Use Digital Rights Management to Protect Privacy
Craig Mundie, writing in Foreign Affairs, says that in the era of big data a new approach is needed. Instead of worrying about limiting data collection, control should be focused on "the moment when it is used."
One of Mundie's arguments against curbing the collection of data is that there can be dividends from aggregated data, such as learning how to "better address public health issues, learn more about how economies work, and prevent fraud and other crimes."
Mundie suggests building a version of digital rights management into electronic personal data in order to protect it: "All electronic personal data would have to be placed within a 'wrapper' of metadata, or information that describes the data without necessarily revealing its content. That wrapper would describe the rules governing the use of the data it held. Any programs that wanted to use the data would have to get approval to 'unwrap' it first. Regulators would also impose a mandatory auditing requirement on all applications that used personal data, allowing authorities to follow and observe applications that collected personal information to make sure that no one misused it and to penalize those who did."