Open-source age assurance

[Mæstro]

I do not want to bring down the celebratory thread by discussing dark clouds on the horizon, but neither do I wish to ignore them. A new thread is the proper place to discuss it.

We have age legislation that will make things harder.

Given that these laws are forthcoming, it would be wise in general to discuss how one could comply with these measures which most rich countries are soon enough to implement, while actually respecting the privacy of a user. For example, suppose an EU resident wishes to host his own non-commercial, but adult website a few years hence. (Alter the jurisdiction to taste; the precise choice is unimportant.) How can he do it, if he is convicted as we are that he has no business with a government ID or face scan? Opposition to these fiendish programmes is easy to find; actual plans to adapt to them are much scarcer.

It is easy enough to find open-source, zero-knowledge software which, given a birthdate, can attest that the user is of age. Even Chrome extensions can do it! As we discussed a bit in another thread, the user’s status can be embedded into a HTTP header. Standard networking filters should suffice to guard against the computer accepting requests to broadcast the user’s adulthood without his explicit permission. Perhaps this could even be managed through a browser permission, like requests for location or camera access.

The chief problem, in my opinion, is that the open-source age assurance method itself would, presumably, need be run on the client’s computer. Perhaps this could be done using specialised hardware, like that which some German banks use for PhotoTAN verification in lieu of a smartphone. It goes without saying that developing such hardware and ensuring its compatibility with Linux or BSD is more daunting. A more desirable method would not involve even local, offline processing of official documents or one’s physical likeness, even if no other computer is capable of accessing it. What alternative is there? A few ways which occurred to me over the last twenty-four hours which could guard anonymity are as follows:

• Proof of completing compulsory education. This would not involve uploading your diploma, of course! Rather, in the way that message boards pose trivial sums for users to prove their humanity, presenting problems which require more formal education than a teenager has got could serve. Personally, I think bidding the user to modify his HTTP header without giving him instructions should qualify as such a task. But if academic problems are required, the need to guard against teenagers cheating with WolframAlpha or the like is there. Perhaps elementary logic, a subject accessible to an early undergrad but nowhere taught below the tertiary level, would be a fertile source of problems.
• Anonymous, trivial payments. Ofcom today, and Aol twenty years ago, have used credit card charges of ¤1, refunded once processed, as age assurance. The legal situation we are considering here is perverse enough that this is a conceivable case where cryptocurrency might perhaps hold some value after all, as managing this sort of petty payment anonymously. Some method of anonymous payment which does not involve cryptocurrency would be preferable, of course.
• Certificates by a not-for-profit verifying agency. Such an agency would need setting up, of course, but its purpose would be to file affidavits that the anonymously registered holders of given certificates, which could be locally installed in the browser using existing technology, are aged eighteen or more.
• Scanning redacted receipts for tobacco purchases. As a non-smoker, buying and then returning a pack of cigarettes from a tobacconist in another town for proof that I am an adult would be tolerable.

Any such discussion is necessarily speculative, but we are a creative lot, and imagining the possibilities as a fun puzzle is surely preferable to bemoaning the sorry state of things, at least to me. Of course, I have been ignoring the possibility of just registering one’s server anonymously somewhere apathetic to sternly worded letters from Western lawyers. (If this website were in Polish or Hungarian, say, one might doubt the intended audience.) The goal here is to imagine how one could possibly comply while actually respecting the user’s privacy, not how to play a cat-and-mouse game where the mice really could be devoured. I would be interested in the community’s thoughts on measures which could break neither these laws nor our principles.

[Moonchild]

It's really not that difficult to come up with a solid and usable system that does not cause privacy concerns, but it requires a few things:

• A non-fungible (digital) token to be presented to the service provider of adult or age-gated content.
  It has to be non-fungible so any workarounds creating fake tokens don't work. e.g. using a cryptographic signature.
• A way to securely check that token by the service provider.
• A third-party entity trusted to check age in any of the available ways; this can be a bank, authority, credit card provider, or anyone else trusted to perform this check, who will then create or verify this token and make it non-fungible. e.g. using that cryptographic signature. They will be someone you trust, and someone the service provider also trusts.
  It should be noted that this can be fully transient: there is no need for the third party to do anything other than a one-time verification of unchanging data (your date of birth won't change) and issue the token.

Without these three, there is no sure-fire way to verify someone's age in a robust way.
We already have the technology needed to do this (PKI for signing and verifying already exists), and any potential issues with people holding the tokens (copying, sharing, having it stolen) can be addressed in other ways, e.g. by treating it like a certificate or credit card number: if stolen or compromised, black-list it/revoke it so the service provider knows it's invalid.

None of this requires that untrusted companies hold/store or retain your PII or do anything more than a one-time signature of verified correct data (one-time attestation), and giving the user the token to use from then on. Existing webs of trust can be used for verification that the third party is a trusted entity even if they are not local or directly known or trusted by the service provider. One of the issues we currently have is that third parties have to be trusted directly by both the user and the service provider which is both complex and costly for the service provider who is being made to bear the cost for something the user wants. This work isn't free. Avoiding this with a web of trust via PKI and making a simple, small but non-fungible token that can be passed in a header to provide date of birth and nothing else would allow for all of this to work and be checked.

What I'm talking about would also put the cost requirement on the end user: they pay a small, nominal fee for getting a signed token. Having them pay for it also incentivises keeping the token safe and secure as they should. If they want to visit age-gated places on the web, they have to get their age verified one time, then use their token from then on how ever often they want. If they compromise their token, it is on them to get and pay for a new one. Service providers should be able to have no-cost ways of checking age, which is possible here. If checking infrastructure needs to be paid for, that should be done by the governmental bodies who put these laws in place and make it mandatory.

[Potkeny]

We already have the technology needed to do this (PKI for signing and verifying already exists), and any potential issues with people holding the tokens (copying, sharing, having it stolen) can be addressed in other ways, e.g. by treating it like a certificate or credit card number: if stolen or compromised, black-list it/revoke it so the service provider knows it's invalid.

...

If they compromise their token, it is on them to get and pay for a new one. Service providers should be able to have no-cost ways of checking age, which is possible here. If checking infrastructure needs to be paid for, that should be done by the governmental bodies who put these laws in place and make it mandatory.

Sadly I see it happening exactly this way, treating it as a certificate, which expires monthly/weekly/daily for "security", and you have to pay (a subscription fee) to renew it. It might be paid by the gov (so your tax money), but the companies doing it will for sure try to make it a source of income.

[Moonchild]

Sadly I see it happening exactly this way, treating it as a certificate, which expires monthly/weekly/daily for "security", and you have to pay (a subscription fee) to renew it.

There is no reason for it to expire. Your date of birth does not change. It can be a permanent thing, not unlike getting a passport (which only expires because you age and your appearance changes significantly).

[Potkeny]

It can be, yes, but I see them arguing that "people will lose them, it will get stolen, so for security reasons we should have a short expiring date, we can not trust the users noticing it and revoking the old one". Does it make sense? Not really, but short(er) expiring date could make it a revenue source for companies, so they will push hard for that.

Maybe I'm just too pessimistic and the lawmakers will make sane decisions.

[Moonchild]

Your token can be compromised on day 1, or never. It makes no sense to expire it, but as I said, that can be addressed in a different way. How compromise response will be implemented shouldn't be part of this groundwork.

[UCyborg]

Given that these laws are forthcoming

Sorry, couldn't resist.

You know, the world isn't run by the laws written on paper. It's run by people. Some according to laws, others not. It depends on each individual how his world will be, how he makes it. And you also need a whole lot of luck, so that somebody else doesn't make your life hell. And it ain't as simple as they tell you in grade school.

[RealityRipple]

That zero-knowledge-proof extension is a f---ing disaster. If the proof request includes the month, day, and year, then the exact birthdate can be narrowed down by modifying the sent values.

[Gemmaugr]

I don't think this needs to be a thing at all (nor do I think it's possible to be entirely foolproof without the most extensive surveillance state in control ever), and shouldn't be pondered to prop up.
It needs to be done away with entirely, and left for online things in which ID is required IRL only. Ordering alcohol, tobacco, firearms, banking, etc.