Comment by jsheard

I do like the idea of the “this is a child” taint (ok, terrible name but I really think it should be a near-unremovable thing on a platform like Apple’s that’s so locked down/crypto signed etc).

Like, you’d enroll it by adding a DOB and the computer/phone/etc would just intentionally fail all compatible age checks until that date is 18 years in the past. To remove it (e.g. reuse a device for a non-child), an adult would need to show ID in person at Apple.

Government IDs could be used to do completely privacy preserving, basically OpenID Connect but with no identifying property, just an “isEighteenOrMore” property. However, i agree it’ll never happen in the US because “regular” people still don’t know how identity providers can attest without identifying, and thus would never agree to use their government ID to sign into a pornsite. And on top of all that yeah nobody trusts the government, basically in either party, so they’d be convinced the government was secretly keeping a record of which porn sites they use. Which to be fair is not entirely unlikely. Heck, they’d probably even do it by incompetence via logs or something and then have people get blackmailed!

> where the platform doesn’t see your ID

ID checks aren't very worthwhile if anyone can use any ID with no consequences.

How long would it take for someone's 18 year old brother to realize they can charge everyone $10 to "verify" everyone's accounts with their ID, because it doesn't matter whose ID is used?

this is already how the EU infrastructure for digital ID works, basically. Using public/private keys on your national id, the government functions as a root authority that you (and other trusted verifiers downstream) can identify you with and commercial platforms only get a yes/no when you want to identify yourself but have no access to any data.

South Korea also has had various versions of this even going back to ~2004 I think.

I see this currently being pushed by some politicians in the EU. And I have a slight suspicion that some of these politicians are literally lobbyists.

The "oh my god, think of the children" is similar to "oh my god, think of the terrorists". I am not saying all of this is propaganda 1:1 or a lie, but a lot of it is and it is used as a rhetoric tool of influence by many politicians. Both seems to connect to many people who do not really think about who influences them.

In functioning states, the ID contains a chip with a private key that can be used to sign a message, and ID verification would not be an image of the ID card, but rather holding your phone's NFC reader to the card and signing a message from the site.

In Japan, there are already multiple apps which use something like this to verify user's age via the "my number card" + the smartphone's NFC reader.

It's more or less impossible to forge without stealing the government's private keys, or infiltrating the government and issuing a fraudulent card.

Of course, the US isn't a functioning state, the people don't trust it with their identity and security and would rather simply give all their information to private companies instead.

When I had to prove my passport for my bank over a video call they told me to rotate it around in the sunlight to show that it had the holo-whatever ink. So I wouldn't put it past them.

Don't you have to be over 18 to get a credit card in the US? How many wouldn't be able to present a CC or ID?

Those without driver's licenses or passports can get a state ID card instead, if I'm not mistaken. A pain, but an option.

Yeah that’s not true. It’s a lie. And we all know why it’s a lie. Adults in the US with ID is 99%

wat. the majority of Americans have a DL, ID, or Passport. What a silly thing to say.

For DL alone:

>Data indicates that approximately 84% to 91% of all Americans hold a driver's license, with roughly 237.7 million licensed drivers in the U.S. as of 2023.

Add in an ID and Passport and we are likely closer to 99%

This is extremely dangerous, and would only work with hardware/software that is nonfree (i.e., not under the user's control, or any attestation could be spoofed).

> Personal Identity Verification (PIV) and Common Access Card (CAC) credentials used by US government & military via NFC already work on web browsers. States should just move to digital IDs stored on smartphones, with chain of trust up through the secure element...

I think you're... missing the point of the pushback. People DO NOT WANT to be identified online, for fear for different types of persecution.

Is there any data on what kind of hits to enrollment were taken by facebook, gmail etc when they added requirements like a phone #? Maybe it's buried in their sec filings. Anyway, this "cat and mouse" game is probably irrelevant. They're not looking for and don't need a perfect system. Bc 99% of the public couldn't care less about handing over their information.

I think you massively overestimate how many people actually care.

My guess is that 95% or more of all Discord users do not care and simply upload their selfie or ID card and be done with it. I know I will (although they did say that they expect 80%+ to not require verification since they can somehow infer their age from other parameters)

Is there any data on what kind of hits to enrollment were taken by facebook, gmail etc when they added requirements like a phone #? Maybe it's buried in their sec filings.