Requiring sending a document to social media/a third party, which is used to identify, and act on the behalf of an individual, just to check a birthday seems overkill to say the least. On the...
We cannot accept a world where every adult is expected to hand over ID as the price of going online.
Requiring sending a document to social media/a third party, which is used to identify, and act on the behalf of an individual, just to check a birthday seems overkill to say the least.
On the other hand, turning the majority of internet activity into governmental transactions — through a nation's verification service, could have large societal implications. As for policy, it seems it's easier to give power, than to take it away.
Checks must be conducted entirely client-side, on the user’s device. [...] The answer to the binary question of whether the user is “of age” must be fully anonymized, divorced from any identifying information, and transmitted entirely under end-to-end encryption.
Much easier said than done, but I hope some form of zero knowledge proof is viable for this application, it's the only way I could imagine a robust privacy preserving solution to work.
It is, and the EU app mentioned in this article is already zero knowledge and open source (though it has flaws that need to be addressed as pointed by the article linked within). I'm not saying I...
I hope some form of zero knowledge proof is viable for this application
It is, and the EU app mentioned in this article is already zero knowledge and open source (though it has flaws that need to be addressed as pointed by the article linked within).
I'm not saying I think we should all be verifying to go online, but if laws are going to be made about it, then they absolutely should all be to implement open source zero knowledge solutions. Not a single third party private company should be tied to a system like this.
That model works fine for buying booze because you, y'know, are buying booze. You're acquiring a physical object. Having to go somewhere, in person, just to verify your access to a service would...
That model works fine for buying booze because you, y'know, are buying booze. You're acquiring a physical object. Having to go somewhere, in person, just to verify your access to a service would be a huge source of friction, enough that people wouldn't want to do it.
Plus, why should stores bother? There's no money in this. You just get non-customers into your store that don't buy anything and are probably pissed off that this is necessary at all.
I hate the age verification scheme too, but this would arguably be the worst way of doing it. And let's not leave it merely implied - very quickly this would be outsourced to startups that offer an appliance or a verification machine at the gas station so that no workers need to be involved, and those will absolutely store your ID after scanning. I could be wrong here, but I'm not. It's already happened. My local (German!) grocery store has started rolling out little phone-looking attachments to self-checkout kiosks that verify your age for 18+ items, with a truly horrifying privacy policy, that of course... no one reads.
Requiring sending a document to social media/a third party, which is used to identify, and act on the behalf of an individual, just to check a birthday seems overkill to say the least.
On the other hand, turning the majority of internet activity into governmental transactions — through a nation's verification service, could have large societal implications. As for policy, it seems it's easier to give power, than to take it away.
Much easier said than done, but I hope some form of zero knowledge proof is viable for this application, it's the only way I could imagine a robust privacy preserving solution to work.
It is, and the EU app mentioned in this article is already zero knowledge and open source (though it has flaws that need to be addressed as pointed by the article linked within).
I'm not saying I think we should all be verifying to go online, but if laws are going to be made about it, then they absolutely should all be to implement open source zero knowledge solutions. Not a single third party private company should be tied to a system like this.
That model works fine for buying booze because you, y'know, are buying booze. You're acquiring a physical object. Having to go somewhere, in person, just to verify your access to a service would be a huge source of friction, enough that people wouldn't want to do it.
Plus, why should stores bother? There's no money in this. You just get non-customers into your store that don't buy anything and are probably pissed off that this is necessary at all.
I hate the age verification scheme too, but this would arguably be the worst way of doing it. And let's not leave it merely implied - very quickly this would be outsourced to startups that offer an appliance or a verification machine at the gas station so that no workers need to be involved, and those will absolutely store your ID after scanning. I could be wrong here, but I'm not. It's already happened. My local (German!) grocery store has started rolling out little phone-looking attachments to self-checkout kiosks that verify your age for 18+ items, with a truly horrifying privacy policy, that of course... no one reads.