A kill-switch for centralized records?

What will be done if a user of a central records database is malevolent?

In 1944, the Netherlands’ government-in-exile pressed the British to precision-bomb buildings containing personal records. Attacks were carried out on municipal archives in many locales across the Netherlands. Fire brigades took their time; watching a building as the records went up in flames.

Between 1941 and 1943, the Germans used details in records to isolate, deport and murder more than 150,000 Jews residing in Holland.

Records were also used to identify opposition and to round-up conscripts for forced labor in Germany.

What is a balanced view of identity and privacy and security?
Stephen Lewis is isolating the issues and posting about identity and the infrastructure of records.