I don’t even trust id.me. Why would I give my ID and photo or video to a corporation that is contracting with the Trump administration?
Comment on Discord walks back age verification fears for most users
thesmokingman@programming.dev 4 days ago
If Discord cared about this, they’d use the same identity platforms governments use. For example, in the US, id.me is a requirement for many federal services. While it does deanonymize me and there are privacy concerns expanding this tech beyond government services, I trust id.me to take my data security seriously. It has to have federal security requirements. If their data is breached, there will be repercussions and reparations.
Discord, on the other hand, uses random vendors. There were no repercussions or reparations for the previous leak. Discord said moving forward they’d require SOC2 Type II or ISO 27001 for vendors. Crucially, neither of these certifications matter a fucking iota for personally identifiable information and Discord itself will not be completely them so even if the vendors were PII secure Discord will not hold itself to the same standards. Discord does not care about its users; Discord only cares about the ad revenue this will open up.
dan1101@lemmy.world 4 days ago
thesmokingman@programming.dev 4 days ago
I thought the requirements came from the Biden admin but I’m not able to find evidence of this.
What you’re describing is the prisoner’s dilemma. In theory, none of us should interact with the current admin because if that happened they’d shut down. Of course if we did that, many federal employees and all of the contractors wouldn’t be able to feed their kids in a week or so, so it only works if we can guarantee a universal strike without scabs. But wait, we know people are actively joining ICE, so everyone with half a brain dropping government work doesn’t guarantee those without a brain won’t scab. If we have scabs, then future admin is left with a poisoned well and that existing possibly okay workforce is now on the breadline with an admin that’s not only hostile to breadlines but anyone who fights back. Don’t forget costs are currently skyrocketing for everything and electricity is about to be through the roof everywhere. In other words, many people have the choice of morals or food for their kids. Or healthcare if that resonates more.
Assuming you’re in the US, will you file your taxes this year? Since you’re not willing to give anyone contracting with the Trump asking your personal information, you’ll have to do them by hand. Even a CPA is technically doing work for the IRS who is part of the Trump admin even if he’s suing them. Are you allowing your employer to keep social security and Medicare taxes? If so, I think you might have discovered a reason why a rational person who is just trying to get by might intentionally support the Trump admin. If not, by god, you have stronger morals than I do and good luck with that jail sentence. Unfortunately, some of us have to participate in society even though we want to improve it.
echodot@feddit.uk 3 days ago
Nope I don’t trust them to use a US-based service. Also I don’t think they’re even allowed to as under EU law as all data held on users must be held on EU servers, so that solution wouldn’t be a one size fits all.
thesmokingman@programming.dev 3 days ago
If Discord cared about this, they’d use the same identity platforms governments use. For example, in the US
I don’t think there is a one-size solution which is why I said Discord should use the same platforms plural that govts use. A solution for France isn’t going to be the same solution for the US. Because Discord is not actively attempting to use solutions (again plural) that have repercussions and reparations attached, like the ones governments use that require healthy standards, it’s very clear Discord does not actually care about this problem.
BorgDrone@feddit.nl 4 days ago
If they cared about handling of PII they should require ISO 27701
thesmokingman@programming.dev 4 days ago
Oh absolutely. More importantly Discord needs to also follow the standard, not just require it of their vendors. Granted this source is the only place I can find they’re requiring that so that might not actually be true. It kinda reads like an AI summary.
DireTech@sh.itjust.works 4 days ago
I don’t even trust Id.me. If the government needs to securely identify someone they should be setting it up themselves instead of us trusting some random company that used to provide coupons to soldiers.
Soggy@lemmy.world 4 days ago
What, and lose an opportunity to funnel tax money to private interests?
thesmokingman@programming.dev 4 days ago
Yeah that’s a totally fair response. Lithuania did it.