The fundamental problem—and it's a big one—is that in the physical world, age verification does not result in a centralized log of when and where I was, and what I did. If I buy cigarettes I show my paper id to some dude and then buy smokes. It's transient with no record (except the fallible memory of the bloke doing the ID check).
This is not true for the proposed age verification schemes for the internet and that is a big problem. Unless this is solved, these schemes deserve every level of resistance we can muster.
That's not even universally true, though. I've been to bars where they scan the barcode on my drivers' license. I assume that's more convenient than reading the data off it, so maybe they're just doing it for convenience and aren't storing the data anywhere, but who knows, maybe they are. Maybe there's a database somewhere with a list of name, date, time, location tuples for some of my bar visits from years ago. Creepy.
Not well-designed ones. I think you overestimate how much retailers want to even possess sensitive information like that.
What's going to be stored is the fact that an of-age ID was scanned, and possibly the DOB. This is to protect honest cashiers and to have a way to punish ones who might sell to the underage. If an underage sale is reported, they check the audit log and it says the transaction had an ID scanned the cashier can be cleared of wrongdoing. Unless it's the same DOB always being scanned, which seems like some kind of dishonesty.
I do not buy that the supermarket chain wants to use your ID card data for any purpose. First of all, they don't need to, they have (most people's) loyalty cards that do a much better job as they're swiped or entered even without buying any beer. Second, again, only downsides come from saving it. If they were to sell the data and be caught, terrible. If they were to get hacked, terrible.
Your comment made sense perhaps only twenty years ago. But today, everyone is desperate for this kind of info. Third-parties provide these services for free or close to it, especially to get access to the data stream.
Someone was on here a couple of years ago stating that even "line item" level data on your receipt is now being transmitted in a lot of cases, and growing.
The bottom line today—never expect a company to default to respect of your privacy. Simply too lucrative.
You're talking about something else there though: Data about what is bought and the demographics who buy it. They collect that data with loyalty cards, and the ones who don't use loyalty cards may collect that by some effective hash of a credit card number.
The store isn't tying your drivers license number and specific DOB to your purchases because you show an ID to buy beer -- that's a different kind of data and carries with it way too much potential for identity theft. Thinking that they want that is tinfoil-hat thinking. You can ask every single supermarket company if they do that and every one will tell you no. You can ask the companies which make the POS software if the scan ID functionality ties into data brokers and they'll say no. But go ahead and think that there are like 15 Fortune 500 companies all secretly doing this, even though not a single whistleblower has ever come forward. Of every engineer at those companies, I am not aware of anyone who has alleged this from a position of actual knowledge.
Pot shops in legal states are compiling databases with their compliance CRM systems.
Pot industry needs to anonymize their customer records or stop using SaaS packaged solutions.
Now if China hacks Meadows or something, they have customer and purchase lists which may include security cleared personnel who can now be blackmailed.
If you run a pot shop, or an SaaS solution for them like Meadows, you really have to figure out how to divorce customer PII from purchases.
I am back to the black market in Oregon for this reason!
Age verification is easy. Age verification that leaves no record, is anonymous, and not circumvent-able is difficult. In the physical world it relies on the fallibility of human memory. No such luck with replicated databases.
You can get an anonymous, cryptographically signed, certified legal bearer token confirming your age only, or identity or whatever by a centralized service, be it government or high trust private organizations who need to verify your identity anyway like banks. With some smarts you can probably make such a token yourself so the root bearer token issuer doesn’t have the one you use to browse pornhub.
Perhaps a system like Privacy Pass would be ideal. Where a verifier generates a verified client a number of redeemable signed tokens for a session, but when presented by a client, the site doesn't know who that token was issued to, but they know they authenticated this person and can verify they made the token. Therefore they get access.
You're looking for a technical solution to a political problem. This tech is useless the second a law is passed that identities have to be logged. It's also useless if implementers decide to collect identifying information without telling you.
Doesn’t really matter surely, you only need to trust the identity provider not to leak your identity and your porn provider not to have a key that your identity provider can link to.
They key would be hashed with the user’s details (ip address, value in a session cookie etc) so someone else can’t reuse it. Hell there are things like elliptic curves and DH which still seem magic to me.
Now sure if the identity provider and the site work together they could negate the anonymity, but given that for the identity provider anonymisation would be the key selling feature they wouldn’t want to risk that. Mullvad I’m sure would be trustworthy enough.
> ...Who is accurately and reliably doing age verification online?
ID.me for one is doing full identity verification by looking at your face and your ID card (and I assume having a human check up on it if the algorithm doesn't work). If Apple can do their fancy cloud-AI server thing with provable attestations that they aren't saving your information, someone could build a version of this which has those kind of safeguards and which passes back an emum (UNDER_18, 18_TO_20, ADULT) rather than a name or ID number to the caller.
Whether people would trust it is again, shrug. Most people barely understand how any kind of cryptography works so at the end of the day you do your best and people make their choices on whether to trust you. But the fact is that if the system actually IS designed properly, there isn't any risk of "oh no, 2029 fascism, now Supreme Commander Trump knows what porn sites I use" because that data was never saved.
This is not true for the proposed age verification schemes for the internet and that is a big problem. Unless this is solved, these schemes deserve every level of resistance we can muster.