quote:
And as for the "system" knowing it, there are already clear rules at what the "system" can ask and what not, or what systems can do what. There are stages of accessebility of the information on it, which even govermental instancies need to keep.
There are two distinct areas of concern here: data collection and retention by the provider of the service verifying such an ID (e.g. operator of the hypothetical chat room, presumably a private entity) and data collection by the government issuing the ID.
The two concerns are different and I am not sure which you are calling the "system". However, existence of rules does not guarantee they will be followed (especially by governments) and that the rules won't be changed retroactively.
If you consent to the proposed uses for the collected information today, will you have the power to compel all involved entities to erase it tomorrow, should the rules for its use and disclosure change? I think not. Water spilled on sand does not go back in the bottle.
Of more immediate concern, however, are the private entities -- the chatroom, web board, blog site operators and so forth -- who would be obtaining
a lot more information through the use of the ID system (if they were to use it), compared to your IP address and whatever you choose to tell them, now.
quote:
And even if it did, who cares? Do you have anything to hide from the "system"?
That is the classic argument used by those defending the erosion of individual privacy.
Instead of entering into lengthy discussion, I would like to refer you to
the answer in the PGP FAQ. While that talks about encryption, the issues of privacy, anonymity and free expression are all closely related.
quote:
Don't believe you are actually surfing totally anonymously (by your definition) atm. Even on this forum your IP is logged.
Of course. However, comparing that to authentication of a government issued ID is ludicrous.
For one, the IP address doesn't directly expose anything other than the general location of the user. Matching an IP address to a real life identity presently requires contact with and cooperation of the user's Internet service provider. The proposed ID system exposes the real life identity directly.
Secondly, the IP address can be obscured. If I didn't wish my IP address logged on these forums (as an example), I could easily prevent it. There is
Tor, there are open proxies, unsecured wireless access points, public computers at libraries and Internet cafes, and other means.
Furthermore, even if you succeed at finding out who the IP address belongs to, it is not conclusive identification. My computer could've been compromised (a drone) or somebody could have parked outside my house and used my wireless access point.
The point here is that your comparison of the ID system to collection of IP addresses is poorly thought out and understates the degree of exposure.
quote:
Furthermore, using the eID isn't mandatory, it is your own choice.
For now. Wide adoption could lead to it being effectively mandatory -- when everyone uses it, other choices will disappear. That is why such proposals need to be scrutinized and fought (when necessary) early on.
I think it is clear our disagreement (as well as your disagreement with the O.P. of the poll and its negative responders) is not about the technical details, but priorities and philosophy. There are people who are willing to trade their privacy for perception of safety, but there are also those who firmly oppose such compromises and believe it will lead to neither.
