[d110af5ccf]

> The internet would be a better place if there were more identity requirements

This is a completely baseless claim, as most arguments against weak (ie pseudo) anonymity seem to be. Outside of banks, healthcare providers, and payment processors, I see little of benefit. Before bringing up any arguments that involve poor behavior or misinformation, please refresh yourself on the current state of Facebook (where nearly everyone is using their full name).

I already think twice before (and often decide against) using a service that requires my phone number. I will _never_ use Discord or Twitter (in my personal life at least) for this reason. Except for banks, liquor, and the pharmacy, I am almost certain to decline doing business rather than providing my ID.

[dcow]

I'm curious, do you take this same stance in meat space? Would you rather not know who your friends are and address them by a changing handle? Would you rather be given a pseudonymous name to use for the duration of your trip to the grocery store? Would you prefer to be delivered a new car every time you need to go somewhere so people can't associate you with a vehicle? Do you really have these anonymity requirements.

The claim is not baseless. There are strong technical reasons why identifying the components in your system is a good thing. and there are practical social reasons.

[CogitoCogito]

> I'm curious, do you take this same stance in meat space? Would you rather not know who your friends are and address them by a changing handle?

There are many people I'm friendly with that I know little about. They could very well be giving me fake information about their life. I don't see this as a problem.

> Would you rather be given a pseudonymous name to use for the duration of your trip to the grocery store?

Well in most cases I wouldn't give anyone any name at all. Why does the grocery store require my name?

> The claim is not baseless. There are strong technical reasons why identifying the components in your system is a good thing. and there are practical social reasons.

There are also strong technical reasons not to. And there are practical social reasons not to. As far as I can tell, you've provided essentially no argument supporting this general claim:

> The internet would be a better place if there were more identity requirements

[dcow]

We already have a society that identifies people when doing business. The burden of proof is on an anonymity advocate to demonstrate why that is harmful and should be changed. I may mot have convinced you that having strong identity enables strong security and reduces spam (that is my argument). But it’s also not my problem if you aren’t aware of the nuances surrounding how security, privacy and anonymity work. You haven’t made any compelling argument as to why we don't need identity in cyberspace beyond a naive axiomatic assertion that “businesses don’t need them so they shouldn’t collect them” and some FUD level fear that strong identity is an Orwellian technology hell bent on ruining your life. There is so much nuance I don't feel like we’re doing the topic justice. There is a huge spectrum between “ad tech tracking everything you do” and “everyone looks like a spam bot”. The mindshare is heavily skewed toward spam bot because ad tech is abusive. You can have strong identity and privacy without invoking anonymity. You can be anonymous and still fall victim to fishing attempts and scams. Anonymity is not synonymous with security or privacy. Security means you know who you’re communicating with online so you can establish trust. Privacy means you don't need to share invasive personal details in the regular course of existing in society. Anonymity means nobody knows who you are. I want a society where my digital communication with other people is authenticated and a baseline of trust is established. Do you use a secure messenger app that has E2E encryption? Guess what, that depends on strong identity. You are not anonymous but you are private. I would take a secure and private society every time over an anonymous one that offers weak, if any, guarantees of security and/or privacy.

I work on a product that doesn't collect any PII. We made the decision very early on not to collect any information we don’t need because that’s literally not our business. I am deeply aware of the landscape on these topics. However, as a society we cannot run in a “normal meatspace anonymous cyberspace” mode. We need to bridge civil identity in a secure and private (those are fundamental human rights) way into the online era. That is the core focus of the product I’ve been working on. In reality people have identities whether they use them offline or online. The goal is to protect those identities so they cannot be abused, not remove them altogether.

[CogitoCogito]

> We already have a society that identifies people when doing business.

This is false. There are many cases in real life when this is not the case as explained in the very post you just responded to.

> The burden of proof is on an anonymity advocate to demonstrate why that is harmful and should be changed.

You are making certain claims and then saying it's up to others to disprove you? If that's your attitude why are you engaging in this discussion at all?

> But it’s also not my problem if you aren’t aware of the nuances surrounding how security, privacy and anonymity work.

Frankly I don't have the energy to engage with you. Take that as you will. You clearly think you know much more than everyone here already anyway.

[dcow]

It is not wholesale false by any stretch of the imagination. Yes, there are cash-only businesses that don't take credit cards with your name on them and smaller operations which don't have any KYC requirements or loyalty programs or otherwise engage with you in any activity that would identify you. I am not disputing that... it really feels like you're deliberately cherry picking my points and only responding in a fashion that reinforces your stance rather than actually addresses the discussion.

My point is that generally (not in all known cases) we are okay, in meatspace, (and quite familiar) with (and even require at times) exchanges that identify us whether it's putting our name on a coffee order, using a credit card to pay, signing a waiver, buying alcohol, visiting the hospital, opening a bank account, sending children to school, filing taxes, driving a car, etc. So to take the stance that anonymity is absolutely better to the point where it should be considered a fundamental human right and we should be worried about some company providing an identity verification api to online services because the whole shroud of pseudo anonymity of the internet is going to fall to pieces does require some supporting material, in the least. Otherwise it's just FUD.

> You clearly think you know much more than everyone here already anyway.

If I seem quip it's because I responded to a question asking if this API would mean we see more identity requirements because it possibly lowers the barrier to adding one with an affirmative "I hope so" and the tone of the responses has been "dude what a terrible thing to say this is hackernews doncha know anonymity is chic" followed by anectdotes about how sometimes you use an identity when doing business and sometimes you don't (so see! anonymity works). That's not a discussion it's just virtue signaling.. and it is certainly the responsibility of the virtuous (in this case those who are supporting the stance that my statement is terrible because anonymity is righteous) to back up their conviction (otherwise it is, simply, a virtue and nothing more). I've presented an argument that we needn't worry because meatspace society has figured out a good balance of security, privacy, and the occasional but rare anonymity, and it is perfectly functional so I don't think there's a qualified threat to the internet. I've described how strong identity backed security and accompanying privacy are not the same as anonymity and suggested that many people are conflating the two. And I've laid out rationale explaining that strong identity is better for security (this is not simply a "claim" if you know the first thing about security) and how if we want to see real privacy on the internet, not just the fake privacy that you get by being pseudonymous, then we need to fundamentally understand and legislate and engineer policies and systems that support such.

So far nobody has presented an argument as to why anonymity is, specifically, better than strong identity with privacy rules beyond "well sometimes you don't need strong identity for things to work so it should be the default" which is talking past me because I never made a claim to the contrary. I've backed up my assertions with the as far as I know factual evidence that identity both enables better security and deters spam (which are problems that are worse on the internet relative to meatspace). I don't know what else you want. I'm sorry my responses are laborious.

[hashStuff]

So do you provide your full name, street address, phone number, drivers license, and social, to everyone you meet? And do you require that from everyone you wish to be friends with? Otherwise how do either party know the other is not providing false information? This is essentially what you are stating you are hoping for on the internet by allowing every company to request identity information.