This is the first part of a three-part series about age verification in the European Union. In this blog post, we give an overview of the political debate around age verification and explore the age verification proposal introduced by the European Commission, based on digital identities. Part two...

The UN Convention on the Rights of the Child clearly expresses that minors have rights to freedom of expression and access to information online, as well as the right to privacy.

These rights would be steamrolled by age verification requirements.

  • Ooops@feddit.orgEnglish
    2·
    1 day ago

    We seem to talk about vastly different things or from complete different technical perspectives here, so I will take a few steps back and simplify it:

    I, the government, issue your ID (with all the usual stuff making if forgery-proof). On the front is all your personal info, on the back a big marker that you are a legal adult.

    If you want to buy something age-limited you just show the backside of your ID. I as the government have all your data but don’t know where you use your ID, the guy checking your ID has no data because he can trust me that I checked your age and provided a forgery-proof ID personally for you.

    That’s it. That’s the whole (simplified) process. And you can reacreate exactly this concept digitally with basic cryptographic methods for online use.

    So were is the problem with such a model? (Yes, I know that this is NOT what they are planning. But that’s the whole point. It is possible, the governments are just not interested because they actually don’t want to protect oyur privacy and outsourcing other methods to private companies -that do it cheaply because they want your data- is more profitable.)

    • kbal@fedia.io
      1·
      1 day ago

      The main reason we can show our physical government-issued ID card to someone in a shop in relative safety is that it’s a human looking at it with their eyes, which do not have the ability to record and permanently store in machine-readable form all the information on it (such as a photo) that would identify their customer. (Of course when they hook up face recognition systems to their surveillance cameras we have other privacy problems, but that’s another story.)

      The same thing cannot so easily be done across the Internet. Something like it may be possible in theory, with some caveats, although it’s hard to tell for sure until we see an actual design document for such a system that is complete to the point where we could examine the details and see if it might really work in practice. Nobody seems to have got that far as of yet. All the actual proposals that I’ve seen sacrifice privacy for convenience of implementation because doing otherwise would be very complicated and difficult.