Rockets님이 먼저 게시:

I agree. Register IDs and MAC IDs, done.

MAC id's can be spoofed.

Rockets님이 먼저 게시:

I agree. Register IDs and MAC IDs, done.

IDs can be faked, MAC IDs can be spoofed. But lets say they don't spoof it, what about the person who they trade/sold off their old hardware off to? Are they now connected to the original ID or a new ID?

Old ID? Then they get blamed for everything other person does. And the old owner also gets blamed for everything the new owner does. And yes, selling old hardware is common.

New ID? Then its easy enough to put in a new fake ID and claim the hardware with the new ID to get away from being punished.


So ya both are pointless to do because as pointed out in SO MANY other threads about this topic, with no legal way to look at a government database 99% of the players won't be able to use an ID.

Again they don't need my ID for gaming, they can't even use it if I gave a copy of it because they don't have access to a government database to check to see if its legit or not and even if they did, whos to say that its actually my ID, maybe I bought it from a website I found on google for 10 bucks along with a dozen others.

Sorry but this argument of "you could copy the ID from someone else" and all is such a weak argument.
Because if we think like that, everything can be faked.
Hell, if I would be not at the age of 18 or above, I would ask my brother to verify my account with a live feed so I could use 18+ games even when I am not at that age.

Somewhere we have to stop thinking someone can fake it. There will always be a way to fake things. This will be never possible to stop. But that is also not valves or Germanys concern. If our account is verified as 18+, or that the user is above 18+, both, Valve and Germany, are out of the concern. They did everything right to prove our age. If we fake it, then its not their issue anymore. Valve should just make it harder to fake, thats the issue that german law has with the age verification right now.

Supafly님이 먼저 게시:

There are privacy issues in regards to using I.D. as a means to verify a users age

Opt-In; Period

Valve can not do its own solution, they must use an accredited age verification service if they wanna do age verification.

wuddih님이 먼저 게시:

Valve can not do its own solution, they must use an accredited age verification service if they wanna do age verification.

Or they hand in their solution and have it accredited.

wuddih님이 먼저 게시:

Valve can not do its own solution, they must use an accredited age verification service if they wanna do age verification.

It's almost as if germany does have such a thing.

ImAPrinnyDood님이 먼저 게시:

after all german ID does have integrated eID.
https://www.personalausweisportal.de/Webs/PA/EN/citizens/electronic-identification/electronic-identification-node.html

if it was so easy to add then they dont want you to have it.. cant be so easy then can it?

KirTyun님이 먼저 게시:

Sorry but this argument of "you could copy the ID from someone else" and all is such a weak argument.
Because if we think like that, everything can be faked.
Hell, if I would be not at the age of 18 or above, I would ask my brother to verify my account with a live feed so I could use 18+ games even when I am not at that age.

Somewhere we have to stop thinking someone can fake it. There will always be a way to fake things. This will be never possible to stop. But that is also not valves or Germanys concern. If our account is verified as 18+, or that the user is above 18+, both, Valve and Germany, are out of the concern. They did everything right to prove our age. If we fake it, then its not their issue anymore. Valve should just make it harder to fake, thats the issue that german law has with the age verification right now.

It's completely valid. It clearly points out it can AND will be circumvented and should NOT be used because it's so easy to bypass.

Ofcourse it's their issue. Anyone identified as faking/circumventing = Valve gets in trouble for a weak ass age verification implementation and that could result in legal consequences.

Do you lock you house with a bit of string? No because that be **** security as it's easy to get around. Yet you want an easy to get around process for I.D.

Sazzouu님이 먼저 게시:

Supafly님이 먼저 게시:

There are privacy issues in regards to using I.D. as a means to verify a users age

Opt-In; Period

Read the rest of what I put. For what needs to be done to actually verify a user that is not easily circumvented it'd cost money for a small percentage that'd actually use it. Thus it is NOT cost effective.

Supafly님이 먼저 게시:

Read the rest of what I put. For what needs to be done to actually verify a user that is not easily circumvented it'd cost money for a small percentage that'd actually use it. Thus it is NOT cost effective.

I specifically jumped onto your "Privacy matters" part because thats one of the most basic strawmen-argument of all time. Sure privacy matters but you already gave up part of your privacy as soon as you registered on Steam and every single time you login you share parts of your privacy.

People on Steam already give out a HUGE amount of information:

• E-Mail Adresses at least
  
• Phone Numbers if using the mobile authenticator
  
• Real name if they propperly use that feature on their profiles
  
• Birthdate upon registration
  
• Their real address if they bought some stuff directly on Steam; at least those that ordered Hardware stuff

And that is just the obvious stuff; which I would say is way more sensitive data than sharing an ID that baiscally EXIST FOR THE PURPOSE of sharing if needed. If you dig deeper you will find out that Valve knows exactly what OS and browser you are using. They also know if you use any script-blocking addons as soons as some of their analytics scripts fail. If they hire a psychologist they can start creating a psychological profile about you based on the types of games you play. Also if you are using the mobile authenticator they can tell what kind of mobile device you use. Based on that they can make estimations about your over all consumers habbits if they track this. Me for example I am using the same mobile device for about 6 years now. Other people have a new phone every year.

I could go on for ages and bring up more stuff that is WAY more sensitive than some stupid card made of plastic with some data about someone - which again solely exists for the very purpose of sharing in situations where it is needed - what which data you can easily reproduce with a small subset of data you most likely already shared with Valve. And thats why I said "Opt-In" because if you are afraid of sharing said ID then just don't and live with the state of your account not being able to buy certain games. But if there was ANY method of allowing me to freaking get rid of this chastitiy cage that is called "censorship" hell I would do without any question. Want my ID? Have it. A blood sample? Sure thing. Permanent face cam? What ever; My camera is running about 18 hours daily since Corona hit us hard and when I am infront of my computer there is literally NOTHING I have to hide.

Sazzouu님이 먼저 게시:

People on Steam already give out a HUGE amount of information:

• E-Mail Adresses at least
  
• Phone Numbers if using the mobile authenticator
  
• Real name if they propperly use that feature on their profiles
  
• Birthdate upon registration
  
• Their real address if they bought some stuff directly on Steam; at least those that ordered Hardware stuff

Because the payment information you supply needs to be verified by your bank and or credit card provider who will have all that information to authorise payment and to prevent fraud.

Sazzouu님이 먼저 게시:

Supafly님이 먼저 게시:

Read the rest of what I put. For what needs to be done to actually verify a user that is not easily circumvented it'd cost money for a small percentage that'd actually use it. Thus it is NOT cost effective.

I specifically jumped onto your "Privacy matters" part because thats one of the most basic strawmen-argument of all time. Sure privacy matters but you already gave up part of your privacy as soon as you registered on Steam and every single time you login you share parts of your privacy.

Notice I didn't hang on it. Just a quick statement. There are privacy concerns. Doesn't matter if you or anyone else can write books on it people will STILL have privacy concerns. Doesn't bother me as I wouldn't need to use it anyway.

I keep what data I supply restricted and fully aware of what I do and do not share on Steam and anywhere. Often called paranoid when it comes to my online privacy btw

You do realise a person wanting to seriously keep their data as private as possible do not really need to give anything of Value when creating and maintaining a Steam account?

Virtually everything can be made up or use disposable things like email, pay as you go phone sin (if using the number.) Even purchasing could be done via Steam wallet cards from a store. So no billing stuff to verify.

Sure that would 'technically' violate Steams terms but it doesn't mean someone couldn't and wouldn't do that.

Sazzouu님이 먼저 게시:

Me for example I am using the same mobile device for about 6 years now. Other people have a new phone every year.

Yeah because they're stupid NOT for privacy concerns. They just want the latest shiny phone that is barely an upgrade. I was happy with my note 2, only upgraded to a note 4 for android 6 so I could deny apps certain permissions. Not that I have many installed. When that broke 5 years later I got a Note 8. Every Note since is a downgrade IMHO. Sure a few things better but things I like and want are no longer a feature on Samsung devices. I'll be keeping this Note 8 till it breaks and it costs more to repair than I'm prepared to pay.

I now plenty of people that upgrade as soon as they can. Several of them upgraded to a phone without SD card support last time and barely any memory that they can't install many apps.... Not even what they had previously. Hoping that convinces them to stop upgrading asap

People could just use a pay as you go sim. I have 1 in my tablet. Sim came with £10 of credit. Needs to send 1 SMS or make a call once every 3 months. 5p an SMS to keep it active once every 3 months = it lasts a long, long, long time. Changing phone is pointless if they keep the same sim anyway.

I haven't read all posts here, however the suggestion of the OP won't work.

If you do your research about games of the love-making type, you will find out that they can't get a USK seal in Germany. This content needs a more intense age verification than just proving your identity and age once.

It's insanely severe and a big hassle for both the customers and the company.

Sazzouu님이 먼저 게시:

wuddih님이 먼저 게시:

Valve can not do its own solution, they must use an accredited age verification service if they wanna do age verification.

Or they hand in their solution and have it accredited.

They'd fail off the bat for any solution that involves national identification such as passports or ID cards, as afaik their EU subsidiary is not wholy independent from the main branch in the US and could be forced to disclose the data they've collected on their customers to the US government, without German citizens enjoying any kind of protection whatsoever. This is the reason the US/EU Privacy Shield was burned. And it's the reason that more recently courts decided that the replacement standard contract clauses are equally invalid. (They should immediately become invalidated the moment an EU citizen enjoys less protection of their data in the country to which the data is or could be exported. This is the case by definition when dealing with US-based companies, due to how their laws work and basically give zero protection to foreigners.)

Fun fact:
in various other EU member states such as the Netherlands, they'd not even be legally allowed to process a copy of your ID or even ask for it - period. Europe is veeee---ry uptight about this stuff.

Well it would be relatively easy to implement age verification that is secure and works by using the eID function of the German passport. BUT as this is Germany there is some paperwork to be done, so Valve would need a certificate to be able to use the function (which should not be hart to get but costs money, not a lot but some and that monthly).
They would also need a eID server, either their own ore one rented as a service (both solutions, again have running costs) but as valve already has servers that handle personal date it should be relatively easy to implement the eID server on existing hardware and without big cost increases.
Privacy would not be a concern any more than it is now, they could actually use the eID system to increase privacy for users in supported regions as it uses attribute based credentials (ABC's) and only shares exactly the information valve needs for the transaction (for example for age verification the eID system could just prove to valve that the user is older than 18).
So all in all Implementing eID would be easy and privacy friendly BUT it would incur some monthly/yearly cost for the additional infrastructure.

My Opinion, it's not only relatively easy to implement an ABC system like eID it also future proves Steam if data protection laws get stricter, protects them in case of data breaches via data minimization and is more consumer friendly by increasing user privacy .... soooo win/win/win.

BTW. Most smartphones can serve as the card reader for this process via a free app.

Sources (sadly in german):
https://www.die-eid-funktion.de/eid-technologie-fuer-webdienstanbieter/berechtigungszertifikate-berca-dienstleistungen-fuer-die-eid-funktion/
https://www.ausweisapp.bund.de/fuer-diensteanbieter/diensteanbieter-werden/
https://www.personalausweisportal.de/Webs/PA/DE/wirtschaft/diensteanbieter-werden/diensteanbieter-werden-node.html
https://www.personalausweisportal.de/Webs/PA/DE/wirtschaft/technik/eID-server/eid-server-node.html
https://www.ausweisapp.bund.de/mobile-geraete/?ausweismobilgeraete%5Bmanufacturer%5D=283396&ausweismobilgeraete%5Bworkingfilter%5D=&cHash=aa77a69596dc0fa15edd82089ca133be#mobiledevices