Comments on: Content protection: an incomplete proposal

By: Mike Chase

Mike Chase — Wed, 29 Apr 2020 13:46:02 +0000

I’m not sure how you do “privacy preserving” for a function that’s designed to record transactions between grids/users over assets. Certainly you need to be able to handle GDPR and similar requests to render a specific user anonymous but then that user loses transaction history and any benefits that might accrue to it. The larger question to answer IMO is 1) who runs such a service and how is trust to it established and 2) who can query the ledger and for what information. Just having it isn’t really valuable unless you identify the requirements for using it.

The biggest issue I see is that you have a widely distributed capability (anyone can turn up a grid) with no real mechanism for forming trust relationships which leads to making statements about the reliability of the data being collected. Anyone can hack server code as well. You can make the ledger resilient to hacking but garbage in garbage out still applies for the app running on the ledger.

By: Diva Canto

Diva Canto — Tue, 21 Apr 2020 17:17:53 +0000

Right now, it’s super easy to steal content, and super hard to prove that theft has happened, because there are no reliable records about when things were created. The ledger would not change the ease of stealing things, but it would radically change the ease to verify claims of theft. That tip of the scale may completely change the incentives for content theft.

By: Diva Canto

Diva Canto — Tue, 21 Apr 2020 16:59:29 +0000

Good question. I think the answer is no. In fact, viewing is not ‘owning’, and that’s the crux of all the problems related to the copyrights issue in general. That’s what happens also when we get a PDF or even a paper copy of an article: we need it to read it, but there are no rights transferred with the transfer of the data. On the contrary, the document usually says it’s subject to copyrights, and what the reader can and can’t do with the copy.

A copy of an inworld object sent to viewers is equivalent to a copy of a PDF sent to PDF viewers.

The ledger would focus on ownership and permissions, not on viewership. Copies are needed for viewing, but that does not come with the right to own. Like for all other copyable and copyrightable media, the data can be stolen, and that’s why we’re having this conversation It’s impossible to prevent theft, but it’s possible to prove that something has been stolen by having a ledger of what was created and when.

By: Misterblue Waves

Misterblue Waves — Tue, 21 Apr 2020 15:12:24 +0000

Buildings and other region content that is just viewed is never “transacted”. That is, everything one can see in the viewer is sent to the viewer (in complete, editable form) without the viewer ‘buying’ anything. Would the ledger also record every time someone viewed an item?

By: Diva Canto

Diva Canto — Tue, 21 Apr 2020 14:26:29 +0000

That’s a good point. This would need to be privacy-preserving, obvs. In fact, there are some advantages of removing all avatar information from these public records: it keeps the focus on items rather than on people. So someone can claim that an item has been stolen and the verification is based on time stamps alone; no information about who stole it or even who created it. This can lead to less contention between grid operators and thiefs, since no one will be accused; the stolen items will simply be removed. Note, however, that grid operators already have all the personal information of their users, including who owns what in their inventory. But that’s a shared secret between the users and their grid operators.

By: Ai Austin

Ai Austin — Tue, 21 Apr 2020 08:01:56 +0000

The privacy implications of storing inter-agent transactions into databases under the control of any third party needs to be addressed… in terms of legality, risk of hacking, exploitation and governmental or corporate misuse. Imagine some of the “trusted” sites to support the methods adopted were in countries whose policies and laws were altered as leaders changed, politics radically altered and emergency legislation forced disclosures of any stored data. This is not a hypothetical situation.

We should assume the number of grids can be very large. DreamGrid distribution alone has multiple thousands of sites openly accessible, and possibly many more run up on personal servers, as we used to do with SimOnAStick. With the benefits of HG, that number of grids could grow a lot.

Technically, you mention that inventory is the basis for what is stored and what may be garbage collected. I don’t understand that. Assets surely are the key. Items nay be stored in offline OARs and UARs long after the grids they were created in, the avatars that created or owned copies, or their inventories have disappeared, only to be resurrected decades later to show some earlier build.

Could you point at the discussions, comment and replies to date? Which forum was that in?

By: Diva Canto

Diva Canto — Mon, 20 Apr 2020 14:27:19 +0000

The feedback, so far, is cautiously positive. The idea was first bombarded with conceptual objections, which is what I was expecting, but I think I was able to defend it. The key here is to make it very clear that this does not prevent theft from happening, it just gives a powerful tool for honest grid operators to police content on their grids, without a shadow of a doubt. (I also learned that some very primitive form of this is what honest grid operators already do when they get complaints: they check timestamps. The public ledger would make that process much easier and more reliable for everyone, everywhere)
After that bombardment phase, the conversation switched to how to actually implement this, given the socio-technical context of the HG. I heard excellent ideas! There are many centralized/decentralized hybrids we can do to simplify and scale things. We need to bounce more ideas.
The force of small grids is in their numbers. In fact, many content creators use their small islands to build their things, and then make them available in popular grids. That use case needs to be part of this.

By: Mike Chase

Mike Chase — Mon, 20 Apr 2020 03:08:27 +0000

It would be interesting to see what feedback the “core team” provided,. I’ve been looking at ledgers for over a year to protect assets. Truth is I don’t think most of the HG wants this. Also I’m not convinced that solving this issue alone is enough to create a creator friendly economy. There are some examples of using ledgers in gaming environments. But they really assume control of all the points contributing to the ledger. A ledger really isn’t dependent on trust but to do it that way is very expensive in computation and time. Probably the first step is to secure the rest of the HG to support web of trust controls and then building services like the ledger you mention on top of that. All of the tiny Dreamgrid instances wont likely participate but I’m not sure thats a bad thing. Thats not the market a commercial creator is trying to serve anyway.