We all know “proof of age” or “age verification” is synonymous with mass surveilance, but the words “proof of age” were cleverly choosen so the average person considers it the same as showíng another person a driver’s license. Unecessary or otherwise it’s only a minor inconvenience. And there is no harm to privacy.

So what should we call “proof of age” or “age verification” which is just as punchy, but communicatee the real intent? How can we subvert this attack on our rights by turning these twisted words against themselves?

  • strung6387@lemmy.ml
    0·
    17 days ago

    We all know “proof of age” or “age verification” is synonymous with mass surveilance

    Is it? I was under the impression that websites would use private identity verification companies like iDenfy to perform age verification. The identity verification company would need to use a government API to verify the person’s existence and age, but this doesn’t necessarily mean that the identity verification company is reporting to the government which people have initiated age verification, or for which websites.

    • NotMyOldRedditName@lemmy.world
      0·
      17 days ago

      but this doesn’t necessarily mean that the identity verification company is reporting to the government which people have initiated age verification, or for which websites.

      Oh sweet summer child.

      Unless it’s designed to not be capable of doing it (its not), they are doing it and it’s the intended plan.

      • sunbeam60@lemmy.ml
        0·
        17 days ago

        In the EU the legal framework requires a ZKP implantation. Laws would be broken if traceability was introduced.

        • missfrizzle@discuss.tchncs.de
          0·
          16 days ago

          what prevents you from leaking your token on the internet, so everyone can use it? it has to be revokable somehow. to be revokable it has to be correlatable, so you can tell where the same token is used across multiple sites. which leads to easy deanonymization.

          ZKP is window-dressing. it’s still a major privacy intrusion. don’t fall for it.

          (also, it paves the way for lgbt issues, sex ed, harm reduction and activism to be censored behind the 18+ barrier, but that’s a different matter.)

          • sunbeam60@lemmy.ml
            0·
            16 days ago

            You have to trust someone.

            And I can’t speak for all the implementations around the world. But I can speak for the Danish one. Or at least what the design is intended to be right now.

            The Danish verification tokens are single use. Yes they get checked against a database, centrally, but that database doesn’t hold any information about who the token was issued to, just whether it’s a valid token that hasn’t been used before.

            So your digital wallet holds a set of single use tokens. You have to log in using MitID (central government system for proving your identify online), then your wallet is issued age proofing tokens which you then hand over to the website to prove your age.

            So there are a million ways that COULD be abused, just like there are a million ways your bank could abuse the information it holds about you. In both cases, laws require that neither abuse their privilege.

            You have to trust someone. Or live a hermit.

        • NotMyOldRedditName@lemmy.world
          0·
          16 days ago

          Well that’s awesome. I had heard Germany did a ZKP solution, I didn’t realize it was EU law.

          I don’t really expect anywhere but the EU to do that though. ZKP are really the only way to do it if it’s going to be done.