this post was submitted on 23 Feb 2024
290 points (98.0% liked)
Technology
59589 readers
3148 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Are you telling me that Digital IDs don’t operate with a private/public key model; with the private key stored and inaccessible in a chip leveraging WebAuthn (or WebAuthn-like) privacy-respecting tech from a trusted vendor like Yubico; with unique IDs generated per vendor the user signs up with; all within the ID cards/driver licenses that are freely issued by the government; with the ability for a user to mark another WebAuthn device (like a Yubikey) as trusted/untrusted through a government portal that undergoes regular security audits? Because if they did, the scenarios you outlined wouldn’t be feasible without someone’s device (and PIN) being physically taken or the vendor’s site being compromised.
The government would still be able to determine what you viewed if they had access to the sites’ internal data and the vendors stored your info, but that would still require a warrant.
And if they don’t use that or a similar approach, the approach they’re using for their “Digital IDs” is probably garbage.
The current ID system for accessing government services is sort of like that as I understand it... But the Conservatives haven't really been very forthcoming about how they actually intend to enforce a digital id legislation on a bunch of privately owned digital vendors from multiple countries that are already slippery. They haven't really outlined what active enduring measures would be required to keep up this sort of digital regulation for it to be maintained in perpetuity. It all feels like trying to stop a river by installing a net...perhaps maybe closer to Trump's "building a wall" move politically.
Passing something without outlining any specs or plan on how they actually achieve their ends is very much the regular Conservative MO. I don't even nessisarily think they want it to pass it to be honest. I think they just want something that sounds easy to your regular joe but is fraught with practical and logistical issues so they can make the incumbent government look like it is obstructionist or morally bankrupt. If they actually passed this it would be a dog who caught the car senario but as is they know the incumbent government absolutely does not want to be on the hook for making a big messy new department that would take time off the floor for other issues while it's hashed out, require a massive expense to explore options and then further budget to create a government service in perpetuity all while their opposition gets to whine about how the incumbent government are too far over budget and too slow to get things done. The Conservatives know their constituents have the memories of goldfish and won't seriously ask why the things the Conservative party seemed to care about so much when they were opposition will be completely dropped when they are elected.