Showing your ID to get online might become a reality

Submitted ⁨⁨1⁩ ⁨week⁩ ago⁩ by ⁨Pro@programming.dev⁩ to ⁨technology@lemmy.zip⁩

https://edri.org/our-work/showing-your-id-to-get-online-might-become-a-reality-a-closer-look-at-the-eus-new-age-verification-app/

Coming to a website near you this summer: the European Commission is close to a ‘solution’ that could force people to use their government-issued ID to get online. EDRi and EFF’s concerns about threats to everyone’s privacy and data protection, a chilling effect on access to information, and digital exclusion – harming the already most marginalised in society - remain unsolved.

source

Comments

Sort:hotnew top

wwb4itcgas@lemm.ee ⁨1⁩ ⁨week⁩ ago
Hey EU? Do you remember when you forced every website to ask for permission to store cookies and made the entire web immeasurably worse to use without in any way having a positive impact on people’s right to some fucking privacy?

Yeah.

source
- lime@feddit.nu ⁨1⁩ ⁨week⁩ ago
  you’ve never had to ask for permission to store cookies that are required for your site to work. you have to ask for permission for third party trackers to store cookies when people use your site. it’s just that web developers either can’t read or can’t live without letting google track their users’ every move.
  
  source
  - KelvarIW@lemmy.blahaj.zone ⁨1⁩ ⁨week⁩ ago
    we both know it’s the second one :P
    
    source
- grue@lemmy.world ⁨1⁩ ⁨week⁩ ago
  The problem with the cookie law wasn’t the concept of it, it was the EU’s failure to crack down on malicious compliance.
  
  They should’ve revised the law to make it opt-out by default.
  
  source
  - rumba@lemmy.zip ⁨1⁩ ⁨week⁩ ago
    If you make it opt out by default, They could just design the software to not let you enter the page unless you opt in. Often get the page opt out get a nice advertisement for the service.
    
    Even using cookies to help with load balancing is a pain in the ass these days. There’s a fuck ton of legitimate reasons to use cookies, If you want to stop tracking, Make it illegal to track people and sell advertising data based on it.
    
    source
    -> View More Comments
  - wwb4itcgas@lemm.ee ⁨1⁩ ⁨week⁩ ago
    Agreed. The sentiment was fine, the execution terrible.
    
    source
- LibertyLizard@slrpnk.net ⁨1⁩ ⁨week⁩ ago
  What’s wrong with being able to opt out of cookies?
  
  source
  - wwb4itcgas@lemm.ee ⁨1⁩ ⁨week⁩ ago
    The following:
    
    If companies are indulging in abusive use of cookies (or index DB, local storage, plugins or other things) then ban those abusive use of cookies and fine companies that transgress until they stop. The EU essentially caves to industry pressure and put the burden on the individual visitor, which just allowed the companies to make it very, very annoying to opt out. Have you noticed how ‘allow all’ is always a single click, but allow none isn’t, if the option exists at all? Regardless, those settings? Guess where they’re stored: Cookies. Which means that those of us who were already preventing local storage of data are now having to deal with those lovely “choices” over, and over and over. Every visit to youtube, every newspaper article we try to read.
    
    This was not an improvement in my quality of life. And I doubt the practical efficacy to boot. Can’t track user behavior and Internet usage patterns by way of cookies anymore? Fingerprinting to the rescue.
    
    source
null_dot@lemmy.dbzer0.com ⁨1⁩ ⁨week⁩ ago
Nope. Happy to identify myself with credentials to specific service or content providers, but not for general internet access.

For example, in Australia I use a government issued identification service to identify myself to government sites, like our tax office, or medical cover. That’s fine.

Obviously not going to use a government id number to identify myself to facebook or whatever though.

source
NaibofTabr@infosec.pub ⁨1⁩ ⁨week⁩ ago
How could this possibly be GDPR compliant?

source
- lime@feddit.nu ⁨1⁩ ⁨week⁩ ago
  fun fact, governments don’t have to care about gdpr.
  
  source
- BorgDrone@lemmy.one ⁨1⁩ ⁨week⁩ ago
  So I’ve actually looked into the EU wallet stuff quite a bit. The article talks about age verification. The way the EU wallet works is that you can share individual attributes, you don’t need to share your identity at all. When you load your government ID into the wallet, one of the fields is over_18 which has a boolean value (true or false). Any service that requires you to be 18+ would only need to request this single attribute, nothing more. No names, no other personal information, just the fact that you’re over 18.
  
  source
Luffy879@lemmy.ml ⁨1⁩ ⁨week⁩ ago
Fuck you I wont do what you tell me.

I never wanted to commit Identity fraud, but if the EU makes me, I wont have a problem with torrenting a bunch of Child pornography under the name of eu officials.

source
- rottingleaf@lemmy.world ⁨1⁩ ⁨week⁩ ago
  You will, it’ll be protected and the police will come for you.
  
  All those “I won’t have a problem” imply you’ll be strong enough, they will be ready for you.
  
  source
  - lost_faith@lemmy.ca ⁨1⁩ ⁨week⁩ ago
    goes to rotary phone, calls ISP - Cancel my service
    
    source
DoucheBagMcSwag@lemmy.dbzer0.com ⁨1⁩ ⁨week⁩ ago
This is to track and identity online dissent

source
obbeel@lemmy.eco.br ⁨1⁩ ⁨week⁩ ago
This would fit “A Boring Dystopia” well. I think protecting data isn’t the way to go. The effects of it can already be seen:

All the burocracy for common people, no burocracy at all for Big Tech. No IP, no robots.txt. They are trusted and can do whatever they like, starting on your phone. It honestly looks like another form of aristocracy.

source
AntAcid@lemm.ee ⁨1⁩ ⁨week⁩ ago
No it won’t. Stop flooding the instance with garbage.

source
melsaskca@lemmy.ca ⁨1⁩ ⁨week⁩ ago
I don’t like the idea but look where anonymity has gotten us. Lots of hate and false bravery hiding behind an alias.

source
- Poem_for_your_sprog@lemmy.world ⁨1⁩ ⁨week⁩ ago
  Now there can be lots of hate and false bravery but with doxxing.
  
  source
  - Eiren@lemmygrad.ml ⁨1⁩ ⁨week⁩ ago
    I can’t wait to get SWAT’d because I said something bad about white supremacy.
    
    source
- rottingleaf@lemmy.world ⁨1⁩ ⁨week⁩ ago
  I didn’t notice there to be less hate in spaces mostly without anonymity, or less false bravery.
  
  However, being “anonymous”, but identifiable with some work is still better than being identifiable immediately.
  
  It’s the opposite of security, people create tools to have perfect forward secrecy, ephemeral keys, deniability - all for good reasons, now someone wants put a metaphorical gun to everyone’s heads telling we’ll be safer.
  
  It’s really better to not say anything approving in that direction. Every word matters.
  
  source
  - melsaskca@lemmy.ca ⁨1⁩ ⁨week⁩ ago
    I preferred the pre-tech “phonebook” stage where all you had was your name (and whatever else was attached to it based on one’s own behaviour).
    
    source
    -> View More Comments
lnxtx@feddit.nl ⁨1⁩ ⁨week⁩ ago
My non-existent child is 16 year old. They are old enough to consume adult stuff.
So they can’t.

All those ipad kids. Where are your parents?

source
RobotZap10000@feddit.nl ⁨1⁩ ⁨week⁩ ago
I once remember reading either an article or a comment here somewhere about a different solution that could be easier for nearly everyone.

Despite every country having their own laws/standards about how old people must be to view certain things on the internet, we can all at least agree on what categories we may want to restrict (e.g adult content, social media, user interaction, etc.). After defining all of these categories, we could add a HTML tag in the header of all of our websites that tell us which of these categories apply. The only thing that would need to happen on the user side is for them to instruct their browser which of these tags should not allowed to be loaded. Instead of each of these websites needing to collect IDs and face scans to verify an age, they could simply tell the user which categories of content they are, have the client device compare it to the list of restricted content and act accordingly.

A quick example: Client connects to Instagram -> Instagram’s HTML header contains the tag “social_media” -> Client’s browser sees that “social_media” is in the blocklist -> User only gets a restricted content screen

While the technical side would be easy, this solution still relies on the websites to be honest about their category and for the user to enforce this blocklist. The Australian government would not have a hard time making sure that Instagram and other widespread social media websites are honest about their website content, but the sheer volume of other websites on the internet would be impossible to enforce. This would either require trust in the goodwill of others (which is not easy to find in an enormous anonymous space) or to have automated crawlers try to guess the tags or just to rely on the many public blocklists to fill in the gaps. The second half of this solution is for the tags to actually be blocked by the browsers. Since these restrictions only ever apply to children, we should task their parents with ensuring that their children can only use web browsers with these blocklists enabled. I assume that any operating system worth their salt has options to restrict installation of other software, so the only change that would need to be made is for browsers to also come with parental controls that allow parents to set these blocklists and prevent them from being changed without permission. “User interaction” and the names of the other tags are likely alien phrases to many parents out there, so the browsers should probably offer simple blocklists that state their purpose, e.g “Australian social media restriction for children under 16”. If parents really want their children not to be on social media, they shouldn’t expect technology to do all of the parenting for them. We can give them simple, safe and secure tools to allow them to control their children’s access to their devices, but they should still be responsible with actually using them and ensuring that they aren’t being circumvented.

What do you think about this? Can we rely on websites honestly tagging their content, devices coming with working parental controls and parents properly using them? Or must we really scan everybody’s face and ID before letting them use social media? My solution does place a lot of (maybe misguided) trust in websites and parents, but I think that this is the easiest way for every restriction on children using certain parts of the internet to be enforced, while still respecting people’s privacy.

source
- lime@feddit.nu ⁨1⁩ ⁨week⁩ ago
  
  we can all at least agree on what categories we may want to restrict
  
  nope, we can’t. lgbtq+ friendly spaces? copyrighted content? dissenting political views? some countries criminalise that, how should we tag it?
  
  we could add a HTML tag in the header of all of our websites
  
  broski, we had to relax the standard for what is allowed in html because nobody does it correctly. good luck enforcing this.
  
  The only thing that would need to happen on the user side is for them to instruct their browser which of these tags should not allowed to be loaded.
  
  who are “they”? are you suggesting direct government access to the browser? or, if it’s on the user, why would they do it?
  
  Since these restrictions only ever apply to children
  
  says who? porn is straight up illegal in some countries.
  
  We can give them simple, safe and secure tools to allow them to control their children’s access to their devices
  
  we already have those and parents are not using them.
  
  source
  - RobotZap10000@feddit.nl ⁨1⁩ ⁨week⁩ ago
    You’re entirely correct, I discussed this with someone else after writing my comment and they raised the exact same points. Banning and blocking won’t solve the problems, only education will.
    
    source
    -> View More Comments
vane@lemmy.world ⁨1⁩ ⁨week⁩ ago
Another episode of EU trying to kill internet. People are already switching from websites to chats because websites are not usable after all those laws, if they ban chats people will switch to something else. The number of protocols are unlimited.

source