Give us the chance to do better
By Dave Birch posted May 26 2009 at 9:50 PM[Dave Birch] One of the frustrating aspects of being a technologist in the identity space is that I know that the technology can deliver more than customers want. There are a number of reasons for this, but two of them will suffice to make a point. Firstly, people's "common sense" version of identity is simply not sophisticated enough for a modern economy and, secondly, that the people who actually specify and procure systems that hinge on identity do not make privacy part of the proposition because they (incorrectly) view security and privacy as opposites. In fact, the technology can deliver both and some times it's very easy to make it do just that. Look at the basic case study of "no fly" lists, where the problem is to check whether someone's name appears on a list of people to be excluded...
In comparing the contents of two databases, such as an airline-passenger list and a no-fly list, for example, officials should be interested only in the names that appear on both lists. They have no need for the rest of the passengers’ names. Those mutual names can be found by first encrypting both lists using strong encryption.
[From Sharing information while preserving privacy is a technologically trivial challenge, researcher says -- Government Computer News]
Quite. And if the lists are encrypted, and don't need to be decrypted to make them work, then privacy is automatically improved without ombudsmen, best endeavours and the rest of it. A rudimentary understanding of the issues is all that is needed to deliver vastly better solutions.