I really, REALLY hope that this becomes such a massive failure for Discord that it turns into a cautionary tale for all such corporate KYC scams .
Hmmmmmm.
Let Discord leave your phone.
That’s not all, though; some users are also unhappy not just with the age verification process itself and the security of their data, but also the people bankrolling Persona, which includes the investment fund of Palantir founder, Peter Thiel. Palantir is the data and surveillance company currently used by US federal agencies, including ICE, and Thiel’s name appears 2000+ times in the Epstein files.
I used to think that people were massively overreacting about all this, but this is some pretty fucking suspicious connections.
I used to think that people were massively overreacting about all this
Genuine question, why? What proof is there that companies like this don’t do these things when given even an inch of leeway?
The question can go the other way as well; what proof does people have that Discord is outright lying in their communication? All the communication indicates that they have actually taken steps to minimize the privacy impact. Importantly using local processing and only storing if it’s successful or not, even if that means that it can likely be bypassed (important web dev rule, never trust the client side).
Now introducing the Persona system is very concerning, and also a reason I don’t think it’s an overreaction anymore. Even if they claim they only save the data for longer than 7 days, the connection to Palantir and Peter Thiel is extremely troubling and erodes the trust. I mean it comes down to me not trusting them as much as Discord.
To expand on your question on why they wouldn’t be as evil as possible, it comes down to whether or not you believe that all developers and product managers are evil or not. I have worked for a decade for a few IT heavy companies and yeah, there are shit going on, but it’s mostly due to laziness, or product managers wanting numbers and pretty graphs of user behaviors (when it comes to privacy and data sharing).
The leak of the 70k UK identities is an interesting case. It’s often framed as if the processor was hacked but it was actually the normal support system where they handled appeals. The real mistake was that Discord didn’t properly think through appeal handling and it is probably attributable to a mistake/laziness then intentional malice.
Of course a bit different for the macro social networks, whose primary income stream is selling ads and they want to build behavior profiles because that allows them to argue that advertisers get more value out of their platform. The point I want to make is that your real name and photo doesn’t actually have any value for the companies, because they already do have everything they need from your activity. It does have risks and liabilities though if nothing else due to GDPR.
deleted by creator
Get Vivaldi and turn reader view on. You’ll just get the text and pictures.
You don’t need Vivaldi for that.
Thanks for the useful input.
How could it be possible to verify a photo without it leaving your device? That seems impossible.
They can’t. Of course, they can’t really do it on a remote server either but they choose to pretend they can. If they really wanted to, they could run it through a machine learning system on your phone and just send the result to discord. That wouldn’t be secure, strictly speaking, but it would be good enough for this purpose. The kind of model they could send to a phone wouldn’t be very reliable, but that’s the problem they have anyway so nothing of value is lost
They can absolutely run the verification code client side, but they can’t really fully trust the data being provided from client side since the client might be manipulated or a 3rd party client may have reverse engineered the API to bypass the verification.
Probably they made the decision that it’s worth it to protect privacy (you know the thing people have been complaining about) weighed against that most teens probably won’t figure out how to bypass the system… which makes this sudden change (trial?) where it’s being sent to a 3rd party anyway kind of odd.
We’re trying an experiment where instead of being free people are enclaved serfs.
“First time?”
