Canadian data privacy laws state that an organization is responsible for the life cycle of the data. Most orgs struggle with protecting it while it's in use, what about after they no longer need it?
Getting users to accept new security controls is an uphill battle, any setback makes it harder for any solution to push out additional security measures.
The Digital Economy Act of 2017 in the UK is trying to put up enforceable age gates to pornography. That might be a good idea but it's extremely difficult to actual do online. At the same time, here in Canada, our major financial players are launching a joint identity service.
Security awareness is next to useless. Educate users instead
Passwords are a horrible solution to the challenge of authentication. But they're the "best" we have for now...right?
Does blockchain finally bring the transparency and accountability needed for an internet scale identity provider?