Traditionally, data access decisions are attached to specific use cases and need to be revised should any parameter change (new column, member, application, or regulatory context). They depend on a threat model with assumptions on the auxiliary information an attacker may have and the means reasonably likely to be used for re-identification. Those assumptions need to be reassessed over time.
With Sarus, data access is no longer necessary. Data consumers never see the real data, they only retrieve query results that come, with a mathematical privacy protection: Differential Privacy. This mathematical protection does not depend on the amount of auxiliary information or the means a potential attacker may possess. For that reason, Differential Privacy has become the de facto standard of all privacy research and is widely adopted by public and private organizations to protect sensitive data.
Non-movement of data also means that data processing and data storage all happen in one place. Data transfers are no longer necessary to collaborate across countries or subsidiaries, considerably simplifying large projects in multinational organizations.