Why online ID verification for social networks is a terrible idea

I see a ton of people supporting some new laws to be introduced, requiring government IDs to provide access to social networks. All to allegedly help with antisocial behaviour on socials.

Beggars belief a lot of people are supporting this, but here, let me try and break this down in the simplest terms I can why this is a TERRIBLE idea:

1) There are ways to ID the perps and offenders NOW.

IP address, host name, device ID, MAC address, browser headers, and so forth. ALL those are logged and transmitted during an active browsing session or while you're using the app. Pressure the platforms to act and terminate the accounts of offenders and hold them liable to their own Terms & Conditions. They don't act now, as they don't have to, and it takes man power, man hours and costs them money to properly police their own turf. There is no anonymity on the Internet and never was, it’s just harder to ID someone than it is via name because you need to capture some metadata and then work with other parties to actually figure out who the IP address belongs to. But the tech is there, the procedures are there, so the argument about being unable to ID people is moot.

2) By requiring government-issued IDs you're shutting down:

- The Underprivileged (look up "voter suppression" in elections around the world through just that)

- Whistleblowers

- Victims of Domestic Violence

- People on the run from Criminals

- Political Opponents/Dissidents (part of every healthy democracy or attempts to topple a totalitarian regime)

and MORE.

Also, real cyber-criminals don’t communicate through facebook or Twitter or iPhones (or at least not the retail models), Windows or OS X etc. They use other apps, run a clean TAILS install from a removable drive, get burner phones or even laptops. Stripping people of privacy online will have ZERO effect on actual crime, those people are way ahead of the game already.

3) I come from a formerly totalitarian country with state-mandated censorship. I can tell you: wake up, while there’s still time for that. It’s never the case of "children" or "protecting from abuse", or “racism” or “trolling”. Those are used to push through certain laws and shake up the status quo. Once the new reality settles in and people are used to it, it's much easier for the government(s) to push through more restrictive laws that have ZERO to do with the matter on hand and had NEVER been discussed before.

What am I hearing? "Oh, they would NEVER do that!"?

Well, have I got news for you. Look at what happened with online content filters in UK from 2012 to now. Started off as opt-in with just torrent and some rather unsavoury sites banned, it's now opt-out (so, ON by default) and covers a whole lot of things/topics/areas that had never been mentioned originally and have never been consulted with the public.

More to the point: UK has one of the most censored and restricted Internet accesses in the Western world as of TODAY.

Not my words, mind you, Reporters Without Borders, etc. etc.: https://en.wikipedia.org/wiki/Internet_censorship_in_the_United_Kingdom .

Read this and tell me you are still in support of deanonymisation/stripping of privacy. If someone is, that's alright, but perhaps it's time to pack up and move to North Korea - it seems to have the whole censorship down to a tee.

Oh, there's also

4) That whole thing is a massive, ticking time bomb and a liability.

Hacks routinely DO happen, databases leak etc. etc. Do you want malicious agents or foreign governments hacking a database with millions of government IDs, people's personal/confidential data, DOBs, NINs, Passport Numbers, SSNs, the whole lot? Here’s June 2021 alone in terms of leaks (data for July doesn’t seem to be out yet):

https://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-june-2021-9-8-million-records-breached .

You can't air gap that (prevent from leaking through removing any incoming and outgoing connections) if it's meant to be a database to be checked against in real time.?

It's not a question of "IF", it's a question of "WHEN" it leaks, and causes a whole ton of trouble to a whole ton of people (but then, once the data is out, it's really too late to do anything).

Governments or organised crime would throw silly money at black hatters (unethical hackers) willing to compromise access or provide backdoor access through bribes and corruption. You don't want that. Trust me. You might not realise this, but you don't want that.

I know we're talking about putting a stop to trolling today, but it increasingly feels like digital illiteracy will be this society's undoing, because you have to be pretty clueless - and, dare I say it, digitally illiterate - to support those kinds of pseudo-solutions. Knee-jerk reactions, as much as the racist nonsense posted by trolls IMO.

I call and urge for those things to be left to people who know a thing or two about cybersecurity, opsec, pentesting and the whole nine yards. Honestly, it's an EXTREMELY complex issue and overarching bans, blocks or restrictions are NOT the way to go.

This will probably get eventually pushed through anyway, 'cause a lot of people without a thorough understanding of the matter support that solutions, and politicians will LOVE it (that's more control over data/personal or even compromising information for them, and less for the general population - what’s not to like about that if you’re a politician).

And then it will all come back and bite people back when they least expect it, and when it will inflict the most damage. And it will - just the matter of time.

#TrustMe