1) private - anonymous (don't know who is requesting access) and unlinkable (don't know if the same user makes repeated requests or is the same user on other services).
2) widely available and extremely easy to register and integrate.
The current situation is that it's not easy, or private, or cheap to integrate. And the measures they say they will accept are trivially easy to bypass - so what's the point?
I worked in a startup that satisfied point 1 back in 2015. The widely available bit didn't come off though when we ran out of runway.
This whole concept runs into similar issues as digital voting systems. You don't need to just be anonymous, but it must be verifiably and obviously so — even to a lay person (read your grandma with dementia who has never touched a computer in her life). It must be impossible to make changes to the system that remove these properties without users immediately notice.
The only reason why paper identification has close to anonymous properties is the fallibility of human memory. You won't make a computer with those properties.
Voting is very different - you do need to be able to demonstrate the fairness of the process verifiably to everyone - not just crypto nerds. Age verification - well, some people might get around it, but if it generally seems to work that is good enough.
No. Absence of evidence that I am not anonymous does not constitute evidence that I am anonymous. Verifiable unlinkability is also difficult to prove.
It may be possible to create a system like this technically, but all social and economic incentives that exist are directed against it:
- An anonymous system is likely more expensive.
- The public generally does not care about privacy, until they are personally affected.
- You have no idea as a user whether the server components do what they say they are doing. Even if audited, it could change tomorrow.
- Once in place its purpose can change. Can you guarantee that the next government will not want to modify this system to make identification of dissenters, protestors or journalists easier?
Unlinkabilty and anonymity is not that hard to demonstrate in the design. At it's core it just means each proof or token is unique each time it is presented, and having no mathematical relation to others (and therefore not tied to any persistent identity either).
Client implementations may need auditing of course to make sure they are doing the right thing. But this is not really different to any other advanced technical system which we rely on every day (e.g. TLS).
As you say though, most of the public don't massively care about privacy (unless you mean their visits to porn sites I guess). But they do seem happy to accept crypto coin security assurances without being crypto experts.
As for "the purpose can change" well - so? That is also true or anything else, it does not seem like a reason to avoid having good protection now. Any change that could compromise that would not be undetectable - the fundamental crypto should not allow it. We would know if it happened.
[1] https://itdaily.com/news/security/eu-temporary-app-age-verif...
[2] https://openid.net/specs/openid-4-verifiable-presentations-1...
It's anonymous to the sites or companies you use it with and not to the government, but that would still be more robust than the uks checks so far. it's only end of 26 though, I thought it was at the end of this year instead.
They see a general need which the market cannot easily satisfy on its own - it needs standardisation to be cheap and interoperable, and it needs an identity backed by a trusted authority. So they establish a framework and legislation to make that possible.
The UK instead just states it's illegal not to do it, but without any private and not-trivially bypassed services available.
Proactive vs reactive.
It is often said that legislation tends to lag behind technology. At last, the UK is beating the world by legislating ahead of it!
