You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I needed a placeholder to define this, and work it into at least a personal blog post.
The governance layer cake is the stack of different regulatory and moderation aspects of data / social networks.
At the bottom, you have where the physical infrastructure of uplinks to the internet, data centers, and physical servers. Which region/country that is in will be the regulatory environment.
Next you have an entity that owns that, or leases access / servers / etc. from one entity down. That entity might be eg a corporation, registered in the same or a different region than where the infrastructure is. So, e.g. you're a private corporation registered in BC, Canada, renting a data center in France, from a French data center owner. Or insert Public Benefit Corporation, Government Crown Corporation, Co-op, or any other entity or structure. The simplest version is when you're an entity in one country, with an agreement with another entity in the same country.
Then you've got software running on those systems. For arguments sake, lets call that that a protocol, and that you're running a node or an instance that conforms to that protocol. There may be some form of protocol governance.
e.g. if you're running an email server you're going to need an IP address and various cryptographic DNS records if you want deliverability. If you aren't a good actor in a protocol participation (e.g. an IPFS mainnet aka PAPAYA, or a particular testnet or chain in a blockchain), you might get censored (your email server is blocked) or have other protocol level consequences.
Next, there is running an instance. Let's use an ActivityPub protocol example, a Mastodon server. There are server rules and a terms of service and various settings for that instance, including block rules, and whether or not you federate with other AP servers. This is where content moderation comes in. The users on and off that server will have content moderation applied.
The people running that server -- let's go back to the regionally registered entity -- they will need to comply with running a web service on the Internet in that region.
I'm going to give an example here -- which may in fact be wrong! I am not a lawyer! -- let's say someone posts a picture of a swastika:
In Germany, this would be illegal! That would be a regional rule, around Nazi related content. The content moderation would need to remove that image.
In the US, just posting a picture of a swastika wouldn't be illegal. It might be handled at the content moderation layer of a particular server, or other servers in the protocol, or at the "you're going to be defederated" content rulings of the network
In Canada, it might be illegal, depending on context (we have strong anti hate speech laws, while the US doesn't have this)
Depending on the entity that runs the server -- e.g. assuming it's a private entity of some kind -- the people running an instance can pretty much do whatever they like. They can leave some content up, or take others down, and they aren't required to have transparency or even consistency.
Someone that wants to make complaints, legal claims, etc. will need to understand the governance layer cake, and at which layers they have what standing -- from moral to community to participatory to regional legal etc etc -- in order to make such a complaint.
I'd like to preserve the opportunity for people to share content, without having private corporations being the arbiter of what's allowed. And, understanding that the current regime of a region, may be hostile to certain groups, that should have access to a protocol that lets them communicate. And that when having discussions, one must consider whether a future server owner or a future regime, might be "against" things.
As an entity who runs protocol instances, you should care about this so you can reduce the regulatory burden of figuring out what you have to comply with. You also may think about setting up participatory governance so that your users -- and other entities in your protocol -- believe in the legitimacy of your process.
As someone who is concerned with misinformation, disinformation, hate speech, and many other kinds of bad content and harassment, you should inform yourself about this layer cake, including the nuances of a particular protocol, and not only rely on private corporations to do content moderation and decision making.
There is much more that is needed here. Consider this a placeholder that could also use a diagram, perhaps with different protocol architectures included.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Decentralized Data Compliance Working Group
-
I needed a placeholder to define this, and work it into at least a personal blog post.
The governance layer cake is the stack of different regulatory and moderation aspects of data / social networks.
At the bottom, you have where the physical infrastructure of uplinks to the internet, data centers, and physical servers. Which region/country that is in will be the regulatory environment.
Next you have an entity that owns that, or leases access / servers / etc. from one entity down. That entity might be eg a corporation, registered in the same or a different region than where the infrastructure is. So, e.g. you're a private corporation registered in BC, Canada, renting a data center in France, from a French data center owner. Or insert Public Benefit Corporation, Government Crown Corporation, Co-op, or any other entity or structure. The simplest version is when you're an entity in one country, with an agreement with another entity in the same country.
Then you've got software running on those systems. For arguments sake, lets call that that a protocol, and that you're running a node or an instance that conforms to that protocol. There may be some form of protocol governance.
e.g. if you're running an email server you're going to need an IP address and various cryptographic DNS records if you want deliverability. If you aren't a good actor in a protocol participation (e.g. an IPFS mainnet aka PAPAYA, or a particular testnet or chain in a blockchain), you might get censored (your email server is blocked) or have other protocol level consequences.
Next, there is running an instance. Let's use an ActivityPub protocol example, a Mastodon server. There are server rules and a terms of service and various settings for that instance, including block rules, and whether or not you federate with other AP servers. This is where content moderation comes in. The users on and off that server will have content moderation applied.
The people running that server -- let's go back to the regionally registered entity -- they will need to comply with running a web service on the Internet in that region.
I'm going to give an example here -- which may in fact be wrong! I am not a lawyer! -- let's say someone posts a picture of a swastika:
Depending on the entity that runs the server -- e.g. assuming it's a private entity of some kind -- the people running an instance can pretty much do whatever they like. They can leave some content up, or take others down, and they aren't required to have transparency or even consistency.
Someone that wants to make complaints, legal claims, etc. will need to understand the governance layer cake, and at which layers they have what standing -- from moral to community to participatory to regional legal etc etc -- in order to make such a complaint.
I'd like to preserve the opportunity for people to share content, without having private corporations being the arbiter of what's allowed. And, understanding that the current regime of a region, may be hostile to certain groups, that should have access to a protocol that lets them communicate. And that when having discussions, one must consider whether a future server owner or a future regime, might be "against" things.
As an entity who runs protocol instances, you should care about this so you can reduce the regulatory burden of figuring out what you have to comply with. You also may think about setting up participatory governance so that your users -- and other entities in your protocol -- believe in the legitimacy of your process.
As someone who is concerned with misinformation, disinformation, hate speech, and many other kinds of bad content and harassment, you should inform yourself about this layer cake, including the nuances of a particular protocol, and not only rely on private corporations to do content moderation and decision making.
There is much more that is needed here. Consider this a placeholder that could also use a diagram, perhaps with different protocol architectures included.
Beta Was this translation helpful? Give feedback.
All reactions