Interesting. Not the api part but the idea itself. What we need is bitcoin like encrypted decentralized personal file with an open spec. This file can be edited only by the owner while can be read by anyone. Then we need exporter applications which can read this data and provide as an api. Now there are two levels of abstraction:data owners and data providers. There can be "data unions", groups which can negotiate with data providers and data consumers for a better deal(money,privacy). Identity verification can now be handled by data unions instead of data providers(as is the case now). "Take control" anyone?