As currently written, access to the Access Grant Registry is reserved for Trusted Agent Access. However, in cases where a given agent is given control permissions on a subset of data (e.g. a Data Registration or instance(s) of a Data Registration), they should to be able to update the access grant registry with access changes they make. Without this support, we will end up with (more) frequent inconsistencies in the Access Grant Registry and the actual permissions granted to items in the Data Registry.