Good Custodians

Data owners, controllers, and processors need the custodians help.  Be a good data custodian!

– Provide upstream feedback to data actors when data is altered or moved.
– Always disclose where the data resides and never move it without permission.
– Mask and redact when sensitive data enters untrusted zones.
– The data owner should own the keys and control the gates.
– The controllers and processors may borrow keys granted by the owner.
– The data custodians should not need or want the keys.
– More informed data owners, controllers, and processors make better decisions.
– Be empathetic to the data owners...they are trusting you.

Being a data custodian is a tremendous responsibility.  In most data hosting models, we can tamper, loose, and steal a customer's data.  Someday, the vast consumers or our services will realize the risks they've so poorly understood as the information age exploded.  And when they start to ask questions (e.g., who can actually see my medical records?) and demand control (e.g., you can't see my records unless I give you a token!), you better have the capabilities and enthusiasm to empower their control.