| ▲ | gertrunde 5 days ago |
| I would like to think there there is a solution that can be engineered, in which a service is able to verify that a user is above an appropriate age threshold, while maintaining privacy safeguards, including, where relevant, for the age-protected service not to be privy to the identity of the user, and for the age verification service to not be privy to the nature of the age-protected service being accessed. In this day and age, of crypto, and certificates, and sso, and all that gubbins, it's surely only a matter of deciding that this is a problem that needs solving. (Unless the problem really isn't the age of the user at all, but harvesting information...) |
|
| ▲ | michaelt 5 days ago | parent | next [-] |
| Unfortunately, no amount of blockchains and zero-knowledge proofs can compensate for the fact that 15 year old has a 18 year old friend. Or the fact that other 15 year old looks older than some 20 year olds. Or the fact that other 15 year old's dad often leaves his wallet, with his driving license, unattended. Over the next five years, you can look forward to a steady trickle of stories in the press about shocked parents finding that somehow their 15 year old passed a one-time over-18 age verification check. The fact compliance is nigh-impossible to comply with is intentional - the law is designed that way, because the intent is to deliver a porn ban while sidestepping free speech objections. |
| |
| ▲ | throwaway290 4 days ago | parent | next [-] | | None of these things are a problem. > 15 year old has a 18 year old friend Adults can be prosecuted for helping minors circumvent the checks. > Or the fact that other 15 year old looks older than some 20 year olds See Australian approach. Site can verify you and both government and site don't know who you are. No need for photo. > shocked parents finding No law is a replacement for bad parenting. But good parenting is easier with the right laws. > a one-time over-18 age verification check it can happen more than once non intrusively. | | |
| ▲ | michaelt 3 days ago | parent [-] | | > Adults can be prosecuted for helping minors circumvent the checks. If you skip the need for privacy protection and just retain a copy of the photo ID used to verify the account? Then sure. But if age is validated in a way that preserves privacy? Then there's no evidence linking the adult to the crime. | | |
| ▲ | throwaway290 3 days ago | parent [-] | | "No evidence" doesn't make it not a crime. Most people wouldn't do crime even if no one found out. And once that adult committed a crime anyone involved can report it, including that minor friend. It's blackmail material. Better not fall out! |
|
| |
| ▲ | Hyperboreanal 5 days ago | parent | prev [-] | | [flagged] | | |
|
|
| ▲ | m463 5 days ago | parent | prev | next [-] |
| A humorous age verification quiz for the Leisure Suit Larry game. My boss is
a. a jerk.
b. a total jerk.
c. an absolute total jerk.
d. responsible for my paycheck.
Correct answer: d. dated, and very politically incorrect... https://allowe.com/games/larry/tips-manuals/lsl1-age-quiz.ht... (scroll down past answers to questions and answers) |
| |
| ▲ | stult 5 days ago | parent [-] | | I'd say all of the above but my boss is very forgiving of me. It helps that I am self-employed. |
|
|
| ▲ | Edmond 5 days ago | parent | prev | next [-] |
| There is a solution and I am the developer: https://news.ycombinator.com/item?id=40298552#40298804 Talking about it or explaining it is like pulling teeth; generally just a thorough misunderstanding of the notion....even though cryptographic certificates make the modern internet possible. |
| |
| ▲ | whall6 5 days ago | parent | next [-] | | How are the certificates issued? | | |
| ▲ | Edmond 5 days ago | parent [-] | | https://certisfy.com/partnership/ Any number of entities can be certificate issuers, as long as they can be deemed sufficiently trustworthy. Schools, places of worship, police, notary, employers...they can all play the role of trust anchor. | | |
| ▲ | arctek 5 days ago | parent | next [-] | | This just moves the issue elsewhere though. I do agree that adding an extra step of having to notarize documents will filter many people. But outside of this if someone is determined they can issue fake documents at this level of provenance. Drivers licenses for example you can buy the printing machine and blanks (illegally) so you actually need to check the registrar in that location. | |
| ▲ | blibble 5 days ago | parent | prev [-] | | interesting idea... how do you handle revocation when people inevitably start certifying false information? | | |
| ▲ | Edmond 5 days ago | parent [-] | | The app allows for self-revocation using the private key or a revocation code given when cert is issued, this is useful if a certificate is compromised...there is also an admin interface a trust anchor can use to revoke certificates they issue, a rogue trust anchor chain can also be revoked. | | |
| ▲ | blibble 5 days ago | parent | next [-] | | how does rogue anchor revocation in practice? say if an anchor has issued tens of thousands of legitimate ids, and also ten to career fraudsters who gave them $10000 each as you've outsourced the trust you have no idea which are legitimate, and if you revoke the lot you're going to have a lot of refunds to issue (ultimately this is why countries only allow people who can be banned from their profession to certify documents) | | |
| ▲ | Edmond 5 days ago | parent [-] | | Each trust anchor gets issued a single certificate that can have delegation ability, ie the ability to issue new trust anchor certs to others. So if say a UPS store is issued a cert and they go rogue, we can just revoke the trust anchor cert that was issued to the store, all certs issued further down are also automatically revoked...the revocation check is done either in the app or in the case of a third-party performing the verification they will recognize that there is a cert on the issuing chain that is revoked and reject the cert. This is how TLS certs are handled too, if a CA goes rogue, all certs issued by that CA are revoked once the CA's root cert is revoked. As for refund issues, that's a problem for the cert issuer to deal with. | | |
| ▲ | blibble 5 days ago | parent | next [-] | | > As for refund issues, that's a problem for the cert issuer to deal with. no, it's your problem, as it's your brand slapped over everything, and now you've got tens of thousands of innocent people angry that you've revoked the IDs they paid for in good faith this would translate into lawsuits, against you | |
| ▲ | whall6 5 days ago | parent | prev [-] | | When you say that “we” can revoke, I assume you are talking about your company - the app. What sort of resources would be required to constantly audit the potentially thousands or hundreds of thousands of certificate issuers on your platform? |
|
| |
| ▲ | whall6 5 days ago | parent | prev [-] | | Who is the entity that has the ability to revoke the certificate? |
|
|
|
| |
| ▲ | csomar 5 days ago | parent | prev [-] | | I don’t get it. What is to prevent a 9 year-old from buying a certificate and using it? | | |
| ▲ | Edmond 5 days ago | parent [-] | | This video addresses that: https://youtu.be/92gu4mxHmTY All certificates are cryptographically linked to an identity-anchor certificate, meaning buying a certificate would require the seller reveal the private key tied to the identity-anchor certificate, a tall order I would argue. In the case of stolen identity certificates, they can be revoked thus making their illegitimate utility limited. | | |
| ▲ | malfist 5 days ago | parent [-] | | So an older brother gives his sibling a key. Why would your design prevent that? | | |
| ▲ | hn_throwaway_99 5 days ago | parent [-] | | We can still have laws, e.g. that using someone else's certificate (or knowingly giving them your certificate) would constitute fraud. We have laws against kids buying alcohol, even though kids can (and do) try to get adults to buy them booze, but I don't think that's a good reason to say we shouldn't have laws against kids drinking. | | |
| ▲ | malfist 4 days ago | parent [-] | | Sure, I agree. But we're talking about a claim by GP that his cyrpographic system prevents this behavior. If it can't, it's no better than a button that says "I'm 18" |
|
|
|
|
|
|
| ▲ | Adverblessly 5 days ago | parent | prev | next [-] |
| Here is my solution: Provide easy to use on-device content filtering tools so parents can easily control what their children can access (there are a few ways to do this through law, like requiring it from OS providers or ISPs or just writing these tools directly). To make it easy, Discord can provide their services under both adults.discord.com and minors.discord.com so parents can more easily block only the 18+ version of Discord. Require personal responsibility from parents to decide what is appropriate for their child. |
|
| ▲ | Barrin92 5 days ago | parent | prev | next [-] |
| Already exists in a lot of places. German national IDs for like 10 years or something like that have an eID feature. It's basically just a public/private key signing scheme. The government and a bunch of other trusted public providers are able to issue identities, you can sign transactions with them or verify your age to commercial service providers, or transfer some data if that's required with your consent. (https://www.personalausweisportal.de/Webs/PA/EN/citizens/ele...) Estonia and South Korea I think also have similar features on their IDs, it's already a solved problem. |
|
| ▲ | fvdessen 5 days ago | parent | prev | next [-] |
| The problem is who pays to maintain the system. There are systems that allow you to share your age anonymously (among other things) and they’re already widely used in Europe but the system knows what you’re using it for since the second party pays for the information, and some accounting info is needed for the billing. It would be completely illegal for the system to use that info for anything else though. |
|
| ▲ | red_trumpet 5 days ago | parent | prev | next [-] |
| > a service is able to verify that a user is above an appropriate age threshold, while maintaining privacy safeguards AFAIU, the German electronic ID card ("elektronischer Personalausweis") can do this, but it is not widely implemented, and of course geographically limited. |
|
| ▲ | strangecasts 5 days ago | parent | prev | next [-] |
| The problem is that it is much easier to implement such a check in a way which lets the verification service link the site to the user, with no discernable difference to the end user e: I get the same feeling as I do reading about key escrow schemes in the Clipper chip vein, where nobody claimed it was theoretically impossible to have a "spare key" only accessible by warrant, but the resulting complexity and new threat classes [1] just was not worth it [1] https://academiccommons.columbia.edu/doi/10.7916/D8GM8F2W |
|
| ▲ | paxys 5 days ago | parent | prev | next [-] |
| Transferring your age and a way to verify it to any third party is by definition a privacy violation. Doing so in a safe way is literally impossible since I don't want to share that information in the first place. |
| |
| ▲ | packetlost 5 days ago | parent | next [-] | | I feel like you could, theoretically, have a service that has an ID (as drivers license ID), perhaps operated by your government, that has an API and a notion of an ephemeral identifier that can be used to provide a digital attestation of some property without exposing that property or the exact identity of the person. It would require that the attestation system is trusted by all parties though, which is I think the core problem. | | |
| ▲ | brian-armstrong 5 days ago | parent | next [-] | | Wouldn't this require the API provider to know that tbe citizen is connecting to the app? Grindr users might be squeamish about letting the current US admin know about that. | | |
| ▲ | mschuster91 5 days ago | parent | next [-] | | ICAO compliant ID cards (aka passports) and many national ID cards already are smartcards with powerful crypto processors. Hand out certificates to porn, gambling or whatever sites, that allow requesting the age of a person from the ID card, have the user touch their ID card with their phone to sign a challenge with its key (and certificate signed by the government), that's it. Government doesn't know what porn site you visited, and porn site only gets the age. | |
| ▲ | packetlost 5 days ago | parent | prev [-] | | Not necessarily, you can define the protocol such that it's all done with opaque IDs instead of identifying info. |
| |
| ▲ | red_trumpet 5 days ago | parent | prev [-] | | This is not only theoretical, the German ID card ("elektronischer Personalausweis") can do exactly this. |
| |
| ▲ | nonchalantsui 5 days ago | parent | prev | next [-] | | Do you feel this way when you enter credit card information when making a purchase online? | | | |
| ▲ | rlpb 5 days ago | parent | prev [-] | | > Transferring your age and a way to verify it to any third party is by definition a privacy violation. No it's not. Unless... > Doing so in a safe way is literally impossible since I don't want to share that information in the first place. ...well then it is. But it's not constructive to claim that proving your age to someone is by definition a privacy violation. If someone wants to prove their age to someone, then that's a private communication that they're entitled to choose to make. It is true that if technology to achieve this becomes commonplace, then those not wishing to do so may find it impractical to maintain their privacy in this respect. But that doesn't give others the right to obstruct people who wish to communicate in this way. |
|
|
| ▲ | Aurornis 5 days ago | parent | prev [-] |
| Crypto comes up every time this topic is discussed but it misses the point. The hard part is identifying with reasonable accuracy that the person sitting in front of the device is who they say they are, or a certain age. Offloading everything to crypto primitive moves the problem into a different domain where the check is verifying you have access to some crypto primitive, not that it’s actually you or yours. Any fully privacy-preserving crypto solution would have the flaw that verifications could be sold online. Someone turns 21 (or other age) and begins selling verifications with their ID because there is no attachment back to them, and therefore no consequences. So people then start imaging extra layers that would protect against this, which start eroding the privacy because you’re returning back to central verification of something. |
| |
| ▲ | Eavolution 5 days ago | parent [-] | | That sounds like a reasonable compromise to me, it's already what happens with ID for pubs etc so I don't think it's much different to the status quo |
|
