Comment by spiralpolitik
1 year ago
I would argue that for most use cases Internet Services are already collecting sufficient KYC data that it won't make a difference. Try signing up for anything infrastructure related without providing a credit card and/or billing address and/or cell phone number and see how far you get.
That said the system is only as strong as the weakest link in the chain, and while getting a credit card/cell phone number in the US requires a certain standard of identity verification, the same might not be true for other countries (or in cases of deliberate fraud). I think that is what the legislation seems to be targeting.
That doesn't mean it is good legislation or won't have unforeseen side effects.
This totally depends on what is collected, if the requirements are some form of national id submission, ie. licenses or passports, then it opens all handlers up to tremendous abuse possibilities. Or at the very least paints a big sign on their backs that they handle mass quantities of offical government forms of biometric id, something I think would do much more harm than good in the long run as each company would need to be bulletproof to avoid.