I am dealing with this exact issue now, and I agree that both ends of the equation need to move toward the middle. Organizations need to be more prescriptive about what information specifically needs to be private and why. And the tool vendors need to understand that openness is not the answer to everything.