Re: Cloud Multipass proposal
I agree with the principle of personal data being stored in one place, but then you argued the gatekeepers should be the very organisations that have demonstrably abused that data again and again.
It makes a lot more sense that my personal data is stored only on a server located in the UK and I give explicit permissions to others for a range of limited access.
eg. When I open a new bank account I point them at my data. The server contacts me to advise the bank is requesting access to my data, and I give explicit permission for a one time access to x,y,z (proof docs that I am who I say I am, etc) and lifetime access to a,b,c (address, phone number, etc). The bank will never be allowed to store any of that data. It stays on my appointed server, and they access it as and when they need it, to say, email me, or write to me. I therefore have my very own auditable log of who's been accessing my data. And I only need change my details if I move house on that one server. No need to tramp around dozens of organisations updating my details.
Question is. Who in the UK would I trust to look after my details.