Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proof of Age insufficient for some regulatory requirements #5

Closed
msporny opened this issue Nov 28, 2016 · 2 comments
Closed

Proof of Age insufficient for some regulatory requirements #5

msporny opened this issue Nov 28, 2016 · 2 comments
Labels
privacy-tracker Group bringing to attention of Privacy, or tracked by the Privacy Group but not needing response.

Comments

@msporny
Copy link
Member

msporny commented Nov 28, 2016

Note that even if one may desire to remain anonymous when purchasing alcohol, a photo ID may still be required to provide appropriate assurance to the merchant. The merchant may not need to know your name or other details (other than that you are over a certain age), but in many cases a mere proof of age may still be insufficient to meet regulations. We need to mention language in the specification calling this out specifically.
@msporny msporny added editorial Purely editorial changes to the specification. privacy-tracker Group bringing to attention of Privacy, or tracked by the Privacy Group but not needing response. labels Nov 28, 2016
@msporny msporny removed the editorial Purely editorial changes to the specification. label Dec 7, 2016
@ottonomy
Copy link
Contributor

I always considered this use case to be somewhat abstract. Of course a "isOverAge": 21 is not yet compatible with regulations that say "Only a DMV, military or government photo ID is accepted as proof of age". Those regulations weren't developed until after the technology to print photo IDs was widely deployed. It seems like the default would be to assume the same thing would happen with proof of age credentials, that they would only be accepted by governments after they are widely deployed for use in less regulation-impacted commercial transactions, like offers/coupons/loyalty programs.

To my eye, no addition is necessary to support this request, but modifying the use cases to call it out wouldn't detract from the document, so I'm neutral as to whether to make a change.

@msporny msporny assigned ottonomy and amigus and unassigned ottonomy Mar 5, 2017
@msporny
Copy link
Member Author

msporny commented Oct 25, 2017
edited

We have text in the spec now that addresses this issue:

vc-data-model/index.html

Lines 1669 to 1676 in 700263a

<p class="note">
Even if one may desire to remain anonymous when purchasing
alcohol, a photo ID may still be required to provide appropriate
assurance to the merchant. The merchant may not need to know your
name or other details (other than that you are over a certain age),
but in many cases a mere proof of age may still be insufficient to
meet regulations.
</p>

@msporny msporny closed this as completed Oct 25, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
privacy-tracker Group bringing to attention of Privacy, or tracked by the Privacy Group but not needing response.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@msporny @amigus @ottonomy