[hashtagjohnt]

> I disagree with this. It's clear in cases such as Facebook that data privacy is abused. Not only that, but users don't have much of an idea of exactly how their data is being used. In a P2P system powered by blockchain, I can set permissions for certain data my on-chain information to be accessible between different parties, whether that's a doctor or a friend on a social media platform. They can receive a hash an decode it locally to view whatever information I am granting them permission to view.

I think the OP is saying that if anyone has access to the raw data at any point, then they have some sort of ownership. And this is actually true in your example. A person owns their own data (age, email, etc.), and then gives it to Facebook. Someone might expect privacy from Facebook, but since Facebook now has access to that data, they have some sort of ownership of it. And what do they do with their ownership? They sell it :). If you give your hashed data to Facebook, and allow them to decode it and read it, then they can still sell the decoded data because they now have access to and some ownership of the data.

[pariahHN]

I think that would tie in to the enforceable off chain point - if by law Facebook has to respect the permissions you give them, then yes they may have the ability to sell the data you allowed them to read but if you did not give them permission to sell it, then you would be able to pursue legal action.

Which of course would require proving that they did in fact sell it, but it shouldn't be prohibitively difficult to setup a mechanism for taking a data point and verifying whether or not the seller has been given permission to sell it - could have it so that who has access to a given data point and what their permissions are is part of the public record.

[hanniabu]

In my example Facebook wouldn't be able to decode it, only the user client side.