Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
China The Internet

China Ponders Creating a National 'Cyberspace ID' (theregister.com) 52

Posted by BeauHD from the what-to-expect dept.
China has proposed issuing "cyberspace IDs" to its citizens in order to protect their personal information, regulate the public service for authentication of cyberspace IDs, and accelerate the implementation of the trusted online identity strategy. The Register reports: The ID will take two forms: one as a series of letter and numbers, and the other as an online credential. Both will correspond to the citizen's real-life identity, but with no details in plaintext -- presumably encryption will be applied. A government national service platform will be responsible for authenticating and issuing the cyberspace IDs. The draft comes from the Ministry of Public Security and the Cyberspace Administration of China (CAC). It clarifies that the ID will be voluntary -- for now -- and eliminate the need for citizens to provide their real-life personal information to internet service providers (ISPs). Those under the age of fourteen would need parental consent to apply.

China is one of the few countries in the world that requires citizens to use their real names on the internet. [...] Relying instead on a national ID means "the excessive collection and retention of citizens' personal information by internet service providers will be prevented and minimized," reasoned Beijing. "Without the separate consent of a natural person, an internet platform may not process or provide relevant data and information to the outside without authorization, except as otherwise provided by laws and administrative regulations," reads the draft.
This discussion has been archived. No new comments can be posted.

China Ponders Creating a National 'Cyberspace ID' More

China Ponders Creating a National 'Cyberspace ID'

Comments Filter:

  • Slashdot and Reddit will be thrilled.

    • /. And Reddit would be able to use to not know the name, but say that they have a unique ID from China. Said person could still register with anonymous logons for different purposes , but upon 1 ID being booted, then all are. Likewise, gives others the ability to block a person, not a logon.

      • Say that the Chinese are considering it, all of the sudden there's no debate, it must be bad. I happen to like the idea of adding 2FA (preferrably involving biometrics) and logging internet use back to an individual where possible. The problem is, whether its a National Identity card, a Social Security card or some form of digital globally unique identifier, it'll have flaws and be subject to abuse - not unlike the current state of affairs (after all, it's not like online privacy is actually a thing unles

    • Re: (Score:1)

      by jonadab ( 583620 )
      Eh, reddit is a website that regular people have actually heard of, so that is of course blocked in China, for obvious reasons. Slashdot is somewhat less well known but probably blocked as well, I should think. It's much more niche than reddit, but still probably too high-profile to fly under the CCP's radar.

      So this is unlikely to have much impact on those sites.

  • Is this something like Korea where one has to put their citizen ID into a terminal if they want to use a web cafe or other resources online? (South Koreal... NK, they take care of that by just having an intranet.)

    Or will this be like a credit card number that is (hopefully) tokenized?

    Neither sounds like it would add that much other than being another column in a database on BitTorrent when it gets compromised.

    • Re: (Score:2)

      by znrt ( 2424692 )

      good questions ... if only they weren't answered in the first of the 2 paragraph abstract!

    • Re: (Score:2)

      by AmiMoJo ( 196126 )

      Probably. Currently you have to use your real name when logging on to e.g. hotel WiFi. For that reason public WiFi is rare, it's more hassle than it's worth.

    • I'm not certain, but from the original it sounds like they are proposing some mechanism where holder of a China national identity card could apply and get an anonymized certificate to use as an identifier. The certificate would have the random string in it instead of the person's name. How the secret key for the certificate enters into it wasn't specified, but at the very least the issuing agency (the Chinese government) would be able to link the certificate to the real identity, though private entities wou
  • This is NOT something you also want...

    • EU has it in development under the name Digital Identity Wallet https://github.com/eu-digital-... [github.com]

      • Re: (Score:3, Interesting)

        by AmiMoJo ( 196126 )

        I was going to comment that it sounds similar to the EU proposal. It depends on the implementation though.

        It's a privacy win for citizens if they can verify identity in a way that limits information disclosure. Say a business needs to verify someone's identity, e.g. a car dealer offering a test drive. Right now they will probably want to make a copy of your driving licence and all the information on it, which they then have to store securely for a given amount of time, control access to etc. With a digital

      • You also see https://eudiwalletconsortium.o... [eudiwalletconsortium.org] for more info on EWC (EUDI Wallet Consortium).

  • Communist Party: "That's OUR job, buttheads."

    • Re: (Score:1)

      by jonadab ( 583620 )
      No, they routinely outsource that to the private sector. They pretty much *require* all companies that do business in China, to be part of their Orwellian surveillance network. Why should the government do all that itself, when they can just make everyone who runs a website do it for them and hand them any information they ask for? Censorship is handled the same way (except for foreign sites, which are just blocked outright if they're sufficiently popular to get noticed at all, because if anyone wants to

  • How evil! (Score:4, Interesting)

    by OrangeTide ( 124937 ) on Tuesday July 30, 2024 @04:53AM (#64666090) Homepage Journal

    Well we did it first in an ad hoc way that we have almost no control over, thanks to Big Data. But it's evil when the CCP does it explicitly and in a way that is centralized and probably regulated.

    What next, are they going to start using a tax id to track a person's credit history?

    • Since it is government centralized, that is by definition regulated. Now, what we might think of said regulation is a different story.

      • We have examples of decentralized regulation in the US. An example is public health code is defined and enforced state governments, not by the federal government. But admittedly we're a bit of an oddball as far as countries go. But federalism is probably more resistant to despotism and authoritarianism, but corruption and incompetence will always bubble in some regions of our country meaning that the quality of government that people receive varies greatly from one state to another. But I digress...

        • Re: (Score:2)

          by mmell ( 832646 )

          ...But federalism is probably more resistant to despotism and authoritarianism...

          I see you've never been to Illinois. I grew up there and even New Yorkers (well, the honest ones) will admit that Illinois is the corruption capital of the USA.

    • It's evil when the government does it because that forces everyone on line to participate. The current state of tracking in the West is that anyone can wipe their browser whenever they like and start over. If the government gets involved that anonymity isn't allowed any more. You're comparing shoplifting to taxes.

      • The current state of tracking in the West is that anyone can wipe their browser whenever they like and start over.

        They also need to drastically alter other characteristics of their computer and OS - repeatedly - because of browser fingerprinting. Then there's location data, in the case of all those who don't use a VPN. So practically speaking, the "current state of tracking in the West" is a shit-show in which only motivated, persistent, tech-savvy folks who spend time, effort, and money have a decent chance of not being tracked.

        • Without the equivalent of GDPR, wiping your browser history isn't sufficient. You can already buy IP and customer interface from ISPs. So need a VPN at the very least. On top of that. Browser fingerprinting without using tracking cookies has been demonstrated years ago and not solved. And we know it is being used in the wild.

          Obviously making people use an online ID is an invasion of their privacy and liberty. If the government can track them, so can everyone else. It's troubling.

          Doing nothing, not creating

          • Re: (Score:2)

            by mmell ( 832646 )
            The only consolation I can offer is that I trust most world governments more than I trust most business enterprises when it comes to just plain not telling anybody what they know about anything, including me. That, and I swear I have never bought any drugs from canadian pharmacies online (although I did buy some power tools online; but that was over five years ago from a reputable retailer and I'm not buying any more so SOMEBODY PLEASE MAKE IT STOP!).

      • forces everyone on line to participate.

        As far as I know I didn't consent to being tracked by private credit auditing agencies. And these private industries are not ran by people I get to elect. So doubly damning in my opinion. There are systems worse than government bureaucracies, even systems that are capitalists institutions.

        Generally we need to do better all around. Better government. And better companies. And a fair bit of it can be solved by not investing so much authority into the wealthy. It's one thing to use the system of capitalism to

  • The relatives of the leaders will suffer. Centralization of data ensures massive harm.
    • Its China. Stealing a ID or using a stolen ID == death penalty for them and everyone they have ever known..

  • Just another way to track people (Score:4, Insightful)

    by LondoMollari ( 172563 ) on Tuesday July 30, 2024 @06:46AM (#64666200) Homepage

    “China has proposed issuing "cyberspace IDs" to its citizens in order to protect their personal information, regulate the public service for authentication of cyberspace IDs, and accelerate the implementation of the trusted online identity strategy.”

    I’m sure it will do all of those things. Or not. More likely: the number will help China track down people who post online for whatever thought crimes they commit. This “fingerprint” will make it harder to hide and easier to certify that a certain post came from a certain individual.

    • Re: (Score:3)

      by Ormy ( 1430821 )

      I'm sure it will do all of those things. Or not. More likely: the number will help China track down people who post online for whatever thought crimes they commit.

      It is both. It will help the the CCP identify and silence troublesome dissenters as that is obviously the main goal. But it's not as easy as simply making it compulsory for everyone, those who wish to dissent will find ways around it. No, the CCP need some willingness on the part of the population to adopt this, so they use 'increased privacy from your ISP' as the carrot, and make it (initially at least) voluntary so it doesn't seem like scary surveillance. Once there's some critical mass of people alre

  • Smart on them (Score:4, Insightful)

    by WindBourne ( 631190 ) on Tuesday July 30, 2024 @07:50AM (#64666306) Journal
    With America, we give our vetted ID with bio info to private companies who then issue an ID. In the meantime, the companies collect $ from state governments, sell the information, have offshore employees that steal it and sell, and have sloppy security that enables ppl to steal it. Yet somehow, far right idiots claim this is better than having DHS hand out a packet of X.509 DC with the vetted ID.

  • China has proposed issuing "cyberspace IDs" to its citizens in order to [stamp out the few remaining vestiges of free expression in their country, as part of their long-term plans to stamp it out worldwide.]

    FTFY.

  • This has nothing to do with protecting Chinese citizens, it has everything to do with 100% surveillance and 100% control of Chinese citizens' lives by the Chinese government. Wouldn't at all be surprised if they also have in the works eliminating cash entirely as well, so they can likewise surveil and control all transactions, even purchases of basic necessities. Then with a single click they could destroy some Chinese persons' life, cut them off from everything including their money. That's one hell of a S

  • Though the topic isn't intrinsically funny. The intentions are key, but of course the bad actors will mask their bad intentions behind good ones.

    However it is not clear to me if the worst actors are in China or the States these years...

  • We would never have anything like that here in the US, nosiree. We use a good old Social Security Account number - "for Social Security purposes only. Not meant to be used for identification". That makes that nine numeric digit token, uh, that makes it, . . .

    Uh, wait . . .

  • China has proposed issuing "cyberspace IDs" .. A government national service platform will be responsible for authenticating and issuing the cyberspace IDs

  • One is a national user account, with username and password... OK.

    What is that other thing? How does it differ from a personal ID, like a social security number? Those don't do anything once the information leaks online, and they will.

    And how is it any more secure than referring to the user's national account alone (however they plan to)? Or is that just the technical detail... that they're talking about the hash value as if it's something people should know about.

    • Re: (Score:2)

      by mmell ( 832646 )

      Well, because if you're in China and they catch you leaking (or even looking at) what they consider to be their data, well . . . it could end badly.

      If you're not in China and they catch you leaking (or even looking at) what they consider to be their data, well . . . it could still end badly.

Slashdot Top Deals

I have a very small mind and must live with it. -- E. Dijkstra

Close