Gdpr
The GDPR
https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
"The GDPR's primary aim is to enhance individuals' control and rights over their personal data and to simplify the regulatory environment for international business."
These regulations are in harmony with our goals to give the user complete control over their data.
Of particular interest is the "Right to be forgotten." This means that users have the right to delete themselves from a public database. I think this is crucial, and we need to think carefully about implementing it. Obviously, if a user or its data were written to a public blockchain, their public keys are permanently there. So how does one "forget" a thing that cannot be deleted. KERI has a solution to that. See KERI.