> It’s only a tool of oppression if you have a government prone to abuse and without constraints.
Untrue for three reasons.
One, it's a spectrum, and where you are can change. While the current US government is pretty bad, they're not rounding up citizens based on their race and throwing them into internment camps right now. But they have in the past, so let's not leave them anything that helps them if they decide to Be Evil again eh?
Two, there are different governments. Suppose the federal government is bad but not heinously bad and the Colorado government is pretty good but the Mississippi government is corrupt and racist and oppressive. Create the system federally and you're handing it to Mississippi officials to abuse, whereas they couldn't create their own because free travel between the states is constitutionally protected.
Three, it's not just governments. Create something like this and corporations will use it. Then all you need is for the government to fail to stop them, which is the status quo.
> In 2024, however, all not having one means is that they use software to link them – the context for this story is the huge industry doing that for all kinds of data, and they don’t mind having to link a couple of different identifiers.
The single identifier is what enables them to be linked -- it's why the surveillance apparatus keeps pushing it on us. Without it you have to speculate and will commonly get it wrong. If someone is signed into Google and then signs into their bank, does that mean they're the same person, or just two people who use the same computer?
If you pull an old PC off a skid destined for the recycler and use it exclusively for buying things on Amazon (which inherently has your shipping address), and use a different machine for social media which you never use for Amazon, a single identifier would still force you to associate the two no matter what measures you use to separate them.
It is important to preserve the ability to keep them separate.
Also notice the form of your argument: Things are currently bad so it's fine to make them worse in a way that's sticky and hard to undo. Maybe instead we should make things better?
> The single identifier is what enables them to be linked
> If someone is signed into Google and then signs into their bank, does that mean they're the same person, or just two people who use the same computer?
You misunderstood my argument as “it’s okay to make things worse” rather than “spend your time on things which can matter”. You’re grossly overstating the importance of the unique identifier in era where databases are widespread. In your examples, you’re characterizing as hypothetical risks things which are routinely done by private companies right now. The modern Stasi wouldn’t need to an army of clerks to link government IDs, they’d pay Google or some other ad tech companies who’ve already linked your online activities (how many people even know if their bank uses Google Analytics?) and your email addresses and your phone numbers and your credit card transactions and the location data which the phone companies and mobile app analytics firms have already collected, etc. As a government agency, they’d even get stuff like the precise locations your phone is at. Even if you had your Amazon burner on a separate network, used a different email address with a different provider than you do for everything else, perfectly adhere to not using it for social media, etc. all you have to do is forget to turn off your phone once to link them, especially if you don’t live in a very crowded environment with many new people coming and going at unpredictable intervals.
Yes, having one identifier would make it easier but they’re already doing a good enough job that anyone who cares about it should be thinking about the safeguards which prevent abuse rather than pretending that there’s one weird trick to stop it. If we were in a scenario where any of the feared outcomes of a government are imminent, the range of bad outcomes either way overlap too much for the difference to matter.
The key thing to understand is that they don’t need it to be perfect: authoritarian governments don’t need to jail everyone who disagrees as long as they keep those people from organizing an effective opposition. If you’re opposed to them but keeping quiet and not doing much, they win. If you pull off perfect opsec and stay undetected, but they catch you because someone you know made a mistake, they win.
Worse, in the absence of effective accountability, minor mistakes only help build the fear of doing anything dodgy or subversive – if news gets out that someone went to a protest and the cops busted their roommate after linking the wrong phone, it _might_ help that one person be released but it will definitely ensure that a hundred other people get kicked out or turned in by roommates who don’t want to have the same thing happen to them (read accounts from East Germany, Russia, China, Mexico in the 70s, etc. for a reminder of how toxic the effects on social networks are), and a thousand people will stay quiet and avoid the next protest.
> The modern Stasi wouldn’t need to an army of clerks to link government IDs, they’d pay Google or some other ad tech companies who’ve already linked your online activities (how many people even know if their bank uses Google Analytics?) and your email addresses and your phone numbers and your credit card transactions and the location data which the phone companies and mobile app analytics firms have already collected, etc.
But it's not about clerks.
You go to your bank and sign in. If the bank is using Google Analytics then Google knows you've signed into your bank. But they don't know that this is the same "you" that signs into YouTube under a different account on a different machine.
If you make a government ID which is trivial to check over the internet then everything would start checking it, and then Google would know that it's the same "you" because you'd have to present your ID in order to use YouTube and it's the same ID you have to present to the bank.
> Even if you had your Amazon burner on a separate network, used a different email address with a different provider than you do for everything else, perfectly adhere to not using it for social media, etc. all you have to do is forget to turn off your phone once to link them, especially if you don’t live in a very crowded environment with many new people coming and going at unpredictable intervals.
This is the spy scenario where they magically associate the phone with you based on a single ambiguous data point. It doesn't work like that because if it did you could do it on purpose to link your identity with someone else. It also assumes that the other problems can't be improved. Suppose we stop forcing people to disclose a single identifier and we get phones that don't forcibly report our locations to large institutions. Then you have defense in depth and can make a single mistake without being automatically screwed.
> Yes, having one identifier would make it easier but they’re already doing a good enough job that anyone who cares about it should be thinking about the safeguards which prevent abuse rather than pretending that there’s one weird trick to stop it.
It's not that there's one trick to stop it, it's that forcing a single identity to be disclosed in order to do anything would defeat all other privacy measures. There is no point in preventing browser fingerprinting or using a VPN with a shared IP address or posting under a pseudonym if everything you do is still tied to your centralized ID number which in turn is tied to your face and home address and full transaction history with every extant bureaucracy.
> If we were in a scenario where any of the feared outcomes of a government are imminent, the range of bad outcomes either way overlap too much for the difference to matter.
Those are just the worst-case scenarios. If you get Nazis, they're going to push this on everyone anyway as soon as they can. It's better to slow them down as much as possible than leave everything already implemented and all they have to do is turn key, but that's hardly the only bad thing that can happen.
If corporations know everything about you, they can use machine learning to do price discrimination. They can predict when is the best time to present you with an agreement that has you sign your rights away for a song. They can influence public opinion to control election outcomes. Censor whistleblowers who are now incapable of publishing anything under a pseudonym. Blackmail anyone because no one has any secrets from them.
The longer it's possible for people to do these things, the more likely that they happen, and the more often. So it needs to be made not just illegal but technologically unavailable. That way it's harder to happen because they have to do two things and not just one.
Especially because many of these things are not necessarily things done by people who are already in power, they're things done by people who have the surveillance data and use it to seize power. "Accountability" doesn't work if the technology can be used to seize control of the government before the government can enforce a prohibition on that use of the technology.
> It doesn't work like that because if it did you could do it on purpose to link your identity with someone else.
It does work like that in too many cases. Yes, one data point is not definitive but since they can get many data points it works well enough to be a major privacy risk - for example, this was a cheap attack which required no governmental access:
I would suggest writing down exactly what you are concerned about in a structured manner. You’ve shifted the scope significantly and are well off topic from the original point. I appreciate the emotion but it’s hard to build a policy on quicksand.
Untrue for three reasons.
One, it's a spectrum, and where you are can change. While the current US government is pretty bad, they're not rounding up citizens based on their race and throwing them into internment camps right now. But they have in the past, so let's not leave them anything that helps them if they decide to Be Evil again eh?
Two, there are different governments. Suppose the federal government is bad but not heinously bad and the Colorado government is pretty good but the Mississippi government is corrupt and racist and oppressive. Create the system federally and you're handing it to Mississippi officials to abuse, whereas they couldn't create their own because free travel between the states is constitutionally protected.
Three, it's not just governments. Create something like this and corporations will use it. Then all you need is for the government to fail to stop them, which is the status quo.
> In 2024, however, all not having one means is that they use software to link them – the context for this story is the huge industry doing that for all kinds of data, and they don’t mind having to link a couple of different identifiers.
The single identifier is what enables them to be linked -- it's why the surveillance apparatus keeps pushing it on us. Without it you have to speculate and will commonly get it wrong. If someone is signed into Google and then signs into their bank, does that mean they're the same person, or just two people who use the same computer?
If you pull an old PC off a skid destined for the recycler and use it exclusively for buying things on Amazon (which inherently has your shipping address), and use a different machine for social media which you never use for Amazon, a single identifier would still force you to associate the two no matter what measures you use to separate them.
It is important to preserve the ability to keep them separate.
Also notice the form of your argument: Things are currently bad so it's fine to make them worse in a way that's sticky and hard to undo. Maybe instead we should make things better?