When a business has some valuable item as part of their business, the company often hires a trusted third party to safeguard the item. The most common example is the company's cash is held in a bank.
The trusted third party, due to specialization and economies of scale, is able to do a good job of safeguarding the asset.
Can this model work for safeguarding personal information? A business collects personal information, perhaps a customer database. But the database is not kept by the company itself; instead it is kept at a trusted personal information bank. This bank only allows the company to access the data in certain audited and well monitored ways. This is similar to how a money bank thwarts employees from embezzling from their own company.
The customer sees that the business uses a mutually trusted personal information bank, and consequently trusts the business.
Ideas: the customer sends data directly to the bank. The company can query agglomerated statistics only. Search queries must have fewer than 10 results. The company may download at most 10 records total per day.
No comments :
Post a Comment