority and documented restrictions. A fuller arbitral or judicial route addresses contractual and legal claims. Each stage should have a deadline and defined effect on the resource.

The presumption should differ by claim. A credible hijack allegation justifies freezing a change. A fee dispute may justify preserving a debt claim but not disabling stable resource recognition. A governance complaint should not prevent exit unless it overlaps with a specific legal restriction.

Reviewers require independence from both providers. Funding can come from a common levy, but appointment, tenure and conflict rules should prevent institutional loyalty. Published anonymised decisions would develop consistent standards while protecting sensitive evidence.

Compensation matters. If wrongful delay causes measurable harm, the responsible provider should face liability beyond refunding a fee. Liability limits may be necessary to keep services affordable, but a right without a remedy will be under-protected.

Speed and accuracy are not opposites when the first decision is deliberately temporary. Preserve safe state quickly, determine final rights with full evidence, and keep network continuity separate from punishment.

Portability cannot solve every governance failure

Competition does not eliminate capture. Providers may consolidate, share vendors or coordinate prices. A dominant receiver can replace a regional monopoly. Operators may choose weak oversight in exchange for easy administration. Shared infrastructure can remain a single point of failure beneath multiple brands.

Exit also does little for people affected by registry decisions who do not hold resources. End users, researchers, civil society and downstream customers may have no provider relationship to move. Public-interest duties, transparent policy and accessible complaint mechanisms remain necessary.

Some rules must be common. Global uniqueness, transfer integrity and baseline security cannot vary according to customer preference. Operators dissatisfied with a valid anti-hijack requirement should not be able to shop for a provider that ignores it.

Nor does portability decide ownership in the full property-law sense. Number resources operate within technical and institutional coordination. A transferable service relationship can strengthen control and due process without converting every address into an unrestricted commodity.

Internal democracy remains important. Members should not have to migrate whenever directors make a disputed but legitimate decision. Switching has costs for both operator and system. A healthy provider should offer effective elections, consultation, appeals and transparency precisely so exit remains exceptional.

Portability changes the balance of power. It is not a substitute for governing the powers that remain shared.

The current RIR system offers essential comparison points

The five RIRs differ in corporate form, membership, policy development, contracts and appeal arrangements, yet they coordinate a globally coherent number-resource system. Their experience demonstrates the value of regional knowledge, public records, established transfer rules and shared technical standards.

A portability proposal should begin by mapping these functions rather than dismissing them as bureaucracy. Which services are essential to uniqueness? Which depend on local law? Which can be standardised? Which governance rights belong to members and which policy rights belong to a broader community?

Current inter-RIR transfers provide partial evidence. Where policy permits resources to move across regions, registries coordinate checks, records and effective dates. That is not the same as choosing a continuing service provider independently of region, but it proves that authoritative relationships can be reconciled across institutions under agreed rules.

Provider-independent resources offer another comparator. They show how stable identifiers reduce dependency on connectivity suppliers. The analogy is incomplete because routing remains decentralised while registration authority is structured differently. Still, the economic effect is instructive: portability improves negotiating position even when most holders rarely move.

The reform case should identify what the RIR model does well and preserve it. A new architecture that offers theoretical exit but weaker security, records or continuity would leave operators worse off.

Institutional competition deserves the same engineering seriousness as the coordination it seeks to improve.

A staged implementation is safer than a constitutional leap

Registry-service portability could begin with limited separation rather than immediate global competition. A first stage might standardise export packages, eligibility attestations, complaint records and routing-security transition tests across existing RIRs. Members would gain clearer custody rights even before choosing another provider.

A second stage could accredit service agents for bounded functions such as verification support, contact maintenance or hosted tooling while authoritative approval remains with the RIR. Performance data would reveal whether multiple providers improve service and whether oversight works.

A controlled pilot could then permit voluntary moves for a defined resource class between participating institutions. The pilot should exclude active disputes at first, publish success and failure criteria, and undergo independent security assessment. Rollback must preserve the original recognised state.

Only after evidence should portability expand to more providers, jurisdictions and functions. Elections and policy participation may need separate pilots because their risks differ from record administration.

Staging must not become indefinite avoidance. Each phase should have dates, decision criteria and public results. Incumbents should not control the evidence needed to authorise the next stage. Operators and independent technical experts need roles in evaluation.

The purpose of gradualism is to learn while protecting continuity, not to reduce the right to a permanent demonstration. A successful pilot should create a presumption of expansion; a failure should identify a remediable mechanism rather than end the debate by default.

Metrics should reveal whether exit is genuinely usable

A portability regime can look complete on paper while failing in practice. Public metrics should show applications, completions, refusals, withdrawals, median and tail duration, credential incidents, routing effects, disputes and costs. Results should be segmented enough to expose exclusion by size or geography without identifying holders.

Concentration is a key measure. How many providers are accredited? What share of relationships does each serve? Do they rely on the same database, cloud platform, certificate infrastructure or verification vendor? Legal diversity without technical diversity may provide little resilience.

Switching reasons can illuminate governance. Voluntary categories might include price, service quality, language, tooling, legal risk, policy disagreement and provider failure. The data should not be used to profile or punish members. Aggregate trends can direct oversight.

Continuity measures are decisive: route-origin validation changes, record availability, update delay and reported customer impact during moves. A low number of completed transfers means little if every one caused instability. Conversely, few moves may still discipline providers if the option is credible and tested.

The system should conduct periodic simulated provider failure and mass transfer. Results, remediation and unresolved risks belong in public reports. Portability that works only for one planned member at a time will fail during institutional crisis.

Metrics turn an ideological claim into an accountable service right. They show whether operators can actually leave without surrendering what makes their network identifiable.

NRS has an opportunity to specify the right it advocates

NRS's public emphasis on ownership and decentralisation gives it a distinct role in the debate. It can move the discussion from dissatisfaction with particular registries to the architecture of operator independence. The next step is specificity.

A model portability charter should define the holder, resource, service provider and shared recognition authority. It should state transfer eligibility, refusal grounds, deadlines, data package, credential continuity, fees, liability, audit and appeal. It should distinguish current NRS association membership from any future registry-service relationship.

NRS can also convene adversarial review. Incumbent registry engineers, operators, routing-security specialists, privacy lawyers, smaller networks and public-interest groups should be invited to identify failure modes. A proposal becomes more credible when it publishes the strongest objections and changes in response.

Demonstrations should use non-production test resources or an isolated environment until global effects are understood. Claims about ownership should be translated into observable capabilities: inspect, authorise, correct, move, contest and recover. These verbs are easier to test than a metaphysical title.

NRS should also subject itself to the standards it proposes. Its published membership terms grant broad admission and termination discretion. Advocacy for exit rights is stronger when the organisation explains notice, reasons, appeal, member data return and continuity of benefits in its own association.

Institutional reform gains authority through example. The advocate need not already operate the final system, but it should make its own power legible.

A portability charter can state the bargain plainly

The core right could be expressed in one sentence: a verified holder may transfer defined registry services for recognised number resources to an eligible provider without loss of identifier, routing continuity or authoritative history, subject only to published, necessary and reviewable restrictions.

Each phrase does work. Verified holder prevents hijack. Defined services prevent ambiguity about what moves. Recognised resources preserve the shared coordination state. Eligible provider creates a quality floor. No loss of identifier states the economic protection. Routing continuity makes the right operational. Authoritative history prevents erasure. Necessary restrictions protect law and security. Reviewability constrains incumbents.

The charter should add provider duties: non-discrimination, data portability, security, financial resilience, transparent terms, assistance on exit and cooperation with audits. The shared authority should be limited to uniqueness, accreditation and conflict resolution. Policy and corporate governance rights should be separately mapped.

Members need advance notice of changes that affect portability. A provider should not impose a proprietary format or exit charge after a dispute begins. Common standards should be openly maintained, with transition periods and compatibility tests.

The charter must survive stress. It should describe mass migration, sanctions conflict, court orders, provider insolvency, credential compromise and disputed corporate control. Ordinary success is not enough for infrastructure governance.

Plain language is important because portability reallocates power. Operators should understand not just how to submit a request, but which institution can stop it and how that decision can be reversed.

Exit without fragmentation is the governing challenge

The attraction of portability is straightforward. An operator that can leave without renumbering, losing authoritative history or disrupting route security is less captive. Providers must earn continued relationships. Fees resemble prices, service promises become comparable, complaints gain leverage and governance voice is backed by an enforceable alternative.

The danger is equally clear. If competing providers can create competing truths, the Internet loses global uniqueness. If security credentials break during transfer, routes fail. If providers shop jurisdictions for permissive rules, accountability weakens. If only large operators can move, inequality grows.

These are design constraints, not reasons to dismiss the question. Existing Internet institutions already coordinate transfers, portable allocations, distributed routing decisions and multi-party security. Registry-service portability extends that logic into the institutional relationship and therefore deserves rigorous examination.

NRS contributes an important provocation: decentralisation should be measured by the ability to reduce dependency, not by the number of consultation channels surrounding one indispensable authority. Its strongest future claim would not be that exit is simple. It would be that exit can be specified, tested and governed without sacrificing common coordination.

The right changes every other right because it changes the consequence of refusal. A vote can be ignored, a survey can be noted and an appeal can be delayed when the member remains captive. Credible portability does not guarantee that the member wins. It guarantees that institutional loyalty is no longer the price of keeping a stable network identity.

That is a demanding bargain. The holder gains choice; the provider accepts contestability; the shared system preserves one truth; and the Internet continues to route. If those conditions can be met together, exit becomes not a threat to coordination but one of its strongest disciplines.