The original intention of arbitration is to enforce "Intention of Code is Law" to enable recovery of funds due to the result of bugs resulting in the lost of funds similar to the DAO hack case on Ethereum; and not to resolve individual lost funds as the results of bad habits with managing your crypto security.
If transactions are not immutable, then investing in EOS is no better compared to investing in Facebook or Paypal credits. I'm saying this as a holder of EOS myself hoping for EOS to improve into the future. EOS is my second largest investment (after Elastos) in my portfolio atm.
[My Proposal]
Other methods of ensuring securing your funds already exist, such as multi-sig, staking and multi-permission structures, and cold-storage with hardware wallet access. The best way forward is to make these security features more readily accessible and user-friendly, while protecting/enforcing the immutability of the EOS network.
In my view, on the base level, transactions should be immutable. A blockchain that is not immutable is worthless — nothing more than a typical cloud database system. What EOS needs is to block the arbitrators freezing and control of accounts unless the user op-in to the program via a smart-contract layer. To the users, it can be simply a flick of a toggle-switch on the wallet app + acceptance of a Ricardian contract.
BPs need to stake their EOS and attempt to manipulate transactions at the base level will incur significant financial cost (scaled to the amount of the transaction). Limiting the power of BPs is extremely important, just like limiting the power of governments as well, whether or not they are being good at this point in time."
Finally, to address the issue of the lack of arbitration power against hackers who didn't op-in to the arbitration process (via smart contracts) in the event that funds on an arbitration-protected account is being hacked: My proposal would be to simply disallow all transactions from a "protected" account to a "base-level" account that cannot be subjected to arbitration. The base-level accounts can then function as the immutable "cold-storage" layer, while arbitration "protected" accounts can serve as the "active" layer for more frequent transactions.
~Juni
cybernetwork@EOS
See also:
Introducing Proof-of-concept Tungsten for dApplication level Governance.
https://medium.com/@EosMetal/introducing-proof-of-concept-tungsten-for-dapplication-level-governance-fea8b0a452e9