The site would only know that the user’s age is being vouched for by some government-approved service. It would not be able to use this to track the user across different devices/IPs, and so on.
The service would only know that the user is requesting that their age be vouched for. It would not know for what. Of course, they would have to know your age somehow. EG they could be selling access in shops, like alcohol is sold in shops. The shop checks the ID. The service then only knows that you have login credentials bought in some shop. Presumably these credentials would not remain valid for long.
They could use any other scheme, as well. Maybe you do have to upload an ID, but they have to delete it immediately afterward. And because the service has to be in the EU, government-certified with regular inspections, that’s safe enough.
In any case, the user would have to have access to some sort of account on the service. Activity related to that account would be tracked.
If that is not good enough, then your worries are not about data protection. My worries are not. I reject this for different reasons.
is being vouched for by some government-approved service.
The reverse is also a necessity: the government approved service should not be allowed to know who and for what a proof of age is requested.
And because the service has to be in the EU, government-certified with regular inspections, that’s safe enough
Of course not: both intentional and unintentional leaking of this information already happens, regularly. That information should simply not be captured, at all!
Additionally, what happens to, for example, the people in Hungary(*)? If the middle man government service knows when and who is requesting proof-of-age, it’s easy to de-anonymise for example users of gay porn sites.
The 3rd party solution, as you present it, sounds terribly dangerous!
(*) Hungary as a contemporary example of a near despot leader, but more will pop up in EU over the coming years.
The reverse is also a necessity: the government approved service should not be allowed to know who and for what a proof of age is requested.
It would send the proof to you. It would not know what you do with it. I gave an example in the previous post how the identity of the user could be hidden from the service.
If the middle man government service knows when and who is requesting proof-of-age, it’s easy to de-anonymise for example users of gay porn sites.
It would be a lot easier to get that information from the ISP.
I gave an example in the previous post how the identity of the user could be hidden from the service.
In both your examples the government service has your full identity, then pinky promises to forget it.
Unless I’m misunderstanding something?
It would be a lot easier to get that information from the ISP.
Not quite the same, as IP addresses are shared through NAT, VPNs exist, etc. With the proposed legislation it is illegal for website operators to deliver content to known VPN ips, as they cannot confirm that the end user isn’t a EU subject.
In both your examples the government service has your full identity, then pinky promises to forget it.
It can be like buying alcohol in a store. They look at you and see your age. Or if it’s unclear, the store clerk asks your idea and promptly forgets all about it. Except you’re not buying alcohol but a login for some age verifier.
The site would only know that the user’s age is being vouched for by some government-approved service. It would not be able to use this to track the user across different devices/IPs, and so on.
The service would only know that the user is requesting that their age be vouched for. It would not know for what. Of course, they would have to know your age somehow. EG they could be selling access in shops, like alcohol is sold in shops. The shop checks the ID. The service then only knows that you have login credentials bought in some shop. Presumably these credentials would not remain valid for long.
They could use any other scheme, as well. Maybe you do have to upload an ID, but they have to delete it immediately afterward. And because the service has to be in the EU, government-certified with regular inspections, that’s safe enough.
In any case, the user would have to have access to some sort of account on the service. Activity related to that account would be tracked.
If that is not good enough, then your worries are not about data protection. My worries are not. I reject this for different reasons.
The reverse is also a necessity: the government approved service should not be allowed to know who and for what a proof of age is requested.
Of course not: both intentional and unintentional leaking of this information already happens, regularly. That information should simply not be captured, at all!
Additionally, what happens to, for example, the people in Hungary(*)? If the middle man government service knows when and who is requesting proof-of-age, it’s easy to de-anonymise for example users of gay porn sites.
The 3rd party solution, as you present it, sounds terribly dangerous!
(*) Hungary as a contemporary example of a near despot leader, but more will pop up in EU over the coming years.
It would send the proof to you. It would not know what you do with it. I gave an example in the previous post how the identity of the user could be hidden from the service.
It would be a lot easier to get that information from the ISP.
In both your examples the government service has your full identity, then pinky promises to forget it.
Unless I’m misunderstanding something?
Not quite the same, as IP addresses are shared through NAT, VPNs exist, etc. With the proposed legislation it is illegal for website operators to deliver content to known VPN ips, as they cannot confirm that the end user isn’t a EU subject.
It can be like buying alcohol in a store. They look at you and see your age. Or if it’s unclear, the store clerk asks your idea and promptly forgets all about it. Except you’re not buying alcohol but a login for some age verifier.
So yes, they get your identity, then promise to forget it.
That’s a worst of both worlds proposal: it makes it trivial to deanonymise people, and it doesn’t solve the replay attacks.
Maybe buying alcohol works differently where you live.
They ask for ID card indeed, making it super easy to just make a copy. On top of that, your payment details are stored. You’re on camera. Etc.
Super easy to automate deanonymization. (1).