We already have a society that identifies people when doing business. The burden of proof is on an anonymity advocate to demonstrate why that is harmful and should be changed. I may mot have convinced you that having strong identity enables strong security and reduces spam (that is my argument). But it’s also not my problem if you aren’t aware of the nuances surrounding how security, privacy and anonymity work. You haven’t made any compelling argument as to why we don't need identity in cyberspace beyond a naive axiomatic assertion that “businesses don’t need them so they shouldn’t collect them” and some FUD level fear that strong identity is an Orwellian technology hell bent on ruining your life. There is so much nuance I don't feel like we’re doing the topic justice. There is a huge spectrum between “ad tech tracking everything you do” and “everyone looks like a spam bot”. The mindshare is heavily skewed toward spam bot because ad tech is abusive. You can have strong identity and privacy without invoking anonymity. You can be anonymous and still fall victim to fishing attempts and scams. Anonymity is not synonymous with security or privacy. Security means you know who you’re communicating with online so you can establish trust. Privacy means you don't need to share invasive personal details in the regular course of existing in society. Anonymity means nobody knows who you are. I want a society where my digital communication with other people is authenticated and a baseline of trust is established. Do you use a secure messenger app that has E2E encryption? Guess what, that depends on strong identity. You are not anonymous but you are private. I would take a secure and private society every time over an anonymous one that offers weak, if any, guarantees of security and/or privacy.
I work on a product that doesn't collect any PII. We made the decision very early on not to collect any information we don’t need because that’s literally not our business. I am deeply aware of the landscape on these topics. However, as a society we cannot run in a “normal meatspace anonymous cyberspace” mode. We need to bridge civil identity in a secure and private (those are fundamental human rights) way into the online era. That is the core focus of the product I’ve been working on. In reality people have identities whether they use them offline or online. The goal is to protect those identities so they cannot be abused, not remove them altogether.
> We already have a society that identifies people when doing business.
This is false. There are many cases in real life when this is not the case as explained in the very post you just responded to.
> The burden of proof is on an anonymity advocate to demonstrate why that is harmful and should be changed.
You are making certain claims and then saying it's up to others to disprove you? If that's your attitude why are you engaging in this discussion at all?
> But it’s also not my problem if you aren’t aware of the nuances surrounding how security, privacy and anonymity work.
Frankly I don't have the energy to engage with you. Take that as you will. You clearly think you know much more than everyone here already anyway.
It is not wholesale false by any stretch of the imagination. Yes, there are cash-only businesses that don't take credit cards with your name on them and smaller operations which don't have any KYC requirements or loyalty programs or otherwise engage with you in any activity that would identify you. I am not disputing that... it really feels like you're deliberately cherry picking my points and only responding in a fashion that reinforces your stance rather than actually addresses the discussion.
My point is that generally (not in all known cases) we are okay, in meatspace, (and quite familiar) with (and even require at times) exchanges that identify us whether it's putting our name on a coffee order, using a credit card to pay, signing a waiver, buying alcohol, visiting the hospital, opening a bank account, sending children to school, filing taxes, driving a car, etc. So to take the stance that anonymity is absolutely better to the point where it should be considered a fundamental human right and we should be worried about some company providing an identity verification api to online services because the whole shroud of pseudo anonymity of the internet is going to fall to pieces does require some supporting material, in the least. Otherwise it's just FUD.
> You clearly think you know much more than everyone here already anyway.
If I seem quip it's because I responded to a question asking if this API would mean we see more identity requirements because it possibly lowers the barrier to adding one with an affirmative "I hope so" and the tone of the responses has been "dude what a terrible thing to say this is hackernews doncha know anonymity is chic" followed by anectdotes about how sometimes you use an identity when doing business and sometimes you don't (so see! anonymity works). That's not a discussion it's just virtue signaling.. and it is certainly the responsibility of the virtuous (in this case those who are supporting the stance that my statement is terrible because anonymity is righteous) to back up their conviction (otherwise it is, simply, a virtue and nothing more). I've presented an argument that we needn't worry because meatspace society has figured out a good balance of security, privacy, and the occasional but rare anonymity, and it is perfectly functional so I don't think there's a qualified threat to the internet. I've described how strong identity backed security and accompanying privacy are not the same as anonymity and suggested that many people are conflating the two. And I've laid out rationale explaining that strong identity is better for security (this is not simply a "claim" if you know the first thing about security) and how if we want to see real privacy on the internet, not just the fake privacy that you get by being pseudonymous, then we need to fundamentally understand and legislate and engineer policies and systems that support such.
So far nobody has presented an argument as to why anonymity is, specifically, better than strong identity with privacy rules beyond "well sometimes you don't need strong identity for things to work so it should be the default" which is talking past me because I never made a claim to the contrary. I've backed up my assertions with the as far as I know factual evidence that identity both enables better security and deters spam (which are problems that are worse on the internet relative to meatspace). I don't know what else you want. I'm sorry my responses are laborious.
I work on a product that doesn't collect any PII. We made the decision very early on not to collect any information we don’t need because that’s literally not our business. I am deeply aware of the landscape on these topics. However, as a society we cannot run in a “normal meatspace anonymous cyberspace” mode. We need to bridge civil identity in a secure and private (those are fundamental human rights) way into the online era. That is the core focus of the product I’ve been working on. In reality people have identities whether they use them offline or online. The goal is to protect those identities so they cannot be abused, not remove them altogether.