*identity verification
this post was submitted on 01 May 2026
121 points (98.4% liked)
Canada
11924 readers
424 users here now
What's going on Canada?
Related Communities
🍁 Meta
🗺️ Provinces / Territories
- Alberta
- British Columbia
- Manitoba
- New Brunswick
- Newfoundland and Labrador
- Northwest Territories
- Nova Scotia
- Nunavut
- Ontario
- Prince Edward Island
- Quebec
- Saskatchewan
- Yukon
🏙️ Cities / Local Communities
- Anmore (BC)
- Burnaby (BC)
- Calgary (AB)
- Comox Valley (BC)
- Edmonton (AB)
- East Gwillimbury (ON)
- Greater Sudbury (ON)
- Guelph (ON)
- Halifax (NS)
- Hamilton (ON)
- Kingston (ON)
- Kootenays (BC)
- London (ON)
- Mississauga (ON)
- Montreal (QC)
- Nanaimo (BC)
- Niagara Falls (ON)
- Niagara-on-the-Lake (ON)
- Oceanside (BC)
- Ottawa (ON)
- Port Alberni (BC)
- Regina (SK)
- Sarnia (ON)
- Saskatoon (SK)
- Squamish (BC)
- Thunder Bay (ON)
- Toronto (ON)
- Vancouver (BC)
- Vancouver Island (BC)
- Victoria (BC)
- Waterloo (ON)
- Whistler (BC)
- Windsor (ON)
- Winnipeg (MB)
Sorted alphabetically by city name.
🏒 Sports
Baseball
Basketball
Curling
Hockey
- Main: c/Hockey
- Calgary Flames
- Edmonton Oilers
- Montréal Canadiens
- Ottawa Senators
- Toronto Maple Leafs
- Vancouver Canucks
- Winnipeg Jets
Soccer
- Main: /c/CanadaSoccer
- Toronto FC
💻 Schools / Universities
- BC | UBC (U of British Columbia)
- BC | SFU (Simon Fraser U)
- BC | VIU (Vancouver Island U)
- BC | TWU (Trinity Western U)
- ON | UofT (U of Toronto)
- ON | UWO (U of Western Ontario)
- ON | UWaterloo (U of Waterloo)
- ON | UofG (U of Guelph)
- ON | OTU (Ontario Tech U)
- QC | McGill (McGill U)
Sorted by province, then by total full-time enrolment.
💵 Finance, Shopping, Sales
- Personal Finance Canada
- Buy Canadian
- BAPCSalesCanada
- Canadian Investor
- Canadian Skincare
- Churning Canada
- Quebec Finance
- Canada Grown Business
🗣️ Politics
- General:
- Federal Parties (alphabetical):
- By Province (alphabetical):
🍁 Social / Culture
- 2 North American 4 You (Shitposting & Memes, North America focus)
- Ask a Canadian
- Bières Québec
- Canada Francais
- Canadian Gaming
- Eh Buddy Hoser (Shitposting & Memes, Canada focus)
- EhVideos (Canadian video media)
- First Nations
- First Nations Languages
- Indigenous
- Inuit
- Logiciels libres au Québec
- Maple Music (music)
Rules
- Keep the original title when submitting an article. You can put your own commentary in the body of the post or in the comment section.
Reminder that the rules for lemmy.ca also apply here. See the sidebar on the homepage: lemmy.ca
founded 5 years ago
MODERATORS
Funny how coordinated this global surveillance movement is. Almost enough to lend credence to tin foil conspiracies.
Lmao, what a waste of tax dollars. Like, it's been a complete failure in the other countries that have lobotomized themselves and done it - yeah we should do it too! What could possibly go wrong?
...idiots
So I'm gonna have to go on the darkweb to see pictures of naked milves?
They will track that to, we're going to need to go back to Gutenberg presses
i'm not saying this isn't BAD but honestly it's hard to care that much because the internet i care about is already dead, anyway. we need to build our own mesh network
How can we build a mesh network for the internet?
Age verification would be fine if it was an OAuth type thing - I sign in with the government on the government's website, they report back that I have the 18+ grant. I don't know why they're going in this direction of just requiring that private companies collect a bunch of personal information to "verify" me
Is there anything to stop the government side from compiling a list of users and the sites that request verification? Because that just makes a centralized target for hacking or internal crime. There's got to be a way that allows for both verification and zero trust :/
Or just the next government comes in and targets gay/trans people based on the websites they use.
I mean...yeah...but it sounds really bad on the surface.
Crypto. Namely, certificates or smartcards.
Imagine if your driver's license were a smartcard. It'd essentially just be a cryptographic key pair that asserts that you are "you" because the card says you are and you both have the card and know the unlock PIN.
Now, that sounds like the government could easily track you, but not quite. All that really matters is that the certificate is valid. Not expired, not revoked, and there is a mutual trust in a third party (the issuer).
This doesn't require a query to the issuer. It can, and should, i.e. using OCSP or CRLs. CRLs, in particular, are a bit better here...instead of the service going back to the issuer and saying "is this certificate still good", instead, the issuer periodically publishes a list of all revoked serial numbers that get downloaded by anybody who wants them.
The important thing is, the service provider (i.e. the website) never has to ask about you by name. They know you are you, because you possess your private keys, and they trust that the issuer of your certificate (a corresponding public key, signed by the issuers private key) is thorough in verifying your identity.
I think a mutual-third-party trust model (basically, certificates) is about as good as it can get. I don't think you can verify without trust. That's not how the proverb goes. Not at all.
If age verification was an inevitability, you might be right here. I do not think we should accept age verification as an inevitability. This is a cynical attempt to 1984 us.
I really do feel that there should be an official means to verify your identity online. And it 100% should not be this shady bullshit we are being sold of uploading a video of your face and drivers license. Government-issued cryptographic identifies are about as good as you can get for something thats universally trusted (enough) to issue and validate IDs. That's...kind of their thing.
But...it needs to be reserved for when you need to do "official" stuff, like accessing your health records, banks, interacting with the government, signing forms as legally required, signing emails (at senders discretion), etc.
Needing to provide your ID to shitpost on reddit or search yandex for femboy dwarves is a bridge too far.
But it was always about identifying everyone in seeing who is jerking off to what, and so forth. You are saying we need we need to bring the Trojan Horse Behind the Walls, I am saying we don't.
That has the same issue as a lot of privacy-protecting age verification services, which is that there's never actually a moment when someone verifies that you are you.
Like, if someone sold their key and password to a few people, it would still work everywhere and there would be no obvious reason for the key to be revoked. All it takes is one poorly implemented (or malicious) website to capture everyone's keys and passwords, and then they sell them to kids.
I don't think there's a way to avoid that issue. You can either implement privacy or verifiability, but not both, and governments are going to trend towards verifiability.
There should be no reason that any website gets access to your private key.
This just demonstrates a common misconception of smartcards. The private keys are non exportable. They never leave the card. They can't. Leaving the card destroys them.
The PIN may be compromised, but without physically having the card, the PIN is worthless. Likewise, without the PIN, the card is worthless. You have to have both.
Now, yeah, people could sell them...but the only people who would are the very same whose identity is already practically "worthless" (in the capitalist sense) to begin with, so the market sort of solves itself there. If a person's identity were of any value, they wouldn't need to sell it.
It can be used for authentication, but it should be thought of more as a signature (but in many ways more secure and verifiable)
Can you explain how I'd use my smartcard to verify my age on a website? Does everyone need to buy a card reader for their computer?
That's the thing, you shouldn't have to.
But it could be used that way. The problem is, the types of certificates that I'm suggesting would offer no privacy at all, as they would have your real name associated with them, and they'd be issued by the government...essentially, the exact same idea as DoD "CAC" cards.
If it's the type of business that you want to supply with that info, that's one thing. But it would eventually, be compulsory, and that's not really what anybody wants.
There could be a happy medium, where you have to get validated in-person that you are 18+ by a mutually trusted agency, and get an 18+ "badge", through some sort of trusted medium.
Plenty of legitimate, innocent, reasons to be getting an 18+ badge..and technically no real reason to record a persons information, except for anti-fraud measures.
I doubt there would be much more of a black market for that than there is already existing for getting nicotine and alcohol to kids. Shady people gonna shade. And of course, parents can slip one under their (teenage) kids pillow if they think they can be responsible with it.
Either way has a dystopian end...but that doesn't dismiss the value of having an "official" digital identity for "official" purposes (for whatever is deemed "official" by the holder).
Gotcha. That was my misunderstanding then. I've seen people talk about something similar: a government issued "id" (potentially tied to your driver's license or whatever) that digitally identifies that the holder is of a certain age, but nothing more. That's what I thought you were proposing here as well.
I don't think there's anything wrong with your idea, but it also seems unnecessary, and makes it easier for businesses to track you - not harder. If the purpose isn't to obfuscate information, they can just look at a driver's license and see their birth date and that the picture matches the person using it. It also doesn't really have anything to do with the subject of the post (online age verification).
This is the way. There are many cryptographic ways to make this possible without sharing any personal or usage information with any party. Too bad our legislators as a group are too fucking stupid to understand any tech more complicated than two cans with a string.
Such is the problem. IME, most people in tech can't wrap their heads around PKI, I have zero faith in legislatures to do so.
Seems reasonable. Lets see how our political dinosaurs fuck it up!
Regulate algorithms, beef up moderation and dns filtering is the proper way to protect kids.
We the people need to write to our mps that we oppose this attack on privacy.
I’m writing my MP, this is important.
This bill is fucking wrong. I don’t care if you think teens shouldn’t have access to porn, THIS bill as written is not the way.
All this bill will do is funnel that pen you watch directly to the US government and corporations.
We the people is an American thing.
You're a subject, knave.
I'm pretty sure they know. I don't think they care.
Still write them. Make them have no deniability of the issues.
We the people don't matter to this government.
I tried emailing my mp on multiple occasion and never got so much as an automated response
Mine has written me back personalized responses.
Varies by MP.
Who's your MP?
I do not want to disclose what riding I live in.
Fair.
What party then?
Liberal. I get the feeling is not everyone’s experience, but mine is good.
I’ve found NDP MPs can be good as well, some they’re often community minded people.
You're one of the lucky ones.
They don't give the slightest fuck. Sounds like a good time to ditch the net.
No. That's what they want: to silence y'all. Fight back.
There’s literally bad actors paying people $33 per letter to sway their representatives in democracies.
You have any sauce for that? They pay influence operations to write thousands and thousands of fake comments and all sorts of things, not usually Americans though, and not individual people, but companies based out of low-income countries like India speak English.
load more comments
(3 replies)
Time to build a new net.
load more comments
(1 replies)
I think with recent news of the data leak of Alberta voters information, it goes without saying that age verification, and the data leak that will follow, is part of the design.
https://www.cbc.ca/news/canada/edmonton/livestory/elections-alberta-electors-list-9.7182971
view more: next ›