Comment by clwg
1 day ago
This may be an unpopular opinion, but I want a government-issued digital ID with zero-knowledge proof for things like age verification. I worry about kids online, as well as my own safety and privacy.
I also want a government issued email, integrated with an OAuth provider, that allows me to quickly access banking, commerce, and government services. If I lose access for some reason, I should be able to go to the post office, show my ID, and reset my credentials.
There are obviously risks, but the government already has full access to my finances, health data (I’m Canadian), census records, and other personal information, and already issues all my identity documents. We have privacy laws and safeguards on all those things, so I really don’t understand the concerns apart from the risk of poor implementations.
> We have privacy laws and safeguards on all those things
Which have failed horrendously.
If you really just wanted to protect kids then make kid safe devices that automatically identify themselves as such when accessing websites/apps/etc, and then make them required for anyone underage.
Tying your whole digital identity and access into a single government controlled entity is just way too juicy of a target to not get abused.
I was recently surprised to learn that the mainstream adult websites actively send a header identifying themselves as such and have been doing so for something like the past 20 years. The services that we would reasonably want to impose age checks on are already actively facilitating their own filtering.
> Which have failed horrendously.
I'm Canadian, so I can't speak for other countries, but I have worked on the security of some of our centralized health networks and with the Office of the Privacy Commissioner of Canada. I'm not aware of anything that could be considered a horrendous failure of these systems or institutions. A digital ID could actually make them more secure.
I also think giving kids devices that identifies them automatically as children is dangerous.
If you're Canadian, then you don't have much in terms of legal safeguards to begin with, given the notwithstanding clause of your constitution.
2 replies →
> I want a government-issued digital ID with zero-knowledge proof for things like age verification
I absolutely do not want this, on the basis that making ID checks too easy will result in them being ubiquitous which sets the stage for human rights abuses down the road. I don't want the government to have easy ways to interfere in someone's day to day life beyond the absolute bare minimum.
> government issued email, integrated with an OAuth provider
I feel the same way, with the caveat that the protocol be encrypted and substantially resemble Matrix. This implies that resetting your credentials won't grant access to past messages.
My Idea is you go to a post office with your id and they give you an anonymous verification token (proven through open source) you can use to create a person verified email at home. limit on how many per year. protected top level domain like .edu and .mil are currently that only certified humans can use, so your email can be anonymous but also a proof of identity
I guess anonymous and verified identity are two separate things. It might be useful for the government to provide either one of those.
Regarding tying proof of residency (or whatever) to possession of an anonymized account, the elephant in the room is that people would sell the accounts. I'm also not clear what it's supposed to accomplish.