> perhaps it's not completely inconceivable that we could require businesses collecting any personal information from users to be licensed and audited
In Sweden it used to be like this. Starting with a law in 1973 that grew out of fears of big corporation mainframe databases, everyone with a registry of personal information had to register with the government, pay a license fee and comply with a strict data privacy law. Then the 80's and 90's came and the law was slowly weakened and eventually replaced with an implementation of the EU data protection directive which is more self-regulatory.
Good find! So maybe this organization needs to go beyond mere registration and start educating people, at the very least -- actual audits would be better, but of course much more expensive.
In Sweden it used to be like this. Starting with a law in 1973 that grew out of fears of big corporation mainframe databases, everyone with a registry of personal information had to register with the government, pay a license fee and comply with a strict data privacy law. Then the 80's and 90's came and the law was slowly weakened and eventually replaced with an implementation of the EU data protection directive which is more self-regulatory.