Summary
- Registry records are often indispensable primary evidence. The source-dependence risk arises not from institutional origin alone, but when custody, analysis, interpretation and policy recommendation are collapsed into one authoritative statement.
- Administrative data describes what the registry's systems record under current definitions. It may omit discouraged applicants, unreported failures, informal practices and outcomes outside the institution's field of vision.
- A proposal that expands, limits or reviews registry power should publish a source-dependence audit: which claims rely on the registry, which methods are reproducible, which populations are missing, what incentives matter and what independent tests were attempted.
- Independent validation does not always require a duplicate registry. It can use public routing or registration data, applicant surveys, comparative RIR practice, protected third-party review, sensitivity analysis and post-implementation testing.
- Staff impact analysis should remain distinct from the community's policy argument. Staff can state facts, estimates and recommendations, while chairs and boards identify which actor chose the trade-off.
- The objective is accountable reliance, not reflexive distrust. A registry earns greater evidentiary authority by exposing definitions, uncertainty, alternatives and correction history, especially when the proposed rule would constrain its discretion.
The institution is both observatory and subject
An RIR is not merely an organisation with an opinion about number resources. It is an observatory. Requests pass through its systems. Staff sees recurring documentation, failed cases, member questions and implementation friction. Registration services create long time series that no external entity can reproduce fully.
The RIR is also the subject of policy. Proposals may tell it how to allocate, transfer, verify, revoke, publish, retain or secure resources and records. They may reduce discretion, add review, require new evidence or expose performance. The institution that holds the facts may bear the cost or constraint produced by the rule.
This dual position is normal. Regulators use data from regulated industries. Corporate boards rely on management reporting when evaluating management. Courts receive records from parties. The answer is not to pretend dependence can be eliminated. It is to structure reliance.
Four roles should be visible. Custody concerns who holds or generates the record. Analysis concerns how observations become a count, category or estimate. Interpretation concerns what the result means. Recommendation concerns what policy should follow. The same staff team may perform several roles, but the public account should not merge them.
For example, the registry can accurately report a number of eligible accounts, estimate likely demand under assumptions, interpret that demand as an exhaustion risk and recommend a restriction. Each step adds judgment. A challenger may accept the count, dispute uptake, accept exhaustion, and prefer equitable distribution over conservation. Calling the entire chain "registry data" hides where disagreement belongs.
The observatory's expertise is strongest when it reveals these steps. The institution's position becomes more credible, not less, when entities can accept its observations without inheriting every conclusion.
Source dependence is not source contamination
Institutional evidence is sometimes treated with suspicion simply because the institution has an interest. That response confuses dependence with contamination. Interest can motivate selection or framing, but it does not make a record false.
A registry's free-pool count may be authoritative because the registry administers the pool. A list of completed transfers may be more accurate than any external reconstruction. A system estimate may draw on architecture only staff understands. Rejecting these materials would replace informed scrutiny with speculation.
The proper concern is whether the source is asked to prove more than its record supports and whether alternative interpretations can be tested. A free-pool count can establish current recorded inventory. It cannot alone establish future demand, social benefit or the fairness of one distribution rule. A transfer list can show registered events, not every economic arrangement around them.
Institutional interest should trigger disclosure and independent challenge proportionate to consequence. Staff can state which team produced the analysis, what operational assumption it used and whether management approved a recommendation. Entities can inspect method, offer another scenario and compare outcomes elsewhere.
The term "self-serving" is often too blunt. A registry may prefer lower implementation cost, but staff also has a professional duty to warn about real risk. An analysis can support institutional convenience and still be correct. Governance should assess the claim, not infer motive from alignment.
Accountable reliance starts from a presumption that primary records are valuable and fallible. It neither bows to the custodian nor prosecutes it for knowing the system.
APNIC's prop-168 shows the chain in public
APNIC's published impact assessment for prop-168 provides a concrete example of visible institutional evidence. The proposal concerns increasing the maximum IPv4 delegation available under the policy. The Secretariat assessment states its understanding, describes the pool and eligible accounts, estimates aggregate requirements under an assumption that all potentially eligible accounts seek additional space, and predicts rapid exhaustion subject to needs assessment and application validation.
The assessment records that, as of 21 January 2026, the free pool contained 12,077 units of /24 and approximately 15,775 accounts, including national Internet registries, could potentially be eligible. It presents total address requirements of about 42,218 units of /24 if all potentially eligible accounts sought the additional space. It also discusses a waiting-list text change.
These figures are powerful because they are specific and come from the custodian. They are also analytically separable. The inventory figure is an observation under registry accounting. The eligible-account figure depends on category and holdings definitions. The requirement total follows a maximum-demand scenario. The exhaustion statement is a forecast qualified by needs assessment and validation.
A entity can accept the inventory while asking how many eligible accounts are likely to apply, how historical behaviour informs uptake, whether demand arrives immediately and how recovered space affects the horizon. Another may argue that fast exhaustion is the intended equitable result rather than a defect. The numbers do not answer that value choice.
The public assessment makes this discussion possible because it exposes important assumptions. The lesson is not that APNIC's projection is wrong. It is that an institutional report becomes governable when readers can see where custody ends and scenario begins.
Administrative categories are policy-made facts
Registry data is organised through categories created by policy and procedure: member, account, request, allocation, assignment, transfer, historical resource, active record, rejected application and many more. Counts are facts within those definitions. The definitions themselves reflect institutional choices.
Suppose a policy proposal cites the low number of requests for an exception as proof that the exception is unnecessary. The current process may be difficult, poorly advertised or costly. Some eligible organisations may never apply. The recorded category captures entrants, not latent need.
Similarly, a count of completed transfers reflects transactions that satisfied registration rules. It may not capture failed negotiations, arrangements structured differently or resources whose operational control changed without the event being coded in the same way. The registry record remains accurate for completed registered transfers.
A source audit should therefore attach definitions and path. What actions cause a record to enter the category? Which cases exit? Did rules change during the period? Are staff coding decisions consistent? Can an organisation appear more than once? Which unit is counted?
This is not philosophical scepticism. Small definition changes can alter policy conclusions. Counting accounts instead of organisations affects eligibility projections. Counting tickets instead of requests affects burden estimates. Counting address units rather than delegations changes how concentration appears.
Administrative categories should be treated as constructed measuring instruments. Their readings are useful when calibrated. The public needs to know what the instrument can see. A registry that publishes definitions increases the value of its data and reduces arguments driven by incompatible assumptions.
The missing population is often outside the registry
The hardest source-dependence problem is not error inside the dataset. It is the population that never appears. Organisations may be deterred by eligibility rules, documentation burden, fees, language or expectation of refusal. Operators may use upstream space, private arrangements or market substitutes. Harm may be absorbed by customers rather than reported.
Registry records cannot directly count people who do not approach the registry. A proposal citing only institutional transactions may therefore describe current users well while missing affected non-users.
External methods can help. Member and stakeholder surveys can ask about abandoned requests and substitutes. Operator groups can collect structured testimony. Public routing and registration data can reveal patterns outside application records, with careful interpretation. Interviews can identify barriers that a count cannot measure.
Each method has bias. Surveys attract motivated respondents. Routing data does not reveal contractual need. Interviews are not prevalence estimates. Triangulation matters because different blind spots overlap less than one institutional source.
The missing population is especially important when the proposed rule would expand registry power. Low recorded non-compliance may mean the issue is rare, or that detection is weak. High recorded error may reflect improved auditing rather than worsening behaviour. A restriction should state which interpretation supports it and what remains unknown.
Conversely, proposals restraining the registry should not invent an invisible harmed population without evidence. They can present cases, plausible mechanisms and a plan to measure. Uncertainty justifies proportionate design, not whichever conclusion the speaker prefers.
The institution's field of vision is a boundary, not a flaw. Governance fails when that boundary is omitted from the inference.
The registry can shape the denominator
Rates and proportions appear more informative than raw counts, but the denominator can embed institutional power. A registry may report incidents per completed request, per active account, per resource block or per organisation. Each tells a different story.
If failed or abandoned requests are excluded, a success rate may look high. If inactive accounts remain in the base, incidence may look low. If one organisation controls many accounts, account-level analysis may overstate breadth. The correct denominator follows the policy question.
The source-dependence audit should ask who chose the denominator and why. Authors should test plausible alternatives. Staff should provide the fields necessary for aggregate recalculation where confidentiality permits. If only one denominator is available, the limitation should be explicit.
Time denominators matter too. A yearly rate can conceal a surge after a rule change. A short period can exaggerate volatility. Policy phases and system migrations should be marked.
Denominator disputes are not statistical trivia. They affect claims about prevalence, fairness and burden. A proposal saying that "few members are affected" may count organisations, while the affected group carries a disproportionate share of small-network dependency. A proposal claiming widespread abuse may count events rather than distinct actors.
Chairs need not adjudicate advanced statistics. They should ensure that the unit matches the proposition and that competing denominators receive a reasoned response. A conclusion can remain uncertain.
The institution controlling category design will naturally have the easiest denominator. Public scrutiny ensures convenience does not become inevitability.
The impact assessment is evidence and institutional speech
Staff impact assessments combine several legitimate functions. They explain how the registry understands the text, identify systems affected, estimate cost, raise legal concerns and recommend drafting changes. Entities need this expertise.
The document is also institutional speech. It expresses assumptions about acceptable risk, implementation quality, strategic priority and sometimes preferred policy. Those elements should not be hidden behind a single technical voice.
An assessment can separate observations, estimates, interpretations and recommendations. Observations include current system or case counts. Estimates include effort and future demand. Interpretations explain how staff reads a clause. Recommendations propose text, timing or rejection. Each can name uncertainty and approving authority.
When the proposal seeks to constrain staff discretion, this separation becomes essential. Staff may accurately explain that the rule removes flexibility and increases cost. Whether accountability justifies that cost is a public and board choice. Describing lost discretion as operational risk can move the value judgment into a technical category.
Entities should not discount an assessment merely because staff is affected. Implementers see consequences that authors miss. They should ask which claim remains valid under alternative institutional preferences. Could another process implement the rule? Is the cost inherent or tied to current architecture? Does the risk arise from reduced discretion or ambiguous text?
The chair's record should attribute institutional speech. "Staff estimates" is different from "the community finds." If the board later chooses cost over constraint, directors should own the decision. Clear attribution protects staff from being accused of an invisible veto and protects the community from administrative supremacy.
Independent does not mean fully external
Calls for independent evidence can be unrealistic. No outside researcher holds a duplicate of confidential application records or understands every system dependency. Full replication may be impossible and wasteful.
Independence can enter at several points. A public method allows anyone to inspect definitions. An internal analyst separated from the affected team can rerun queries. A community reviewer can test interpretation. An external auditor can examine protected records under agreement. Comparative data can challenge claims of necessity. Sensitivity analysis can reveal dependence on assumptions.
The right form follows the risk. A basic pool count may need routine quality control. A projection supporting a major rights restriction may justify external methodological review. A legal claim may need independent counsel. A security-sensitive issue may use a trusted panel with public conclusions.
Reviewer selection matters. Management should not choose a reviewer solely because they share its initial view. Terms of reference, conflicts and access should be disclosed. The reviewer should publish limitations and preserve disagreement.
Independent review is not a second policy vote. It tests the evidentiary chain. The community and board still choose values. A reviewer may confirm staff's model and disagree with its recommendation, or identify uncertainty without recommending inaction.
Internal openness can sometimes provide stronger validation than a distant consultant. If staff publishes method and answers questions, experienced entities may test assumptions effectively. Independence is a property of challenge and accountability, not a geographical label.
The objective is enough separation that the institution does not become sole custodian, analyst, interpreter and judge of evidence invoked to define its own power.
Public Internet data is a check with boundaries
Number-resource governance has an unusual advantage: parts of the operational environment are publicly observable. Routing tables, RPKI repositories, registry services and delegated statistics can support independent analysis. These sources can test institutional claims about registration and routing behaviour.
They do not reveal everything. A route origin does not prove legal control, need or contractual arrangement. Absence from a public view does not prove a prefix is unused. Registration fields may be stale or privacy-limited. Measurement vantage points differ.
Public data is best used to test specific claims. If a proposal asserts that a registration pattern is widespread, a reproducible query can estimate visible prevalence. If staff predicts routing impact, historical events may inform mechanism. Results should state collection time, source, filtering and limitations.
Authors should release code or query logic where practical, but reproducibility is more than code. Data versions and dependencies matter. A later analyst should understand why counts differ. Sensitive infrastructure details should remain protected.
Registry staff can improve external analysis by correcting misunderstandings without controlling conclusions. A public data dictionary, rate limits appropriate for research and stable bulk access can reduce errors. Community researchers should offer pre-publication factual correction while retaining analytical independence.
Public Internet data will rarely replace administrative records. Its value is orthogonal visibility. Agreement across sources increases confidence. Divergence reveals a question: different definition, missing population, timing or error.
The check works when neither side treats its vantage as complete. Observable routing is not all policy reality; institutional custody is not all operational reality.
Comparative RIR evidence tests claims of necessity
The five RIRs administer related resources through different policies, legal structures and service models. Their records provide natural comparisons. If one registry says a constraint is technically impossible while another implements a close analogue, the claim needs refinement.
Comparison does not prove transferability. National Internet registry structures, membership rules, systems, law and resource history differ. A mechanism that is inexpensive in one region may require major change elsewhere. The policy text may only appear similar.
A disciplined comparison identifies objective, exact rule, affected population, institution, implementation path and observed outcomes. Staff explains relevant differences. Authors do not use another RIR as a rhetorical trump card.
Comparative evidence is particularly valuable for source dependence because it provides another institutional observatory. One registry's categories and incentives do not control the entire field. Divergent data can expose local definitions or system choices.
Global coordination adds complexity. Uniformity may have value for transfers or routing security, while regional experimentation can reveal alternatives. A proposal should state whether comparison supports necessity, feasibility or merely a design option.
The public record should preserve failed comparisons. If another region's practice was examined and rejected because its legal or operational context differed, say so. Future readers then know the issue was considered rather than overlooked.
Comparative review shifts debate from "trust our system" versus "copy theirs" to a more useful question: which consequences arise from the underlying policy and which from our institution's chosen implementation?
The proposal author can become dependent before publication
Source dependence often begins during drafting. An author asks staff for data, learns which fields exist and reshapes the problem around what can be measured. Staff may provide helpful language or warn that an idea is infeasible. By publication, the proposal appears independent while its frame already reflects institutional visibility.
Early consultation is sensible. It prevents obvious errors and produces better text. The governance risk is unrecorded pre-clearance. Entities cannot tell which alternatives were abandoned because data was unavailable, staff discouraged them or the author changed judgment.
Authors should disclose material institutional assistance: data supplied, definitions clarified and major drafting suggestions. Disclosure need not reproduce private conversation. It identifies the evidentiary relationship.
Staff should provide comparable access to other entities. If one author receives a custom aggregate, the method and result should ordinarily become public. Requests can be logged and answered according to a fair research policy, subject to confidentiality and workload.
An author should also seek adverse evidence. Ask what the registry does not observe, which assumption is weakest and what outcome would undermine the proposal. Consultation becomes inquiry rather than approval seeking.
Chairs should not treat staff-assisted drafting as institutional endorsement. Conversely, they should not question the author's independence merely for using the best available source. The issue is traceability and equal challenge.
The proposal's origin story matters because agenda framing can inherit the registry's categories before public debate begins. Making that dependence visible gives entities a chance to widen the question.
Citation loops create manufactured corroboration
An institutional claim can appear to gain independent support through repetition. A registry report publishes a statistic. A proposal cites the report. A board paper cites the proposal. A later staff assessment cites both. Search results then show several documents stating the same fact.
This is a citation loop, not multiple-source corroboration. The underlying observation remains one dataset and method. A source audit should trace claims to origin.
Loops are common because institutional documents are authoritative and accessible. They are not deceptive by default. Problems arise when a later summary drops qualifications from the original or when repetition is treated as confirmation.
Authors should cite primary records where possible and identify derivative sources. Chair summaries should link the exact assessment rather than paraphrases. Researchers can use a claim lineage showing first publication, revisions and later uses.
If an independent analysis reruns the method or tests another dataset, that is genuine corroboration even if it begins from the registry's question. The distinction is method, not organisational name.
Citation loops can also harden policy interpretation. A staff explanation of a clause is quoted in guidance, then cited as proof that the community intended it. The original consensus record may show uncertainty. Tracing lineage prevents implementation speech from rewriting policy history.
The practical rule is simple: count observations and methods, not documents. Ten pages repeating one registry figure remain one evidentiary source unless they add independent validation.
Conflicts belong in the record without accusation
An RIR has legitimate institutional interests: manageable cost, legal safety, system stability, service quality and strategic coherence. A proposal may threaten or advance them. Disclosure should describe these interests without implying misconduct.
An impact assessment can state that the affected team owns the current process, that implementation would reduce discretion or require budget, and that management prefers an alternative. The public can then weigh the recommendation.
Authors and external analysts also have interests. A broker may favour transfer flexibility. A large network may prefer rules matching its compliance capacity. A civil-society entity may prioritise transparency. Symmetrical disclosure prevents conflict language from becoming a weapon used only against staff.
Interest does not set an automatic discount. It directs questions. Does the data remain valid? Were alternatives analysed? Are benefits and transferred costs included? Would the same method be accepted if it produced the opposite result?
Individuals should not be forced to disclose private financial detail beyond established rules. Institutional and professional capacity is usually sufficient. Boards follow formal conflict procedures where decisions affect directors or organisations directly.
The tone matters. Accusing staff of manufacturing data can chill candour. Treating any challenge as hostility protects weak analysis. A mature record says that the institution is affected and explains how review addressed that fact.
Conflict disclosure is a method for preserving trust through visibility. It is not a verdict on character.
A source-dependence audit
Every high-impact proposal should include a concise audit of its evidentiary dependence. Begin with material claims and identify which rely on registry records, staff analysis, public data, entity testimony, comparative practice or models.
For registry-dependent claims, state the custodian, definitions, period, unit, exclusions, method, uncertainty and whether the data can be reproduced or independently reviewed. Identify missing populations and feedback effects created by current policy.
Separate the chain: observation, analysis, interpretation and recommendation. Mark assumptions that drive results. Provide at least one plausible alternative scenario and one counterexample or boundary case. Explain what independent check was attempted and what it found.
Disclose material assistance and interests. Record registry responses and unresolved disagreements. If confidentiality limits testing, describe the protection and reviewer. Link corrections and versions.
The audit should be short enough to use. A table with narrative notes may suffice. Its purpose is not to burden authors with perfect research, but to warn chairs where the proposal rests on an institution's untestable claim.
Staff impact analysis can respond using the same structure. The chair then integrates both into an evidence ledger. Board papers inherit links rather than restating conclusions without provenance.
An audit does not determine whether dependence is excessive. Some questions can only be answered by registry records. It makes reliance accountable and identifies where judgment must compensate for limited independence.
Boards must not turn management reporting into community evidence
Boards receive confidential dashboards, legal advice and management analysis. They need this material to govern the corporation. When deciding a policy that constrains the registry, they may know facts the public forum cannot see.
The board should distinguish its corporate judgment from community consensus. If protected evidence changes the outcome, directors should say that the board made the decision under its authority, identify the evidence category and explain the public rationale as fully as possible.
It should not describe management reporting as though the community tested it. Nor should it send a proposal back with vague reference to operational concern. The chair and entities need enough information to respond or redesign.
Boards can commission independent review where stakes justify it. The terms should test management assumptions, not merely confirm that a report exists. Directors should ask about missing populations, alternative implementation and risks of preserving current power.
Membership accountability depends on this ownership. Members elect or assess directors, not hidden datasets. A reasoned resolution allows them to judge whether deference was appropriate. Confidential annexes can remain protected while public minutes record the action.
Directors also should protect staff from political pressure to alter facts. Methodological independence and correction history matter. A finding inconvenient to management should reach the board and public process under established rules.
Management information is necessary for governance. It becomes legitimate policy evidence through traceable method, fair challenge and accountable board use.
Post-implementation tests reduce dependence over time
Before adoption, many consequences are projections generated by the registry. After implementation, actual outcomes create new evidence. A policy should specify what will be measured and when reviewed.
Compare uptake, pool movement, staff burden, applicant delay, member cost, exceptions and operational effects with prior forecasts. Publish definitions consistent with the original assessment or explain changes. Include evidence from outside the registry's transaction records.
If the institution predicted severe burden and actual cost was lower, future estimates can be calibrated. If an author predicted broad benefit but few affected organisations used the policy, examine why. If missing populations remain invisible, commission targeted research.
Review should have consequence. A pilot may expire, a threshold adjust or a discretionary power narrow. A report that celebrates implementation without testing the original claim closes the learning opportunity.
Independent entities can reproduce public parts of the assessment. A protected reviewer may inspect confidential outcomes. Members should see aggregate performance and uncertainty.
Post-implementation evidence does not remove institutional custody. The registry still records much of the result. It changes the relationship: predictions face observed outcomes, and alternative sources can be designed in advance. Dependence becomes more testable with each cycle.
The strongest evidence policy is one that plans to discover whether it was wrong.
Accountable reliance is stronger than reflexive distrust
Registry governance cannot operate by distrusting every institutional fact. The public would lose the very knowledge needed to write responsible policy. Nor can it operate by treating registry custody as proof of the institution's preferred conclusion.
Accountable reliance preserves the middle. Use the registry's records as primary evidence. Publish definitions, methods and boundaries. Separate observations from forecasts and recommendations. Search for missing populations and counterexamples. Invite independent tests proportionate to consequence. Record interest without alleging bad faith.
Chairs should identify which claims remain source-dependent and how uncertainty affected consensus. Boards should own choices based on protected management information. Authors should disclose institutional assistance and trace citations to origin. Members should fund data access and review.
The result will not always weaken institutional power. Transparent analysis may show that staff's warning is robust and that a proposed restraint is unsafe or disproportionately costly. In other cases, it may reveal that a claimed necessity reflects current systems or preferences rather than inherent limits. Both outcomes are legitimate.
Evidence authority should be earned claim by claim. A registry with a strong history of accurate, corrected and open analysis will deserve substantial trust. That trust remains compatible with challenge because the method, not the office, carries the claim.
The central question is not whether the registry may be cited. It must be. The question is whether the citation lets readers inspect the path from institutional record to public power. When that path is visible, source dependence becomes accountable expertise. When it disappears, the institution's field of vision can quietly become the boundary of policy imagination.
Data access is part of the right to propose policy
An open PDP promises that a person can propose change without holding office. That promise is weakened if only staff can obtain the evidence required to show that a problem exists. Formal authorship remains open while credible authorship depends on institutional permission.
RIRs should maintain a public research-access framework. It can list standard aggregate datasets, definitions, update intervals and known limitations. Entities can request additional analysis through a logged channel. The registry states whether it can answer, what burden or confidentiality prevents release, and when a result will appear. Similar requests receive comparable treatment.
Standard access reduces strategic suspicion. An author does not need a private relationship with staff to learn how many cases fit a category. Opponents can request the same denominator. Staff avoids repeated bespoke work by publishing common queries and data dictionaries.
Some requests will be too costly or risky. The refusal should be reasoned and should suggest a narrower alternative where possible. A denial is not proof that the author's claim is false. Chairs can record that the evidence remained unavailable and adjust the confidence placed on both the proposal and institutional rebuttal.
Data access also needs timing. Information delivered after the discussion phase may be technically responsive and politically useless. High-impact requests should have service targets or cause the policy clock to pause. Preliminary aggregates can be marked while validation continues.
The framework should protect against fishing expeditions and privacy invasion. A requester identifies the policy proposition and minimum data needed. Staff applies disclosure controls. Aggregate results remain public so institutional effort benefits the whole community.
When data access is treated as shared policy infrastructure, the registry's custodial advantage becomes a community asset rather than an informal gate on who can make an evidence-backed case.
Appeals should be able to examine evidentiary asymmetry
PDP appeals often focus on whether chairs followed required stages or assessed consensus reasonably. Source dependence creates another procedural question: did one side receive institutional evidence that the other side had no fair opportunity to test?
An appeal should not retry every statistical disagreement. It can examine whether material claims were disclosed with adequate method, whether a late assessment received response time, whether requested aggregate support was denied without reason, and whether the chair treated an untestable institutional assertion as conclusive.
The appellant should identify the proposition, the unavailable basis and the likely effect on the decision. The reviewing body asks whether the asymmetry was material and whether a proportionate remedy exists. It might order clarification, reopen comment or commission review rather than decide the policy itself.
Reviewers need independence from the original analysis. If staff produced the contested model and chairs relied on it, a board hearing the appeal should not ask only the same team whether its work was sound. It can obtain methodological advice while respecting confidential records.
The public appeal outcome should preserve distinctions. A finding that the evidence process was inadequate does not prove the registry's conclusion wrong. It proves the community lacked a fair basis to rely on it. Conversely, a finding that sufficient method and challenge were available can strengthen legitimacy even when the appellant still disagrees.
This route gives source-dependence safeguards consequence. Without a remedy, disclosure standards become etiquette. With a narrow procedural review, institutions can correct asymmetry without turning every analytical dispute into litigation.
A restraint proposal deserves a symmetrical counterfactual
When a proposal seeks to constrain registry discretion, debate often compares the proposed rule with an idealised status quo. The registry describes the flexibility it currently uses, while authors describe the harm their rule would prevent. Both sides may omit the other's counterfactual.
A symmetrical assessment asks four questions. What happens if discretion continues under current safeguards? What happens if the proposed restraint operates exactly as written? What lighter constraint could address the harm? What stronger protection would be necessary if current evidence proves understated?
Each scenario should use the same population, period and outcome measures. Compare institutional cost, member burden, error, delay, appealability and distribution. Identify who bears false positives and false negatives. The registry supplies operational estimates; affected entities supply experience; independent review tests major assumptions.
This prevents a common source advantage. Staff can describe concrete implementation cost because it sees systems, while the benefit of accountability remains abstract. Authors should specify benefit mechanisms and observable indicators. The assessment should also value preserved rights and reduced arbitrariness even when those benefits resist precise currency.
The status quo has implementation costs too, including manual judgment, disputes and uncertainty. They should be counted. A new rule may transfer cost from applicants to staff or the reverse. A narrow institutional balance sheet is not a social comparison.
Symmetry does not force equal evidence where knowledge differs. It forces the same questions. If one scenario remains uncertain because the registry cannot observe deterred applicants, that uncertainty stays visible rather than defaulting to current practice.
A proposal to restrain power is strongest when it can survive this comparison. A registry response is strongest when it shows not only that change is costly, but that present discretion performs better under a fair measure. The counterfactual turns institutional self-description into a choice among inspectable designs.

