Yoti age checks share facial photos and device fingerprints with third parties (opens in new tab)

And that assumes a relatively stable environment; but politics can change drastically for the worse. We have examples from relatively recent history of governments turning evil, rounding up unfavored groups, and shipping them off in rail cars to an early demise. God forbid it happens again with all the information available to sort, categorize, and identify people.

I recall at an old place of work, the security office having a poster on the wall that said something to the effect of "if your facial biometrics get compromised, you must change your face".

Silly as they were trying to be, the concept still holds -

Facial biometrics can and do get compromised too. Your example of IDs taken from the homeless - what the heck prevents organized criminals from taking pictures or recordings of their faces too?

Already there's malware out there stealing facial recognition data from infected devices (ESET reported on this nearly two years ago). Unlike changeable passwords, once your facial recognition data is compromised then that's it. Scammers can now impersonate you on top of having defeated this additional layer of fraud prevention.

Governments, regardless of what threat they wield against those they supposedly govern, are limited by the fact that they are organizations run by humans. For now. God forbid we ever reach the point where there are no humans... Anyways, because of that they require humans to ensure enforcement. A major reason why Yoti is able to do what it's doing is because there are no humans enforcing privacy and data protection laws against them. This means the reverse can also be true, where enough people motivated to do so can simply not enforce whatever requirement there is for Yoti's services to be used. Because the social contract's been not only breached but shredded and spread to the wind this is very likely to occur. In my viewpoint unfortunately the most likely reason is because they'll go with somebody else other than Yoti that provides more favourable terms, but that's an aside to the likely situation I outlined.

One of the dangers is in the ability to cross-nationally attack someone. As digital infrastructure continues to encompass more and more facets of necessary interactions with the government and governments force more and more points of interaction someone from a foreign nation could destroy the life of someone who is interfering with their aims. Say someone has published an article that reveals the terrible behaviour of a given company. Someone hired by the company can use a variety of data points to not only track down who that person is, but where they live and even which room in their house they spend the most time in. With that kind of information it would be easy to financially, reputationally, or mortally wound someone. With the worryingly swift growth rate of corruption this could apply at any level for any reason. And unlike for example the difficulty of getting into a car crash or robbing a cash register, digital infrastructure makes all of this remarkably easy and for some parts even free. With modern LLM agents it could be entirely automated so that no human is ever involved, and because there's so few current guardrails and such a vehement protestation against any being implemented the agent could wipe it's connection to it's handler so that nobody ever faces any consequences.

The thing is, this kind of stuff already happens all the time. The number of spam calls people suffer through are a direct result of companies digging through the contacts list after being granted that permission (though often without being granted that permission), then selling that data to brokers. Data breaches that wipe people's credit or force a credit freeze because they bought something ten years ago are another common one. Or think about package stalking, where people get access to someone's purchase history and the tracking number to a purchase so that they can steal it in transit or once it arrives. There's a number of beatings and murders that have happened because of police officers being able to access surveillance tools to track former romantic partners or spouses. All of these are different parts of the lack of privacy, and they're all getting worse because the tools that are used to surveil are becoming more widespread and more accessible.

Privacy is a protection against the intelligent attacks of other humans. It is not a frill that can be taken away without ridiculous and trailing harm.

Why stop the logical chain there? The people are to blame for making garbage media more profitable than real news.

"The research team determined that the process Yoti uses to verify a person's age broadcasts the person's personal information to third- and fourth-party companies."

"When a bartender checks an ID, they quickly verify a customer's date of birth and identity before serving them. Companies like Yoti that employ digital age verification claim their products function the same way, but in a completely private manner."

-------------

Company A is not the problem. They called the cops to do cop things. That's fine. Company B (e.g. Yoti) is the one that's operating like a cop. If Yoti is getting paid by those it shares user data with, that's corruption. If they're not being paid, then it's mere criminal negligence.

If governments are to mandate age verification, then they also need to implement privacy standards for the gatekeepers and enforce them.

Totally agree. Was just trying to emphasize that there are better ways to do this if privacy and security are something that Yoti actually cares about. ZKP is not a magic bullet.

Hey Mindwipe, 100% agree the paper doesn't say that face data is passed to third parties, but then the techexplore article from those universities DOES. That article is the one that this whole thread started on, strangely you are ignoring that.

What's pretty damning is that you make it appear like you know the paper but you claim things that the paper doesn't claim. In the exact same style of those who wrote the article, interesting.

You claim that "The paper alledges that a series of high entropy identifying metadata about the users system is passed to a very large amount of third parties"

That is FALSE, the paper doesn't say that, it actually says that the high entropy metadata is sent to Yoti servers, actually encrypted with client side keys on top of TLS which makes it impossible for any third party to even read it.

Reporting here extract from the paper: --- Once the user’s face is properly aligned, the SCM collects and processes a significant amount of data that is sent to Yoti’s servers. In particular, it collects the photo captured from the user’s camera and telemetry, including significant high-entropy browser and device metadata (see Table 2). It also includes data about the camera’s properties, the FPS of the camera stream, and metrics about download and processing times.

The SCM uses some cryptography, which we briefly describe here before returning to its implications in Section 5.5.3. If the image encryption setting is enabled (as it is by default), the SCM encrypts the captured image using AES-GCM with a key and initialization vector (IV) derived in the browser. Similarly, the telemetry and metadata collected is also encrypted under AES-GCM in the browser. ---

Then you claim "including the site being visited, and that has potential to link the real identity of the user to the site they are verifying with."

Which perfectly highlights the issue, as it seems like you might have gotten that from the Abstract section of the paper.

The great thing is that the paper itself disproves all of that when you read all the details. And anyone can find out that the key section where there is actual sharing of data with third parties (not the visiting site) is when the credit card check method is used for example. Which is pretty inevitable, to do a credit card check you need to use a payment provider which will have to process the data necessary to do that.