Ask Lemmy
A Fediverse community for open-ended, thought provoking questions
Rules: (interactive)
1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com.
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.
6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online
Reminder: The terms of service apply here too.
Partnered Communities:
Logo design credit goes to: tubbadu
view the rest of the comments
The good news: approaches have already been developed to mostly allow this. The bad news: incompetent or lazy or corrupt people try to NOT implement these, and doomers always show up to loudly say that everything sucks and we should all just live in despair.
Nothing is perfect, but implementing the stuff mentioned below would be a big improvement to balancing privacy and security compared to virtually all previous human history. It involves the government implementing a few things and citizens having new ID-type-things that are not like photo IDs.
If these systems are set up correctly, a person can digitally prove that they are 18 years or older, but without providing ANY other information. Not there name or photo or anything other than 'yup. I'm 18+. Let me do my thing.'
Here are three critical tools to leverage, and do a bit of research on:
Verifiable Credential (VC)
What it is: A digitally signed attestation about you, issued by a trusted entity (e.g. a country government).
Example: a university issues you a credential saying “PositiveNoise earned a Master’s degree in 2008.”
Structure: Typically uses the W3C Verifiable Credentials standard — it’s a JSON document signed cryptographically by the issuer.
Key idea: You hold it (not them). You can present it later to anyone (“verifier”) to prove something about yourself, and the verifier can confirm the signature without calling the issuer.
Analogy: A digital version of a stamped diploma or driver’s license, but one that lives in your own encrypted wallet rather than a government database.
Zero-Knowledge Proof (ZKP)
What it is: A cryptographic technique that lets you prove a statement is true without revealing the underlying data.
Example: Prove “I am over 18” without showing your exact birthdate.
In relation to VCs: VCs can include data that can be selectively revealed or proven via ZKPs, so you never have to expose full documents.
Analogy: Showing only the needed part of your ID through a frosted window, but mathematically guaranteed.
Digital ID Wallet
What it is: The software or hardware container where you store and manage your Verifiable Credentials.
Think of it like a crypto wallet, but instead of coins, it holds identity proofs (e.g., driver’s license, student ID, health certificate).
In relation to the others:
It stores your VCs (the signed attestations).
It lets you create ZK proofs on demand when sharing data.
It maintains control and consent: you decide when and what to share.
Analogy: A private digital passport holder that can generate “proof slips” without handing over the whole passport.
Sounds interesting. Are there any working examples of these?
Yes, but the best example is currently being implemented. The EU has already decided to implement this stuff, essentially. It should be working around 2027 or so. The good potential of this is that since the EU is a gigantic example, if it works well in the EU, it could cause a tipping point for much of the world to follow. I don't have an exhaustive list of places implementing parts of this, but looking at what Scandinavian countries and Estonia have done is a great place to research. Estonia kind of 'solved' digital governance THIRTY years ago, in particular, but is such a tiny country that no one cares, and most people consider talking about Estonia the same as talking about Narnia. The EU doing good privacy stuff can not be ignored, though. If these things help out there, it's a very big deal.
Thanks for your reply. I hope it is a successful implementation and my country can follow suit rather than having to upload your ID to individual sites. Very sketchy
I have the same hopes. There is no good reason to have to upload IDs for this sort of stuff. It's a matter of getting the regulators to craft good laws that implement these new approaches (easier said than done, often).
What policies has Estonia implemented?
My understanding is that it's not policies they implemented, but rather technologies they developed and officially utilized. They have some sort of digital id system. I don't recall the details, but I remember reading about it and saying to myself "oh my God, I've been asking for that for ages, and Estonia has already done it!".
Essentially the idea is that you get private keys along with your birth certificate. So you can always prove you're you.
Thats interesting I should look into that
If we’re being optimistic, then the process you’ve described would also help cut back on bots and influence campaigns