Hey Bill, thanks for jumping in.
Now, my guess is that these identity-related events such as opening bank accounts and renting property can be modeled as regular Sovrin claims, issued by the corresponding "authority" according to each case. This assumes, though, that each involved entity is an identity on the Sovrin ecosystem already.
Maybe the complication arises when we start seeing these as "events" instead of "facts" that certain entities can attest to in the form of claims (e.g. "HSBC certifies that Bill Claxton is an account holder at such bank"). These claims would of course have a timestamp attribute on it that could serve for audit purposes later.
What I think the "private-ledger" idea boils down to is that HSBC shouldn't use the Sovrin ledger for storing proofs of internal events that are mostly relevant to the bank (e.g. "Certain legal document was edited or updated"). Therefore we need to draw a line between what is relevant to the public identity ecosystem and what is private data management. The latter should be kept in a more private environment (which could be at "consortium" level or even individual agent level).
The question remains, though, why would Sovrin allow for periodical "anchoring" of private-ledger data. If the issue is merely a matter of "spam prevention", where do we set the threshold on how much is too much?
Any additional feedback by the Sovrin team is certainly appreciated.