# Part 2 recap
In [part 2](https://steemit.com/security/@personz/the-chain-of-data-acquisition-part-2) I explored the technological necessity, not only for data capture and storage, but also for protection against undesired access. I call this _regulation_ in this context, and include protection by law in this definition. From the discussion it is clear that regulation exists, at least in theory.

### The Chain of Data Acquisition 
1. A technological method of capture and data storage must be possible and available
2. Capture protection, and data storage protection must be practically and technologically possible and available
3. If possible and available, some kind of regulation must be in place to restrict what is possible
4. If regulation is in place, infringements must be reportable, verifiable and / or discoverable
5. If so, the consequences must be actionable and the will exist to action them

In this third and final section I will investigate whether this regulation works at all in any real sense.

![](https://s23.postimg.org/nluyr4cnv/art_chain_4.png)

## 4. If regulation is in place, infringements must be reportable, verifiable and / or discoverable

A law protecting you from having your photo taken doesn't matter much if there is no way to tell if someone has taken that photo. From an example used in the previous articles in this series, in Brazil I can report the crime, or it may be seen by a patrolling officer, and the potential of conviction may prevent you from taking the photo. There are lots of laws in all countries which define what is and isn't a permissible use of technology.

However if the crime is not directly witnessed by a police officer, how does one go about reporting it and supplying evidence? I imagine this is only provable if they publish the photo and they cannot provide proof of your consent if challenged.

In the case of regulation within the system, an infringement really means a disruption of the the normal or intended operation of that system, aka a hack. Data forensic investigators may be required to verify an attack has taken place, but sometimes it is obvious that data has been stolen.

On Steemit, flagging is used as the report method for potential abuses, which leads us to the last link in the chain...

![](https://s30.postimg.org/l9wktapld/art_chain_5.png)

## 5. If so, the consequences must be actionable and the will exist to action them

Right here on Steemit, we have a flagging system for marking posts which contravene the guidelines. This also decreases the reputation of the poster. Flagging is actually paid for with voting power (though it's not clear to me how), so anyone who overuses it will have increasing less of it to use. This seems to make whales more powerful flaggers. [1] 🐋 ⚓️ It also seems intended to curb excessive flagging, as this platform was created with the express intention of challenging the censorship status quo on sharing sites.

It should be noted that flagging is a top layer construction on the Steem blockchain by Steemit.com, and does not actually censor data. Steemit will just refuse to read any flagged content and thus not make it available to the public through the legal entity Steemit, Inc., thus protecting them from copyright lawsuits, etc. So while it is an important aspect of Steemit, it is not actually built into the blockchain. To me this seems like a kind of have it both ways approach, and may prove to be problematic in the future. I even read a comment [here](https://steemit.com/steemit/@klye/bad-reputation-how-to-appeal-after-a-whale-flagging) by @cogliostro which proposed AntiSteemit.com to favour the flaggers. While this is clearly a joke, it is certainly possible.
> Just so you know, we trolls are gearing up to start AntiSteemIt.com, where you are automatically greyed out if you have a positive rep. If you have a very high positive rep like stellabelle, then we don't display your posts at all. It's going to be like Australia only better and more dangerous. As Nietzsche put it once "I wouldn't want to go to Heaven, because there all the interesting people are missing."

Elsewhere, many of us have had the experience of appealing to authority for help which is not forthcoming, because many laws are not practically enforceable and the authority does not care much about enforcing them, for you, the common person. If you're a celebrity, politician or very rich, the rules can be a bit different, sometimes because of the status, others because you would have the financial means to support pursuing a case in court.

So, if you take a photograph of me even though it is forbidden, and I was able to prove it, if the justice system is not willing or is unable to practically pursue the offender it doesn't count for much. This is doubly the case if it is costly. For example, the police officer you report it to may not take you seriously, or give you bad, even unlawful advice to drop the matter. Even if you make it to court, in some jurisdictions judges can even dismiss a case if they believe they are wasting the time of the court. So even when they are actionable, there may not exist a climate of respect for these laws, even within the justice system. Every other year we hear of some archaic law being involved in a craft attempt to gain advantage, but these attempts are rarely taken seriously.

![](https://s27.postimg.org/u9ybo3goj/art_chain_all.png)

### Conclusion: Should we reform data protection?

Copyright law is regularly infringed by millions, which is to say, media data is copied in violation of property laws. Whether you agree with it or not, those who download these files clearly do not care about the property rights of the owner, probably because nothing is actually taken away from the owner. Data copying is non-destructive, it doesn't lose anything tangible by being copied. You wouldn't steal a car, by you might if the original owner didn't have theirs taken away. Though they are sporadically pursued, most infractions go on without consequence to the downloader.

What does change however is the scarcity of that data (a favourite topic among #bitcoin article writers here), potential earnings of the sale of that data (not only to the person who downloads but all the others they can / do pass that on to) as well as more basically, the loss of control of that data property.

Despite the points above, lots of data protection and intellectual property cases do see the light of day. One of the most famous was Aaron Swartz' in 2011. [2]
> The government’s indictment alleges that Swartz “stole a major portion of the total archive in which JSTOR had invested” and “intended to distribute these articles through one or more file-sharing sites.” Swartz’s friends and family unanimously dispute that allegation.

He was charged with, amongst other things, "unlawfully obtaining information from a protected computer" [3]. [Motherboard declared him a scapegoat](https://motherboard.vice.com/read/aaron-swartz-an-fbi-scapegoat), and that he was only indicted because of his high online profile and the political climate at the time. There is a will to charge for these crimes, but only when you steal from the powerful and well-connected, or when the FBI need a win.

Aaron Swartz tragically took his own life as a result of the pressure of the disproportionate legal response. In the context, it's clear that there was a moral argument for the scholarly articles to be public domain, but it's also clear that the way he (allegedly) went about enacting that change was illegal. It should be noted though that it was never proved that Swartz was going to actually release the documents, he could have been using them as a big data set in his own research. The FBI however used a manifesto as evidence he would, one he had written in 2008, called the Guerilla Open Access Manifesto, which opens with: [4]
> Forcing academics to pay money to read the work of their colleagues? Scanning entire libraries but only allowing the folks at Google to read them? Providing scientific articles to those at elite universities in the First World, but not to children in the Global South? It's outrageous and unacceptable.

The last few years have seen many claims that we have entered the [post-privacy age](http://uk.reuters.com/article/celebrities-privacy-idUKNOA24969820070622). This year, with the release of Google Home, Amazon Echo, and the rise of the Nest systems in the last few years, it certainly looks like we are.

I wonder if there is a synergy possible between the ideals of an open commons and curbing the power and all-seeing eyes of big companies and the state.

To phrase it differently, let me lay out the contradiction as it currently stands. Copyright is fiercely protected by media producers, academic institutions, etc. etc. Intellectual property and patents are the fuel of the start-up boom, and has been running giants like Apple and Google since their early days. **Yet these same institutions want to take and / or use our data**, both captured about us and created by us, and absorb it into their ecosystem, protecting it then even from us. Where they don't take it, they profit from it, returning very little to us.

Where private data is concerned, I think it's clear that we need better systems of protection.

## Closing remarks
Thank you for reading this short series. The first two parts are here and here. I should note that this was a research project, and while I had an idea of where I was going, I let myself be led by what I found. This resulted in some of the points I thought would be stronger ending up weaker, and flipping the importance of others. I hope you enjoyed reading it as much as I enjoyed making it. 😁  🤓  😎  🤘

### References
- [1] https://steemit.com/steemit/@shenanigator/official-steemit-faq-rough-draft-your-edits-are-needed
- [2] [4] http://www.slate.com/articles/technology/technology/2013/02/aaron_swartz_he_wanted_to_save_the_world_why_couldn_t_he_save_himself.html
- [3] https://en.wikipedia.org/wiki/Aaron_Swartz#JSTOR