Comment by autoexec

25 days ago

> So do extremely simple systems like selling age-verification scratchcards in grocery stores

Which stores sell age-verification scratchcards? How do you make sure they can't be traced back to the person who paid for them or where they were purchased from? How would a website know the person using the card is the same person who paid for them? It may be a simple system, but it still sounds ineffective, dangerous, and unnecessary.

7 comments

autoexec

Reply
triceratops  25 days ago

> Which stores sell age-verification scratchcards?

Stores that sell other age-restricted products.

> How do you make sure they can't be traced back to the person who paid for them

How would they be traced? Pay cash. I've never had my ID scanned or recorded when I buy alcohol. And now I look old enough that I don't even have to show ID.

If someone can trace the store they're bought from and you're that paranoid, rotate between stores. Buy them from a third-party. Drive to another state and buy them there. So many options.

> How would a website know the person using the card is the same person who paid for them?

They don't. How does Philip Morris know the person who bought the cigarettes is the same person lighting up? It's clearly not that important when selling actual poisons so why would it matter for accessing a website? The system works well enough to keep most kids from smoking.

Rate-limit sales in a store (one per visit) and outlaw selling or transferring them to a minor (same penalties as giving alcohol or tobacco to a child). Require websites to implement one code per account policies with a code TTL of 6 months or a year, and identify and disallow account sharing. It's Good Enough verification with nearly perfect anonymity.

  • autoexec  25 days ago

    > Stores that sell other age-restricted products.

    So far, I've never seen an age verification scratch card sold anywhere

    > How would they be traced?

    Your ID is collected at retail and its barcode scanned along with a barcode on the card, your personal data and card ID get uploaded to a server operated by the entity that created the cards and/or the state. ID barcode scan can be replaced or used alongside facial recognition, data collected (directly or passively) from your cell phone, your credit card info, etc. Even just being able to link a used card back to the time/place it was purchased could be enough to ID someone and put them at risk.

    > It's clearly not important when selling actual poisons so why would it matter for social media?

    The main difference is that I can't upload 1 million cigarettes to the internet for anyone of any age to anonymously download and smoke, but I could upload a spreadsheet of 1 million unredeemed scratch off codes to the internet for anyone to use. It seems highly likely that codes would get sold, shared online, generated, or leaked which means cards would be ineffective at keeping children from using them.

    Why should we be okay with jumping through a bunch of hoops that don't even do what they're supposed to in the first place while costing us money and opening ourselves up to new risks in the process? I reject the premise that proving my identity to a website is necessary let alone being worth the costs/risks. Scratch cards seem likely to fail at being private or effective. Of course, "Think of the children" is really only the excuse. Surveillance and control is the real motivation and any system that doesn't meet that goal is doomed to be replaced by one that does.

    • palata  25 days ago

      > So far, I've never seen an age verification scratch card sold anywhere

      Because it was an idea. Something that is not implemented yet, but could be interesting.

    • hackeraccount  25 days ago

      Buying alcohol is nothing like getting an anonymous token that grants the right to a Google account.

      This is equivalent to saying you either need to be over 16 or have a parents permission which will not work for any number reasons that someone else can enumerate.

      It's a nice idea. Won't work.

      2 replies →

    • triceratops  25 days ago

      > I've never seen an age verification scratch card sold anywhere

      It isn't something that exists today.

      > Your ID is collected at retail...

      You know perfectly well I already addressed that whole argument in my original comment. I know you're philosophically opposed to age verification (a perfectly valid opinion), but that's no reason to tear down strawmen.

      If you care at all, here's the proposal in full: https://news.ycombinator.com/item?id=46447282

      > Even just being able to link a used card back to the time/place it was purchased could be enough to ID someone

      Even when close to every adult is buying them every year? Doubt. But in any case also addressed with alternatives in my original comment.

      > I could upload a spreadsheet of 1 million unredeemed scratch off codes to the internet

      You can't, for the same reason you can't just get unsold gift card codes on the internet.

      > I reject the premise that proving my identity to a website is necessary

      Again, a valid and reasonable position. But how long will the internet continue to operate like that?

      > Of course, "Think of the children" is really only the excuse. Surveillance and control is the real motivation

      Also mostly correct. Now I don't think children should be on social media. Whether or not there's a government ban, I'll do my best to keep my kids off it. The spooks are taking advantage of "save the children" voters to advance their own agenda. If it's possible to satisfy the "save the children" crowd, without violating anyone's privacy, then the spooks lose their support.

      The alternative is to sit around as age gates get thrown up and you have to upload your passport to do anything.