| ▲ | qualeed 5 days ago |
| I like the spirit but wouldn't this run afoul of one or two laws? Identity fraud or some such? I'm not in the UK, so I don't have any idea about their laws, but I'd be shocked to find this was above board. Your FAQ claims it's a parody site and claims "The ID number isn't valid and you can't use the card for anything real." but you've just confirmed here it can indeed be used for real things (discord, reddit). Your domain registration is UK-based, so, be careful! |
|
| ▲ | nemomarx 5 days ago | parent | next [-] |
| If you can fool discords implementation with a video game character they can't actually be checking very well? |
| |
| ▲ | qualeed 5 days ago | parent | next [-] | | I certainly agree! However, I doubt that's a strong legal argument. | | |
| ▲ | arrowsmith 5 days ago | parent | next [-] | | What law is being broken here exactly? It's certainly illegal to make fake IDs, but I don't know if that applies to just generating an image rather than fully forging a physical copy. And anyway these images look nothing like the real IDs: https://en.wikipedia.org/wiki/Driving_licence_in_the_United_... | | |
| ▲ | Aeolun 5 days ago | parent [-] | | Hmm, yeah. It’s almost as if they deliberately made them look less like the real ID’s, because I have little doubt that openai would be perfectly capable of generating that image. | | |
| ▲ | jrockway 4 days ago | parent [-] | | Another thing to think about is that this is just passthrough from an AI model. If it's illegal to make a website that spits out fake IDs, then OpenAI is illegal until they filter them. | | |
| ▲ | antonvs 4 days ago | parent | next [-] | | I'm not sure that argument would hold up legally. You could use an image editing site to create IDs and counterfeit currency as well, but such sites are legal. | | | |
| ▲ | AlecSchueler 4 days ago | parent | prev [-] | | Things like intent matter. You can go into your local library and photocopy an ID but it doesn't make the library culpable for providing fake IDs. |
|
|
| |
| ▲ | AlecSchueler 4 days ago | parent | prev [-] | | True but the wording of the act actually places the onus on the service provider to verify the identities, not on the user to give them. It would be Discord in this case having to make the legal defence. | | |
| ▲ | qualeed 4 days ago | parent [-] | | >It would be Discord in this case having to make the legal defence. There's no rule that only 1 entity can get in trouble. If I use a fake ID to by smokes while underage, I will definitely get in trouble for that and the store that sold me the smokes may also get in trouble (depending on how realistic the ID is, etc.). If the provider of my fake ID is found, they also get in trouble. I haven't yet heard a compelling argument why this website (who, in the analogous scenario above, would be the fake ID provider) would not be subject to the same logic. I hope that the defense of "this is a satirical website" is strong enough (or preferably, it never even has to be put to the test), however given what I've gathered about the general attitude UK legislators have regarding the internet, I think it is more likely that they would do anything in their power to try and punish someone operating a site like this. |
|
| |
| ▲ | dotancohen 4 days ago | parent | prev [-] | | Which actually does not refute GPs query. Breaking a Masterlock or Abus is the same in the eye of the law. |
|
|
| ▲ | belorn 4 days ago | parent | prev | next [-] |
| Law often focus on intent. I am not sure if identity fraud can be applied if the person are not gaining anything (assuming they are of the right age). Service providers might be of fault if their verification practices are not compliant with regulations, but I don't know if the law puts any requirements on users to verify their identity. To me this seems more similar to a people participating in a masquerade or comedian who dress themselves in the likeness of a politician. They are using the identity of the politician, but not in the way that identity fraud is intended to prevent. Domain registration is an interesting example. To my knowledge, falsifying domain registration data is not a crime. Domain registrars have regulations to verify the identity of customers, including the recourse to suspend a domain if the data is incorrect. I could see a case if a person impersonate a politician in order to falsely attribute content of a website, under a registered domain name, as belonging/sanctioned by that politician, but that would likely fall under defamation laws. The crime could also be identity fraud, but the intent would be defamation. |
| |
| ▲ | qualeed 4 days ago | parent [-] | | >Service providers might be of fault if their verification practices are not compliant with regulations, but I don't know if the law puts any requirements on users to verify their identity. As I mentioned in another comment, I've heard no compelling argument that differentiates between this scenario (e.g. kid uses this site to access a nsfw subreddit) and an underage kid buying smokes with a fake ID. In that scenario, the police don't just pick 1 entity to punish. The kid gets in trouble, the store (most likely) gets in trouble, and (if found) the fake ID supplier gets in trouble. In the end, I hope that the owner of the website never has to find out exactly where and how the laws shake out, and that "it's a satirical website" is a strong enough defense. But from my armchair, I would suspect that the UK police/legislators would not look favorably on the "it's satire" defense. Especially because of this post which advertises that the fake ID works for some services, and there are under-18s on HN. >Law often focus on intent. I would expect that advertising that the IDs work on real services undermines any defense of "my intent was satire". | | |
| ▲ | belorn 4 days ago | parent [-] | | In the case of the underage kid, they are actually gaining something by using a fake ID to buy smokes for which they otherwise would not be able to buy. The situation that the website is promoting would be if the kid used an ID of an other underage kid, for which they would be equally denied to buy smokes with. The outcome (and intent) need to be one where the user do not gain anything practical. I work at a domain registrar and I have yet to here anyone talking about criminal punishment for false registration data. I have also never heard about any one being charged for filling in the wrong phone or email address when signing up for a service or membership. Looking at my local laws here in Sweden, the law text for identity fraud explicitly requires that the use of something else identity must result in some for of direct harm to the person. UK law could be different, but I have yet to hear something to indicate this. | | |
| ▲ | qualeed 4 days ago | parent | next [-] | | >In the case of the underage kid, they are actually gaining something by using a fake ID to buy smokes for which they otherwise would not be able to buy. The scenario I was comparing is an underage kid visiting this website, generating an ID, and accessing content that would otherwise be illegal for them to access by using the fake ID. In this scenario, everyone (potentially) would be in trouble, not just the website verifying the ID, just like an underage kid buying smokes with a fake ID. The reason I mentioned domain registration was not because it is illegal to register a domain or anything of that sort. I mentioned it because it suggests the website owner is based in the UK, which is easy pickings for the UK government to pursue (if they choose to). If the website owner was based in Malaysia, it would be significantly harder for the UK to pursue any legal recourse against them (if they choose to). | |
| ▲ | 4 days ago | parent | prev [-] | | [deleted] |
|
|
|
|
| ▲ | pjc50 4 days ago | parent | prev | next [-] |
| What does the online safety act actually say about this? It's only supposed to be age verification, and if you are actually old enough does it matter how you proved it? Many of the age verification services explicitly promise not to retain photos! |
| |
|
| ▲ | ralferoo 3 days ago | parent | prev | next [-] |
| > I like the spirit but wouldn't this run afoul of one or two laws? Identity fraud or some such? I would say not, but then again I'm no lawyer. There's plausible deniability in that there's a big "this is satire" watermark on top of the licence. The DOB in part 3 is wrong, and the driver number in part 5 is modified to include the 5 letters of the surname, but is otherwise incorrect. The DOB encoded in the licence number doesn't even match the wrong DOB in part 3 either. If anything accepts this as valid ID, then it just shows how farcical the system is. |
|
| ▲ | Mindwipe 5 days ago | parent | prev | next [-] |
| The only way you'd ever get found out is if the affected MP was lying to the public and the identity documents do indeed get retained... |
| |
| ▲ | arrowsmith 5 days ago | parent | next [-] | | The generated addresses aren't real. It gave a London address for my MP; I know where he lives and it isn't London. Most MPs' home addresses are actually quite easy to find. Mine's was printed below his name on the ballot paper last election – a nice reminder of how we used to have a high-trust society. I doubt this practice will be continued for much longer. | | |
| ▲ | timje1 5 days ago | parent [-] | | Yeah the address on all the IDs is for parliament. I assume one could find em there |
| |
| ▲ | qualeed 5 days ago | parent | prev [-] | | >The only way you'd ever get found out is if the affected MP was lying to the public and the identity documents do indeed get retained... I'm more talking about the developer of the site rather than the users. And the developer could potentially be found out if they posted it on a popular hacking website and used a known alias and registered the domain in the UK. But, if they're comfortable, all the more power to them. As I said, I do really like the spirit of the site. | | |
| ▲ | shubb 5 days ago | parent [-] | | If I was that developer, I'd blacklist embedding of all British MPs and councilors to avoid fraud. This would also block the entire UK political class from accessing adult materials (I got blocked by a wine forum), which would be a very effective protest... |
|
|
|
| ▲ | chippiewill 5 days ago | parent | prev [-] |
| I agree, the UK Police wouldn't typically let you get away with "it's just a joke". This would constitute a mixture of identity theft, fake ID and misuse of computers. |
| |
| ▲ | timje1 5 days ago | parent | next [-] | | It's literally just sticking the MPs name into an AI and asking for it to generate a mock ID for them. None of their real data is being used (e.g. their face, their DoB, the address) and the mock IDs wouldn't fool anyone for a second. I'd love if someone who understands the law would weigh in though | | |
| ▲ | NicuCalcea 5 days ago | parent | next [-] | | I don't think "It was actually ChatGPT that committed the crime, not me" would fly in a British court. | | |
| ▲ | marcus_holmes 5 days ago | parent [-] | | That's an interesting question, though. We hold that LLMs are incapable of generating copyrighted images, so it's not just a tool - if it was just a tool then the author would be able to copyright the images. The courts recognise that an LLM is capable of generating things in its own right (which is why they're not copyrightable - copyrights only protect human works). So it follows that an LLM must be able to create images itself, separate from the human prompter. Whether that's enough to absolve the human of the crime, though - IANAL, and I suspect it would take the House of Lords to rule on it definitively. | | |
| ▲ | antonvs 4 days ago | parent [-] | | You're overthinking it. You're building on your own definition of what a tool is, but courts are likely to find that a person who used an AI with a specific type of prompt were using it as a tool and are responsible for the clearly stated intent behind their use. Whether that's actually legal in this case I don't know, but I'm pretty sure courts won't conclude "welp, it was the AI, not the user" in a case like this. | | |
| ▲ | marcus_holmes 3 days ago | parent [-] | | Yeah, probably you're right. Though it is an interesting thing to overthink - we have decided that LLMs are not tools for copyright but are tools for accountability. At some point they'll get smart enough to be accountable, and what happens then? |
|
|
| |
| ▲ | zmmmmm 4 days ago | parent | prev | next [-] | | the law is pretty fickle that way. It's illegal to rob a bank no matter how badly you bungle it. Saying afterwards "but my gun was clearly made of plastic" probably won't get you completely off the hook if you actually threatened someone with it and asked for money (this site is literally titled Use Your Local MP's ID - it's expressing an intent). | |
| ▲ | gus_massa 5 days ago | parent | prev | next [-] | | Does the AI has access to newspapers? If John Doe is a MP, then he is probably the most famous Joe Doe in the last 5 years and the AI may grab his photo from a newspaper. I don't know about the national ID in UK, but here in Argentina the national ID number is public. A lot of public documents include "John Doe (DNI 23.456.789)", and the are sites where you can search it (the DB has problems with almost coalitions, so you may get a number 23.456.789 from one "John X. Doe" that is a 50yo in Buenos Aires and another "John Y. Doe" with number 59.876.653 that is a 3yo in Ushuaia, so in many cases it's easy to guess) | | | |
| ▲ | 5 days ago | parent | prev | next [-] | | [deleted] | |
| ▲ | aembleton 4 days ago | parent | prev | next [-] | | It does use their face | |
| ▲ | John7878781 5 days ago | parent | prev [-] | | It's better to be safe than sorry. For your own best interest, I would shut down the site and delete this post. | | |
| ▲ | jrockway 4 days ago | parent | next [-] | | Comply in advance. It's the #1 way to make illegal laws work! | |
| ▲ | brookst 5 days ago | parent | prev [-] | | “Don’t upset the autocrats!” | | |
| ▲ | subscribed 5 days ago | parent | next [-] | | You jest, but a barrister was threatened with arrest while holding a blank piece of paper on the protest: https://www.huffingtonpost.co.uk/entry/barrister-threatened-... | | |
| ▲ | brookst 4 days ago | parent [-] | | I wasn’t jesting. I was (too) obliquely saying that when we all hasten to accede to the autocrats before they even ask, we become complicit in huge social evils. I’m not suggesting that everyone most do self-immolation, but if it were me, I would draw the line at being afraid of being “caught” for an obvious prank using no PII. Screw that, come arrest me if things have really gotten that bad. | | |
| |
| ▲ | arrowsmith 5 days ago | parent | prev [-] | | You kid, but that's very good advice in most human societies at most points in history. |
|
|
| |
| ▲ | hacker_homie 5 days ago | parent | prev | next [-] | | It's not just a joke, it's parody and political commentary right? | |
| ▲ | timje1 3 days ago | parent | prev | next [-] | | I've scribbled 'this is satire' across each and every generated ID, so they can't realistically be used for anything. | |
| ▲ | Aeolun 5 days ago | parent | prev [-] | | You could go with misuse of computers, but unless the ID’s are actually used by yourself it’s not identity theft right? |
|
