Posted on 06/01/2021 11:23:05 PM PDT by Olog-hai
The European Commission will on Thursday announce plans for a digital identity wallet to allow Europeans to access public and private services, prompted in part by the COVID-19 pandemic which has seen a massive surge in online services.
The move also seeks to counter the growing popularity of digital wallets offered by Apple, Alphabet unit Google, Thales and financial institutions which critics say could pose privacy and data protection concerns.
The digital identity wallet “can be used anywhere in the EU to identify and authenticate for access to services in the public and private sectors, allowing citizens to control what data is communicated and how it is used”, according to a Commission document reviewed by Reuters.
The wallet will also enable qualified electronic signatures that can facilitate political participation, the 73-page document said. …
(Excerpt) Read more at reuters.com ...
"Can" will soon transform into "must."
Regards,
Can/Will it be used for voting?
Veggie Todd wrote:
“Can/Will it be used for voting?”
From the article:
“The wallet will also enable qualified electronic signatures that can facilitate political participation”
You want me to read the article before commenting? Why, that’s just crazy talk and against FReeper policy. I’m reporting you.
Is this the “self sovereign” ID?
The concept of SSID has been rattling around for a long time but the idea is, *you* decide what to put in *your* wallet, the supplier is mainly providing you with an almost empty wallet (the main content usually being some NIST/ISO level of authentication standard that your identity is definitely yours and not someone elses’.)
The digital wallet can then be used to assert “I am who I say I am” while also holding the necessary information an organization may test to confirm it, eg a biometric registration that’s been signed can be checked again and if the wallet is still in the hands of the natural owner it’ll say “scanned data matches stored data and stored data is signed”.
This will definitely freak out some privacy experts, especially those who can’t read good and don’t understand the tech or the standards involved, and who need tin hats all the time anyway.
But if it’s okay for the Federal Government to do it for checking employees, okay for Apple to do it for customer (and Apple is Made In China) and it’s okay for protecting healthcare information that YOU DECIDE to make portable for your healthcare provider AND ANY OTHER to access on their behalf in an emergency, opting out is just as open to a privacy/security/convenience debate as opting in.
Simple example - if you are involved in an accident and a paramedic has a NIST compliant biometric enabled single person use iPad and you have a digital wallet, the paramedics can tell who you are, who’s your insurer, what blood group you are and what medication you’re on /allergic to (IF YOU DECIDE TO REVEAL ALL THAT) simply by opening your digital wallet.
Pre-digital, how would a paramedic know who you are? Ooh, er... Maybe check if you’ve got a wallet? Look at your driver’s license?
If they look at your digital wallet there’s an audit trail: on this date and that time this specific paramedic opened your wallet to read only what you gave prior permission for them to read... You were unconscious at the time, and they needed to know which of 2 large hospitals near you is better. Not closer... Better.
Can the nondigital wallet do a tenth of that?
There’s going to be a huge paradigm shift in personal tin hat privacy nuttery over the next 25 years. It’s not “privacy Vs independence” so much as
“your privacy + your security + your right to know who’s accessed what”
Vs
“la la la, you’ll get the info you need to help me only if you can prise it out of my cold dead hands or if I’m conscious and in a really good mood when you ask me nicely.”
In much the same way that a driver’s license and/or passport and/or service card is a “must” these days.
You didn’t need any of those in the days of the California Gold Rush, so philosophically one can argue we don’t need them now. It was totally free and democratic. Never had it so good.
Want to be a doctor and sell homebrew quack meficine? Just call yourself a doctor, it’s not like anyone will check! Want to drive a stagecoach at top speed through a kids play zone? Just do it; there’s no test.
And so on.
That is assuming it will not be used to control or infringe on people’s rights.
Or, conversely, “disappear” people; no digital identity, no existence. Think identity theft in reverse.
The difference being that this new "digital identity wallet" will be required if you want to enter a shop, board a city bus, or drop a letter in a mailbox.
My initial comment pertained to the weasel-words "can be used" appearing in the excerpt - and that they will undoubtedly morph into "must be used" faster than you can imagine.
Your sarcastic comments about medical licenses and such suggests to me that you are in favor of ever-greater govt. intrusion into our daily lives. Am I right?
Regards,
Since it’s the unelected European Commission pushing this, then the answer is no.
Like any intrusive government program, it is great until it is abused. And law of the Universe #3 states that: Any power that a government can abuse will, sooner or later (Probably sooner) be abused.
That’s the issue. It will be abused. And probably badly abused.
That said, in the PRC this stuff is already here. Almost all payments are made via electronic transfer. Doors to your house and car are unlocked by your cell phone. They just need to implant the thing in your hand and on your forehead.
Such a thing is designed to be abused.
Considering this is the same bunch that came up with the link tax and meme ban articles, I think we can safely assume this will indeed be used to infringe in people’s rights.
True, but this is not a new issue. Remember those films where digital identities get wiped or stolen?
The assassin in Day of the Jackal stole the identities of dead children from parish records and used them to forge new identities (and that was based on actual real world Identity theft tactics). How many decades ago was that book written?
I’m not challenging the scepticism of state operations here, I’m challenging the (frankly astonishingly naive) idea that this stuff never happened before the digital age.
1. It happened all the time, everywhere, but there was absolutely no way for the normal mortal to detect it. The olden days weren’t safer at all, but we just didn’t have a clue how utterly prolific and endemic the abuses were because recording of evidence was close to zero and the criminal / malicious actors ALWAYS had control over the audit trail. Dead easy to cover their tracks.
2. I’m baffled by the cognitive dissonance between state does it = bad and Apple does it = good. If Apple decide tomorrow to ban an app, a chunk of your digital wallet goes up in smoke with no right of restoration.
A relative of mine runs a business, and is a massive Apple fan. Or was, until they pushed some updates out that borked her accounts. So much do that she was locked her out of her business accounts, payroll AND customer database. Had to go back to pen and paper while Apple’s self service haves 25 day SLA just to verify that she was whingeing about her own accounts before they’d help restore operations.
I’m just as bothered by giving private enterprises that much control as I am by the state.
And after the last year with all the shenanigans and cancel culture from tech media giants, it’s funny how quickly that gets forgotten in the “private good, public bad” dogma.
I’m neither in favorof it nor against it.
The real power these days rests in the hands of whoever decides what’s mandatory or not.
Banks would abuse online banking to the Nth degree, if Federal Government regs didn’t bind them.
The FDA medicine regulations would not exist had it not been for decades of total market abuse by a Wild West, unregulated, unqualified, or even just plain negligent, private enterprise chancers leading to scandals like thalidomide.
In the past, regulatory focus has been on what the individual can or can’t do. That is wrong.
It’s not the private citizen that needs to be the focus of regulatory constraints - it’s overpowered commercial interests and lobbies
market distortion by serial abusers, organized crime, the “too big to fail” industries that are propped up by an endless supply of state subsidies...
The private citizen can’t expect that regulation, which ultimately exists to benefit the consumer and constrain criminal enterprise, to exist in a vacuum.
This is a profound difference to everything that’s happened before in the digital age. But it needs a revisitation of civic responsibility and the relationship between the individual, the community, the state and the private sector.
There are 70 million people in Britain and if 35 million of them took an active interest in cleaning up their doorsteps and communities the police could focus on the really important stuff instead of getting bogged down by trivial neighborhood disputes and people getting offended by today’s bad words. (That is the essence of Thatcherism).
So what does that look like in the identity context?
Imagine you had a locked briefcase, handcuffed to your arm, with all your secrets in it and only you could open it. Nothing short of a subpoena with a defined reason and approved justification could compel you to share any content of the briefcase against your will.
The digital wallet is basically just that, but in cyberspace. It can be a state issued wallet or a company wallet or a health provider’s wallet, but any which way you see it, it’s important you understand it’s your wallet not theirs.
The question is, under what circumstances would you accept ANYONE accessing / modifying your wallet(s) without your explicit consent... If you couch that question only in terms of state actors you are completely missing the point.
Or, the short version:
Data protection laws are predicated on the assumption that whoever stores the data is it’s custodian, ergo they “own” it.
The chief problem that creates is, you don’t own your own identity. The agency that creates and then stores it on your behalf owns it.
That means they get an enormous amount of control over what it looks like and what it can be used for.
Self Sovereign Identity is about saying - it’s MY data, I decide what goes in it, I decide who has access to which bits of it, I can see how it’s used... because I am the primary user of it.
My digital wallet is like my physical wallet. NOBODY touches it without my permission.
Imagine you had a locked briefcase, handcuffed to your arm, with all your secrets in it and only you could open it. Nothing short of a subpoena with a defined reason and approved justification could compel you to share any content of the briefcase against your will.
The same could be said of my private parts.
In an earlier, more-innocent age, no respectable citizen (e.g., airline passenger seeking to board his flight) would have been compelled to undergo an "intimate" body search. Even a light frisking would have been viewed as outrageous. But now, even small children and 80-year-old nuns are required to undergo a frisking and/or mm-wavelength scanning - and we are only one short step away from full-blown cavity searches.
We all know the reasons for this - but it is still something that we should not grow accustomed to.
My concern is that this "digital wallet" would soon come to be taken for granted. One major terrorist incident, and there would be calls for requiring that a "backdoor" be installed. And even if that weren't the case - more and more places of business and/or govt. offices would simply deny service unless you were willing to "drop your pants."
"See! We aren't infringing upon your privacy rights! It's just that, if you want to mail a letter, you've got to give us access to your digital wallet!"
Regards,
Yeah right, I totally trust Google to do the right thing. Location Services OFF but they can and do still track you. That's been known for years. If they make truly Open Source phones that's one thing but if it's not open source, Apple, Google, MS etc will collect and sell the data.
>>The wallet will also enable qualified electronic signatures that can facilitate political participation
Electronic voting. The Left’s dream since the early 70s.
And not Just on candidates.
Totally agree. The corporation has an awful lot more power here than the nation state not least because if they don’t like your laws they just move their headquarters out of the country.
In “Good Omens” (a brilliant pastiche of The Omen, by Terry Pratchett and Neil Gaiman) the tech savvy demon Crowley sends an inscrutable End User License Agreement of the kind the tech giants cook up for software, down to the Faustian Contracts department, with a post-it note saying “Read this, guys!” And that sums it up.
I am FAR more worried about the multinational tech giants abusing the system than I am worried about the state doing it.
If the state gets caught, it will probably get a whupping at the next election. If it suspends elections then tech abuse is a smaller problem than the termination of its accountability to WE THE PEOPLE.
If Google or Apple or Amazon or Microsoft or Oracle (or all five of them) conspired to abuse the tech, there is not one darned thing anyone anywhere can do about it. Because between them, they have control over more data than everybody else, anywhere, in the history of the human race... Combined.
China is catching up so add China to the list and you have six orgs literally so far above the law that even if the G8 collectively tried to nail them they’d probably end up on the losing side.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.