[HN Gopher] Switzerland votes against electronic ID system provi... ___________________________________________________________________ Switzerland votes against electronic ID system provided by private companies Author : bontoJR Score : 446 points Date : 2021-03-07 17:45 UTC (5 hours ago) (HTM) web link (www.swissinfo.ch) (TXT) w3m dump (www.swissinfo.ch) | dunefox wrote: | Meanwhile in Germany: "Hey, wouldn't it be so swell if people | needed to provide their ID when signing up for email accounts and | instant messengers?" | ketzu wrote: | It's currently only a request by the ministry of interior, not | actually in the discussed law, isn't it? It's not like | switzerland politics didn't propose the thing that's been voted | out, either. | dunefox wrote: | Yes, it's just a request but it's quite a worrying trend that | it's okay to even have a politician propose this - especially | with the Stasi not long ago... | throwaway3535f wrote: | I'm a bit sad the referendum passed as the law was creating a | regulated environment were anyone could start an ID provider and | other providers would be forced to interoperate. Basically it | mandated a distributed protocol. The alternative to my dream of | having a cooperative of my choice handling my metadata seems will | be to have the state know everything about me. Let's see how it | will play out. Maybe we will put some privacy by design concepts | in the implementation. | | On the plus side all the lobbyist that were involved in this | story have been recalled to order. | eznzt wrote: | https://www.swissinfo.ch/eng/swiss--burka-ban--vote-too-clos... | | >A decade after another national vote that banned the building of | minarets, Switzerland will introduce a clause in its constitution | to outlaw face coverings, including the Islamic burka and niqab, | in public spaces. | | That's very cool, the EU has a lot to learn regarding direct | democracy--I wonder if the refugee crisis would have happened at | all if people were asked if they wanted to accept the refugees or | not. | emteycz wrote: | Oh no, another great country destroyed by democracy. When will | people learn that there are things that shouldn't be voted | about... :-( | michaelmrose wrote: | How do you decide the things that shouldn't be voted on | without voting? | emteycz wrote: | Why do you need voting to understand a person's clothing is | not for you to decide? It was well understood before | democracy crazed the minds of everyone - not even feudal | lords thought they could do that, not even communists did. | tuwtuwtuwtuw wrote: | > I wonder if the refugee crisis would have happened at all | | Pretty sure the main issue, the fact that people needed to | leave their homes and countries, would still have happened. | wirrbel wrote: | It amazes me how people buy into the right-wing narrative | about politicians having invited refugees to Europe, when in | fact, the EU is trying hard to keep them from entering in the | first place. | | What might have prevented the refugee crisis might have been | if the middle-east region had not been destabilised in the | previous decades. And part of that destabilisation is due to | the US Republican party pushing for an invasion in Iraq. | swayvil wrote: | People believe whatever is shouted loudest and longest. | That's physics. It's inevitable. | eznzt wrote: | > It amazes me how people buy into the right-wing narrative | about politicians having invited refugees to Europe, when | in fact, the EU is trying hard to keep them from entering | in the first place. | | Have they tried, I don't know, mounted machine guns? | | Might sound like a joke, but what other options do you have | when hordes of young, able-bodied males are invading your | country? | dang wrote: | You can't do this here. | matthewmacleod wrote: | Drives me up the fucking wall. Spend years bombing the shit | out of countries and selling arms to despots, then having | the gall to complain when refugees from the situation you | encouraged turn up on your doorstep. | | You solve the "refugee crisis" by fostering peace and | prosperity in countries that don't have it, not by | spreading lies about it. | MikeUt wrote: | It was the US that pushed for and did (is doing?) most of | the bombing, and Europe that got hit with refugees. | | But even if it were the same country, it's not the same | people - the wars were pushed from the top [1], the | resistance to immigrants from the bottom ("populism"). | | [1] https://www.theguardian.com/commentisfree/2013/feb/27 | /bush-a... | emteycz wrote: | You really need to update your knowledge of history. Look | at Belgian, French, Dutch and British colonial empires. | Especially the Belgian one and its brutality might | interest you. And the British one was active in Middle | East waaaay before America. | MikeUt wrote: | It's the colonial empires that caused the refugee crisis? | I thought it was the much more recent bombings. But if it | was the colonial empires, how come Turkey faced no | refugee crisis from their colonies in south-eastern | Europe [1,2]? How come the refugee crisis was _now_ , and | not at the height of those colonial empires you blame? | | You see colonialism when it suits you, and are blind to | it when it doesn't. | | [1] https://en.wikipedia.org/wiki/Greek_genocide | | [2] https://en.wikipedia.org/wiki/Destruction_of_the_Thra | cian_Bu... | PoignardAzur wrote: | > You solve the "refugee crisis" by fostering peace and | prosperity in countries that don't have it, not by | spreading lies about it. | | That's _really_ not an actionable goal. | | Fostering war and misery is really easy, you just have to | bomb some places. Fostering peace and prosperity isn't | something you can actively do. | | Even if you refrain from participating in abroad wars, | they still happen. People still rise up against | governments they don't like, the governments still | violently crush uprisings, etc. The only difference if | you get to say it's not your fault. | [deleted] | mLuby wrote: | > "Facial coverings are contrary to our value system," Wobmann | told Swiss public television, SRF. He said there were now clear | rules in place so that "people know that in our country, you | show your face in public". | | I wonder if this reasoning will be re-examined due to | widespread good faith face mask use during the pandemic. | zaik wrote: | Wearing a mask for health reasons is still allowed. That | being said, laws prohibiting what you may wear, targeted | specifically against a religion, are concerning. | throwoutttt wrote: | Conserning to some, liberating to many | sjwright wrote: | Concerning to whom? The people who want to impose clothing | upon others or the people who have clothing imposed upon | them? | | (And before anyone cries discrimination, this particular | subject is entirely geographic-cultural. Somehow we've been | convinced that culture must have a veto over sexism. IMHO | that shouldn't be considered a settled debate.) | [deleted] | aseerdbnarng wrote: | "It is key for Switzerland to catch up with other countries when | it comes digitalisation" | | Why? | ThePadawan wrote: | Because person hours are expensive (because food is expensive | because person hours are expensive because socialized health | care is expensive). | | Every process that currently involves reams of paperwork (like | the ~20 page tax declaration that is due this month - yikes) | that can be done digitally instead saves the taxpayer or | customer money. | | And the Swiss do like their money. | CaptainZapp wrote: | > socialized health care is expensive | | Socialized health care? There's no such thing in Switzerland. | | Sure, health insurance is mandatory. No question that it's | heavily regulated (i.e. basic insurance can't rule you out or | discriminate against you for pre-existing conditions). | | But socialized health care? Give me a break. | | > like the ~20 page tax declaration that is due this month | | The actual declaration is covered by 4 basic pages. In | addition there's a declaration of assets and a couple of | helper pages for deductions. | | You can download tax declaration software for free (at least | in the canton of Zurich) and using it for your declaration | takes all of 20 minutes. | | It may be a bit more complex if you own real estate, or if | some other complexities are involved. | | You either don't have a clue or you're massively over- | exaggerating for reasons, which elude me. | smoe wrote: | Tax declaration are the cantons (state) responsibility . Some | are further than others. I filled out my first declaration | some 14 years ago via a web platform. | | Most everything being decentralized maybe makes nationwide | digitalization slower, but that is crucial aspect of the | political system. | bobthepanda wrote: | Also, person-based systems break down when asked to scale | suddenly, because it takes a while to hire and train more | people. We already saw this with how quickly even contact | tracing systems break down when infections go above a certain | point. Depending on economic conditions, there also may not | be people to hire; pre-COVID, there were public transport | funds in Seattle being unused, because there was not enough | drivers to spend the funds on. | | Another example, comparing how digital COVID payments in | South Korea were a lot simpler and faster than in paperwork- | heavy Japan: | https://www.bloomberg.com/news/articles/2020-05-20/in- | virus-... | lwkl wrote: | Taxes? You fill in the form in on your computer and can file | it digitally. And if you print it it's encoded in a format | similar to QR codes. | | Tax offices are fully digital since at least 10 years. If you | file with paper it's scanned and destroyed. Your local tax | office receives all the documents digitally. Of course this | could vary by canton. | ThePadawan wrote: | > Of course this could vary by canton. | | It does. Zurich still sends me a thick envelope with the 20 | pages and tells me to throw away 90% of it if I do my taxes | digitally. | phreeza wrote: | I only got this the first time after moving here, after | that they switched to just sending me the access code. | CaptainZapp wrote: | I actually double checked. | | What they send out (and yes, in the canton of Zurich) is | two A3 pages (printed on both sides) a form informing you | how to extend sending it in and, most ironically, an A4 | page informing, why they send out less paperwork | | It's right in front of me. So feel free to prove me | wrong. | bbu wrote: | You should check your envelope again. If you did your | taxes online in the past you don't even have to snail | mail the receipts anymore, they accept digital | copies/photographs now. | jrochkind1 wrote: | There seems to be plenty of economic incentive for automation | in the US without socialized health care. | | It has occured to me though that one thing that makes | automation and digitalization of society "affordable" by | comparison to human labor is -- skimping on security, | building this giant house of insecure fragile IT. If we were | to actually pay for reliable secure systems we probably | couldn't afford the computers-replace-person-hours version | either, not sure where that would leave us. | | The USA-ians definitely like their money as much as the | Swiss. | eertami wrote: | Imagine if you had to print a paper form and mail or deliver it | to the local Government for even the simplest of administrative | tasks. | | Because that is life in Switzerland. | tsbinz wrote: | I extended the deadline for my 2020 tax declaration today | (Zurich). I did so by scanning a QR code, entering my email | address for the confirmation, and clicking send. | eertami wrote: | Anecdotal, but in SG I recently had to submit ~20 pages of | documentation for a permit. Obviously I don't have a | printer so this was annoying in itself. Once I took those | printed pages to the Rathaus they just scanned all the | documents anyway. | | Maybe ZH does things better, but I still feel like it's a | shame there is not more standardisation. I understand why | politically this is difficult though with the independence | of the cantons. | jeffrallen wrote: | Well yes, but lots of Switzerland is rural, and dropping off | paperwork is no more bother than picking up a loaf of bread. | Lots of us _like_ seeing our neighbor, who happens to also be | our greffe communal. | Ericson2314 wrote: | No one is saying you can't see your neighbor if you don't | have errands to run. | etiam wrote: | Exactly, no one is saying you can't see your neighbor if | you don't have errands to run. | | But the fact is you won't be doing that anywhere near as | much if the way of doing the errands works against seeing | people as if it works for. Defaults matter, a lot. | nixass wrote: | Germany is hardly, if at all, better. For anything related to | banking, insurances, taxes, rent, healthcare.. I have tons of | papers | ILikeBikes wrote: | The latest European standard for IDs is a credit-card sized of | plastic with a chip in it. | | It should allow more security, because digital signature is | harder to forge than previous physical securities. But also you | could use them more easily in other countries, as it can be | read by a computer, and not a human that speaks a finite set of | languages. | | Lastly, you could use them for authentication for various | online and daily services, such as banking, taxes, creation of | companies, digital signature,... that are said to save time on | logistics. | labawi wrote: | > digital signature is harder to forge than previous physical | securities | | Yet there are countries running 3072-bit RSA on Infineon | chips, because their 3K keys are least broken. Discovery also | entailed country-wide certificate revocation, which IIRC | happened days if not weeks after the flaws were public, while | the law states a digital signature has the same bearing as a | physical one. | Nextgrid wrote: | I would still argue that the losses caused by this breach | were less than what other countries using a paper-based | system see on a regular basis, both due to malicious action | as well as the mere overhead of said paper-based system. | williesleg wrote: | Too late they already do it | thitcanh wrote: | This sounds like the Italian digital ID: required by the | government, managed by multiple companies. It's called SPID. | | It's usually free, but there's also certified email (PEC) that | costs from 5EUR to 30EUR per year. Also required by the | government in some cases and also offered by a small number of | companies. | | Does Estonia offer their digital IDs directly? | stefano wrote: | As an alternative to SPID you can also use your national | electronic ID card, which is issued by the state without the | involvement of private companies. | asadhaider wrote: | Estonia does, their identity card stuff is pretty amazing and I | remember reading about it a few years ago thinking it was truly | ahead of it's time [0]. | | Looks like anyone can become an e-resident and apply [1], I'm | unsure if this extends to the e-identify cards also or if | they're for Estonian nationals only. I remember previously that | anyone could apply for one however you had to go to an Embassy | to submit information and biometrics. | | [0] https://e-estonia.com/solutions/e-identity/smart-id [1] | https://e-resident.gov.ee/become-an-e-resident/ | Etheryte wrote: | Digital ID in Estonia is government-managed and comes for free | for everyone with your physical ID. When you get your physical | ID you also get the corresponding passwords to use the same ID | online with a card reader etc. You can use all online services | etc with the above without any extra fees. In addition to that, | all telecom companies offer a cheap (usually free if you're on | a recurring plan) tie in authentication with your phone where | you can use your mobile to authenticate instead of a card | reader. | bondarchuk wrote: | Almost every politician wants more power over citizens. That is | why a binding popular referendum is necessary in cases like | these. Congrats to the Swiss people, I am a little bit jealous. | isodev wrote: | I don't think the eID gives the government control over its | people... if anything I feel it's the opposite - one gains the | freedom to manage their identity service directly and save some | time because it just works across all government/bank/insurance | services. | noahtallen wrote: | Indeed. The current American system based on bits of paper | you have to remember about, or insecure ID numbers used as | identification (SSN) just causes a lot of pain, imo. Having a | central ID for each citizen at birth, and then a way to prove | that you match that ID would make so many services much more | secure and convenient. (Obtaining DL, getting loans, bank | accounts, name changes, tax, etc) | | I agree there should be safeguards against a rogue or even | non-rogue person modifying these records to hurt someone. | KorematsuFred wrote: | This only gives more power to government to harass people | whom they don't like and who are poor minorities. | | > having a central ID for each citizen at birth, and then a | way to prove that you match that ID | | This seems a trivial and no-brainer and yet you will be | surprised how many Americans will be simply denied this | sort of service after birth. Racist law makers would put | severe restrictions on people they dont like. If they don't | get this ID soon after birth they don't get anything. They | will be illegals in their own country. | | Entire song and dance around illegal immigration, e-verify | and all that crap was needless if there was no concept of | SSN. | PoignardAzur wrote: | > This seems a trivial and no-brainer and yet you will be | surprised how many Americans will be simply denied this | sort of service after birth | | The whole "centralized ID means your government will | oppress minorities" narrative seems like a mostly | american concept. | | I imagine part of it is due with the US's particularly | bad history with minorities, and part of it is a general | defiance against any kind of centralization that also | seems kind of unique to american culture. | | Speaking as someone living in a country (France) that has | had centralized ID for decades, it feels really weird to | see people describing what a dystopian future American | would become if it did that thing we do right now. | | (and yes, ID card checks are used as an excuse for racial | profiling; and the lack of an ID card is used to track | down undocumented immigrants, and that's bad; but it's a | symptom of other problems, and it's nowhere as bad as | "centralized = black people are denied access to social | services") | Threeve303 wrote: | It's odd how we talk about something like centralized | identification without the other areas of privacy | limiting changes we are experiencing. Online we are | tracked, logged and categorized like no other time in | history. Even the basic means of conducting a business | transaction leaves a digital trail whether it's a wire | transfer, credit card transaction or bitcoin payment. | | Authoritarian countries have combined a cashless society | with 24/7 surveillance of all kinds to create a black | mirror style social credit system. | | None of this would be possible without first having a | form of centralized identity. This will likely be coming | soon to a democracy near you due to the level of state | control it invites. Someone needs to get working on an ad | blocker we can use in real life. I suspect it will be | built around aluminum foil. | sjwright wrote: | The only difference is that your identity could be | disambiguated with one data point instead of three or | four. I don't see how that has any bearing on the | functional aspect of any such hypothetical dystopia. | Nextgrid wrote: | We can very well have laws that restrict what ID can be | required for - so it would be illegal to ask for ID for | certain things (you shouldn't be required to present your | ID to buy groceries for example). | | But for things where requiring an ID is already accepted | (banking, etc) or inherently necessary (interacting with | the government, like filing taxes), a robust, digital ID | system would be much better than a paper-based system | vulnerable to fraud and human error. | sjwright wrote: | Is there any issue with minorities receiving birth | certificates now? | max_ wrote: | I really admire the swiss political system & culture. | | It's has all the modern postulates of liberty & governance that | most countries are striving for without the "scam | orchestration" | smoe wrote: | As a Swiss, the political system is to me the best aspect | about the country. It makes it so, that it is almost | impossible for anyone to obtain enough power to really abuse | it. | | It also make any change, for the good or the bad, very very | slow, which can be frustrating at times. So if stability is | not high up on your list of life's values it might not be the | best place to be. | brink wrote: | I'm an American and Switzerland is one of the few countries | I really admire for those reasons. I'd love to live there | some day if they'd have me. | julianlam wrote: | So basically Switzerland is the Debian Buster of the world? | rodgerd wrote: | > I really admire the swiss political system & culture. | | Do you admire denying women the vote until the end of the | 20th century? | fermienrico wrote: | Just keep in mind, Switzerland has the population the size of | SF Bay area for context. | tompagenet2 wrote: | The banning of minarets is a data point against this liberty. | fastball wrote: | They're also about to ban niqab / burka. | pell wrote: | They voted for the ban today. France showed that it had | little positive effect for women. | | The University of Lucerne ran a study and came to the | conclusion that there are around 20-30 women in all of | Switzerland who wear a niqap or a burqa. | fastball wrote: | So it's ok to outlaw clothing if only 30 people wear it, | or...? | m_mueller wrote: | I'm not for that ban, but I think that bit of direct | democratic building code gets overly dramatized. Things | like this serve to moderate the political landscape. If | people feel like they stay in control throughout rising | immigration from cultures they deem problematic, there is | less of a tendency towards extremism. And so far I haven't | seen any extreme counter reaction in Muslim communities | either. The soup is cooked hotter than it's eaten. | lukasbuenger wrote: | The direct consequences for Muslims are hardly the | problem here - only about 30 women in Switzerland (we | know about) even wear a burka/niqab and quite a few of | them are Swiss converts. Back when we banned minarets, we | had like three (!) of them in the whole country. But we | had ads like these [0] all over the country for months | _again_ and if that doesn 't give you the most profound | chills, I don't know. It's textbook right wing | scapegoatism and I'm pretty sure Muslims can feel the | very real consequences of that kind of propaganda. | | [0] https://verhuellungsverbot.ch/downloads/ | archsurface wrote: | Only for people who moved there, knowing full well that | they were moving into a different culture, and that as a | minority they would have to adapt to local norms. I've | lived in a number of countries on various continents, and I | have never expected the locals to adopt my way of doing | things - I think that would be utterly bizarre. If you go | there without a degree of humility and willingness to adapt | you're a colonist. | aranelsurion wrote: | While I agree with the premise, I don't see how this | specific event ties to your argument. | | A simple Google search shows that the referendum passed | with 57% of the voters support, so that leaves us with a | 43% who thinks it's a bad idea for one reason or another. | Since around 5% of Switzerland is muslim, one could argue | building minarets is not such a scandalous idea for Swiss | voters. | yurielt wrote: | That banning is only a point against liberty if your | definition of liberty is very American (religion above | welfare of people) for most people maintaining the culture | that gives that liberty is as important as liberty so | changing that culture would obviously destroy the | possibility of that liberty I really do not understand why | people simply close this eyes when this bans go against | Catholics and christians but freak out as soon as | separation of church and state touches any non Christian | tompagenet2 wrote: | Asked out of genuine inquiry and curiosity not to bait (I | know it can be difficult to tell online): The referendum | was simply to add the words "The building of minarets is | prohibited" to the constitution. This only affects | someone who would wish to build one (so Muslims) and in | my mind says that your type are less welcome here. Why | would Christians be negatively affected by this? | | I would take the view that banning the form of your | religious buildings (and implicitly, to your comment, | being hostile to Muslims who in your response you seem to | equate with a culture that destroys the possibility of | liberty) seems more of a betrayal of the principle of | liberty and freedom for all than allowing different | people to pray and associate as they wish, providing they | follow basic tenants of human law (not harming people | etc). | halflings wrote: | That had nothing to do with "separation of church and | state". It was banning private individuals to use a | specific form of architecture. Pretty much any country in | the world allows building mosques with minarets... did | they threaten anyone's liberty / change their culture? | | Going back to GP's point, the deeper issue is that people | thought this was worth writing in the constitution. Other | countries apply such laws in different ways, so I don't | think the Swiss direct democracy is to blame here. | warent wrote: | This seems to be the largely the case with scandinavian | countries in general. | | I've been seriously considering leaving the USA permanently | because I'm having a difficult time reconciling my morals and | ideals with the taxes I pay. Ballots and debates aren't | enough. I'd rather vote with my taxes and my feet, and start | helping a county I believe in. | fla wrote: | Switzerland is not part of Scandinavia | chrisseaton wrote: | I think you're possibly confusing Switzerland with Sweden | there... | anon4242 wrote: | Though, as a Swede, I would love to have Swiss-style | democracy... | vinni2 wrote: | Unfortunately such referendum don't scale well though. | ur-whale wrote: | >Unfortunately such referendum don't scale well though. | | It would if the federal government was shrunk back to what it | was designed to be in the first place and states where given | actual governing power. | zo1 wrote: | Why wouldn't it scale well? | RedComet wrote: | This is unsurprising, especially given what happened with recent | elections in third-world countries (like the United States). | jariel wrote: | This is bad populism. | | It's understandable people fear Google/FB etc., but an entity | contracted by the state to do digital ID services is not going to | be selling your phone number if doing so would put them out of | business and land them in jail. | | Sadly, the notion of basic digital ID would be very useful for so | many things and maybe even help with privacy if content providers | switched to this kind id vs. social logins. | | Ironically, these 'government IDs' may be a vanguard in the fight | for privacy because they establish a privacy-based alternative | that doesn't currently exist. | | (Edit) There are already private institutions that manage ID data | (Finance, Health) no our behalf and generally we are not | concerned. (Although VISA is owned by banks and that's a | concern). In Canada, they have temporarily allocated ID literally | to the banking system - you can login to the gov. tax portal | using your banking login. So, de-facto, the banks provide ID | services to gov. already. | | It's irrational populism. ID services are sensitive obviously, | but governments already deal in such types of sensitive | information and there's no reason 3rd parties can't manage those | services with the right kind of oversight. | fyleo wrote: | The entity in question does not have the best reputation. | jariel wrote: | "The risk of data abuse by commercial providers would | undermine the effort to make digitalisation more democratic, | they say." | | It's as though citizens have no understanding of how | contracts, oversight and regulations work. | | If the government requires certain parameters to be kept, | they will be. | | The notion that these ID providers are going to 'abuse the | data' is conspiratorially absurd to the extent that basic | information control is written into the process. | | If the financial incentives for 'abuse' don't exist, then | really it's a matter of operational capability and | pragmatism, in which case, private sector is an ok choice, | just as it is for so many other things. | | The government could feasibly do it, but there's no reason it | can't be outsourced. | | It's a bit short-sighted. | malthaus wrote: | Really proud of this result; the failsafe once again has done its | job against heavy lobbying. | | There was so much misinformation around mostly due to lack of | technical understanding (e.g. "it's a digital passport!") and the | (yellow) press heavily pushed for a yes. | dashdot wrote: | It was painfully obvious that heavy lobbying was involved... I | was amazed how that problem somehow was never addressed by the | opponents. | audessuscest wrote: | Common sense | layoutIfNeeded wrote: | They are also incredibly xenophobic (i.e. Japanese levels). | loufe wrote: | Their economy is humming along without immigration, so why | would they open it? I would have a hard time believing I'm in a | minority of people who think immigration is not an economic | consideration before a social one in western countries right | now. I'm not saying I disagree with it at all, though. | jeffrallen wrote: | Our society is humming along in part because of the 25% | foreign residents, and the hundreds of thousands who cross | the border daily to work in our economy. | | There are certainly some xenophobic people in Switzerland, | and the SVP is certainly a party that uses xenophobic | rhetoric to get attention, but our economy is the opposite of | xenophobic. | 101008 wrote: | Care to expand this? I went to Switzerland once (I was young, | 20ish) and I spent only one day at Geneva. It didn't look | xenophobic, but very strict. I am interested in knowing more | about this, thanks! | layoutIfNeeded wrote: | Sure, there are tons of foreigners in Geneva, since e.g. CERN | is there. But native Swiss people will never consider you | their equal. You can live and work in Switzerland for your | whole life, but they will never consider you Swiss. | | Of course, they are also very polite about it. I'm not | talking about US-redneck-tier xenophobia. | wsc981 wrote: | _> But native Swiss people will never consider you their | equal. You can live and work in Switzerland for your whole | life, but they will never consider you Swiss._ | | But it's the same in many countries. I don't necessarily | see a problem with that. Do you view this issue as | problematic and if so, why? | | I live in Thailand and Thai people will never consider me a | Thai, even if I would speak fluent Thai and would conform | to all societal norms. I've moved to Thailand and decided | that regardless of this, it's a decent place for me to | stay, better than The Netherlands where I came from. | DetroitThrow wrote: | Most people who travel to japan as tourists don't see the | underlying xenophobia either, and that's very well | documented. As far as xenophobia towards non-swiss - I think | the popular referendum to add a constitutional ban on | minarets in their country is a good example of how that | reared its head in somewhat recent history. | | However, the corporate culture that is much more liberal in | Geneva is very different than the vast majority of the | country as well. I felt more welcome there than in a few | places I visited in nearby Germany. | esja wrote: | Switzerland has one of the largest immigrant populations in the | world per capita: 29.9% according to the link below. | | Very few countries are ahead of this. Even Australia is only | 30%, and Canada (which has often led the world in immigration | statistics) is 21.3%. | | Perhaps you can provide some evidence for your statement. | | https://en.wikipedia.org/wiki/List_of_sovereign_states_and_d... | throw0101a wrote: | Out of the 1.9M immigrants/permanent residents in | Switzerland, 1.6M (84%) are from Europe: | | * https://en.wikipedia.org/wiki/Immigration_to_Switzerland | | For Canada, the top ten breakdown of immigrants are: 8.9% | from India, 8.6% from China, 7.8% from Philippines, 6.6% from | UK, 3.3% from US, 3% from Italy, 2.8% from Hong Kong, 2.7% | from Pakistan, 2.2% from Vietnam, 2.1% from Iran. Add those | up, and you're only up to about 50%; there's a long tail out | from there. | | * https://en.wikipedia.org/wiki/Immigration_to_Canada#Sources | _... | | A lot more of a mosaic/melting pot in Canada than | Switzerland. | esja wrote: | So? How does any of that prove Switzerland is xenophobic? | rdevsrex wrote: | They is a over generalization. I'm American and black and my | wife is Swiss and I have plenty of friends who are also Swiss | and nothing but welcoming. Also xenophobic is unclear. Having a | strict immigration policy is not xenophobic. You should be more | precise. | Shacklz wrote: | He might be referring to a few laws/initiatives that passed | in the last few years/decades - e.g., the initiative that | forbids minarets (even though there were almost none to begin | with; it was essentially a political stunt). Or the 'burka | ban', which just got a slight majority today. | | Also, the biggest party (SVP) often uses very controversial | advertisement, which I can easily imagine to be interpreted | as xenophobic by foreigners (I'm Swiss myself). | | Glad to hear your positive experience in Switzerland - | especially now with the passing of the 'Burka ban', seeing | Switzerland as xenophobic isn't something that would surprise | me too much. | DetroitThrow wrote: | There have been many kind Swiss I've come to meet with the | kindness to include those very different than them; Geneva | is one of my favorite places in the world. | | To dismiss a whole people as xenophobic as OP did I think | is very much an overgeneralization, but I think a large | part of Swiss culture is certainly more xenophobic than | even nearby European countries - accepting that is an ugly | part of the situation does not mean the Swiss people should | be any less proud of what they've built over the years. | jimmygrapes wrote: | I only stop by to add that "xenophobia" is not inherently | a bad or evil thing. Every culture should have the right | to exist, in the land its ancestors built up or conquered | - we can argue all day about the correctness of how a | given culture and people got to a point where they were | able to settle, but the point is that _today_ they are | settled and stable. Why attempt to force unsettlement and | destabilization through unnecessary "diversity" | processes? If you do not fit in to a culture as an | individual, but you do fit in to a different culture, why | force the one you do not fit to accommodate you when you | can be part of one that already accepts you? | | Current day exceptions like Donbas, Hong Kong, and Gaza | (to name just a few) certainly exist, and there is room | for discussion there. There is also an argument that can | be held regarding the human and economic cost of getting | to a place where the culture fits you. | | But to call all attempts to maintain a culture | "xenophobic" and therefore associated with a negative... | I don't think this is the right way to be. | dang wrote: | Please don't post shallow provocations like this--whether you | intended it that way or not, it functions as trolling. | | https://hn.algolia.com/?query=troll%20effects%20by:dang&date... | | In particular, please don't stoke nationalistic flamewars on | HN, regardless of which countries are under discussion. | | https://news.ycombinator.com/newsguidelines.html | | (We detached this subthread from | https://news.ycombinator.com/item?id=26378562.) | chrisseaton wrote: | > They are also incredibly xenophobic | | The Swiss are xenophobic? Eh? | | They welcome people from all over the world to come together to | work towards peace and humanitarianism in their country. They | host the only truly international humanitarian organisation in | the world. They helped build many of the institutions that try | to reduce conflict. | | Calling them xenophobic is bizarre. | DetroitThrow wrote: | >Calling them xenophobic is bizarre. | | You don't think the referendums on banning minarets and | burqas are... Xenophobic in any form? | nec4b wrote: | Why, do you think it is a human right for men to force | women to wear burqas? There are plenty of articles of | lately how SF doesn't allow building high rises, which | prevents migration and yet nobody calls them xenophobic. | DetroitThrow wrote: | I do think people regularly criticize zoning policy like | that in SF as racist, though. A quick Google search seems | to yield many criticisms, actually. | | If you present a question as a falsifiable test to | whether people are consistent in calling out | discrimination, I would hope you would be open to | changing your mind on the issue rather than simply | convince yourself there is instead a conspiracy when new | evidence is presented... | nec4b wrote: | It only shows that some people like to call other people | whom they don't agree with, with slurs like racist, | xenophobe,..., to imply there can't be any other rational | explanation other that those people are bad. | archsurface wrote: | I would no more like minarets in very country than i like | starbucks and mcdonalds in every country. It seems to me | the anti-xenphobia people are in fact killing off cultures | as they create a single global mishmash culture. The | excitement and adventure of travel is on its way to dead. | chrisseaton wrote: | Look at their impact on world peace over the centuries | rather than their opinions on architecture. | DetroitThrow wrote: | You didn't answer my question, and those aren't opinion | polls, the difference between them being whether they are | binding. | | You don't think those constitutional referendums which | ban those historically Muslim traditions could be | interpreted as xenophobic? | | You don't seem intent on actually answering my question | or even directly addressing it, so I assume you are just | gaslighting in bad faith. Good luck. | throwaway5737 wrote: | Swiss here that happen to have voted in both polls. I can | give you an insight on my view of the topic that may be | representative of a part of the population (probably not | the majority but at least a significant fraction). | | Both initiatives are targeted to a specific extremely | tiny population of citizens (most of the trouble is with | << converted >> Swiss that embrace Islamist views, most | of Muslim of foreign origin are pretty well integrated | and many even supported the recent burka ban because they | know very well what that means) that tries to exploit the | democratic system to promote their totalitarian ideology. | You have to nip that in the bud. There is for sure some | collateral damage as not all people that would like to | build a minaret are necessarily islamists but there are | prices to pay so that everybody can live peacefully | together. The sacrifices will be compensated when the | times come. | | FYI, back when that was source of troubles Jesuits were | banned in the constitution (ban lifted in the 70ties) and | some cantons were forbidding to build bell towers for | Catholic churches till last century, etc. When the | tensions tapered out all the bans were lifted. I'm pretty | sure in 50 years if we get rid of Islamism the minaret | ban can be lifted with no troubles. | | As a side note, by the way it is constructed, essentially | everybody in Switzerland is part of some minority and is | both paying a bit and getting back a lot in terms of | freedom and respect. Everybody depends on the goodwill of | the majority so it is in general wary of stomping on | other minorities but react strongly when somebody want to | destroy the system or doesn't respect it (most of the | sparse cases of real xenophobic behavior, which btw I | don't condone, you may encounter in Switzerland often | boils down normal human narrow minds and that). | chrisseaton wrote: | > those aren't opinion polls | | What do you think a referendum is, if not a poll of the | population's opinion on something? | | My answer to your question is to look at their actual | positive impact all around the world, including for | Islamic countries, not their opinions on architecture or | dress. | | I literally don't think there's a more peaceful, | welcoming, open-to-others' cultures anywhere in the world | than the Swiss. If you think they're xenophobic then | everyone else is 10x more xenophobic. | nokya wrote: | As a Swiss citizen (my age range is 40-50), I can only | provide my own witness account about what you just wrote: | I think you're completely wrong. | | The fact that some Swiss were able to contribute | immensely to a "positive impact all around the world" | doesn't magically turn us into a nice and warm | population, open to other people's cultures. A large part | of the population hates foreigners, considers them as | opportunists and job stealers, if not criminals. This is | not a "Swiss", it's the same everywhere in the world. | | The difference is that Swiss are educated and law abiding | xenophobes: a foreigner will rarely feel insecure in | Switzerland and discrimination will mostly be silent. As | opposed to a country like the USA where racists are | empowered with a low likelihood of criminal charges. | | But that doesn't mean in any way that a foreigner is more | welcome in Switzerland than elsewhere. If you sincerely | believe this, it could only indicate you don't share a | significant part of your life with foreigners who | actually visually look like foreigners. | chrisseaton wrote: | > This is not a "Swiss", it's the same everywhere in the | world. | | If you think everyone's a xenophobe and it's just that | the Swiss are the best at not acting on it... then yeah | they're the best aren't they? Beats acting on it with | violence like every other country surely? | | Everyone always thinks the worst of their own country and | holds their own to higher standards. | zo1 wrote: | Xenophobia is a loaded term. There could be any number of | reasons why they're voting against those things. And so | what if they dislike certain foreign cultures? It's their | country, and they can accept who they want, or not. | | Or is Democracy suddenly not okay if the will of the people | is misaligned with the "greater" society's views? Which, I | would also argue, isn't conclusively in the camp that | "xenophobia = bad". If anything, it's held by a minority of | countries, and even then, not shared by all in those | countries. But of course, xenophobia is a loaded term, so | we could be talking about completely different things that | fall under that umbrella. | slg wrote: | >Or is Democracy suddenly not okay if the will of the | people is misaligned with the "greater" society's views? | | Yes exactly this. One of Democracy's greatest flaws is | that is is often misaligned with the greater good. Almost | every example of expanded civil rights that have occurred | in recent memory was wildly unpopular at one point and | was delayed by democratic mob rule until persistent | effort was able to eventually turn the tide of public | opinion. | DetroitThrow wrote: | >And so what if they dislike certain foreign cultures? | It's their country, and they can accept who they want, or | not. | | Sure, but they are what we define as unambiguously | xenophobic policies, even if it is a broad term which can | include much more than that and were democratically | enacted. | | Whether xenophobia is bad is another story - I'm not | really sure anyone would find much insight from a | discussion about it. | nec4b wrote: | I'm very much against genital mutilation as is practiced | in some muslim countries and support bans against such | practices in the west. Does that make me a xenophobe? | tpush wrote: | No, it doesn't. One can oppose (religiously motivated or | not) genital mutilation on purely humanistic grounds, | completely divorced from any religious concerns. | | Banning building minarets has no such justification; just | blatant xenophobia. | nec4b wrote: | I guess where you come from all building codes are | blatant xenophobia, because there can't possible any | other reason as fear from stranger to disallow some | buildings. | tpush wrote: | The point isn't that every banning of a style of building | is xenophobia, but that in this particular instance it | is. | | Making 'can't build minarets' part of your constitution | isn't some local law building code thing; it's motivated | by xenophobia. | pell wrote: | The SVP is a very strong party in Switzerland. It is not a | stretch to call it xenophobic. Switzerland - like any place - | has many faces. It hosts great institutions but yes, it also | has its share of societal xenophobia. | yurielt wrote: | > The SVP is a very strong party in Switzerland. It is not | a stretch to call it xenophobic. It is for anyone outside | of Twitter and I say this as an immigrant but the extent to | which people use the word "xenophobic" is ridiculous. | pell wrote: | The SVP was considered a xenophobic party a long time | before Twitter existed. | | Here's an article from 2000 about the referendum on the | migrant quota. You can read about the SVP's initiative | and reaction here: | https://www.swissinfo.ch/ger/18-prozent-initiative- | deutlich-... | | Here's another article from 2000 comparing different | right-wing parties in Western Europe (including the SVP) | and also mentioning xenophobia as part of their make-up: | https://monde-diplomatique.de/artikel/!1243322 | | Here's an article from 2002 about then SVP-president | Oskar Freysinger and his infamous poetry. Please read | what he wrote and explain how it's not xenophobic: | https://www.nzz.ch/article8J5AD-1.443107 | | Here's an article from 1999 about a thank-you letter | written by SVP-cantonal president Christoph Blocher to | the holocaust-denier Jurgen Graf: https://www.bielertagbl | att.ch/nachrichten/vermischtes/kontro... | | It really doesn't take a lot of digging to understand | what the SVP stands for. I mean today their initiative | for a ban on burqas/niqab went through with 52% of the | vote despite there only being around 20-30 burqa/niqab | wearers in all of Switzerland. | | I often do see this take that whatever Twitter might | currently be mad at is supposedly a hysterical view on | things, yet it seems this automatic opposite view is | never seen for the hyperbole it is. | folli wrote: | As a datapoint: Switzerland has the highest proportion of | foreigners in Europe (25%; with the exception of Luxembourg, | and perhaps some microstates like Vatican, Monte Carlo, don't | know about those). | | So I don't think there's any comparison at all to Japan (2%). | MikeUt wrote: | Are the "foreigners" mostly other Europeans? | esja wrote: | About two thirds are from the EU28/EFTA countries. | | However: There are twice as many Asians in Switzerland as | there are people from the Americas. There are also more | Africans than there are Americans. The fifth largest | immigrant group are from Kosovo (almost as many as France | and way more than Spain or Austria). There have been | multiple waves of immigration and the country is actually | very diverse. | | https://www.bfs.admin.ch/bfs/en/home/statistics/population/ | m... | Bancakes wrote: | What do you mean 'other Europeans'? There's a great variety | of culture in Europe, it's a densely packed continent. | xxpor wrote: | There really isn't. Europeans consistently wildly | overestimate the difference in cultures between | countries. The language barriers probably don't help | there. | ClumsyPilot wrote: | Compared to what? Are cultural difference between US, | Canada and mexico any greater than those between | Switzerland, Italy and Russia? | [deleted] | zorked wrote: | Yes, of course, each of those countries is internally | very diverse, and in relation to the others. | | Each of those countries was made by a mix of native, | European, African and Asian peoples of different kinds, | in different proportions, at different times. Europe is | made of just Europeans, and immigration is a very recent | thing. | DetroitThrow wrote: | I think he clearly is asking about the makeup of | immigrants there being closely related European cultures | because Switzerland has openly xenophobic policies | towards Muslims, not historically Christian Europeans. | smnrchrds wrote: | More than 80% are from Europe. 35.5% are from Germany, | Austria, Italy, and France, i.e. countries with the same | language and ethnicity (to a certain extent) as the native | Swiss. | | https://www.swissinfo.ch/eng/society/migration-series- | part-1... | esja wrote: | Quite a few people who voted against this did so purely because | they didn't want private companies controlling the system. | | If the proposal had been for the government to issue and control | the identities, it may well have passed. | Ericson2314 wrote: | Yes, and that's a good thing. Balkanizing ID info between a | gazillion government databases as we do in the US just creates | inefficiency, and raises the thirst for more intensive | surveillance to counter the inefficiency with which the data is | used. (Consider the talk after 9/11 on the FBI and CIA not | sharing info, and then we get the Patriot Act.) | [deleted] | jariel wrote: | Maybe the opposite though - having a 'single, semi-competent | authority and source of control/failure/security' is probably | not a good reality for security and resiliency. | | Ironically, there's a >50% chance that the solution will | entail 1) privately hosted platforms like AWS and 2) | privately hosted support services and 3) privately written | core modules (McKinsey business strategy, Accenture | implemented etc.) and 4) at least some privately contracted | IT people to manage the solution. | | There's no reason to believe the gov. will make a more | robust, scalable and secure solution that other entities. | | A better approach might even be to mandate very specific | identity protocols, and then allow citizens to chose their | own identity provider among those that fit the regulatory | requirements and oversight. | | For example: https://en.wikipedia.org/wiki/Swiss_Post | | It's owned by gov. and effectively independent. They could be | an identity provider. They are already close to being able to | do whatever need be done. | | Having to create new government bureaucracies to do things is | hard. | XorNot wrote: | That article about effective government policy being a | database access policy a month or so ago was particularly | illuminating (and made a lot of sense to me). That any given | policies effectiveness really depends on whether you can | actually construct - functionally - an appropriate database | view to implement it's stages. | [deleted] | krastanov wrote: | It does not seem like such a terrible idea if it is government | run to me. But it depends on having trust in the checks and | balances implemented in your system of governance. | MeinBlutIstBlau wrote: | It's fine if a majority of the people can overrule a | political policy by a referendum. It's not fine if the | government was like the US or China. | burundi_coffee wrote: | Which is why the opponents, backed by a non-partisan alliance | of representatives, will bring forward not one but two | proposals to the houses. If they get a majority vote, the | federal council will have to try to make it into a law. | Shacklz wrote: | Definitely why I voted against it. When I first heard about it | I was all for it - until I realized that the plan was to let | private companies handle it. Complete no go, glad it got | rejected. | _nalply wrote: | I also voted against it. It's a pity that I couldn't approve | the e-ID issued by the government. | nickez wrote: | In Sweden we have a company running the ID system and that | works fine. The company is coowned by all the large banks | afaik. I was really surprised at how far behind Switzerland is | compared to Scandinavia when it comes to digitalisation. Being | able to handle my life hassle free online instead of going to | physical places (like post office, banks, gov office) is | liberating. I also get all my bills digitally and all my | receipts (even physical stores) | zo1 wrote: | If you think that's bad, look at the UK. They had a | government-ID system with an ID card, and then they scrapped | it. Now people run around using driver's licenses and | municipal bills (I guess) to open bank accounts and other | things. Utterly backwards. | | https://en.wikipedia.org/wiki/Identity_Documents_Act_2010 | | I've been formulating my thinking around it and I'm starting | to think that this is some sort of new-age "luddism" at play, | coupled with some odd distrust of government for this | particular problem, as if government is trustable elsewhere. | [deleted] | msvan wrote: | Since it's closed-source, privately owned and not based on | any open standards, it doesn't work on Linux or any mobile | device that isn't using Google Play Services or iOS. | | It's convenient, but it's an absolute travesty that we've | left such an essential part of digital infrastructure to big | banks. | null_object wrote: | I think pride and patriotism means you're overstating your | case here. | | Indeed as you say, a subgroup of the largest Swedish private | banks own the ID system in Sweden - for profit, and without | any serious democratic oversight. | | Edit: I forgot to add that the system allows these private | banks to see into almost every aspect of a person's life: | where they shop, where they _are_ , who shares their | household and so on. Almost every aspect of a Swede's life | can and is tracked by this system. | | Every time someone identifies themselves with this system, it | costs the retail merchant or service a non-trivial amount of | money. Because it's effectively a private monopoly, that | price is set by the banks, and often involves a lot of secret | horse-trading behind closed doors (I've been involved with | some aspects of this in the past). | | The secret negotiations also include terms that are not open | to public scrutiny. One example, is that the merchant or | service isn't allowed to blame BankID for any problems such | as downtime or any other technical problems. | | btw I'm curious how you get all your receipts digitally. | There are some services such as Kivra in Sweden, but they | definitely don't cover all stores. | Guthur wrote: | Democratic oversight? | | Once they systems are in place they will be under the | control of the great unelected, the civil servants, it will | not be the subject of any political party policy again and | so how exactly will you assert the voting based democratic | control upon it? | jariel wrote: | Neither of the points you made I think are existentially | problematic, especially in light of the fact that Sweden is | 1) ahead and 2) it works for them. | | 'Cost' is going to be a part of the equation, there is no | avoiding that, but access can be regulated, as can | oversight (i.e. transparency) with respect to transactions. | | And: "merchant or service isn't allowed to blame BankID for | any problems such as downtime or any other technical | problems" | | Will Swiss private individuals or businesses be able to | 'sue' the Swiss government for downtime? Like late trains? | Invariably not. They'll just get the service they get and | that's it. | | Sweden provides a pragmatic demonstrable example of what | can work, it shouldn't be dismissed. | nickez wrote: | I guess I only shop with stores that use Kivra. | | BankID doesn't store any information, and I have no problem | that the stores I'm a member in store my shipping history. | | I think you are overstating the scale of the surveillance. | I don't think the different entities share data with each | other. | | Edit: try live in a country like Switzerland once you have | gotten use to all interaction being online. It's horrible. | | Edit2: actually other stores provide digital receipts | without Kivra. You just have to be a member. | | Edit3: This has nothing to do with patriotism, there are | many things that I don't like about Sweden. But the fact | that we have taken digitalisation seriously since the 90s | is something I think is great. | null_object wrote: | > BankID doesn't store any information | | I work with systems that use BankID identification, and | know for a fact that you are wrong, because many (though | not all) of the data-points collected by the banks can be | retrieved for payment. | | For instance, if you just logged-in with the service I | work with, I can retrieve your full-name, birthdate, your | marital status, name of your spouse, their birthdate, any | children and their IDs and names, where you live, your | home and cellphone number, and many many other data | points. | | From a service owned by a small group of private banks. | nickez wrote: | That is all public data. You can get that through open | channels like birthday.se as well. I've been at BankID | and I know for a fact exactly what information they | store. They store only what is necessary from a | regulatory standpoint. | caskstrength wrote: | Are personal mobile phone numbers considered public | information in Sweden? | dagw wrote: | But surely if someone has your person number then they | can retrieve all that information from companies like | Ratsit and the like. Is there specific information you | can get via BankID that isn't generally available from | other 'open' databases? | yawniek wrote: | i live in switzerland. the only cases i had to be | physically present at an official place was when i | "adopted" my own son (due to not being married) and when | i funded companies. 4x 15min in the last 4 years. | | i think the state of things is just already quite | efficient without such an id. thus people are not willing | to give that data away to a private monopoly. imo for | good reason. | mongol wrote: | Actually, we have several. BankID is the most well known, but | there is also Freja eID. | kzrdude wrote: | What about the danish NemId, how is it governed and owned, | does anyone know? | emptysongglass wrote: | Developed by Nets together with the banks similar to the | Swedes. If you're looking for public ownership of the | various organs and products that Danes interact with on a | daily basis: it basically doesn't exist. Just about every | software product at the municipal and state level is | contracted out to an enormous private megalith that gets | paid vast sums of money to execute. And they're nearly all | Microsoft affiliate shops, if you were also hoping for some | silver lining. | | I love my country but the continuing parceling out of | everything to private companies has been greatly negative | to many public services. See, as an example, the DOT | syndicate, which has made it prohibitively expensive to | commute via public transit (why in God's name is it cheaper | to travel to Germany than take a train from Copenhagen to | Odense?) or the bridge to Sweden we're still paying truly | insane toll fees for despite having paid for its | construction years ago. | StanislavPetrov wrote: | As a US citizen, being able to go to various physical places | without being forced to patronize an opaque, unaccountable | corporate behemoth owned by a conglomeration of banks that | centrally tracks everything I do, every penny I spend, and | what and where I spend it on is liberating. | Daho0n wrote: | That is not what this is. Also what you are describing is | spot on for VISA, MasterCard and all the other US | businesses that track and sell data on everyone. | exoque wrote: | > I also get all my bills digitally | | So do I. In Switzerland. | tchalla wrote: | Are you willing to give up your privacy to corporates to be | liberated online? | cmehdy wrote: | Which makes a lot of sense in Switzerland, since "the | government is the people" is more true than in the overwhelming | majority of countries on Earth. Pragmatic take from the Swiss | as usual :) | | (said by a jealous French citizen) | oumua_don17 wrote: | AFAIK, Switzerland is the only country with direct democracy | or 'Govt is the people'. | | As you said overwhelming majority, are there any countries | that have direct democracy or come close? | [deleted] | xiphias2 wrote: | Switzerland has this in its constitution: | | Article 13: Right to Privacy | | 1. All persons have the right to receive respect for their | private and family life, home, and secrecy of the mails and | telecommunications. | | 2. All persons have the right to be protected against the abuse | of personal data. | | Also the constitution can be only changed by voting. | elmo2you wrote: | Plenty of countries (if not most) have this or something | similar, anchored in either their constitution or at least in | regular law. | | This should not come as a surprise either, since it's | essentially the implementation of Article 12 of the Universal | Declaration of Human Rights. | | Where it usually goes wrong, is with the interpretation of the | words "privacy" and "communication". Also, governments have a | habit of defining exceptional situations in which these laws | can be violated in the name of some supposedly higher purpose | (e.g. national security). | | Strictly speaking, the UDHR is rather clear about one thing: | the declared human rights are inalienable (meaning, they can | neither be taken away nor be given away freely), so all the | exceptions are essentially bullshit excuses. Those should not | exist in the first place, at least not according to the | "inalienably" part of "inalienable human rights". | | Additionally, there is no law/treaty that explains why modern | technologies should not be subject to Article 12. While plenty | of governments/businesses would like to convince people | otherwise, almost everything we do online is strictly speaking | telecommunication of some sort or another. | | The sad truth is that pretty much all of today's online privacy | issues are strictly speaking in violation of the UDHR. There is | just way too much at stake for businesses and governments alike | for them to ever acknowledge it. It doesn't change that they | are blatantly violating a treaty they signed, ratified and | should be upholding though. | akvadrako wrote: | Notably the US has no right to privacy, except a very vague | implied right which as far as I know has only been invoked in | the context of abortion. | bobthepanda wrote: | It certainly doesn't help that the Constitution has more or | less ossified over the past couple decades, with amendments | becoming rarer and rarer. Heck, the last one has its | origins as an academic exercise. | buzzert wrote: | 4th amendment to the constitution? | | > The right of the people to be secure in their persons, | houses, papers, and effects, against unreasonable searches | and seizures, shall not be violated, and no Warrants shall | issue, but upon probable cause, supported by Oath or | affirmation, and particularly describing the place to be | searched, and the persons or things to be seized. | ghaff wrote: | The (generally accepted) argument is that it's implicit | in a number of the amendments that make up the Bill of | Rights. It's not explicit however as Robert Bork argued | during his SCOTUS confirmation hearings to his detriment. | I think Griswold v. Connecticut is still considered the | primary ruling on the matter. | akvadrako wrote: | Actually Roe vs Wade implied the right to privacy from | the 14th amendment: | | _No State shall make or enforce any law which shall | abridge the privileges or immunities of citizens of the | United States; nor shall any State deprive any person of | life, liberty, or property, without due process of law; | nor deny to any person within its jurisdiction the equal | protection of the laws._ | | The alternative "right to privacy" has been found by | other cases in the generic 9th amendment: | | _The enumeration in the Constitution, of certain rights, | shall not be construed to deny or disparage others | retained by the people._ | ketzu wrote: | The universal declaration of human rights 12 [1] contains the | very important word "arbitrary" as a qualifier of privacy | violations. | | > No one shall be subjected to arbitrary interference with | his privacy, family, home or correspondence, nor to attacks | upon his honour and reputation. Everyone has the right to the | protection of the law against such interference or attacks. | | One reason for this has broad applicability: Even inalienable | human rights can be in conflict with each other. So solutions | must weight them against each other, but will ultimately | violate one or more of the clashing rights. | | The UDHR also recognizes the that even the article 3 | "Everyone has the right to life, liberty and security of | person" is limited as in so far people may be arrested (and | therefore deprived of their freedom) by giving the explicit | article 9 "No one shall be subjected to arbitrary arrest, | detention or exile." Again, with the arbitrary qualifier. | | I believe, recognizing that even these funamental rights | clash with each other is important. Often I feel that online | discussion have each side pick the one in favor of their | position and ignoring that other rights are in conflict with | that position. | | But as you said, it is also important to recognize that there | are bullshit excuses. | | [1] https://www.un.org/en/universal-declaration-human- | rights/ind... | elmo2you wrote: | I agree with you. | | My main reason for not bringing up the internal | complications of the UDHR was to not add confusion, but you | are completely right about how some of these rights can | conflict. | | You are equally right about the "arbitrary" part. However, | when it comes to today's trade in personal profiles and | governments scooping up everything they can get their hands | on (legalized or not), I very strongly believe that all of | it rather clearly fits the classification of "arbitrary". | | I will even agree with that I picked an (extreme) side. But | maybe not because I can't see nuance or because I ignore | (at least not in private) what conflicts with my position. | | It's more about being sick and tired of listening for | decades to blatant privacy abusers arrogantly (and | incorrectly) claiming that what they do is legal .. and how | we just all should accept this new reality. It sure didn't | help to see governments either buying that bullshit or | simply not deal with it because of how it could harm their | own (surveillance) interests. | | Considering the now obvious rampant abuse and how far I | believe we have veered off from how all this probably | should have developed (in an ideal world), I'm convinced | that the time for being nice and nuanced about all this has | long passed. | | "Fascism should more appropriately be called Corporatism | because it is a merger of state and corporate power" -- | Benito Mussolini | | Note: such a merger does not have to be overtly voluntary. | It can also be a government seemingly dictating | corporations or corporations covertly running a government. | It's all about the two somehow joining forces (even if only | because of shared interests and possibly still for | different reasons), especially when against the interests | of most citizens. | nemoniac wrote: | The European Union has the GDPR which offers protection of | privacy and personal data. Mail and telecoms are covered by | other legislation | | https://en.wikipedia.org/wiki/General_Data_Protection_Regula... | 101008 wrote: | So taking a screenshot of a Instagram convesation and sharing | on Twitter or Facebook or whenever is ilegal and against the | constitution? | jeffrallen wrote: | Yes, and in fact avoiding abuses like this are part of the | digital education offered in school. People are also pretty | careful about asking for permission before publishing a | person's photo. | | Swiss discretion is not only a marketing tactic, it is also a | good habit many people keep. | dghughes wrote: | >...avoiding abuses like this are part of the digital | education offered in school. | | I would hope that schools teach "don't publish anything you | don't want shared" that would be smarter. | | If I post an add in a newspaper, many copies are sold, and | then someone copies my add that should be expected. The | Internet is one big newspaper it's a public forum and | privacy shouldn't be expected or assumed. | dheera wrote: | > All persons have the right to receive respect for their | private and family life, home, and secrecy of the mails and | telecommunications. | | I really wish the US had this. Here, even simple acts like | registering to vote or getting a driver license, bank account, | credit card means your personal residence gets leaked to | spammers, scammers, data brokers, and eventually, stalkers. | | There really should be laws saying that personal addresses | cannot be given to third parties without explicit, optional, | opt-in consent. | ghaff wrote: | The information in voter registration isn't "leaked." It's | public as a matter of record. (The details probably vary by | state.) So are real estate purchases. (Although the latter | can be gotten around in various ways.) There are tradeoffs | between transparency and privacy. | dheera wrote: | That's a problem. If I knew it was going to be given out, I | would probably have not registered to vote, and I wasn't | told about that by the people who helped me register. I | don't think I agreed to any ToS that said that my address | would be available to the public. | | As much as I think voter turnout is important, making | personal addresses accessible to the public crosses the | line for me. | KirillPanov wrote: | I'm thinking of buying a condemned, uninhabitable house in a | tax foreclosure auction simply so I can list it as my | residential address. Most places that demand a utility bill | will accept a property tax bill, so it doesn't even have to | have working water/power (the cheapest doomshacks have both | shut off). You'd be surprised how cheap some of these places | are. But it does have to show up as "residential" in the USPS | databases. | dheera wrote: | My best solution right now is a UPS box, which gives you a | proper street address. | | Most places that ask for utility bills will accept a phone | bill or insurance bill or some such which you can have | arranged to be sent to that address. | | I'd be interested to know if there are similar services | that are cheaper and ideally less well-known than UPS but | equally reliable. Delivery to my real address with the | ability to trust them with my real address would also be | cool to have. | | BTW -- if you have cash to burn, I'd think that renting a | cheap studio somewhere that you don't actually live in (and | as a bonus, can use as a storage unit, or sublease to | someone if the lease allows) would be cheaper and more | peace-of-mind than dealing with property taxes, crime, | pests, and other issues around an uninhabitable house in | your name. | ghaff wrote: | You could probably check out RV and van life forums. One | question would be the degree to which you can get away | with giving the state (for drivers license/ID/tax | purposes), company, etc. a "fake" address that is not a | residential address. | | A lot depends on what you think you're guarding against | and how many compromises you're willing to make. For | example, you can't actually buy a house and remain | anonymous unless you set up some shell company which I | assume is expensive and probably has tax consequences. | | I agree that buying a foreclosed property sounds like a | massive headache and doesn't even really solve the | problem of having to give your address to someone if you | want anything delivered. | KirillPanov wrote: | > My best solution right now is a UPS box, which gives | you a proper street address. | | USPS maintains a _very_ immaculately curated list of | CMRAs (Commercial Mail Receiving Agents). It 's not hard | because they need to register with USPS in order to | receive mail on behalf of customers who pay them for | mail-receiving service. USPS is allowed to deny them mail | delivery if they refuse to register, and does. | | Every place that wants to know your residential address, | _and insists that it is actually residential,_ checks the | address you provide against this list. | | Side note: I knew a woman who bought a storefront that | had previously been a mailboxes-etc type place. It was a | complete nightmare for her, none of the banks or insurers | or credit card companies would believe that was her | business' physical address because it was on that list. | Apparently it takes 1-2 years to fall off the list. | Eventually she had to switch to a small local bank and | have the bank manager come to physically inspect the | location so they could override the databroker software. | | > renting a cheap studio somewhere | | That's an ongoing recurring cost. Also nobody will rent a | place unless it's (somewhat) inhabitable; buying an | uninhabitable toxic dump is actually cheaper than renting | anything that can be advertised as inhabitable. | | Last of all, I am completely fed up with landlords | insisting on credit checks. The data brokers exploit this | like you wouldn't believe. That's why they have such | perfectly accurate residential addresses for all renters. | | > peace-of-mind than dealing with property taxes, crime, | pests, | | Property taxes are beyond easy. You don't even need to | receieve the bill! The amount you owe is a matter of | public record, and on the web in almost every | jurisdiction. Once a year: look it up, buy a postal money | order with cash, write the parcel number on it, mail it, | done. Property taxes are also based on the value of the | property, so for a toxic dump the taxes are tiny. | | Crime and pests don't matter if you don't visit the | location. Take the mailbox off the front of the house | after closing so no mail can be delivered there by | accident. | | Definitely buy it through an LLC so that long-tail events | (it burns down taking the neighbor's house with it, kids | break in and injure themselves, etc) don't come back to | you. | ghaff wrote: | Would there be any reason not just to buy undeveloped | land instead? (Not sure when a property parcel gets | assigned an address.) | xiphias2 wrote: | Jameson Lopp had spent tens of thousands of dollars or more | on lawyers to make his life untracable after the CIA got | into his house, and he shared a lot of what he did. | KirillPanov wrote: | Um, CIA? Sounds tinfoily. | | I'm aware that he's been the target of at least one | mugging attempt, and I think he even maintains a list of | people who were robbed as a result of being high-profile | early adopters of bitcoin. | | But the CIA? Are you sure aliens weren't involved? | wombatmobile wrote: | Switzerland has an awesome electoral system [1]. Instead of being | ruled by a president or a prime minister who can be polarising, | divisive, or selective, Switzerland has an Executive Council. | | The 7 member Executive Council is composed of the top 7 | candidates from each election. The chairperson of the executive | council rotates each year, so that the top 4 vote winners each | get a turn at being chairperson. | | This means that different social and political priorities get | implemented in turn. It also means the way the government works | is more cooperative, because each council member, including the | chairperson, knows there will be a new chairperson next year. | | So, if a pro-business candidate places 1st, and an environment | candidate 2nd, and a social welfare candidate 3rd, and a | libertarian candidate 4th, it is in all their interests to | cooperate and create legislation that serves all of their | interests as much as possible. Instead of disregarding the | environment, the pro-business council member is encouraged to | develop green business initiatives that will be supported for the | full 4 year term under the different chairs. | | The system creates a leadership team that looks for win-win, | rather than a sole victor who can abuse majority rule. | | [1]. https://en.wikipedia.org/wiki/Federal_Council_(Switzerland) | zorked wrote: | It has its advantages and disadvantages. It is also the | political system that caused this: | | "In 1991 following a decision by the Federal Supreme Court of | Switzerland, Appenzell Innerrhoden (AI) became the last Swiss | canton to grant women the vote on local issues." | | Notice how it was a court decision, not a result of the | political process. I'd say 1991 is a bit too late to have full | voting rights for women. | | https://en.wikipedia.org/wiki/Women%27s_suffrage_in_Switzerl... | jeofken wrote: | How can you so sure that your ideal is how they should live? | | What I admire about the Swiss is how they live and let live - | they may disagree with the neighbour, but let them be. | zorked wrote: | Why am I not surprised that HN is a place to find people | who argue against women's right to vote. | jeofken wrote: | HN is very diverse :) But we all argue in good faith and | are willing to yield to reason | momothereal wrote: | What happens when a council member leaves office unexpectedly, | i.e. dies or resigns? Does it kick an election for everyone or | just that one seat? | dashdot wrote: | The members of the council are elected by the united | parliament. They will also elect the successor... | | Since it's not done by popular vote, political games in that | process are rare or just not excessive. The people trust the | parliament with the process of electing their leaders, you | better shouldn't fail them. So they mostly elect according to | the current concordance. | wombatmobile wrote: | Good question. I'm not sure exactly how the successor is | chosen, but this section from Wikipedia indicates just the | one member is replaced: | | > Until 1999, the Constitution mandated that no canton could | have more than one representative on the Federal Council. | Until 1987, the place of origin was used to determine which | canton a Federal Councilor was from. After 1987, the place of | residence (or, for councilors who were previously members of | the Federal Assembly or of a Canton's legislative or | executive body, the canton from which they were elected) | became the determinant factor. Nothing prevented candidates | from moving to politically expedient cantons, though, and the | rule was abandoned in 1999. Since then, the Constitution has | mandated an equitable distribution of seats among the cantons | and language regions of the country, without setting concrete | quotas. Whenever a member resigns, he/she is generally | replaced by someone who is not only from the same party, but | also the same language region. In 2006, however, Joseph | Deiss, a French Swiss, resigned and was succeeded by Doris | Leuthard, a German-speaking Swiss, and in 2016, Eveline | Widmer-Schlumpf, German-speaking, was succeeded by Guy | Parmelin, a French Swiss. | marcod wrote: | Well, that same system also voted on banning Muslim face | coverings ("Experts estimate that at most a few dozen Muslim | women wear full-face coverings in the country of 8.5 million | people."), while a pandemic is going on and face coverings for | protection are recommended. | | https://apnews.com/article/health-legislation-coronavirus-pa... | jeofken wrote: | Is it not more of an expression of how the general public of | (native) Europeans want to keep their country for their | people and culture | wombatmobile wrote: | You seem to be expressing an opinion about banning Muslim | face coverings. | | I am not responding to your expression of opinion - just | clarifying how the Swiss electoral system is structured. | | That vote was a referendum, which is another component of the | Swiss system, separate and complimentary to the Executive | Council. | | https://en.wikipedia.org/wiki/Voting_in_Switzerland | bitcharmer wrote: | What's wrong with banning a backwards custom that limits | women's rights? | lwkl wrote: | Let's stop a backwards custom that is practiced by 30 | people with a backwards law that limit's clothing choices | for seven Million people. | bitcharmer wrote: | I'm friends with a few Muslim women and can assure you | that it has nothing to do with choice. | XorNot wrote: | Because the presumption is that the women in question are | being forced to do this and don't want to. | | But your solution is to implement a law which punishes the | victim, rather then doing _anything_ about their presumed | victimizer. | | If the women who didn't want to wear the covering didn't | want to wear it, what is stopping them from simply not | doing it to start with? The answer of course is husband's, | brothers, family etc. and probably that they'd be | recognized in their community. | | But this is someone's religion - a fair bit more important | to them then the laws of the state in a lot of cases. So | you haven't answered how you're going to protect those | women from being targeted and forced to simply never leave | the house, if they are being targeted by people who are | forcing them to do something they don't want to. | | Your law offers no solution to this - and again - | implements itself by _targeting the apparent victims it | proposes to protect_ with punishment. | | Setting aside that the government can stay the hell out of | what I choose to wear, this is just a monumentally stupid | approach to anything. | ulucs wrote: | Burqua isn't islamic to begin with anyway. | ILikeBikes wrote: | If even SWITZERLAND votes for socialism : congrats, capitalism, | you've played yourself | dang wrote: | Please don't post generic comments and/or ideological flamebait | to HN. It leads to generic threads and/or ideological | flamewars, which we're trying to avoid because they're tedious | and turn nasty. | | https://news.ycombinator.com/newsguidelines.html | | https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor... | | https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor... | ILikeBikes wrote: | oh ok, professionals have standards | | my bad ! | | I will elaborate and be "more thoughtful and substantive" as | written in the guidelines, next time | | I didn't know where to place the cursor, since the issue was | inherently politic and not about technology, as the article | states | | But this article deserved political comments, nonetheless | sparkling wrote: | uhm, what? | Erlich_Bachman wrote: | Not sure if it is helpful to reduce every issue to a one- | dimensional scale of capitalism/socialism. Particularly this | specific issue is about privacy culture, corruptability of big | tech, government and use of technologies, surveillance, etc... | There are so many more societal and just plain epistemological | axis than just socialism/capitalism. | ILikeBikes wrote: | That can also be read on the scale of "privatize anything | because the state should just make 'laws'"/"have a public | sector to offer basic services to citizens", that is a debate | in Europe | ILikeBikes wrote: | And the results are pretty similar to the 2018 vote on | cancelling their public broadcaster, which also highlighted | questions of corruptibility of big companies, but was not | around privacy, technology, or surveillance. | | https://www.swissinfo.ch/eng/politics/vote-march-4-- | 2018_att... | paddim8 wrote: | In what way is this a vote for socialism? | ILikeBikes wrote: | They don't trust private companies, and they'd rather have | their government to manage their IDs. As explained in the | article. | ddingus wrote: | Great, as they should. The basic civics should not be private, | open and performed under the public eye. | jrochkind1 wrote: | it's surprising to me there was a vote on this. | wmkn wrote: | If these private companies are anything like Serafe I can see why | this referendum ended in a no. | ncphil wrote: | "... almost no government has the IT capacity and resources to | single-handedly develop an eID quickly and to the appropriate | standards." Bullshit. We're talking identity management here. Any | government that can't handle that internally doesn't deserve to | exist. What that's really about is feathering the nests of tech | industry donors (and/or the non-tech middlemen or middlewomen who | seem to grow like weeds around the tech sector). A handful of IdM | SMEs with serious field experience could set it up in six months: | assuming they had sufficient backing from their government | employer to overcome static at Layer 8 of the OSI Model, you | know,"politics". | toomuchtodo wrote: | Indeed. Someone's making excuses to support a privatized | deployment. | avereveard wrote: | Our country rolled out two certification based systems (Carta | Nazionale Servizi which then got rolled into the Carta di | Identita Elettronica), plus a federation based system built | around SAML (Sistema Pubblico di Identita Digitale) where you | can access to most italian bureoucracy. | | And we're talking about Italy, not some first rated | technological paradise. | genericacct wrote: | Yes and now your picture, a picture of your id card, your | email and telephone are in the hands of the same people who | store banking passwords in plaintext.. | Nextgrid wrote: | Your picture, e-mail and telephone is mostly public (social | media, etc), and the government would have your ID card | information anyway - I don't see how this is worse? | avereveard wrote: | because of the certificate inside, the id card without the | pin is worthless; having the identity split from | authorization is an absolute win. compare and contrast with | the SSN number. | | also, the government already owns all my data, from birth | onward. the authentication system makes it so forgery is | much harder from the officials themselves, so this protects | me from that as well. | mellavora wrote: | "Any government that can't handle that internally doesn't | deserve to exist." | | So, like the US? | ChuckNorris89 wrote: | This. In Europe you'll find the likes of Capgemini, Accenture, | Cognizant, etc. hovering like flies around government IT | projects. | hocuspocus wrote: | IT services companies that work on government contracts in | Switzerland are much smaller. | | And they're usually pretty competent, especially the few ones | that work for the federal government. | osrec wrote: | And they keep getting awarded contracts despite their | continued poor delivery. I really don't understand how their | terrible track record never seems to impact their ability to | win more business. I can only assume corruption, but I have | no evidence of this. | random5634 wrote: | Prior delivery is not generally a major consideration in a | govt RFP award. | | This is in part because no score is ever released related | to prior delivery (ie, no central assessment record), and | attempts to include it get tied up in process issues (ie, | rights to respond, litigation) or claims it is subjective. | It also overlaps with govt agency disfunction around scope | and requirements and no govt manager wants a failed | project, so everyone just sweeps them under the rug and | keeps moving. It is crazy though, you are literally hiring | the same HORRIBLE firms over and over. | | What is PARAMOUNT is that you be willing spend absolute | metric tons of UNPAID time responding to RFP's, have enough | money in bank to lose 4 out of 5, be willing to go through | 2 year RFP processes, be willing to agree to every item on | the requirements lists filled with further buzzwords and | "standards". This does NOT attract high performing | companies, no competent engineer would even put up with | this / sit through this. So you get body shop type | consulting firms, using giant java framework and other | solutions, and everything is insanely siloed. | | The crazy pricing is often justified because the hassle in | dealing with these contracts from a contract admin overhead | can absolutely DWARF actual deliverables, and nothing has | to be logical (and sometimes is not). | | My recommendations here would be either: | | a) just pay to bring stuff in house so you get cooperation, | develop open source apps and prohibit any scope creep | outside of absolute minimum needed until project is in | operation. EVERY freaking agency hangs 100's of new | requirements they never even used before onto these | projects - solutions can be undeliverable and unusable as a | result, for example 40 questions PER VACINNE SHOT here in | California is the height of stupidity to make these idiots | feel important. | | b) pay for actual use / adoption, and let there be a | somewhat free market. A lot of time the users of any govt | system have ZERO input. Oddly, if they let agencies find | their own solutions on a smaller scale, whatever you lose | in "efficiency" by not having the megaproject (hint nothing | - mega projects = disaster in govt land) you would see some | natural winning solutions start to bubble up. I worked with | an agency with a totally fantastic contract management / | invoicing system, and I kept on wondering, holy hell, they | actually got it right. I started to see other agencies use | it in neighboring govts - it was great - people really | liked it (super easy use, allowed users to do the google, | Microsoft etc login even which is unheard of) and it was | fast which is also rare. | | But then someone convinced the head tech folks they should | stomp on everything with the new and improved people. They | actually had to roll back the mega project for another year | (after years of dev) because it didn't even cover a | fraction of what old systems easily did. | Spooky23 wrote: | RFPs frequently reference past activity. That's just not | accurate. | | The reality is that you only hear about failed projects. | When was the last time that you heard about taxes not | being collected or welfare payments not being paid or | SNAP cards not being refilled? | | It's all background activity, and those awful contractor | companies are often responsible for material aspects of | delivery. | ganstyles wrote: | Their ability to win business is based on their expertise | at writing responses to RFPs in a successful way, not in | their ability to deliver. Also, they do have a few | successful projects, to some standard of success, which | they point to in the RFP responses as a "successful" track | record. Often the ability to point to an almost perfectly | analogous project and writing the responses in the | "correct" way is all it takes. | sircastor wrote: | This reminds me of how much universities value the | ability of staff and students that can write grant | applications that get awarded. | toyg wrote: | "writing responses to RFPs in a successful way" really | means "successfully identifying decision-makers at top | levels and brib-- 'charm' them into compliance", often | even "dictating how RFPs should be written so that they | will be the only ones who know exactly how to reply to | them in the only acceptable way". | [deleted] | RedShift1 wrote: | Belgium has been doing digital identities for years now, we had | our first identity cards with chip and digital signature I | think 15 years ago? I frequently use it to sign documents and | login to some government stuff. So if Belgium, which didn't | have a government 3 out of the last 10 years, can do it, surely | Switzerland can do it too. | EnderWT wrote: | Except Belgium didn't build it. They contracted it out to | Zetes. https://peopleid.zetes.com/en/reference/eid-belgium | [deleted] | edoceo wrote: | And Estonia too! | dijit wrote: | and Sweden. But these are largely outsourced to private | companies iirc. There was a scandal in Estonia where they | had to recall all the ID's because the main private key | which signed them all got leaked (and that key was held by | a private company) | tialaramex wrote: | To be more specific than the existing "No" reply, what | famously happened is that Estonia's IDs used Infineon- | based chips for a period of time with 2048-bit RSA keys | and Infineon's RSA implementation mints RSA keys with a | peculiar property that, once you know about it, makes | breaking them much cheaper than it should be. | CVE-2017-15361 - for HN readers it's more likely you were | impacted by this defect in a Yubikey. | | "Much cheaper" here means we might expect criminals to | break the RSA key for an individual Estonian ID card for | less than a million bucks, whereas by design this ought | to be impractical at any plausible price. It doesn't mean | your bored teenager can make a fake ID on his laptop on a | Friday evening. As a practical matter it seems likely key | officials & police could be bribed for less than a | million bucks, but forging RSA signatures might still be | desirable in some circumstances, and anyway of course the | mere possibility of this happening ruins public trust in | the scheme. | | Estonia switched to P-384 keys on the same platform. | Unlike choosing random RSA keys (which involve finding | large primes) choosing a good P-384 key is trivial so | there's no temptation to come up with clever but insecure | algorithms to mint keys. | | What's interesting about this flaw is that it only | happens because the keys are minted on the Infineon | device you own. But we know Estonia has historically had | some weird incidents which are best explained by keys | _not_ being minted on device but instead burned into the | ID card after being made (and potentially recorded) | elsewhere. Estonia 's laws establishing these cards are | clear that mustn't happen (if it did the government can | seamlessly impersonate any ID, including ID issued to | citizens, non-citizen residents and diplomatic staff) but | evidence suggests it did, at least a few times and at | least on some older platforms. | | Estonia's IDs are all public using a very different | scheme to Certificate Transparency, since it assumes you | trust the Estonian government to decide which IDs exist - | but with similar effect, if anybody is minting bogus IDs | there would be a smoking gun in the official public | records of Estonia. | | On the other hand if the government (or a government | agency perhaps without wider knowledge) has copies of | some or all keys, they would be able to _decrypt_ | messages sent to citizens / residents using the embedded | PKI. We would not necessarily have any public evidence | that this was happening if indeed it was happening. | | You should probably be confident in Estonian IDs as proof | of someone's identity in the usual course of things, but | it may be prudent _not_ to rely on this to keep secrets | from the Estonian government or its allies. | Avamander wrote: | > There was a scandal in Estonia where they had to recall | all the ID's because the main private key which signed | them all got leaked (and that key was held by a private | company) | | No. | dijit wrote: | Helpful comment. | | https://www.reuters.com/article/estonia-gemalto- | idUSL8N1WD5J... | | > Estonia's Police and Border Guard Board (PPA) said in a | statement Gemalto had created private key codes for | individual cards, leaving the government IDs vulnerable | to external cyber attack, rather than embedding it on the | card's chip as promised. | rsj_hn wrote: | It's not an issue of whether it's technically feasible do it, | but whether it's feasible to do it with appropriate | safeguards that protect privacy and anonymity online while | authenticating in a targetted way to those end points that | need it. | TedDoesntTalk wrote: | > six months | | I think you may underestimate the system needed. Identity | management is the tip of the iceberg: this needs to tie into | any future digital currency, income taxes, property ownership, | government benefits, and who knows what else. Any off-the-shelf | product will need customization. I'm not saying it can't be | done.... it SHOULD be done. But not in 6 months. | mcny wrote: | >> six months | | > Identity management is the tip of the iceberg: this needs | to tie into any future digital currency, income taxes, | property ownership, government benefits, and who knows what | else. | | I'll put my shoe on my head if you can find me a private | company that can do this in six months. Previously on HN: CDC | website built by Deloitte at a cost of $44M is abandoned due | to bugs (technologyreview.com) | | https://news.ycombinator.com/item?id=25975110 | | 1167 points by donsupreme 35 days ago | | 664 comments | edoceo wrote: | Vendors with years of time to build can't even track | Cannabis properly. Human are much harder than trees to keep | track of. | jeffrallen wrote: | I don't think you could do it in six months, but the good news | is you wouldn't need to. Passports already have an x509 | certificate in them saying, "we are the government, and this is | Jeff". So the government already know how to do this, they just | were trying to give a gift to their buddies in private industry | and they got caught and got their hand slapped by the citizens. | | There's actually nothing new here: digital IDs were already a | thing, corruption has always been a thing, and the referendum | process worked correctly to remind the politicians who is in | charge. | tialaramex wrote: | > Passports already have an x509 certificate in them saying, | "we are the government, and this is Jeff" | | No they don't but I can see why you might think that. | | ePassports (the ones with the stylised "chip" image on the | cover) do have X.509 certificates baked into them. And | ePassports do say "We are the government, and this is Jeff" | (if you are Jeff) but that's not what the X.509 certificate | says. | | Each X.509 certificate is one of a relatively small number | minted by your government which says "We are the government | of country X and this is a public document signing key". | | Then the _passports_ all contain raw data (such as a | photograph and summary information about their subject) with | this certificate and a signature over the raw passport data | that can be authenticated with the public signing key. | | So there's an X.509 certificate but it isn't for Jeff, and | there's data about Jeff, but it isn't in an X.509 | certificate. | ben_w wrote: | Building a system which works for 99% of the population, 99% of | the times they want to use it, sure. | | That 1% though, is going to have _all_ the weird edge cases. | Spooky23 wrote: | Seriously. I suppose Santa's elves issue drivers licenses. | sigzero wrote: | > set it up in six months | | There is no way it could be done in 6 months given any | reasonable parameters you care to throw at it. | PoignardAzur wrote: | > We're talking identity management here. Any government that | can't handle that internally doesn't deserve to exist. | | ... I mean, as a French citizen who kind of wants my government | to keep existing, I also agree with the statement you quote? | | Our government's public-facing IT systems have gotten better | over the last few years, but my default expectations for any | new projects would still be for them to mess it up. | | Of course, the problem is I'd also expect the average | contractor to mess it up in very similar ways, for similar | reasons. | ddeyar wrote: | I'm super happy about this result. I hope the government will | learn from this case. ___________________________________________________________________ (page generated 2021-03-07 23:00 UTC)