Privacy is a basic human right. With the advancement and prevailing of data collecting and processing, a.k.a. surveilling, technologies in the data economy era, we often put our privacy at the mercy of the collecting agents, e.g., governments, and big corporations, in exchange for their personalized services. Whenever on the grid, we leave trails of digital breadcrumbs to these agents, whose mystical algorithms further decide our fates in both digital AND physical worlds. It's almost impossible to examine, correct, or even regulate these algorithms since most of them are hidden under the name of national security or trade secrets. And yet, the impact and potential damage behind the perceived values are real to individuals and they could be so profound and long-lasting. In a way, we are trapped in the so-called personalization-privacy paradox [5]. We set out to answer the question: from a user’s perspective, how to re/balance privacy-personalization to avoid the paradox as a mean to prevent the forming of negativity creation cycles (NCC’s) [2]. Although this is a very broad challenge, we have categorized related issues into four aspects: ID ownership, data ownership, data security, and regulation compliance. We further elaborated and concluded, by analyzing a typical data life-cycle, that these four aspects can be succinctly addressed by the four essential factors: control, awareness, trust, and accountability. We, then, used these four factors to develop a privacy-preserving system evaluation framework named CAT-on-A-stool to help us evaluate if a system preserves privacy while allowing users to enjoy personalized services. As we pointed out that most operations of these organizations are not transparent. To further our analysis, we borrowed a common practice in the software testing field, black box testing. That is, from user’s perspective, the overall system dynamic can be probe through the control of input side without the insights of the black box. We believe if the input of the system, i.e., identity and access management (IAM) system, complied with the CAT-on-A-stool framework, the overall system should balance the privacy protection and the personalization needs. We examine two common IAM and a newly proposed blockchain based systems with the CAT-on-A-stool framework and found each has their shortcomings. From these study, we propose a novel Decentralized Autonomous Organization (DAO) based IAM solution. The proposed DAO-IAM system is a user-centric global ID system that users have more control over. It consists of a human governance committee to judge and manage policies and audit-related issues, and a DAO to autonomously carry out policies without bias. The DAO-IAM system meets the CAT-on-A-stool evaluation but, like all the new systems, its adoption rate and speed will decide its success. To facilitate the adoption, we have addressed the backward compatibility issue by showing how it works with oAuth systems like Google, Facebook, Yahoo, etc.