Finally a good use case for decentralized technology? From https://www.eid.admin.ch/en/technology
"The e-ID architecture is based on a decentralised identity model that gives users full control over their identity and personal data. There is no central authority that aggregates, stores or controls credentials. Data flows occur directly and in a decentralised manner between the holder and an issuer or verifier. Linkability of usage across different services is technically restricted. Interactions between different actors also cannot be directly linked. During a verification process, the holder shares only the necessary data directly with a verifier, without the issuer being informed."
The verifier is the entity you hand your information to for verification, ie the CA. The extent of your interaction and linkage with them is mainly at point of verification and issuance.
It is however possible to trace a certificate to it's issuer, which on the surface sounds like a bad thing, but is in fact good if the goal is to provide privacy while ensuring accountability.
I mean in this case there is only one issuer, the Swiss state, so is that really a big deal? Ultimately the government is and should be the provider of identity.
Depends on the credential being issued. For the digital identity document it is the federal state, but the cantons (states) or even corporations are able to issue their own credentials using their own register.
The privacy story of this looks better than the Norwegian BankID approach.
I would like if Norway moves in this direction, and I think that through the ongoing alignment with the EU wide program on digital id, that might happen.
This is a surprising result. I wonder how they managed to convince people this was necessary.
There’s a real split in this debate, between people living in countries that have this and people living elsewhere. People who have used it are generally supportive, if they think about it at all. People who’ve never lived in a country with this are generally skeptical about the benefits and pessimistic about the downsides (privacy, mainly). HN being HN, is almost entirely in the latter camp regardless of where they live.
I would have expected the Swiss to be skeptical, and to some extent they were. This is the narrowest possible margin of victory. Still, it would be interesting to know what argument the Yes campaign used that resonated with > 50% of voters.
Voter here. Although I'm not totally convinced of the absolute necessity of an e-ID, and that there are a few points that I find inherently bad (mainly the necessity of using a smartphone, and possibly excluding rooted ones or those with customized installations like LineageOS), I still approved this. The reason is simple: the tendency to be able to identify people on online services can only increase and will so. It can be proper identity verification (let's say to activate a SIM card or to request some service like to open a bank account), age verificaiton (prove that you are >18), or perhaps other things too. The system they propose seem to be able to provide the minimum amount of data possible (e.g. you can verify your age without providing your birth date). My guess is that if we don't have a public e-ID system, we'll have one or more private ones, probably managed by one or more of the usual big corporations. Personally I trust the Swiss government more than them. And finally if it gets totally wrong, 100k people are enough to go to the vote again and abolish it through a popular initiative.
I live in a country (Austria) with at this point more than 20 years of a sort of digital ID. I’m really not quite sure how something as simple as authenticating as a citizen to access governmental services has become so controversial.
It's not just government services (such credentials already exist but its a hodgepodge of self-rolled services for each agency). This ID will generally be equal to the real ID so it will be used to verify citizenship to employers, banks and even the store you order alcohol from. You can even use it to prove that you're of age to the barman irl.
Some fairly unusual (compared to most of Christianity practiced globally) Biblical interpretations widely popularized in the past 100 years have a lot to do with it in the US.
HN is typically more coming from a libertarian-anti-tracking bent but the larger popular US opposition to standardized federal IDs is rooted in "mark of the beast" stuff.
There wasn't really a yes campaign which, imo, is why it was this close. The government put it out there, made their handful of media appearances and that was mostly it. The vibes were that it was going to pass easily so everyone almost sleepwalked themselves into a disaster.
This being HN, I expect most people on here are American and view social topics from an American perspective. Swiss have a level of trust in their governments that Americans could never even dream of. The pros and cons of this debate are not necessarily about whether the current government or a near future one will abuse it. But I feel that Americans on here (as well as folks living in countries with low government trust) are projecting their low trust views onto other countries and thus concluding that the current swiss government or a near future one cannot be trusted with this power.
Swiss here, and I do not agree. We used to be able to trust our government, but more and more, as the years go by, tech-savvy people realize how laws have accumulated into surveillance.
Now there are much worse cases out there, sure. But most Swiss citizens are not even aware of those laws.
Nor are they aware of how much the Swiss government has been trying to hide its incompetence regarding anything IT-related. Like data leaks happening several times per year.
So yes, a big percentage of those almost 50% of "no we don't want this" responses were about lack of trust in the different branches of the government.
There are many lessons to be learned from history. One of them is that you should never trust your government to not abuse its power. Even the most progressive welfare states like Sweden end up doing horrible things (see how Sweden sterilized thousands based on eugenics policies (https://www.researchgate.net/publication/319507778_Eugenics_...).
If you want some recent examples for Switzerland (beyond the dozens upon dozens the further you go back in History) look up, Verdingkinder, Swiss eugenics after 1945, Holocaust Assets (Volcker Commission Report), Post-War Forced Labor and Slaver Switzerland, Secret Police and Surveillance (Swiss Federal Parliamentary Report of 1990), etc, etc.
Some level of trust is required for a functioning society, but there are so many natural factors (human psychology, evolution, national security, crisis situations, elite capture, economic incentives, legitimizing narratives, etc.) which all lead to the abuse of power and the violation thereof that IMHO you can never limit and check it too much.
The main reason I voted against was because it is tied to smartphones with only the vaguest promise that it won't stay so. Ironically one of the arguments in favor was independence from megacorporations (or foreign countries for that matter). But you couldn't find this point in the main opposition website. The opposition was very weak with weak arguments and the parliament was massively in favor.
> People who have used it are generally supportive, if they think about it at all.
What are you basing this assertion on? Have you considered China? Do you know if you can get accurate representations of citizen sentiment on this issue?
> HN being HN, is almost entirely in the latter camp regardless of where they live.
Ostensibly we're hackers. We understand how good technologies can be put to inhumane uses. We see it quite often. Many of us hack on software in an effort to eliminate these often unintended consequences.
> Still, it would be interesting to know what argument the Yes campaign used that resonated with > 50% of voters.
You should know this isn't the first time the vote was held. In previous referendums the proposal was defeated and this time it only narrowly passed. You might be better served in doing a comparison between the two.
- Very YES to smart-card based systems, like you get an ID card, driving license, ... who is also a contactless or contact smart-card for accessing with a card-reader on a desktop any public service
- Very NO if it's an app on non-FLOSS, non-open-hardware devices.
That's the real point. Then it's time to talk about rules as code, or at least bureaucracy as code. With a public OpenFisca "blockchain edition" where documents are signed and timestamped on the network and the blockchain is held by participant citizens, not only public bodies, using fees to compensate all participants.
The codebase they are going to use already exists and is open source. Most of the specs can be found somewhere on their github. It's a bit more voodoo than just plain credentials to satisfy privacy requirements.
And rightly so. The Swiss have direct democracy. We have a PM who is so jealous of Tony's 20 mil a year in post-Iraq 'speaking fees' that he'll do anything to figure out his own revolving door - in this case throwing an entire nation's worth of data under the Peter Thiel bus in the hope of some kickbacks.
What the Swiss just voted on and what the UK government are mandating are absolutely not 'the same'. Use of the swiss ID is voluntary.
There seem to be massive differences between the two. Per the article, the Swiss system:
> People can use it to identify themselves to authorities and businesses... Use of the e-ID is voluntary
Whereas in the UK, Starmer proudly proclaimed that the "right to work" in the UK would require this ditigal ID, which is a rather creative use of the word "right".
The UK proposal is not the same because it would be de facto mandatory. In addition, Switzerland already has ID cards. The UK does not and the people have always resisted them.
and in Swirzerland a large percentage of the voters have a required by law machine gun or have kept the required machine gun, for the required time, so the "e-id" will presumably be just another part of generaly orderly and significantly bizarre, swissness
very unlike whatever just got thrown out in merry old
the general population are dumb, you are expecting too much from them to be honest.
the forward March toward dystopian tomorrow will never stop, we will lament the stupidity of the public who made this possible in our small corners on the internet.
Readit News
The verifier is the entity you hand your information to for verification, ie the CA. The extent of your interaction and linkage with them is mainly at point of verification and issuance.
It is however possible to trace a certificate to it's issuer, which on the surface sounds like a bad thing, but is in fact good if the goal is to provide privacy while ensuring accountability.
I would like if Norway moves in this direction, and I think that through the ongoing alignment with the EU wide program on digital id, that might happen.
There’s a real split in this debate, between people living in countries that have this and people living elsewhere. People who have used it are generally supportive, if they think about it at all. People who’ve never lived in a country with this are generally skeptical about the benefits and pessimistic about the downsides (privacy, mainly). HN being HN, is almost entirely in the latter camp regardless of where they live.
I would have expected the Swiss to be skeptical, and to some extent they were. This is the narrowest possible margin of victory. Still, it would be interesting to know what argument the Yes campaign used that resonated with > 50% of voters.
I was really torn on what to vote but went for a yes in the end - only time will tell if and how this will be abused.
https://github.com/swiyu-admin-ch/eidch-android-wallet/issue...
HN is typically more coming from a libertarian-anti-tracking bent but the larger popular US opposition to standardized federal IDs is rooted in "mark of the beast" stuff.
Now there are much worse cases out there, sure. But most Swiss citizens are not even aware of those laws.
Nor are they aware of how much the Swiss government has been trying to hide its incompetence regarding anything IT-related. Like data leaks happening several times per year.
So yes, a big percentage of those almost 50% of "no we don't want this" responses were about lack of trust in the different branches of the government.
If you want some recent examples for Switzerland (beyond the dozens upon dozens the further you go back in History) look up, Verdingkinder, Swiss eugenics after 1945, Holocaust Assets (Volcker Commission Report), Post-War Forced Labor and Slaver Switzerland, Secret Police and Surveillance (Swiss Federal Parliamentary Report of 1990), etc, etc.
Some level of trust is required for a functioning society, but there are so many natural factors (human psychology, evolution, national security, crisis situations, elite capture, economic incentives, legitimizing narratives, etc.) which all lead to the abuse of power and the violation thereof that IMHO you can never limit and check it too much.
What are you basing this assertion on? Have you considered China? Do you know if you can get accurate representations of citizen sentiment on this issue?
> HN being HN, is almost entirely in the latter camp regardless of where they live.
Ostensibly we're hackers. We understand how good technologies can be put to inhumane uses. We see it quite often. Many of us hack on software in an effort to eliminate these often unintended consequences.
> Still, it would be interesting to know what argument the Yes campaign used that resonated with > 50% of voters.
You should know this isn't the first time the vote was held. In previous referendums the proposal was defeated and this time it only narrowly passed. You might be better served in doing a comparison between the two.
- Very YES to smart-card based systems, like you get an ID card, driving license, ... who is also a contactless or contact smart-card for accessing with a card-reader on a desktop any public service
- Very NO if it's an app on non-FLOSS, non-open-hardware devices.
That's the real point. Then it's time to talk about rules as code, or at least bureaucracy as code. With a public OpenFisca "blockchain edition" where documents are signed and timestamped on the network and the blockchain is held by participant citizens, not only public bodies, using fees to compensate all participants.
https://news.ycombinator.com/item?id=45405675
Swiss voters back e-ID and abolish rental tax (swissinfo.ch)
Currently: 59 points & 52 comments
On a technical level, I wonder if they will use verified credentials to drive this.
https://github.com/swiyu-admin-ch
What the Swiss just voted on and what the UK government are mandating are absolutely not 'the same'. Use of the swiss ID is voluntary.
> People can use it to identify themselves to authorities and businesses... Use of the e-ID is voluntary
Whereas in the UK, Starmer proudly proclaimed that the "right to work" in the UK would require this ditigal ID, which is a rather creative use of the word "right".
We already have a right to work system. A different one won't change the state of illegal migration just like the current one does not affect it.
I still believe it's the way forward.
Why? I mean this sincerely, are you not concerned about the dystopian social credit scoring potential of these systems
the forward March toward dystopian tomorrow will never stop, we will lament the stupidity of the public who made this possible in our small corners on the internet.