Summary

  • Registry fees, compliance work, address scarcity, transfer conditions, certification changes and deregistration risk can travel through providers into user prices and service, even where users have no direct registry contract.
  • The relevant denominator is the affected dependency chain for each decision: direct holders, sponsored holders, downstream networks, business and public-service customers, and individual users. Subscriber totals show exposure but do not create a voting mandate.
  • Existing member, holder and policy appeals should remain primary. The gap is a limited downstream impact route that can submit evidence, obtain notice and trigger review where upstream failure threatens service or where no direct holder can adequately present the harm.
  • The remedy should not turn registries into general consumer regulators or abuse desks. It should be bounded to registry-controlled acts, require an actionable connection, protect security and commercial information, and coordinate with providers and competent authorities.

The invoice and the right travel in opposite directions

An Internet user pays a monthly bill to an ISP. Part of that price supports address management, routing administration, certification, compliance staff and the provider's relationship with one or more number registries. The user may never see these costs itemised. If a registry rule increases operational expense, the provider can absorb it, change products or pass it downstream. If a resource registration is suspended or a route authority fails, the user may experience degraded or lost service.

The formal right travels upward instead. The user's contract is with the ISP. The ISP or an upstream network may hold resources or receive them through another provider. The direct registry member, resource holder, sponsoring organisation or authorised contact receives notices and can use account tools. Appeal and arbitration may be limited to parties within those recognised relationships.

This divergence is ordinary contractual design, not necessarily injustice. Registries cannot administer billions of retail accounts, and an end user should not be able to seize control of an ISP's resources by alleging inconvenience. Providers need authority to operate networks and protect confidential topology. Consumer law and telecom regulators may offer remedies outside the registry.

Yet the gap becomes a governance problem when registry-controlled action creates foreseeable downstream harm and the affected user has no route even to supply evidence, learn the basis of the risk or trigger review. The institution sees one account-holder dispute while the impact surface contains hospitals, schools, small businesses and households.

Standing need not mean a vote or a claim to the resource. It can mean a bounded right to be heard about a registry-caused dependency harm. Designing that right requires following both money and operational effect through the full chain.

The direct relationship is clear—and intentionally narrow

Regional registries organise services around members and holders. APNIC's resource page states that APNIC provides number resources to members and that members are entitled to request addresses and AS Numbers. Eligible organisations provide legal and operational evidence. RIPE NCC membership guidance says members can request resources and make assignments to end users or customers; organisations can also obtain independent resources through a sponsoring Local Internet Registry.

ARIN's Registration Services Agreement is between ARIN and the holder and defines the included number resources and registration services. The agreement identifies the party capable of making contractual commitments. This clarity supports reliable administration.

The user's retail payment does not create privity with the registry. Fees may pass through several layers: registry to member, member to downstream provider, provider to customer. The amount paid by a user cannot be traced mechanically to a particular registry service. Many costs are shared across networks and products.

Direct standing properly belongs first to the party whose account or registration is affected. That party can authenticate, provide corporate documents, disclose network plans and accept conditions. Allowing any downstream claimant to direct resource changes would create fraud and operational risk.

The narrow relationship also limits registry competence. A registry generally does not know whether an ISP met retail service levels, billed fairly or breached consumer obligations. Those disputes belong with the provider and relevant law.

The governance question is therefore not whether users should become registry members by paying an ISP bill. It is whether direct-party remedies are enough when the registry's own act can propagate beyond the party it recognises.

“End user” has several technical and legal meanings

The phrase end user can describe an individual using a connection, a business customer, an organisation receiving a direct assignment, a network that does not sub-assign addresses, or the final party in a contractual resource chain. Mixing these meanings creates false claims about rights.

RIPE-area documents can use “End User” for an organisation with independent number resources under a sponsoring arrangement. Such an organisation may have formal agreements and identifiable rights relating to the assignment. It is not the same as a household broadband subscriber behind provider-aggregatable space.

An enterprise customer may operate its own network and ASN while buying transit from an ISP. A small business may receive static addresses under the provider's allocation. A household may share translated address space. A mobile user may move across large pools. Their dependency and evidence differ.

Reports should name the layer: direct registry member, direct resource holder, sponsored independent holder, downstream network, enterprise customer, public-service customer or individual retail user. “End-user representation” without the layer is analytically weak.

Standing should also be issue-specific. A sponsored holder may need a direct route for a registration dispute. A hospital behind an ISP may need to submit continuity evidence before a deregistration action but should not control the resource. An individual may need accurate public notice after a large outage but not access to confidential registration files.

Clear layers prevent both overreach and exclusion. They stop retail users being described as contract holders while ensuring that organisations called “end users” in resource policy do not absorb every human affected downstream.

Costs move downstream even when rights do not

Registry charges are only one component. Policy changes can require staff time, identity documents, routing changes, renumbering, security tooling, audits, support and legal review. Scarcity can raise acquisition or transfer costs. Certification and directory obligations can require new systems. These costs enter provider budgets.

Whether users pay depends on competition, contract, scale and accounting. A provider may absorb a small fee, pass it across all customers, charge a particular product, delay investment or exit a market. A registry cannot infer retail incidence from the amount it invoices.

Impact analysis should therefore use ranges and pathways. Identify the direct compliance task, which provider types perform it, fixed and variable components, plausible pass-through channels and customers most exposed. Small providers may bear a larger per-customer burden; large providers may impose larger aggregate impact.

Subscriber totals can estimate exposure but not mandate. An ISP serving one million users can provide evidence from a large deployment. It does not cast one million votes or automatically speak for customer preferences. Users may value security, privacy, price and continuity differently from the provider.

Prospective customers and people lacking service can also be affected. A rule that favours established holders may raise entry costs or limit new coverage. They do not appear behind a current member account.

The denominator for cost incidence is the set of services and customers plausibly bearing the change, with uncertainty. The denominator for direct rights remains eligible holders. Publishing both prevents institutions from treating the contractual boundary as the impact boundary or the subscriber base as an electorate.

Service failure follows a dependency graph

Number resources are not connectivity by themselves, but their registration and routing use sit inside service dependencies. A provider may rely on address allocations, ASN registration, routing registry data, reverse DNS and resource certification. A registry action can affect one or more mechanisms. Upstream carriers, cloud services and customer networks add further layers.

A dependency graph should identify the registry-controlled node, the direct holder, operational intermediaries, services and downstream user classes. It should distinguish likely technical effect from contractual consequence. Deregistration does not always cause immediate route loss; route rejection does not affect every network equally; renumbering risk varies by architecture.

Before high-impact suspension or revocation, the registry should ask the direct party for dependency information under protection. How many downstream networks and critical services rely on continuity? Are resources visible in routing? Is there a migration plan? What fraud or security risk argues against delay?

The party may provide incomplete or self-serving information. Independent public routing data, protected customer submissions and relevant authorities can test the picture. No single source proves the full impact.

Downstream users need not be individually counted. Exposure bands, service categories and geographic ranges are enough for proportionality. The institution should avoid publishing topology that creates security risk.

The graph clarifies remedy. A registry can pause its own action, correct registration or coordinate transition. It cannot guarantee the ISP's retail service or repair an unrelated fibre cut. Standing should attach to the node the registry controls.

Existing escalation routes reveal the contractual boundary

APNIC's transparency page directs members to feedback channels and offers an escalation form for an operational decision by the Secretariat. The APNIC management escalation page describes the form as an appeal of such a decision. These routes are important for direct account relationships.

The RIPE NCC arbitration page describes an Arbiters Panel for specified disputes and resource evaluations. The current conflict procedure identifies disputes between members and the RIPE NCC, among members, and in specified legacy-holder relationships. The subject must be actionable and enforceable.

RIPE's summary of arbitration rulings shows cases involving membership, deregistration, transfers, billing and member–end-user relationships. It also shows limits: not every dispute between actors around a resource falls within the procedure.

These boundaries are rational. An appeal body needs jurisdiction, evidence and an order it can enforce. A household subscriber usually cannot ask it to decide a retail contract or ownership dispute.

But the existence of a boundary should be explicit in impact planning. If a direct holder is insolvent, unresponsive, conflicted or itself causing harm, downstream evidence may never enter. If a suspension occurs before retail remedies can prevent outage, later damages are a weak substitute.

A downstream route should supplement, not displace, these formal appeals. It can establish standing to submit impact evidence and request review without granting standing to adjudicate ownership or direct account control.

Policy participation is open, but participation is not remedy

Regional policy forums often allow anyone interested to participate. APNIC's process says anyone with an interest in number-resource management in the region may join the list and take part in meetings physically or remotely. RIPE's policy process similarly permits broad participation and an appeal concerning process handling.

This openness gives users and civil-society organisations a route to argue for better general rules. It does not necessarily help a customer facing an imminent service interruption from application of an existing rule. Policy discussion is prospective and collective; remedy is case-specific and time-sensitive.

Nor can ordinary users realistically monitor specialist lists for every upstream dependency. An open archive is valuable but does not provide practical notice that a provider's registration may change. The provider may be prohibited from sharing details, or may not know the end users most exposed.

Institutions should not answer remedy gaps by saying anyone could have joined the policy meeting years earlier. Participation opportunity cannot waive unknown future harm. Conversely, one user's hardship should not rewrite policy through an individual case without review of other affected parties.

The two channels should connect. Recurring downstream-impact submissions can trigger policy review. Policy records should identify foreseeable user effects and design case remedies. Case reviewers apply the adopted rule while preserving urgent safeguards.

Open participation contributes legitimacy; it is not standing in the legal or administrative sense. A credible system needs both a general voice and a bounded route for a person whose dependency has become concrete.

ICANN At-Large is not a substitute for registry standing

ICANN has an institutional home for individual Internet users. The At-Large Advisory Committee is a 15-member advisory body, with regional and nominating routes, that advocates on ICANN activities affecting end users. Its role description includes policy advice and participation in accountability mechanisms.

This model demonstrates that individual-user interests can receive a formal channel in identifier governance. It should not be used to claim that number-registry users already possess case standing. ICANN's domain-name and address-supporting structures have distinct remits. ALAC advice does not control a regional registry account, reverse an address-resource decision or adjudicate an ISP contract.

The comparison is still useful. At-Large separates user-interest advice from direct commercial-provider relationships. It creates an institutional voice without treating every user as a registrant or operator. Number-resource governance could establish a narrower impact function tailored to registry-controlled harm.

That function need not copy a global committee or claim to represent billions. It might be an independent reviewer, ombud channel or regional panel receiving downstream evidence. Membership should include operational, user, legal and public-service perspectives, with transparent selection and conflicts.

The function's claim must remain modest: it helps the institution understand and review user impact. It does not speak for every user or convert an advisory view into a resource entitlement.

Using ALAC rhetorically as proof that “users are represented” would repeat the original error. A channel's existence does not establish case jurisdiction, constituency coverage or acceptance. Scope and remedy must be stated.

A downstream impact route needs a strict admissibility test

Opening a registry to every complaint about Internet service would overwhelm it and duplicate regulators, courts and provider support. A limited route should accept only claims connected to a registry-controlled act or omission.

An admissible submission identifies the affected service, the direct or intermediate provider where known, the relevant number resource where safe, the registry action or pending action, the plausible dependency and the remedy sought. The remedy must fall within registry control: verify notice, correct a record, review application, pause an action, coordinate transition or refer systemic evidence.

Retail billing, content moderation, speed disputes, spam, phishing and ordinary outages remain outside scope unless the claimed cause is a registry action. The RIPE NCC reporting procedure similarly distinguishes registration issues from network abuse and routes disputes to the appropriate procedure.

The claimant need not prove the full technical chain at intake. Users may lack routing expertise. Staff can perform a preliminary link check. Frivolous or duplicate claims can be grouped, with reasons and referral information.

Standing should scale with requested remedy. Anyone can submit credible impact information. A temporary review request requires evidence of material and imminent harm. Participation in a formal account dispute may require a direct contractual, statutory or documented dependency interest.

False statements and abuse of the channel need controls, but identity requirements should not exclude vulnerable users unnecessarily. Confidential submissions, representative complaints and trusted public-service contacts can provide alternatives.

The test keeps the registry focused while ensuring that the absence of a direct contract does not make operational evidence inadmissible.

Notice should follow foreseeable impact, not every subscriber

Registries cannot notify every person behind an address block. They often do not possess customer lists and should not request them. Notice must travel through responsible intermediaries while preserving an independent public signal for high-impact actions.

The direct holder receives formal notice. It should have a duty, where lawful and feasible, to notify downstream providers materially affected by suspension, deregistration or forced transition. Those providers notify critical and business customers under their contracts and sector rules.

The registry can publish a non-sensitive action class, timetable and impact guidance without naming a disputed party where confidentiality or security requires it. For broad policy changes, public notice should explain user-facing consequences in ordinary language and provide a channel for evidence.

Critical public services may need protected direct notice through established authorities or sector contacts. A hospital should not learn about a foreseeable address transition from a public post, but the registry should not build a permanent list of every hospital behind every provider.

Notice quality should be measured. Report direct notices delivered, intermediate acknowledgements, known downstream notices, delivery failures and exceptions. Non-response is not consent. Emergency action may precede full notice, but reasons and retrospective communication should follow.

The denominator is the set of parties the institution or direct holder could reasonably identify as materially exposed, not all Internet users. Unknown dependencies remain part of risk assessment.

Layered notice respects the contractual chain while recognising that foreseeable harm does not stop at it. It also creates a record for later review when an upstream party fails to communicate.

Interim protection matters more than eventual apology

If a registry action can contribute to route loss or service interruption, a successful appeal months later may not repair the damage. Customers may have lost transactions, public services or trust. A downstream impact route therefore needs authority to request interim safeguards.

Possible measures include a short administrative hold, maintenance of non-disputed registry functions, staged transition, preservation of route-authorisation continuity, restricted changes, additional authentication or an emergency contact conference. The measure depends on security and legal constraints.

Interim protection is not a presumption that the holder is right. Fraud, sanctions, hijacking or serious security risk may require immediate action. The reviewer balances the probability and scale of downstream harm against the risk of delay, records reasons and limits duration.

Users should not be able to freeze legitimate enforcement by submitting mass complaints. A credible technical link and materiality threshold are required. Duplicate claims can add evidence of scale without resetting deadlines.

The direct holder must be heard where possible, and confidential evidence protected. Competent authorities may need coordination. The registry should identify which functions it can safely maintain without implying continued entitlement.

Post-action review remains essential. Did the predicted harm occur? Were notices effective? Did the holder use the delay responsibly? Did security risk increase? Publish aggregate outcomes.

The value of standing is often the ability to affect timing before irreversible harm. A system that accepts downstream evidence only after completion recognises impact rhetorically but not operationally.

Critical services justify priority, not extra ownership rights

Hospitals, emergency communications, public administration, schools, financial systems and infrastructure providers can create severe externalities when connectivity fails. Their downstream evidence deserves rapid treatment.

Priority should attach to impact, not a claim that the service owns the provider's address space. A hospital customer cannot direct transfer or prevent every policy application. It can document dependency, lack of substitutes, safety consequences and required transition time.

Define criticality through existing law, sector designation or evidence, not institutional intuition. Small community services may be critical where alternatives are absent. Large commercial customers should not obtain priority merely through purchasing power.

The registry can maintain a protected pathway for designated authorities and verified service contacts. It should avoid publishing sensitive topology. Aggregate reports show the number of critical-impact reviews and safeguards without naming targets.

Providers remain responsible for resilience. They should not use registry review as a substitute for addressing plans, redundancy or customer communication. Reviewers can require mitigation commitments as a condition of delay.

The denominator for critical exposure is services plausibly affected, with uncertainty; the remedy remains limited to registry-controlled action. This distinction prevents a user-impact safeguard from becoming a hierarchy of entitlement.

Priority review is justified because consequences differ, not because some users receive constitutional standing above others. Ordinary users may also suffer material harm and retain the general submission route.

Evidence must move upstream without exposing users

Downstream users may hold sensitive information: network diagrams, patient services, business dependencies, security incidents or customer counts. Public disclosure could increase risk. Yet unsupported claims are difficult to assess.

The route should accept protected evidence with a public summary describing what it supports, its source type, review status and uncertainty. Independent reviewers can verify details under confidentiality. Direct holders receive enough information to respond without unnecessary identity exposure.

Aggregated customer evidence can be supplied by associations, consumer bodies, regulators or trusted technical organisations. Their mandate and sampling method should be stated. A provider's subscriber total does not reveal how many customers depend on the disputed mechanism.

Routing and measurement data can test plausibility but have limits. Visibility in global tables does not prove every service path. Absence of a public route does not prove no dependency. Human evidence and operational telemetry should be combined.

Conflicts must be disclosed. A competitor might use the channel strategically; a customer might be in a commercial dispute; a provider might exaggerate harm to delay enforcement. These possibilities affect weight, not automatic admissibility.

Data retention should be short and purpose-bound. Registry staff handling ordinary accounts should not gain unrestricted access to customer evidence. Published case summaries suppress identifying details where necessary.

The process succeeds when it lets decision-makers see beyond the direct account without turning the registry into a repository of private downstream relationships.

User voice should not become subscriber-weighted voting

Once institutions acknowledge downstream users, pressure may arise to weight providers by subscriber count or create mass petitions. Both can distort governance.

Subscriber figures use inconsistent definitions. Wholesale lines, households, devices and active accounts cannot be added cleanly. One person may use several providers. A large provider's commercial position may diverge from user interests. Weighting by scale entrenches incumbents and treats market share as public authority.

User evidence should establish impact, alternatives and priorities. It should not multiply votes. A single well-supported case can reveal a class-wide risk; a million identical form submissions do not create a technical fact. Volume can indicate salience if identity and duplication limits are clear.

Representative bodies should disclose how they formed a view, whom they reached and what remains unknown. They should not claim all users. Random or structured sampling can improve evidence, but response bias remains.

Policy consensus continues to evaluate reasons under the published process. Member votes continue to use eligible account rules where applicable. Boards continue to exercise defined authority. The downstream route adds evidence and remedy, not a new weighted chamber.

This restraint also protects small and future users. A community network serving hundreds may expose a severe design flaw. A prospective entrant has no subscribers yet. Their evidence should not disappear behind incumbent scale.

The central separation is exposure versus authorisation. Subscriber counts can estimate how many people might bear an effect. They do not authorise the provider to legislate for those people.

Provider responsibility remains central

ISPs choose architectures, contracts, redundancy, customer communication and risk controls. Not every downstream harm from a registry action is caused solely by the registry. A provider may fail to maintain contacts, ignore notices, depend on fragile arrangements or conceal a dispute.

The impact review should trace contribution rather than search for one culprit. Which registry act occurred? What did policy require? What did the holder know? Which provider choices amplified or mitigated harm? What alternatives existed? The answer determines remedy and future prevention.

Direct holders should maintain current authoritative contacts and dependency escalation plans. Sponsoring providers should document responsibilities to independent holders. Retail providers should tell customers about material number changes where contracts and law require.

Registries can condition interim safeguards on cooperation: verified contacts, migration milestones, customer notice and security controls. Failure can narrow relief. Downstream users retain other remedies against providers.

Case summaries should avoid implying that the registry guarantees connectivity. Its accountability concerns registration services and actions under its control. Telecom quality, commercial damages and consumer redress remain elsewhere.

Coordination agreements with regulators and dispute bodies can reduce gaps. Referral should include enough context that users do not restart from zero, subject to consent and confidentiality.

A limited standing route works only if it respects this distribution of responsibility. It is a bridge across the contractual gap, not a transfer of every provider duty to the registry.

A dependency-impact statement belongs before major changes

High-impact policy proposals and operational changes should include a public dependency-impact statement. It identifies the registry function, direct parties, downstream layers, plausible user effects, evidence received, alternatives, notice route, interim protection and review.

The statement begins with denominators. How many direct holders fall within scope? How many sponsoring relationships? What downstream network and service classes are known? Which exposure estimates are unavailable? Avoid converting customer totals into votes.

It should separate technical necessity from distributive choice. A security improvement may be necessary while deadline, documentation and exception design remain open. User evidence can inform those choices without challenging the technical objective.

Staff should test failure scenarios: unresponsive holder, insolvency, disputed control, sanctions, provider collapse, incorrect contact, software error and urgent hijack response. For each, identify who can submit evidence and which functions can be preserved.

The accountable body approves residual risk. If downstream standing remains unavailable, it explains why provider, court or regulator remedies are sufficient. If a new route is created, scope and duration are clear.

After implementation, compare predictions with support cases, appeals, delays, incidents and pass-through evidence. Review at a scheduled date rather than waiting for crisis.

This statement gives boards and policy chairs a view of the population beyond direct contracts. It also gives users an accurate account of what the registry can and cannot do.

Metrics should reveal the remedy gap

An annual accountability report can show direct appeals, downstream impact submissions, admissibility, referrals, interim measures, resolution time, critical-service cases, repeated issue classes and known service effects. It should include unknowns and privacy suppression.

The denominator for acceptance is valid submissions received under the published test. The denominator for remedy use is accepted cases where that remedy was available. Do not divide by all subscribers; registries do not know that population accurately.

Low submission volume does not prove no gap. Users may not know the route, providers may block information or harm may appear as an ordinary outage. Survey awareness among affected intermediaries and test referral links.

High rejection can indicate misuse or an overly narrow test. Sample rejected cases independently and publish common referral destinations. Repeat out-of-scope retail complaints may show where public explanation is failing.

Track notice and timing. How many direct notices failed? How often did downstream evidence arrive before action? How often did interim protection prevent disruption without increasing security risk? Outcome review should avoid claiming causality where several factors changed.

No composite user-protection score is needed. The report should identify where evidence entered, what the registry could remedy and where responsibility lay elsewhere.

Metrics make the contractual boundary observable. They show whether it functions as a sensible division of labour or a wall that hides foreseeable effects.

Standing can be limited without being symbolic

A workable model has three levels. Information standing allows any person or organisation to submit credible evidence about a registry-linked impact and receive a reasoned scope response. Review standing allows a materially exposed party to request examination and interim safeguards. Party standing in a formal dispute remains limited to recognised contractual, legal or resource relationships.

Information standing is broad but does not control an account. Review standing requires a plausible dependency, materiality and an actionable registry remedy. Party standing carries stronger procedural rights because the decision directly determines the party's recognised interest.

An independent reviewer triages submissions and can join duplicates. The direct holder and relevant registry function respond. Security and confidential evidence receive protected handling. Urgent cases have short deadlines; ordinary cases can feed scheduled review.

The decision states jurisdiction, facts supported, uncertainty, balance of harm, action and referral. It does not adjudicate retail damages or resource ownership outside authority. Appeals concern the impact-review process, while underlying account appeals follow their existing route.

Governance oversight examines patterns and recommends policy changes. It cannot quietly rewrite allocation rules through individual relief. Temporary exceptions expire or return to the responsible body.

This architecture gives the user something real: a route to put evidence before the institution, obtain a reasoned decision and affect timing where the institution controls the risk. It does not promise rights the registry cannot supply.

Wholesale chains require a lead party for review

A retail ISP may receive addresses from a wholesale provider that depends on another carrier or sponsoring registry member. The registry may recognise only the top contractual party, while the user experiences the bottom of a long chain. Sending every complaint independently upward would create duplication and conflicting accounts.

For an accepted impact case, the reviewer should map the known chain and designate a lead direct party. Each intermediary confirms its role, notice status and mitigation. The lead does not gain ownership of downstream evidence; it coordinates response to the registry-controlled issue.

Where an intermediary is unresponsive or conflicted, the reviewer can communicate around it without changing resource authority. Protected evidence from downstream networks can test claims about migration and customer exposure. Commercial terms remain confidential unless essential.

The record should distinguish direct causation, amplification and unrelated failure. A registry action may create risk, a wholesaler may delay notice and a retailer may lack redundancy. Remedies can then be assigned to the actor capable of performing them.

Time limits prevent chain mapping from delaying urgent security action. An interim measure can preserve a narrow function while parties verify dependencies. If the top holder is fraudulent or no longer exists, the registry follows its existing control procedures and uses downstream evidence only for continuity planning.

The denominator is identified affected intermediary networks, not every customer account. Unknown branches remain in the risk statement. Public summaries show chain depth and service classes without publishing topology.

A lead-party model preserves contractual order while preventing each layer from assuming another has presented the impact. It converts a diffuse dependency into an accountable review without making the user a registry account holder.

Market exit and insolvency expose the standing gap

The direct holder may disappear. Insolvency, acquisition failure, abandoned infrastructure or disputed control can leave customers dependent on resources whose recognised contact cannot act. A remedy designed only for a functioning member is weakest when users need it most.

Registries already need due diligence for closure and transfer. The downstream route should supply continuity evidence, not decide ownership. Customers and intermediate providers can identify active services, contact failures and realistic migration periods. Administrators, courts and competent authorities retain their legal roles.

An emergency continuity plan can preserve registry accuracy while avoiding abrupt harm. Measures may include a time-limited freeze on contested changes, verified caretaker contacts, staged renumbering or coordination with successor providers. Security and hijack risk may require tighter controls.

Notice should reach known downstream networks through protected channels. Public statements must avoid implying that continued service is guaranteed. Users should be directed to providers and relevant authorities for contractual claims.

After resolution, publish an anonymised review: when the contact chain failed, what evidence revealed active dependencies, which interim action was used and whether policy needs amendment. Repeated cases can justify standard procedures.

The possibility of provider failure is not a reason to give every user a permanent property interest in addresses. It is a reason to ensure that operational reality can reach the registry after the formal voice at the top of the chain has vanished.

The user behind the provider is part of the operating surface

Internet number governance often speaks in the language of members, holders, allocations and registrations. These are necessary administrative units. Connectivity is experienced farther downstream by people and organisations whose names never appear in registry records.

Their absence from the contract should not be mistaken for absence from the system. They finance it through service prices, depend on its continuity and bear some consequences of its rules. At the same time, dependency does not make them owners of upstream resources or experts in every registry decision.

The proper response is neither universal direct standing nor contractual indifference. It is layered accountability: strong direct-holder rights, open policy participation, dependency-impact analysis, layered notice, protected evidence, limited downstream review, interim safeguards and referral to competent consumer or legal bodies.

This model preserves the provider's operational role. It prevents subscriber counts from becoming votes. It keeps registries within mission. And it gives institutions a way to see harms that their account structure otherwise filters out.

The test of standing is not whether a user pays a traceable fraction of a registry invoice. It is whether a registry-controlled act creates a material, actionable dependency effect that no existing party can adequately present. Where that test is met, listening is not an expansion into general regulation. It is recognition of the operating surface the registry already affects.

The invoice may still travel down through the ISP and the formal resource right may remain upstream. Evidence and accountability, however, no longer need to stop at the same boundary.