It looks like the right time for the PDPB
Personal Data Protection Bill will help us in guarding our data. :-)
Easy to implement, easy to use. Here is the idea:
- person is in control of his/her personal data;
- person can dynamically grant access to personal data;
- data access is granular, ex. mail address, e-mail address, SSN, etc.;
- dynamic access allows person to limit access to the data, ex. Facebook can only see my name;
- person is granted right who queries personal information;
- person can sue the company that leaked his/her data;
- no company but public Data Banks can store personal information locally for longer than a session;
- dynamic access allows person to see who queries and what info.
The above can be done with public Data Banks that will keep your information and share it with Facebook and the likes (API to access personal data). Person uses private key to encrypt data and public key to grant access to personal data. Person can have a keychain with 365/366 keys for re-encryping personal data.