Comment by dmurray
3 days ago
You can be strict about who you do business with while still respecting their privacy once they are set up.
The respectable, politically popular country setting this up would simply say yes to the International Criminal Court, but no to Putin.
This doesn't work well as a blacklist of "everyone's allowed unless they turn out to be sanctioned", because some shell company or reseller could register and actually be a front for Russia or whatever other bogeyman. But just serving enormous respectable organisations is a big niche in itself.
But now you're proposing something that doesn't solve the problem for the vast majority of people, since nearly everyone is neither the International Criminal Court nor Vladimir Putin.
It might solve it for the majority of people by compute use, though. Charge $100,000 one time auditing fee to get approved for it. For a Fortune 500 company or EU government agency or a big NGO that's nothing.
One-time anything doesn't work for security, not least because if they're trying to betray you they can change whatever they want as soon as your auditors leave the premises.
Notice also that you're only handling the entities large enough to do things in-house to begin with. Meanwhile one of the biggest problems here is industrial espionage, which is to say startups with interesting new technology.