People stop re-proving facts
A fact the government already holds is answered by the registry that holds it. Fewer certified copies, fewer queues, fewer reasons to drop out of a service.
The problem
The answers already exist. Asking for them safely is the hard part.
Governments already hold the data for faster, fairer services. What is usually missing is the safe way to use it: who may ask, what answer is appropriate, what stays private, and how use is reviewed. These are the recurring problems Registry Stack is built around.
The payoff
Fix the asking, and three things change.
Safeguards become infrastructure
Purpose, scope, and disclosure limits are checked on every request, and every trust-critical request leaves an audit record a reviewer can actually read.
Every integration compounds
Each connection leaves behind a described, governed registry surface the next program reuses, instead of code two people understand.
The recurring problems
The same failures show up across very different registries.
Each one is independent of any single domain. They appear in civil registration, social protection, business registries, farmer registries, health facility registries, and more. Registry Stack changes the runtime and metadata surface around the data; it does not replace the source.
Data exists, but is not service-ready
A school directory lives in one focal point’s spreadsheet. Three teams email for copies, and three months later nobody can say which list is authoritative.
What changes
The source stays where it is. A public contract describes who may ask, for what, with what freshness, and on what authority.
APIs over-share records
A licensing counter needs a yes or no. The only available API returns the full record: date of birth, address, and ten years of history the clerk never asked for.
What changes
A route can return "license valid" or "actively registered" without exposing the underlying record. The caller gets the fact; the rest stays with the owner.
Safeguards need technical enforcement
A data-sharing agreement is signed for one purpose. The API has no purpose field, no scope, and an access log a reviewer cannot read. A year later, an inspector has nowhere to look.
What changes
Purpose, scope, and disclosure limits are checked at the point of access, and each trust-critical request leaves a reviewable audit record.
Integrations become one-off negotiations
A national registry has integrated three partners. Each started with the same questions in a fresh email thread. The fourth partner asks them again next week.
What changes
The answers are published once, as artifacts every partner can read. The negotiation starts from a shared contract instead of from scratch.
Capabilities are hard to discover
A registry exists, but what it offers lives in a PDF refreshed nine months ago and the memory of two engineers. The first technical decision is made before any artifact exists.
What changes
A registry publishes machine-readable metadata: which entities, fields, policies, and evidence offerings it actually exposes, before any code is written.
Semantics do not line up
Two registries both expose a field called status with a code active, but mean different things by it. The integration code quietly becomes the definition.
What changes
Each registry publishes what its fields and codes mean, so an integrator can see both definitions and decide, instead of discovering the mismatch in production.
Identity and matching are unclear
A cadastral service answers "owner confirmed" without saying which record it matched, on what fields, or how confident the match was. The assessment goes out anyway.
What changes
The match becomes part of the contract: a signed answer carries which record was matched and on what basis, instead of a hidden join inside integration code.
Division of labor
The technology does its part. Institutions keep theirs.
Registry Stack makes registry use explicit, governed, and reviewable. The decisions that belong to institutions stay with institutions, on purpose.
What a pilot looks like →- Whether a caller is legally entitled to a fact remains an institutional decision.
- What a field or code means is defined by the registry that owns it, not by integration code.
- Foundational identity, deduplication, and master data remain with the systems mandated to hold them.
- Semantic review, authorization policy, and human accountability stay human.