Disclaimer: I’m not from US, I know little about US laws and how this age verification will look.
So if anyone needs from me the verification that I am who I am in my day-to-day life (in a bank, at bureau, …) it’s usually handled via the Notary office. It might sound old school but it’s really great actually - do you have a printed document and you need a proof that you actually signed it? Notary. Do you need a copy and you need a proof that it’s actually 1-to-1 copy of the original? Notary. etc. And it costs like 2-5 € where I live.
So if someone would ask me to prove that I’m older than 18 years old and I’d like to keep my anonymity in the process … notary. I’d of course not send my ID to any corporation, I’d go to notary with a document: “User of platform XYZ identified by their ID 123 is more than 18 years old”. I’d just need to prove to notary that I actually am user 123 but I can do that in their office. Not to mention that we could find a way to anonymize platform completely in this process using some hash.
Is this possible for these age verification laws? Or is there some flaw in my thinking?
In Belgium we have « it’s me » which is government - backed.
Based on configuration you can integrate a service with it and, if the service is respectful and not greedy, you can get a flag indicating majority of a person without the full PII.
The user sees on its screen what data will be provided to the service.
So it’s rather transparent and honestly not bad from a privacy perspective.
it’s government backed, their for the government knows every time it’s used and it identifies you…
when a service requests to use it, it becomes correlation data… this is data both the government and the application developers can use to identify you on the internet.
It may mean nothing today, but I can and will if either the application switches developers to a nation who uses this information for nefarious means. or if your government changes policies to something intentionally nefarious.
blind trust is never good.
I’m not advocating blind trust. Nor being too trusty. The specific point here is service access with need of proof of age.
The threat I was addressing in this instance is the service provider not the trust provider.
Other patterns apply for scenarios in which government is a threat a well.
Let’s not let perfect be the enemy of good enough.
The government is the primary untrusted party in the places where this is being implemented unfortunately… It’s not a bad system you’re suggesting, but it doesn’t address the problem either
There’s nothing of the sort in OP’s post. Maybe you have such a use-case?
Also it’s literally implemented where I am from and the government isn’t the worse party yet for us.
Not the government provided identity verification service…I can see the use case for that , even if the government is an untrusted party
I mean the age gating laws going around. They’re suddenly popping up all at once because there’s a not so secret cabal of surveillance state freaks trying to make 1984 happen
And I do mean freaks. They’re death cultists trying to bring about the end of the world either because they think they’ll stand even higher on top of the rubble for some reason or from quasi religious psychosis. Look up Peter Tiel and palantir if you want to learn more, it’s pretty disturbing stuff when you realize how many governments are buying into it
But these laws are being pushed so private companies can collect data on the population and sell monitoring back to the government. If the government is part of the demasking process, they’ll get everything they want neatly packaged
Does “it’s me” know which service is using it? Yeah? So it’s not private at all.
Private from the service side, not from the trust provider obviously.
That is definitely one way to do it, but it does get messy from the services side, every service needs to support a few thousand jurisdictions. It’s also basically the notary system the OP described.
We have mygovid here on Aus, but there is a lot of distrust given its a “big government” ID system… It doesn’t do age verification though, but it would be suitable for it
It works well enough across Europe with many of such systems being compatible enough for things like petitions at EU level.
Not perfect but much faster than the notary system… and way cheaper as well if your notaries are the same as mine.