There are numerous ways to solve various aspects of data protection and privacy regulations, some more successful than others (see for example OpenPDS and Privacy by Design). Especially smaller start-ups must spend a large amount of time and resources to get these things right and much too often end up with ignoring securing their own and their customers’ data. As a consequence of there being lots of different solutions to this, it is hard to get a common look and feel for the customer across different systems that needs to deal with data protection and privacy and the user have to register the same data for different services over and over.
One way to address these issues is with a public/common system identifying and securing the exchange of customer data (we call it the system). Sites or various kinds of services the system can interact with will be referred to as services. There are several key questions related to such as system possible to explore further:
- How to identify the user accurately?
- What is the least amount of information the system and a service must exchange and store?
- If more information is needed for a service, how can it ask the system (and user) for it?
- Will it be possible to automate most of the negotiating of contracts?
- How can a system ensure that the user controls if and how the service can get in contact?
- Would it be beneficial for a service to have its own representation in the system?
- What should be the models of ownership of a system like this?
- How should data be organized to standardize across service providers?
- Is it possible to construct the system in a “future proof” manner?
- How can the system be constructed so it is easy to use for services and end-users?
- Where should the system store data?
- What is actually implemented already and what is missing for building the system?
- How to reach critical mass?
- What is needed to build a healthy ecosystem on top of the system
- How should the system be transparent to get the necessary trust of users, developers and services?