| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by hellojesus 31 days ago
	Makes sense and apologies if I came off that way. I just skip to the logical conclusion, which is that there is no way this is going to happen without a race to the bottom, ending by forcing privacy violations. But maybe I'm wrong. I'll be a bit more cautious with my posts.

1 comments

palata 28 days ago

How would it race to the bottom? Let's say you have deployed privacy-preserving age verification. How do you force privacy violations? I guess I see two directions:

1. "We have this system that works, but now we will throw it away and mandate that private companies check your ID and do whatever they please with it". That doesn't seem realistic.

2. "We have this private system where the government issues tokens that it cannot track, and now we will change it for no other reason than to identify you when you use those tokens, purely for the sake of surveillance". That is not subtle either.

A realistic "race to the bottom", to me, would mean that the technology slowly erodes to the point where it facilitates privacy violations. But that is not how the cryptography works. It would be like thinking that E2EE may lose its essence of E2EE if the untrusted party stops caring about it: it cannot be, the whole point being that with E2EE you don't have to trust the untrusted party!

hellojesus 28 days ago

Sorry if I was unclear. My "race to the bottom" occurs because a privacy-preserving pass allows actors to hand out free passes to those the system is seeking to deny entry. E.g., An adult can generate valid keys and then publish them online for anyone to consume (or charge for them even).

My hypothesis is that this would lead to demands for policy changes to prevent that, which can realistically only be done via actual identification or hardware based attlestation (which is identification).

Does that seem wrong? If we didn't care if people could bypass the system, there is no reason to force even privacy preserving barriers, since parents literally have all the tools necessary to deal with this now, from router guards, to parental controls on computers, to device enrollment for iPhone and android systems.