← Back to context

Comment by jeroenhd

13 days ago

The law designed this as a privacy-friendly and convenient alternative to traditional identity verification, and stipulates usage should be optional.

Without the wallet, you'll be forced to jump through the same hoops as you're doing right now. Depending on what EU country you live in, that can be anything between "no real difference" to "making an appointment to exchange stamps on documents".

3 comments

jeroenhd

Reply
Aachen  13 days ago

Please point out where the age verification law says it's optional to verify someone's age

Or which hoops you mean we have to currently jump through to access 12/14/16/18+ sites

  • layer8  12 days ago

    That’s not what they said. They said that when age verification is required, it is intended to be optional to use the EU digital wallet for that, and other ways are possible.

    • rkagerer  12 days ago

      That's a fair point.

      Of course, once upon a time JavaScript was optional, and now it feels like half the web won't work without it. Cookies were optional but now many sites don't even bother with a "Reject All" choice. Google Play was optional on Android, now banking apps don't work without it.

      Tried to do KYC with an institution in North America lately? They used to allow diverse options - eg. physically present yourself, get a notary to attest, upload signed documents & ID - but now app-based applets which offer little to no visibility into just what data they're hoovering up from your phone and no way to manually review what you're sending before submission (...to outsourced or even offshore processors) have displaced most of those alternatives due to their convenience (especially to those who don't care about privacy) and cost competitiveness (to the service providers). Filling out customs declarations when traveling is going the same way (with longer, more customer-hostile terms of service and privacy policies than came attached to the old paper forms).

      The option that's most convenient to the masses tends to become defacto, and push out the last bastions of safe alternatives relied on by nerds like me - who pay attention to this stuff and try to advocate for user agency, data sovereignty for users, and the means to maintain a healthy privacy and security posture.

      I would love to see some kind of attestable flavour of Android that I as a user control the keys to (in my own case I'd even be willing to provide assurances backed up by insurance, a bond, my reputation, repudiation to some degree of vendor liability if things go wrong, etc) with tooling to help me achieve a high level of security in a low-friction manner.