Maybe the way to go with this is to have an auditing system where third-party auditors go through the source code (with NDAs) and certify it meets $PrivacyStandards. This might be a way to appease the folks who want to keep their software proprietary and yet make sure they don't just get to do what they want. Kind of like financial audits.
Sorry, but no. For this to work you will need a select group of people with too much power. Why would I trust those people instead of the original creators? This is just going to create a parasitic industry, with no much value.
Man I'm so sorry I let this slip and didn't get back to you. It's not perfect for sure, but better than nothing and possibly something people will buy into.
The big problem is there is no licensing-yet- that could be removed if they were caught lying. So you're right- we would have to build a trust model somehow.
