Abstract: A Data Controller stores information in a secure vault and establishes rules for retrieval of information therefrom, subsequent use of such information, etc. Requests for information carry terms governing the subsequent use of such information. Any discrepancies in terms may be resolved by negotiation until agreement is reached. Requested information is retrieved only if the terms are in accord. The agreed-upon terms governing use of the information remain associated with the information, e.g. with the requesting party or any third parties to which the information is later transferred. Interfaces may be provided to later allow the Data Controller to access, modify and update any of its disclosed information or the associated terms of use. Accordingly, compliance with the original terms of disclosure can be ensured even after relinquishment of information to requesting parties, or third parties. Authentication of the information or requests therefor may be verified by an independent party.