The UK's new act blocks access to adult content without identification. Turns out, you only need a copy of Death Stranding and a phone to get around it.
If the cert is not unique to a person, it’s not a viable way of verifying age. Anyone could use one issued to anyone else, and the whole thing is DOA.
So then we have to assume it is uniquely tied to a person. Then, it can be used by the verification service to track a person, building a profile of what websites they visit and when, even what they do there, depending on how the age verification is set up.
Advertisers don’t really care about your name, just about your profile so they can target you with ads, so it gives them everything they want.
Presumably the cert would be a smart card (similar to credit card chips) protected with a pin. And they can use revocation lists to remove cards that are reported stolen.
There would have to be a serial number at the least but that would change every time your card expired, and the government would certainly know who is issued what serial.
Another downside is users would need smart card or NFS readers to use them. Smart cards have been around for digital identification for decades now, it’s really surprising that more government haven’t pushed their use. From a user perspective though it would be pretty quick that every online service would start requiring them and any online anonymity would erode pretty quickly.
If the cert is not unique to a person, it’s not a viable way of verifying age. Anyone could use one issued to anyone else, and the whole thing is DOA.
So then we have to assume it is uniquely tied to a person. Then, it can be used by the verification service to track a person, building a profile of what websites they visit and when, even what they do there, depending on how the age verification is set up.
Advertisers don’t really care about your name, just about your profile so they can target you with ads, so it gives them everything they want.
Presumably the cert would be a smart card (similar to credit card chips) protected with a pin. And they can use revocation lists to remove cards that are reported stolen.
There would have to be a serial number at the least but that would change every time your card expired, and the government would certainly know who is issued what serial.
Another downside is users would need smart card or NFS readers to use them. Smart cards have been around for digital identification for decades now, it’s really surprising that more government haven’t pushed their use. From a user perspective though it would be pretty quick that every online service would start requiring them and any online anonymity would erode pretty quickly.