Content risk is the main legal risk of the storage system, but there is no need to worry too much in the short term.
Original title: “Data Compliance|| IPFS, a risk transfer from platform to miner? 》
Source: Huo Xiaolu
The IPFS/Filecoin test is in full swing, and more and more people are beginning to worry about IPFS compliance. Will decentralized storage conflict with domestic network supervision and data security policies?
Huo Xiaolu’s point is that there is no need to worry too much in the short term . The project is too young and there are more uncertainties in future development, and it takes time to ferment. Supervision will not be taken prematurely. Bitcoin came out in 2008. In 2013, the regulation first paid attention. The 94 document of Megatron was only released in 2017, a difference of nearly 10 years.
Regarding decentralized distributed storage, there are some issues that need to be considered as soon as possible if we want to sustain large-scale development for a long time. This article only discusses legal compliance issues from the perspective of miners based on the existing official news and related tests.
Common risks of traditional cloud storage service providers
To discuss the legal compliance risks of IPFS, one has to first understand the legal risks of traditional cloud storage.
In traditional cloud storage, that is, centralized cloud storage, the risk is generally borne by the cloud storage service provider, that is, the platform.
Except for the usual necessary procedures such as license application, the two most common risks are data compliance risk and infringement risk.
Data compliance risks are currently more focused on the protection of personal information, involving compliance requirements in multiple links such as data collection, use, storage, flow, deletion, and cross-border. The core is to avoid unnecessary collection and prevent leakage, while data export, that is, the transnational flow of data, needs to meet higher requirements.
The risk of infringement mainly refers to what reasonable measures the platform should take to avoid liability when the stored content is suspected of infringing on the intellectual property rights of others. In general, follow the “notification-delete” rule, that is, when the platform receives a user’s infringement notice, it needs to take necessary measures such as deleting, blocking, and disconnecting the link in a timely manner. If the negligence causes the damage to expand, it shall be jointly and severally liable for the expanded part. But for Iaas service providers such as Alibaba Cloud, the above rules are not applicable. It is mainly based on the comprehensive judgment of the service provider’s specific service nature, service content, and whether there are derivative technical services. The law is more complicated, so I won’t expand it here.
A risk transfer from platform to miner?
Looking at the IPFS white paper, dissecting all the modifiers and characteristics, the core is still cloud storage, but it uses a distributed approach, that is, the platform that provides specific storage services is replaced by individuals.
Two problems arise from this.
First, does the free storage of information mean that there is no need to meet regulatory requirements?
Obviously not. Everything can only develop in a long and orderly manner under the requirements of compliance. Everyone understands this truth, and there is no need to say more.
Since it needs to operate under the regulatory framework, why does the beginning say that there is no need to worry about possible regulatory conflicts for the time being? This is a question of “short-term” vs. “long-term”. Realistically speaking, in practice, supervision cannot permeate all aspects. Even in a mature industry, there are inevitably shortcomings and lags, not to mention the fact that it has not become a climate in the short term.
Second, does distributed storage mean that platform responsibility is transferred to individuals?
To some extent it is. According to the existing information and the operation of the test network, whether it is stored or retrieved, miners are paid services. In this process, the platform does not match transactions, everything is communicated by users and miners themselves. Since it is a fee-based service, it is not subject to excessive interference from the platform, and possesses strong autonomy, so it is natural to assume certain responsibilities while enjoying benefits.
The main risks that miners may face
In view of the variables of the project, it is still in the testing period, and only basic risks can be analyzed in general.
For the vast majority of miners, the worry should be whether they will dig halfway and the entire project will be halted by the government, and their investment and efforts will be in vain. There is no need to worry too much about this in the short term. The technology is neutral, and the entire project can be understood as a paid storage business. FIL coins are regarded as game tokens for storage and retrieval consumption. The purely internal circulation mode of operation, as long as it is not used extensively for illegal and criminal matters, and does not involve the exchange of RMB virtual currency, it is unlikely to be suddenly stopped.
Returning to legal risks, for a storage system, the most important thing is ” content risk .”
There is no problem with storing ordinary legal content. If it is illegal content or sensitive content, the risk factor rises linearly .
Sensitive content is mainly concentrated in two categories, personal information + trade secrets; illegal content involves two levels, the first level is illegal content, such as pornographic, violence and terrorism and other laws expressly prohibited content; the second level is potentially illegal content , Such as content that infringes on the copyright of others and other related intellectual property rights.
Whether it is the fragmented encrypted storage of the official announcement or the entire storage of the testnet, the risks of the miners are basically concentrated in storage, dissemination, and custody .
For example, do you know or have a reasonable basis to judge illegal content when storing it? Another example is whether there is active dissemination of content that is known to involve privacy or inappropriate content? For another example, did failure to fulfill reasonable obligations during the preservation process lead to data loss or leakage? These are all possible risks, and different situations trigger different responsibilities, which need to be analyzed in detail based on the business environment.
Where will IPFS go?
Questions that have always plagued Huo Xiaolu, an outsider.
As a storage system, what are the final landing scenarios of IPFS? Can relying solely on the belief in “decentralization” attract enough realistic storage users? What is the core reason for users to abandon existing cloud storage brand service providers and choose IPFS?
If you can’t answer the above questions realistically, it’s too early to talk about supervision and compliance.
The official Space Race 2 is mainly for storage users and developers. After basic user identity verification, users are expected to bring real, valuable and usable data into the arena, including but not limited to application data or data collections. Only by collecting more high-quality and valuable data can the project be revitalized and the gold content of the project can be increased .
Just imagine, after the birth of Bitcoin, as a kind of virtual currency, as long as it does not threaten the status of sovereign currency, compliance may not be a problem. The compromise of Libra 2.0 is a good example. Why has the currency price remained high since its development, and speculators have spread all over the country, and they are still unregulated? I am afraid that the answer can only be the question of “money laundering” that almost everyone tacitly says.
When a project, even a gold medal project like IPFS, is filled with a lot of junk invalid and illegal content and is frequently used in illegal and criminal activities, it is difficult not to be stopped . Mutual gold is an example, leaving only a bleak ending.
Where will IPFS go? Only the project itself and the participants can give the final answer.
