RE: BIG Things! @ned at Consensus 2018 - The Legality of Content Takedowns (GDPR) & SMT Communities That Don't Use Stake Weighted Voting!
Overall I think Ned came across well and the discussion went well, Steem is not hypothetical, it has some serious real world use behind it. The other apps in the space are still untested to a large extent and their architects are constantly talking in the hypothetical.
I am not sure where the logic for one account one vote being a solution to the whale problem came from. Maybe in the world of SMTs the issuer of the SMT will keep track of who are joining their community and discourage bots but who knows?
America seems to be taking little notice of the GDPR in general, avoiding it where possible. Maybe they have bigger problems (anti money laundering, SEC etc)
From Neds point of view Steemit is an app, and he will comply with regulations from that position. Lets face it GDPR is a hot potato that nobody wants to get involved with it unless they have to.
Because the Blockchain is not something Steemit Inc can control I think they will be unlikely to attempt to provide legal advise or be much help either.
The lead on this with respect to the blockchain will have to come from the Witnesses.
I don't think anyone knows at this stage how the GDPR will play out and be enforced in many areas, but especially with respect to Blockchains. Last Sunday I heard a legal expert on a radios show outlining some of the key points for businesses in Ireland. The regulators are going to be so overburdened at the beginning they will likely start with the big fish and work their way down. The key at the moment is, if your not fully compliant, to start the process and get some solid legal advise. I may be worth for a few European witnesses to get together and get some professional legal advice on this issue.
My understanding is that if each account has the same vote power as every other account, there can be no bid bots in the usual way. They would have to own a huge number of accounts and then the bots would just be ones that create a kind of swarm effect using many accounts that actually already exist I think.
I have attempted to motivate the witnesses into the direction you described here but got basically nowhere.
Vote equality leads to the kind of astroturfing methods you see on literally every other social media site where it only takes an organization a couple of upvotes to get the ball rolling on posts, it is not always a guarantee but it gives it the momentum to have a chance at landing on the front page. You just post up a post or two a day or vote on things that mention your product and eventually something goes viral. It is usually too obvious when something is voted by a massive amount of bot votes because the actual activity in the thread is too sparse compared to the voted numbers, and if people don't like the copy-pasta your paid workers are putting in the thread as responses then that also damages your brand.
Wait, what were we talking about?
Oh yeah, no sane company would spend money on steemit when they have an end-product or service to sell and could reach 1000x the amount of eyeballs for cheaper.
America seems to be taking little notice of the GDPR in general, avoiding it where possible.
I am a co-founder and executive VP of Tech for an international SaaS product company. I can assure you America is taking it very very seriously, and watch your inbox for emails from every site you ever put an email in, flooding in, as they already are from every brand name ever, about their new GDPR policies or more sedately "Privacy Policy" updates...
It's no joke, and no one is laughing it away.
In my experience, the majority of software supply corporations I have spoken with recently in the USA region (not to be confused with the URA region ;) ) had not done much about GDPR until I prompted them (this was around 2 months ago when I was talking to several here). There are definitely groups who are ready and definitely groups who aren't - much the same as in Britain.
We have very different experiences then, but I deal in fortune 500s and federal contractors and name brand companies in my SaaS business... also, judging by my inbox, as I said, every company I ever gave an email to is hitting me with gdpr and privacy policy announcements, and I'm firmly in the USA here, 90 miles from washington dc. :)
Sure ok, I was dealing with less well known suppliers in this case.
Well I mean, yeah, I haven't gone back to my neglected websites from years ago, and updated wordpress with a delete plugin or anything lol but "real" companies? I'm not seeing them ignore this...
In this case I am referring to multi million dollar companies in the field of telemedicine.
Wouldn't they have already been prepared for this under HIPAA?
I am not an expert on the differences between the two standards, but my understanding is that they are not the same. I was advised by the British government that US companies who are not specifically GDRP certified need to use an agreement such as Privacy Shield to process data from the EU in the meantime.