You make the key use a pin so we consider it to be once usable by one person.
Now you have trusted the user not to provide the PIN to another, and the implementation is no longer correct. You’d at least need to use biometrics to tie the key to the person.
You are changing the goal. The point of this is to provide THE USER with a solution where they don’t have to give away their personal information to the Government or the 3rd Party site. We do not care about situations where users commit crimes as that means our focus is on the Government’s needs which they would already have met by just implementing a “Show us your ID” solution.
Now you could make the pin be a biometric so it’s physically connected to the user. But part of the solution needs to be that the token is not identifiable with the user. If I pull of my wrist band no one will know it was mine. If you throw out your token someone could go around testing everyone’s fingers and find out it was yours.
Without ensuring that the key issued to one person is not used by another, the key does not prove the age of the user, and isn’t that the whole point of the key?
no, the point of the key is to access infomatîon without giving away personal information.
Even a photo ID doesn’t prove age. It just shows a record of what age the gov thinks someone is. They are still prone to forgery, misuse, etc. There isn’t any actual method of showing someone’s age so we can skip that part and focus on what the actual need of the user is, accessing a website while not handing over more personal information than is necessary.
What website is going to accept a key that doesn’t prove someone’s age though? We already have buttons that say “I’m over 18”. How this key better than that?
They are going to accept whatever the government says is acceptable. We are already seeing it where IPs from some states get blocked when state law says you need to submit an ID to get access to porn.
I think the issue you’re having is that you’re still under the impression that the point of this law is to actually restrict minors from accessing sites. It’s not. And we know this because of what the politicians are doing and how they are doing it. I’ve written about this before but I’ll give you the short version.
Self reporting Date of Birth doesn’t work as people lie so you need something better. But as we have discussed there isn’t typically a great option because of the way government and technology works. Anyone in the government who thinks any solution won’t have holes is an idiot, so we can ignore those people for right now. The rest of the people pushing this bill must then have malicious intent.
What happens after this bill is implemented and holes are found? The same politicians say “We need to just go full ID instead of Age” and because they already have the bill passed for age it will be a far more simple bill to just bump up what goes into the Operating Systems. Heck it will most likely be snuck in some other unrelated bill and no one will care.
If all they really wanted was for there to be age restrictions they would have left it up to the service providers to find a way to resolve the age issue. This is how we see it implemented with all IRL issues. There isn’t a government provided token created for the sole purpose of purchasing beer or guns or hard copy porn. When you go to a liquor store it is up to the seller to do a verification. I’ve seen people use foreign passports, one guy came into a bar I was working and showed me his birth certificate because he didn’t have a drivers license anymore. If someone just looks really old they don’t even get carded.
Why would we want the sites to find a solution? Because some solutions are bad, like giving your full ID. If any site asks for that people can say nope and not use those specific services, finding alternatives that ask in ways the individual is comfortable with. You can trust who you want to trust and ignore those you don’t. Where as if the government takes the info an keeps a big database and you have no other options you’re just SOL.
Now you have trusted the user not to provide the PIN to another, and the implementation is no longer correct. You’d at least need to use biometrics to tie the key to the person.
You are changing the goal. The point of this is to provide THE USER with a solution where they don’t have to give away their personal information to the Government or the 3rd Party site. We do not care about situations where users commit crimes as that means our focus is on the Government’s needs which they would already have met by just implementing a “Show us your ID” solution.
Now you could make the pin be a biometric so it’s physically connected to the user. But part of the solution needs to be that the token is not identifiable with the user. If I pull of my wrist band no one will know it was mine. If you throw out your token someone could go around testing everyone’s fingers and find out it was yours.
Without ensuring that the key issued to one person is not used by another, the key does not prove the age of the user, and isn’t that the whole point of the key?
no, the point of the key is to access infomatîon without giving away personal information.
Even a photo ID doesn’t prove age. It just shows a record of what age the gov thinks someone is. They are still prone to forgery, misuse, etc. There isn’t any actual method of showing someone’s age so we can skip that part and focus on what the actual need of the user is, accessing a website while not handing over more personal information than is necessary.
What website is going to accept a key that doesn’t prove someone’s age though? We already have buttons that say “I’m over 18”. How this key better than that?
They are going to accept whatever the government says is acceptable. We are already seeing it where IPs from some states get blocked when state law says you need to submit an ID to get access to porn.
I think the issue you’re having is that you’re still under the impression that the point of this law is to actually restrict minors from accessing sites. It’s not. And we know this because of what the politicians are doing and how they are doing it. I’ve written about this before but I’ll give you the short version.
Self reporting Date of Birth doesn’t work as people lie so you need something better. But as we have discussed there isn’t typically a great option because of the way government and technology works. Anyone in the government who thinks any solution won’t have holes is an idiot, so we can ignore those people for right now. The rest of the people pushing this bill must then have malicious intent.
What happens after this bill is implemented and holes are found? The same politicians say “We need to just go full ID instead of Age” and because they already have the bill passed for age it will be a far more simple bill to just bump up what goes into the Operating Systems. Heck it will most likely be snuck in some other unrelated bill and no one will care.
If all they really wanted was for there to be age restrictions they would have left it up to the service providers to find a way to resolve the age issue. This is how we see it implemented with all IRL issues. There isn’t a government provided token created for the sole purpose of purchasing beer or guns or hard copy porn. When you go to a liquor store it is up to the seller to do a verification. I’ve seen people use foreign passports, one guy came into a bar I was working and showed me his birth certificate because he didn’t have a drivers license anymore. If someone just looks really old they don’t even get carded.
Why would we want the sites to find a solution? Because some solutions are bad, like giving your full ID. If any site asks for that people can say nope and not use those specific services, finding alternatives that ask in ways the individual is comfortable with. You can trust who you want to trust and ignore those you don’t. Where as if the government takes the info an keeps a big database and you have no other options you’re just SOL.