Definitely why I voted against it. When I first heard about it I was all for it - until I realized that the plan was to let private companies handle it. Complete no go, glad it got rejected.
Which makes a lot of sense in Switzerland, since "the government is the people" is more true than in the overwhelming majority of countries on Earth. Pragmatic take from the Swiss as usual :)
California (not a country, obviously) is otherwise virtually comparable with Switzerland in this respect. Full constitutional amendments and legislative vetoes can occur via referendum.
EDIT: In practice, larger cities in California seem to have a comparable number of referendums as well. Unfortunately, they're all bundled into an election every 1-2 years rather than the Swiss system of elections every 3-4 months. This has its upsides, mainly in turnout which is still low in much of Switzerland, but also means many "less-notable" issues often aren't discussed in CA to the same degree that they seem to be here.
Not familiar with the Swiss system, but CA system has some interesting nuances - laws enacted as approved propositions cannot be modified at all, except by another approved proposition. In theory, that protects them from legislative overwriting/meddling, but also does not allow to fix unintended consequences. Here’s an example where a proposition was needed to authorize state legislature to make modifications to an older proposition: https://en.wikipedia.org/wiki/2018_California_Proposition_7
And of course, CA still has daylight savings time because this proposition required two thirds vote.
Taiwan (the Republic of China) is another jurisdiction with direct democracy elements. Direct democratic rights have been in their constitution since 1940s, but they weren't seriously implemented until 2000s. The exercise of these rights is still relatively new in Taiwan.
C'est pas ce que j'entends, c'est simplement les faits. Les décisions par referendum c'est grosso modo unique au monde, contrairement aux multiples couches de gouvernance qu'on peut voir dans plein d'autres pays (que ce soit le modèle Britannique/Commonwealth, les modèles des pays Latino-Américains, le modèle Français..)
They are doing the correct thing then. Prisons, ID, policing NONE of that stuff should ever be in corporate hands. It just stinks of fascism to anyone who really thinks about it for more than a moment. Governments are bad enough, corporations should never take on such roles because then they have a second incentive of profit to be bad actors and not just petty power trips.
I don't want to be that guy but it really has nothing to with facism.
I suggest you google the definition.
It's definitely a bad idea, but just because something is a bad idea does not magically make it facism.
If you think stuff like this being okay in the hands of a government then you might want to reexamine that line of reasoning, given that most governments are barely any better than corporations at the end of the day...
Yes, and that's a good thing. Balkanizing ID info between a gazillion government databases as we do in the US just creates inefficiency, and raises the thirst for more intensive surveillance to counter the inefficiency with which the data is used. (Consider the talk after 9/11 on the FBI and CIA not sharing info, and then we get the Patriot Act.)
Maybe the opposite though - having a 'single, semi-competent authority and source of control/failure/security' is probably not a good reality for security and resiliency.
Ironically, there's a >50% chance that the solution will entail 1) privately hosted platforms like AWS and 2) privately hosted support services and 3) privately written core modules (McKinsey business strategy, Accenture implemented etc.) and 4) at least some privately contracted IT people to manage the solution.
There's no reason to believe the gov. will make a more robust, scalable and secure solution that other entities.
A better approach might even be to mandate very specific identity protocols, and then allow citizens to chose their own identity provider among those that fit the regulatory requirements and oversight.
> Ironically, there's a >50% chance that the solution will entail 1) privately hosted platforms like AWS and 2) privately hosted support services and 3) privately written core modules (McKinsey business strategy, Accenture implemented etc.) and 4) at least some privately contracted IT people to manage the solution.
That would be in the US, with it's shit managment and governance culture of no expertise being required. The Wwiss are explicitly rejecting such willy-nilly privatization; did you read the article?
> There's no reason to believe the gov. will make a more robust, scalable and secure solution that other entities.
Again this is US ideology about US government. In another places they have something closer to actual democracy, a robust civil service, and an awareness that some things are too important to risk the profit motive sliding to rent-seeking.
> A better approach might even be...
I actually agree with you here. The next step after centrally planning how electronic identity should work is to realize many things don't need to require an "official one true personhood" surrogate key, and can make due with something weaker and more friendly to anonymity. The same functioning society that can figure out devolved cantons and federated cooperatives would be excellently prepared to figure that out.
> Balkanizing ID info between a gazillion government databases as we do in the US just creates inefficiency
It improves security through the reduction in the scope of harm and eliminating single points of failure. If someone compromises your Candy Crush login they can't drain your bank account.
> and raises the thirst for more intensive surveillance to counter the inefficiency with which the data is used. (Consider the talk after 9/11 on the FBI and CIA not sharing info, and then we get the Patriot Act.)
Your argument in favor of centralized ID is that otherwise nefarious spies will lobby in favor of something equivalent to centralized ID so they can correlate everything? That's the argument against it.
> It improves security through the reduction in the scope of harm and eliminating single points of failure. If someone compromises your Candy Crush login they can't drain your bank account.
"Security through ad-hoc redundancy" is going to replace one possible-good auth systems with a gazillion shity ones that no one has the budget or interest to secure. It's a greater attack service.
> It improves security through the reduction in the scope of harm and eliminating single points of failure. If someone compromises your Candy Crush login they can't drain your bank account.
No, by all accounts FBI and CIA still hate each other and keep secrets. What we got is more surveillance (NSA dragnets), not more efficient use of the data they already have.
> What we got is more surveillance (NSA dragnets), not more efficient use of the data they already have.
Or we could just not do that anymore and still not have centralized authentication.
> "Security through ad-hoc redundancy" is going to replace one possible-good auth systems with a gazillion shity ones that no one has the budget or interest to secure. It's a greater attack service.
You mean attack surface. But that's the trade off.
Because none of them are actually secure. Even when you have a full time security team, there are still vulnerabilities. Before the attacker had to find a vulnerability at the DMV, then start over at the bank, then start over at every company's file server. Now instead the attacker only has to find one in the central authentication system and they get everything at once. Even if there aren't as many vulnerabilities, if there is even one, you're screwed beyond comprehension across all systems everywhere.
On top of that, widespread use cuts the other way. Suppose the system was originally deployed using sha1. That starts looking pretty weak so you begin the decade-long process of transitioning literally everyone to a system using something else. Then suddenly sha1 gets completely broken beyond all hope, but you can't stop using it because 15% of people haven't migrated away yet and that's too much of the world to abruptly cut off.
Whereas in the decentralized system only 15% of things would be vulnerable because the other 85% had already migrated and disabled sha1, and the important stuff like banks who have their own security teams would be in the 85%.
More to the point, there are other ways to reduce vulnerabilities without centralization. Use simpler, more stable software from vendors who spend more time on security and less time on feature bloat. Restrict local services to local users so they're not exposed to the internet. Use defense in depth so that a single vulnerability is not enough but the expense of finding five stackable vulnerabilities is uneconomically large relative to the value of compromising an individual system.
Whereas the only way to avoid the ominously large scope of compromise of centralized authentication is to decentralize it.
That article about effective government policy being a database access policy a month or so ago was particularly illuminating (and made a lot of sense to me). That any given policies effectiveness really depends on whether you can actually construct - functionally - an appropriate database view to implement it's stages.
It does not seem like such a terrible idea if it is government run to me. But it depends on having trust in the checks and balances implemented in your system of governance.
In Sweden we have a company running the ID system and that works fine. The company is coowned by all the large banks afaik. I was really surprised at how far behind Switzerland is compared to Scandinavia when it comes to digitalisation. Being able to handle my life hassle free online instead of going to physical places (like post office, banks, gov office) is liberating. I also get all my bills digitally and all my receipts (even physical stores)
I think pride and patriotism means you’re overstating your case here.
Indeed as you say, a subgroup of the largest Swedish private banks own the ID system in Sweden - for profit, and without any serious democratic oversight.
Edit: I forgot to add that the system allows these private banks to see into almost every aspect of a person’s life: where they shop, where they are, who shares their household and so on. Almost every aspect of a Swede’s life can and is tracked by this system.
Every time someone identifies themselves with this system, it costs the retail merchant or service a non-trivial amount of money. Because it’s effectively a private monopoly, that price is set by the banks, and often involves a lot of secret horse-trading behind closed doors (I’ve been involved with some aspects of this in the past).
The secret negotiations also include terms that are not open to public scrutiny. One example, is that the merchant or service isn’t allowed to blame BankID for any problems such as downtime or any other technical problems.
btw I’m curious how you get all your receipts digitally. There are some services such as Kivra in Sweden, but they definitely don’t cover all stores.
I definitely agree. The system could certainly be improved.
My gripe with BankID is that it's a monopoly and it's tied to having a bank account. It's easy to fall into the cracks. For example, I know first hand more than one foreigner that moved to Sweden and couldn't do basically anything online because they didn't have BankID and couldn't get one because they needed to visit a bank branch and have an appointment, and they couldn't get one without having to wait for 2 months or more (partly due to COVID-19).
The system could be much better if there were many accredited providers of digital ID (this is somewhat already the case, there's Freja now) and there was a mandated standard protocol that the accredited providers implement, so you could have the ID from any provider and that ID would work on any site. The latter is not the case to the best of my knowledge: although many government websites are supporting Freja, most private ones like Kivra or Klarna and of course the banks only support BankID. This is not great.
It also forces you to have an Android or iPhone, and basically have a relationship with these foreign tech giants and accept their policies in order to be a "digital citizen" in your own country. If they ban your account for any reason, and you lose access to the store without any recourse, and you can't install the app, you are basically SOL. This is a trickier problem to solve, and it's not exclusive to BankID by any means, but if there was competition it would be more likely (at least on paper) that somebody might provide an alternative.
My take is that indeed: the system mostly works, it is convenient, but it's not perfect by any means. There's plenty of room for improvement. Just having real competition instead of a de facto monopoly would fix most issues.
> It also forces you to have an Android or iPhone, and basically have a relationship with these foreign tech giants and accept their policies in order to be a "digital citizen" in your own country. If they ban your account for any reason, and you lose access to the store without any recourse, and you can't install the app, you are basically SOL.
For me this is mind-boggling. Could you please elaborate or link to a resource on that? Do the respective apps work on rooted phones?
Regarding the Bank ID: I worked as an intern in Sweden in the 2002 and this sucked already then. As a foreigner you got an ID that somehow "almost" matched the normal way the number was generated (an offset on the YOB if I remember correctly). It was always an interesting experience to find out if an office/application supported such foreigner ID or not. Hopefully this got fixed in the meantime. After all my yearly letter from pensionsmyndigheten is at least partially translated in multiple languages. Good for me as I lost almost all my Swedish.
Maybe you got a "coordination number" instead of a "person number"? You only get the latter if you are expected to live in the country for longer than a year. The former "confuses" a lot of people and websites, which are not fully prepared to deal with it.
> Could you please elaborate or link to a resource on that?
Not sure what exactly you're looking for. There are 3 types of BankID: "on file", "on card" and "mobile". The first two are seldomly used and not all banks offer it (mine doesn't). I believe that most sites only support the mobile version. The mobile app cannot be sideloaded on iOS, and requires Google Play Services on Android. (For now it works on rooted phones. For now.)
Although technically minded people can still find a way to sideload the Android app without having to have a Google account, this is far from being mainstream. For most people you have to agree with Apple or Google's terms and have an account with them. If you're banned and lose access to the store, you can't install BankID any longer. It's not fun to live in Sweden and not have access to BankID.
I don't like the idea that you have to establish an asymmetrical relationship with a foreign conglomerate to be able to identify yourself in your own country and use digital services.
I think that having competition at least opens up the possibility that one of the players will introduce a mechanism that does not rely (solely) on Apple/Google technology. For example, a simple hardware token could work.
Regarding IDs for foreigners, I believe that the EU cracked down on Sweden and at least the government websites allow other European digital IDs nowadays. At least the option shows up in the list of authentication choices, but since I can't use that flow I cannot state how well it works in practice.
Tack så mycket! Your detailed explanation cleared things up.
>I don't like the idea that you have to establish an asymmetrical relationship with a foreign conglomerate to be able to identify yourself in your own country and use digital services.
The general acceptance of this in Swedish society boggles my mind. But hey, I am not a Swedish citizen, so it's not my job to tell people what to do.
Neither of the points you made I think are existentially problematic, especially in light of the fact that Sweden is 1) ahead and 2) it works for them.
'Cost' is going to be a part of the equation, there is no avoiding that, but access can be regulated, as can oversight (i.e. transparency) with respect to transactions.
And: "merchant or service isn’t allowed to blame BankID for any problems such as downtime or any other technical problems"
Will Swiss private individuals or businesses be able to 'sue' the Swiss government for downtime? Like late trains? Invariably not. They'll just get the service they get and that's it.
Sweden provides a pragmatic demonstrable example of what can work, it shouldn't be dismissed.
Once these systems are in place they will be under the control of the great unelected, the civil servants, it will not be the subject of any political party policy again and so how exactly will you assert the voting based democratic control upon it?
BankID doesn't store any information, and I have no problem that the stores I'm a member in store my shipping history.
I think you are overstating the scale of the surveillance. I don't think the different entities share data with each other.
Edit: try live in a country like Switzerland once you have gotten use to all interaction being online. It's horrible.
Edit2: actually other stores provide digital receipts without Kivra. You just have to be a member.
Edit3: This has nothing to do with patriotism, there are many things that I don't like about Sweden. But the fact that we have taken digitalisation seriously since the 90s is something I think is great.
I work with systems that use BankID identification, and know for a fact that you are wrong, because many (though not all) of the data-points collected by the banks can be retrieved for payment.
For instance, if you just logged-in with the service I work with, I can retrieve your full-name, birthdate, your marital status, name of your spouse, their birthdate, any children and their IDs and names, where you live, your home and cellphone number, and many many other data points.
From a service owned by a small group of private banks.
That is all public data. You can get that through open channels like birthday.se as well. I've been at BankID and I know for a fact exactly what information they store. They store only what is necessary from a regulatory standpoint.
You can get a phone number without registering it to your name, but otherwise yes. Most people's phone numbers can be found online, as well as reverse (find someone's name by phone number) .
Requiring strong ID verification (from government ID or the digital ID we're discussing) helps protect against identity theft. Other countries I've lived in that use very weak forms of ID ("a utility bill in your name") seem like much bigger paradises for identity theft.
Practically identity theft the way you think about are very rare in Sweden, more common are social engineering attempts like calling people and asking them to use their MobilBank ID while the caller logs in in their name.
Remember that personal ID numbers are not a big secret in Sweden as well, and still we don't see any big problem with that.
> your full-name, birthdate, your marital status, name of your spouse, their birthdate, any children and their IDs and names, where you live, your home and cellphone number, and many many other data points
Those things have nothing to do with BankID and everything to do with the government person-number database. They were available as open data before BankID existed
But surely if someone has your person number then they can retrieve all that information from companies like Ratsit and the like. Is there specific information you can get via BankID that isn't generally available from other 'open' databases?
i live in switzerland.
the only cases i had to be physically present at an official place was when i "adopted" my own son (due to not being married) and when i funded companies. 4x 15min in the last 4 years.
i think the state of things is just already quite efficient without such an id. thus people are not willing to give that data away to a private monopoly. imo for good reason.
> In Sweden we have a company running the ID system and that works fine. The company is coowned by all the large banks
Try to have anything to do with the government without a bank account. The processes and system are today so integrated that many aspect of being a citizen are today impossible beyond giving the power of attorney to someone who do have a bank account and then let them do it. (Not hypothetical as this was the recommendation given by försäkringskassan).
I would be much more happy with the system if the government operated a customer facing bank as a fallback, one which laws dictate so that all citizen critical functions are guarantied without a customer contract between a profit seeking company and a customer. It does not need to deal with loans, or give people interests, or handle stocks or any other aspects usually associated with banks. It just need to do basic banking for which everything else depend on in a cashless and internet based society.
Until then, what we have is the merge of private banks, beholden to non-elected owners, and government. It is very hassle free as long one don't mind the soft version corporatocracy.
Since it's closed-source, privately owned and not based on any open standards, it doesn't work on Linux or any mobile device that isn't using Google Play Services or iOS.
It's convenient, but it's an absolute travesty that we've left such an essential part of digital infrastructure to big banks.
> Being able to handle my life hassle free online instead of going to physical places (like post office, banks, gov office) is liberating.
The US has an incoherent assemblage of spare parts for an ID system and it's been years since I've seen the inside of a physical bank.
You have bank credentials and use them with with the bank. You have post office credentials and use them with the post office. This is far better from a security and privacy standpoint that any kind of centralized ID. If someone steals your post office credentials they can't drain your brokerage account, ransomware your employer's cloud services in your name and take out a home equity loan against your house and convert it into Bitcoin.
The post office doesn't need to know "who you are" except insofar as you have a payment method that works which they can charge postage to.
The payment processor, in turn, just needs to know that you're authorized to draw on that account, which they know because you have the credentials established when it was opened.
Functionally none of this actually uses your name for anything useful. Even giving it to them at all is, at best, a password reset method, and there are a million other ways to do that which don't require a centralized ID.
I live in Sweden. My bank (Swedbank) recently closed my BankID and told me that I either have to buy more services from them or look for another bank if I want to have an BankID (which is required for vaccination).
Yeah, it really works fine. Fortunately, it wasn't too difficult to find another bank that didn't want to blackmail me, but the system has such obvious flaws that it shouldn't exist.
To make matters worse, the current chairman of Swedbank is Göran Persson, a previous prime minister. I fear that there is some ugly corruption involved here.
As a US citizen, being able to go to various physical places without being forced to patronize an opaque, unaccountable corporate behemoth owned by a conglomeration of banks that centrally tracks everything I do, every penny I spend, and what and where I spend it on is liberating.
The fact that is technically possible was never argued. Swiss voted against banks controlling their entire lives' data, not believing it was a condition to get their bills digitally (which by the way work fine in Switzerland as well).
Developed by Nets together with the banks similar to the Swedes. If you're looking for public ownership of the various organs and products that Danes interact with on a daily basis: it basically doesn't exist. Just about every software product at the municipal and state level is contracted out to an enormous private megalith that gets paid vast sums of money to execute. And they're nearly all Microsoft affiliate shops, if you were also hoping for some silver lining.
I love my country but the continuing parceling out of everything to private companies has been greatly negative to many public services. See, as an example, the DOT syndicate, which has made it prohibitively expensive to commute via public transit (why in God's name is it cheaper to travel to Germany than take a train from Copenhagen to Odense?) or the bridge to Sweden we're still paying truly insane toll fees for despite having paid for its construction years ago.
There's an important distinction between the systems in Sweden and Denmark. In Denmark, you don't need to have a relationship with a private bank to get NemID. The government also provides it.
In Sweden, you are absolutely reliant on private banks. This gives those select few banks a position of power which they can - and do - abuse.
If you think that's bad, look at the UK. They had a government-ID system with an ID card, and then they scrapped it. Now people run around using driver's licenses and municipal bills (I guess) to open bank accounts and other things. Utterly backwards.
I've been formulating my thinking around it and I'm starting to think that this is some sort of new-age "luddism" at play, coupled with some odd distrust of government for this particular problem, as if government is trustable elsewhere.
What did the Goverment ID offer over a drivers license? Here in bc Canada drivers license is sufficient ID most places, and if you don’t drive you get bc Id which is just a drivers license without the driving part.
Verification is done by third-parties in conjunction with government data. At the moment it’s only used for government services, but there has been talk for half a decade about expanding it to the private sector.
Right, the government just legislated standards for what can legally be considered e-ID, and its up to the market to implement it as they wish. Nothing is stopping anyone from developing and launching an open ID platform.
I did vote against it, but mostly for other reasons.
The companies (mostly banks and insurances) lobbying for the e-ID have already implemented a similar project called "Swiss-ID" which was supposed to be used across a majority of service providers. From the point of view of the user, it looked and behaved a lot like OAuth.
What I am afraid of is that the e-ID will be implemented in a similar way, and data will be stored centrally. That's a big difference to the classic physical ID we have, because while the government controlled some data centrally (name, year of birth etc), no information about banking or illnesses was ever stored in a central place.
If there was an indication about how the e-ID was going to be implemented, and if there was a reasonable effort to make sure data is being kept isolated (e.g. by issuing a physical tokens and encrypting the data with them) I might have voted yes. But there was no such information, and I expected the worst.
Which is why the opponents, backed by a non-partisan alliance of representatives, will bring forward not one but two proposals to the houses. If they get a majority vote, the federal council will have to try to make it into a law.
And once everyone forgets about it, a right-wing government will privatise to the same orgs that would have gotten the contracts... it’s just putting off the inevitable :(
If the proposal had been for the government to issue and control the identities, it may well have passed.