Minimizing teen drinking is all very well, but I despise the permission-seeking society we've ended up with with you have to show ID in all kinds of places and beg for permission to exist.
Last winter my wife was ill with a cold. I stuck my credit card in my pocket and went to the drugstore to buy a box of Theraflu, an over-the counter decongestant. They wouldn't sell it to me without ID and when I protested this they grabbed the box and told me to get out of the store or they would call over their armed security guy. This was a corporate change, I had bought the same product many times before without ever being asked for ID.
People are forced to ask permission far more today than a few decades ago, and everyone is treated like a suspect if they object. I don't know who's more contemptible, the petty authoritarians or the people meekly giving up their privacy and dignity to get permission to engage in the most ordinary activities.
If it was the “real” Theraflu, which contains pseudoephedrine, then it happened because all sales of products that contain pseudoephedrine are tracked. It’s to prevent it from being used in bulk as a raw material to make meth.
Most stores sell non-pseudoephedrine versions of the same medications that usually have phenylephrine which does not require showing and tracking your ID. But anyone whose taken it know that phenylephrine is a poor substitute and barely acts as a decongestant.
This is 1000% what was going on if they asked for ID for theraflu.
Sounds like they could’ve done a better job explaining what was going on. But I imagine that as a pharmacist, “guy who’s mad he can’t buy pseudo anonymously” isn’t someone you have a lot of patience with.
Which is honestly sad. Would we ideally not show equal respect for those who don't care to have their ID registered for every little thing? Isn't that a reasonable thing to want anymore?
If they're loud, obnoxious or stubborn about it (if they don't accept a reasonable explanation), that's obviously something else. I'm not talking about people being a dick. Just the general principle of taking that moment to explain the why rather than assuming anyone who doesn't immediately comply with a "hand over your ID for registration" order must have security called upon them as in the example above.
Full disclosure: I'm also this kind of person. Needed to authenticate myself to get a phone number (a regular phone number, both pre and post paid at different times so that's not the difference) at a local office. The person behind the register takes my ID, I figured she'd check and we'd be good, but then she puts both sides under some reader. I happen to know it's illegal to copy the national identifier code (BSN in Dutch) but I don't want to be obnoxious right? Not as if she's a lawyer, she's just doing what she's told to. So I just ask (politely, I thought, not stopping her or anything) which field(s) the machine copies. Well now did I want to let her do her job or should I find myself another carrier maybe? was the retort.
Hotels, similar thing. Photocopying an ID in that situation is illegal for the same reason. Employees get hostile faster than a tesla gets to 60, and I'm left feeling of a different generation before I'm even 30 years old. Anonymity is not an option, heck even complying with GDPR is not something one can expect, but refusing to even inform me what they're doing? That's off limits now?
They made no explanation to tell me what was going on, and as I pointed out I had purchased the same product many times before (as in buying a single once or twice a year over the last decade, not every day).
If they want to control the sale of it then they can put it behind the counter or put a giant advisory sign nex tto it on the shelf. But they don't do that because it will hurt profits. I don't care about their problems with meth heads.
This is not just about the situation of buying one kind of cold medicine. I'm in my 50s, why should I need to present ID if I wish to buy a beer or attend a show? Sure, the answer is 'we have to minimize our liability' but the answer to that is not to violate everyone else's privacy and autonomy.
I'm an easygoing responsible person who doesn't do stupid shit. I'm just running out of patience with public and commercial entities handing me the metaphorical bill for every imaginable security issue. The USA has turned into a nation of paranoids where people are interrogated over things like nail clippers.
Well I am not familiar with the law but if it doesn’t specifically mandate some sort of warning or sign then it’s not surprising pharmacies want to cut costs as much as possible. You can vote with your time and wallet and go to a more upscale pharmacy with presumably better service.
I know people that leave the house without their phone and ID on them, but I’m not one of them. Also, the annoyance of having to produce my ID is so trivial in comparison to the meth crisis. If this helps, I’m ok with it.
But it doesn't help, it's just security theater like the TSA. Meth makers are still making plenty of meth. It's like the war on drugs, a complete failure. It's just an inconvenience for legit people using theraflu/sudafed and in no way slows down meth production in any meaningful way.
This is a classic example of punishing ordinary people for the actions of a few. The alternative decongestants are a placebo at best, they do absolutely sod all for me.
Smurfing is the practice of sending several people out to buy pseudoephedrine just a box or two at a time at a bunch of different stores. These federal id tracking requirements are an attempt to curb that.
As others have said, how much does that really curtail the meth making in this country? I'd be surprised if it's over .1%. So everyone else has to jump through hoops so the agencies can claim a hollow victory. This type of thinking is rampant in the US and it gets so tiring.
Hard to say, but it forced Walt to use other methods like using phenylamine as a pre-cursor, which was a lot harder to come by. To get that you will need to have contact with some big corp and rob a train or something so barrier of entry is much higher.
Has anyone ever looked into the real effect laws like these this have? It's never really bothered me having to produce ID, but after thinking about it, I am curious as to how much these laws really help.
The worst I've encountered of this type of head-in-the-sand logic was in NZ. They have a law that if a person buys alcohol with companions, the clerk will check the IDs of all of them, not just the buyer's. Presumably this is to stop underage kids having an older friend buy them booze. In reality obviously, teens without IDs just wait outside and literally 100% of the times this law is applied is when an over-age-but-without-ID is accompanying someone shopping for some dinner wine. Like me and my ex gf...
I had something similar at a liquor store in Utah.
My mom (well over 21) tried to buy liquor, but was refused because a lack of ID. She sent me (also well over 21) to buy instead. At the register, I made a passive aggressive comment about how my mom was refused 30 mins ago. So they refused ME because they wanted to "ID all people at my party" - or something like that.
This is standard practice in the UK too - if you're buying alcohol as a group, they'll ask for everyone's ID if any of you look too young.
But this isn't specifically written into the law, i.e. the law doesn't say "you must check the ID of everyone in the group." Rather, it's that businesses receive ENORMOUS fines if they're caught selling alcohol to underage people - so most of them have very strict internal policies to minimise the chances of a false negative.
I couldn't agree more and I see that this is more prevalent in the US than most other countries.
I've lived abroad for sometime now and last time I went home to California to visit, I went to a restaurant to have a beer and dinner with my dad.
I've been gone for so long, I no longer have a drivers license or ID except for my passport, which I don't carry around with me.
I tried to order a beer and they refused. I was very upset as I'm 35 and obviously not a kid. I was just trying to have a beer and catch up with my dad.
Just a huge lack of sensibility in the US these days. They would never do this in 90% of the world. Unless of course you're obviously young.
Just to defend the waitstaff at this restaurant-- the law could be that if the waiter didn't verify the ID, the waiter would be personally liable, fines easily equal to 1-3 months income. Also, cops do 'sting' operations where they try to persuade waiters to let them buy drinks without showing ID.
This doesn't change your basic premise (the law is nuts), rather it extends it (the law is even more nuts than you expected).
The situation isn't common--I don't know the last time I've been asked for ID to purchase alcohol as someone who is very obviously not underage--but every now and then you'll run across a place that IDs everyone. Presumably, they've been busted for selling to underage and management has just taken judgement out of the hands of waitstaff/bartenders.
the law could be that if the waiter didn't verify the ID
Not to go all lawyer on you, but wouldn't be a good idea to see what the law actually says instead of making up reasons that might or might not exist? In CA the law is not really that onerous and just says it's a misdemeanor to sell to someone under 21. The only severe penalty is serving alcohol to someone who is a minor and already intoxicated (and thus that much more likely to do something stupid). But it's widely understand socially that any drunk person can be refused further alcohol at the discretion of the seller. But many commercial entities have just decided the way to cover themselves is just demand ID from everyone.
I would suggest that the problem here is corporatism rather than authoritarianism. The store will always have made a judgement call over whether you were responsible enough to be sold certain medications. What seems to have changed is the removal of that authority from the local shop workers, which has been centralised into a bureaucratic process. Scenarios like this are one reason why I believe we should proactively bias our economy against large organisations and in favour of smaller ones.
I'd perhaps prefer a world in which many drugs were legally sold, which might make this specific issue disappear but even then I'm happy that cigarettes and alcohol, and some other potentially dangerous items are age restricted.
From quickly looking at a few random Theraflu products - they don't seem to contain pseudo. Though asking a random store worker to know that would not be ideal, but a pharmacist should have definitely sold them this medicine without ID.
I do find it funny that many US-Americans online joke about the UK having TV licence by asking if we "have a loicence" for various unrelated things, while the US seems obsessed with providing driving licences for all sorts of every-day activities.
Having lived in the US and the UK (as well as several other countries within Europe) for several years, I can say that in my experience the "license/permission to do X" is generally far more prominent in the UK/most European countries than it is in the US.
UK resident here, and I'm pretty sure I've only ever once been asked for ID for alcohol -- and that was at a private work event where everyone was definitely over 18 (and I was 38 and not drinking).
I've never been asked for ID for either OTC or prescription medicine, and while I obviously need to present a passport to travel internationally, the airline doesn't need to see it. And all my recent travel has been domestic, and not needed ID.
(Since I turned 18, the government scheme for when to ask for ID for alcohol has ratcheted up from nothing to "Think 21" and on to "Think 25" so a younger me would probably have needed to show ID at least a bit. But I don't think that's entirely unreasonable)
Nonsense! I bought kitchen scissors from a hardware store in the UK a couple of weeks ago (but I'm 65, with a white beard; perhaps they'd have tried to card me if I might conceivably have been under 18).
No, for two reasons. One, while some retailers might decide that "scissors" are really knives and so they'd best act as though you're buying a knife that is not the law. So, this is not something you "have to" do, it's a store policy, like if they won't sell you more than six rolls of toilet paper at a time.
Two, if you're old (which unfortunately I am) then your apparent age is enough anyway. I do not ordinarily carry ID. Nobody stops me buying alcohol, entering nightclubs, watching movies, or doing other age-restricted activities, because "This person is obviously like, fifty?" is enough.
There are places with a policy of asking everyone for ID -- I know because they're the only places where I've been asked for ID.
Of course, for both the knife and the alcohol regulations, the law is around age. ID is merely the mechanism that everyone uses to validate age, as it's settled practice that doing so will prove the ID card holder's age sufficiently for the purpose of the legislation.
It's gotten ridiculous. The drinking age here is 19. Anywhere that sells alcohol is required to ID anyone that appears to be 30 or under. By the time you're 30 you haven't been 19 for 11 years.
I've been refused for having expired ID, despite the picture very obviously being me, and my age very obviously being well over the legal age.
My wife's been refused because apparently her federally issued citizenship card, with a photo that showed she was well over age wasn't apparently good enough.
I actually remember one time when i was fairly young, early 20's, I'd let my license expire because I wasn't driving and couldn't be bothered to renew it at the time. I got refused at the liquor store and there was an old guy behind me. He just started ranting at the cashier about how I'm obviously legal age and how you don't need a license to drink and all this stuff. The cashier actually relented and sold it to me after, but that old guy's rant always stuck with me since.
And, it's made me notice how more and more, it's not even about how old you are, it doesn't seem to be about protecting minors, it just seems to be a way of training people to provide ID any time regardless of the reason.
A store, at least a sane one, would never refuse from making a sale and wouldn't make it hard to make such a sale.
What the store is doing is not preventing teens from buying Alcohol or Tobacco, it's simply covering its ass. There is a certain liability with certain transactions. In that case, the store covers. If it can't cover, it doesn't make the transaction as the liability is too high for whatever profit there is.
I'd encountered a similar incident some years ago. I was fine with showing an ID, but when the clerk then tried to take it from my hand, I held it firmly.
I left my purchase at the counter and went elsewhere to buy herbal teas.
Subsequent research suggests that few cold remedies are effective at all (though decongestants can improve breathing). Teas with slippery elm and eucalyptus seem at least somewhat effective, don't require IDs, and are not meth precursors.
On why / how older generations may be primed to object: I remember reading a science fiction story in the late 1970s / early 1980s, a short in a compilation (likey a Hugo or similar award collection), in which a data system with universal identification system, with one of the designers of the system being given the opportunity to opt out.
There’s no world without identity, reputation, and trust. It’s just that they’re either systematized and scalable, or informal. Systematized has a lot of things going for it over informal; for example, the pharmacist isn’t checking “do I know his family and is their reputation in the community a good one?” or “does he have the skin color, facial features, and clothing of an upstanding citizen?” It is very specifically, how much pseudoephedrine have you already purchased? I call that progress.
I don't consider myself a conspiracy theory type of guy but I can see why people are quoting Revelation 13:16 more and more as e-payments and e-id becomes harder to avoid.
That seems difficult to test. For convenience here is the text:
Revelation 13:16-18
New International Version
16 It also forced all people, great and small, rich and poor, free and slave, to receive a mark on their right hands or on their foreheads, 17 so that they could not buy or sell unless they had the mark, which is the name of the beast or the number of its name.
18 This calls for wisdom. Let the person who has insight calculate the number of the beast, for it is the number of a man. That number is 666.
I'm not religious but I think this is brilliant. Some 2000 years ago they'd already realized how dangerous it is if a tyrannical government has a way of IDing everyone and using that ID to arbitrarily grant or deny people rights and services on a whim. It's like anti-totalitarianism built right into the religion.
I don't think it was an "if", there is speculation that the mark is reference to Nero [0]. If true this means it wasn't a guess about the future but a commentary on current day events.
The most ridiculous example of this is that I was forced to show ID to buy alcohol-free beer… To be fair the cashier also thought it was ridiculous but she couldn’t proceed without scanning some sort of ID in the system.
I was in a hotel today, where I was staying with my family, in a small 20sqm room.
When we went to the restaurant to have breakfast, they adamantly refused to remove the clear plastic partition dividing the table in two.
We couldn’t move it to the side, we couldn’t move it anywhere else. It had to physically separate my wife and I. To what purpose, I have no clue.
Oh, we’re both vaccinated. But it is corporate policy, so nothing we (or the staff) can do, even though anyone with a brain could see that it was pointless.
I really do hate those Perspex dividers, they’re the epitome of corporate “we have to look like we’re doing something even if it’s about as useful as a water pistol against a battleship”.
Some advice you never asked for: in that situation, protesting often makes things worse. Learning a little bit of negotiation and sales is an invaluable investment in life.
A simple you seem concerned about selling this to the wrong people / I'm about to make your day a little bit more difficult / you probably think I'm being unreasonable / is it absolutely impossible for me to come home with the medication my wife expects me to? / I don't want you to do something you're uncomfortable with / how can I explain this to my wife? can go a long way.
You seem to be under the impression I made a scene. In reality they refused to answer any questions and were extremely rude for no apparent reason. Perhaps they had a bad experience earlier that day, but that's not my fault.
It was your mention of the word "protest" which is usually used to mean an adversarially stated objection, rather than an attempt at working out a common problem together.
I don’t think you are generally in a state of mind to symphatize with someone that just refused to sell you a perfectly legal product regardless of your age.
Well, then my advice would be to practise entering that state of mind when a person deserves it the least (because then you are likely to benefit from it the most.)
Nonsense, getting angry and salty is always the way to go.
On a more serious note, I wonder just how people end up with unpleasantness being the standard go-to behaviour when people behind the counter aren't just giving them what they want.
Surely at some point in their lives they must have noticed that being polite and pleasant is far more likely to get you what you want than acting like a dick?
Usually the guy behind the counter has no say on company policy, and going against it is very much not in their interest. They'll be even less inclined to breaking policy over someone that acts like an asshole
Yeah, I won't say it's always the case but if you're asking some low-paid worker to bend a rule for you the way to guarantee they won't is to be rude, no matter how ridiculously inflexible they seem to be being.
In the UK, once someone's asked you for ID for an age-restricted item, they're not allowed (by law) to back down. You show ID, or you leave without the item.
In general, I think it's unfair to ask a probably-underpaid cashier to break policy in this way -- they almost certainly have no control over the policy, and quite possibly face severe consequences if they acquiesce.
I was not aware that was the law in the U.K. I would probably have found out by being nice. Less likely to find out by being abrasive.
----
The probably-underpaid people who break policy make the world go around. We'd get nothing real done if people just followed policy all day long.
It might sound like I'm joking, but I don't. I have huge amounts of respect for those people, and obviously if they help me out I will do what I can to help them out. (Even if it's just paying it forward and breaking policy when necessary myself.)
I'm not anti-policy. I love good policy, and I rarely have reason to break it. The policy that often needs breaking is the bad policy.
A large portion of states contract their driver's license printing equipment (on a maintenance & operation basis) to the same company, which I believe used to be a division of Polaroid but has been bought and sold since then. So many of the norms that this article mentions are specific to that equipment and to many US states, but not to all of them. There are still some states that use relatively commodity (uncontrolled) plastic stock and transfer or sublimation printers, that you can get on eBay used for under a thousand. You can imagine that results in more counterfeiting which encourages states to switch to the more expensive and controlled equipment and stock.
Raised print is particularly variable, a lot of states don't use raised print. As I understand it, it's done by a specific machine that is especially costly (the rest of the laser features mostly come already done from the stock manufacturer).
Edit: it's L-1 Identity Solutions. I believe the ID card printing component used to be with Identix before they merged with a newer company to form L-1.
My DC license from ~2012 was just 2 decals stuck to a white plastic card. No raised lettering. The front decal started to peel back after a few years. It sure looked like a fake ID.
This kind of leads into the thing I was wondering about when reading the article: What about false positives? What are the consequences of denying entry to someone who did, in fact, have a real ID? Could they potentially sue the bar?
The top of my ID photo has a fade-to-background, but I'm bald and white so the top of the photo loses contrast faster than the designer probably expected and as a result it looks like I am vanishing into thin air.
The pictures on a lot of Arizona identity cards/licenses literally disappeated entirely after a few years. This was like in the late 2000s, and you had to order replacements after a while.
I worked at a project on automated border gates a while back and those automated scanners are really interesting.
They usually scan the document in several stages using different light sources to check UV/ IR / visible light features and sometimes illuminated from different angles but usually with a fixed camera position.
This leads to the interesting effect that you could present different images in quick succession to show the correct image for each spectrum even if you don't have a document that can appear correct in all spectral ranges at once.
You can't obviously do that by hand but we ended up using a display (even a high dpi smartphone) that synced up to the scanning process for security testing.
Interesting that an automated scanner would care so much about the physical security measures. It’s not sufficient to look up the passport number to find the details it should contain, or check the digital signature?
Exactly.
And there would be a lot more hurdles since countries generally don't give such access without good reason.
Another issue would be reliability. Doing an attack on the network to break the verification backend would cause a fallback to manual border control which is a problem if your whole process is already relying on the automated gates and you have scaled back the available agents.
Doing that during a time with very high demand would allow an "attacker" to use it to get more people through due to less attention of the border guards.
If I remember correctly the usual timespan a border agent is considered to be attentive enough is 2 hours, at which point they would need to be rotated out, but if your demand has unexpectedly increased so much that you operate twice the manual gates you don't have the people for the normal rotation
Observation: China, a few years back. The train system has been going from a paper ticket approach to a ID-based approach. (You've had to show ID to buy the paper tickets anyway.) They also work on a system where you scan your ticket upon leaving, also--it catches someone who rides further than they paid for.
At the time some cities were fully converted and were willing to accept (with some difficulty, the scanners were picky!) our passports others only had the local ID readers. (The local ID has embedded RFID, you just touch it to the scanner plate and the gate opens.) However, others were not--a couple of times security simply let us out without doing any sort of check.
Revoking a CSCA especially towards the end of the lifetime (passports are usually valid for 5 to 10 years) is probably not economically possible since it would invalidate millions of passports all at once so you have to fall back to optical features anyway
It's actually done this way.
Back in 2014 there were basically two ways to get the public certs.
Donwload them from each government site individually or use the only PKI infrastructure available for this task which was pretty expensive and did not have all certs either.
And as far as I recall signatures were only checked for being signed by a valid key not if the key matches the country of origin. So someone in country A could sign a forges passport from country B (but not 100% sure on that anymore)
Not sure how much I am able to say, it's already several years old but the bottom line is there are so many different documents that it's not always possible to check the digital signature, either because it does not have a digital signature (we are not only talking about passports but all possible documents), can't read it because the chip is damaged, or has no way to verify the signature because the scanner does not have the certificate chain.
And there are attacks where you simply forward the communication over the network to a remote reader so that the gate thinks it's talking to a real passport but the physical passport is somewhere else.
And older passports use weaker hash functions to verify the integrity of the data
Well we cheated a bit there as we used the images the document scanner recorded and put that on a phone.
So we had exactly the images the scanner expected, but it is not an unreasonable assumption that a document forger would have access to such a device.
In the final version we had it running on an Android device.
We did know the exact scanning sequence and timing (first IR, second visible light, third UV exposure) so the phone showed the IR image by default and used the brightness sensor to detect the first flash of the recording, then an internal timer ran to determine when to switch to the second and third image.
If I recall correctly the digital part was done with JMRTD [1] flashed to an empty smart card
The certificate check obviously would have failed, but as mentioned in a comment above that is not always an issue.
The thing that gets me is that in order to get one of these dandy IDs with the holograms, micro lettering, and laser cutting is a birth certificate and an electric bill. My birth certificate is hand typed on an IBM Selectric typewriter on common security paper and the only real security feature is the embossed emblem of the rural county of the rural state I was born - and unless you have a sample to compare with you really can’t validate. Most utility bills are printed on cheap lightweight paper by a common laser printer and the only security feature might be a bit of color or a slightly non-standard size. Once you have a drivers license you are only a fee payment away from a passport.
Granted I might get a lot more scrutiny if I walk into the DMV wearing an El Tri t-shirt and speaking with an accent but barring that it seems a very low bar to turn a crappy hand-typed 50s birth certificate into a modern secure ID.
I suppose attempting that would get you a much higher quality fake however now your fake as well as your address is recorded in the system and you're screwed if they ever catch on. Use someone else's address and it's a federal crime if you go through their mail. I also think there's probably some higher level of identity fraud for messing with government officials as opposed to just messing with a bouncer at a bar.
I forget what it was my wife and I were applying for, but we had to produce a "certified copy" of our marriage license. We were just like "yeah, whatever" and toted along the real thing. This was shot down because they needed a certified copy, which turned out to be a completely bland and unremarkable printout that could have come from anywhere.
For the states I’m familiar with, you’d also need a Social Security Number that matched the birth certificate, and a few also require a thumbprint. If you attempted to get an ID card for Joe Smith with SSN 123-45-6789, but he already has one, your photo also wouldn’t match the existing digital photo on record.
You would likely be able to get an ID card issued in someone else’s name, but it’s not as easy as typing up a fake birth certificate and electric bill.
I’ve never seen a birth certificate with a social security number. If you’ve ever had a child, you’ll know that you don’t apply for a SSN until long after birth and the issuance of a birth certificate.
Source: three different states, personal experience
The SSN has a name attached to it. That has to match the birth certificate (probably with some rules about other records for name changes and the like).
I suspect this varies by state, and I can't speak for other states, but in Ohio the initial driver license also requires: a knowledge test; vision screening; and a driving skills test consisting of two parts: (1) maneuverability, (2) on road.
Surprisingly I don't believe there is any updated vision test requirement on renewals once you have a valid license.
Here in good old Europe you either produce a valid ID to obtain one (renewals) or you need testimony of two person with valid ID (i.e. theft) or two parents (traditional birth) or one parent ID and a certificate of birth, but the one signed by the hospital, not the birth registration certificate from the government (single parent birth) or a valid visa and a valid foreign ID (immigration)
Seems to cover about all cases and pin your identity to previously verified identities recursively
Surely one could not just make up a totally fake birth certificate from nothing and have any licensing office take that seriously? Surely there are additional electronic records or other security features?
I know you can purchase books of identity documents from various locations and years and those give details of the various security features that were present and material samples to compare with but I’ve never encountered anyone using them. Usually it’s just making sure I have all the documents, compare with my application, then go stand in line for a picture.
Though when I applied for the trusted traveler program they did keep my documents for a few weeks so they might have been doing that sort of verification.
When I did Customer Service at Blizzard EU many years ago they had a product with a catalogue of samples of different passports and identity documents which we could use to compare with the image we had received from someone claiming ownership of an account.
It was most amusing when the document you were trying to validate had the exact same person’s photograph as in the sample document.
No, one could not do that. You’d need at least a real name with a valid SSN who’s birthplace and DOB matches what you’re trying to get issued. Definitely possible, but more work than just completely faking up a couple of papers.
I'm sure an electronic database of birth certificates exists somewhere to handle the case where an original is lost. But I do not think the BMV / DMV does anything to validate your birth certificate itself electronically.
in most countries faking especially a birth cert alongside other official ID documents is a serious criminal offense. certainly not worth it for getting beer.
When I was in college, the laws were not quite so strict as they are now: in that state, persons over 18 could purchase 3.2 beer (3.2% alcohol by volume). Still, a fraternity or fraternities would bring in a fake-ID manufacturer every fall. Somebody on the student paper wanted to do an article on it. But his boss or bosses had had such a fake id. The article never ran.
Let me add that the age of drinking was set to 21 across the country because the Reagan administration did not wish to make airbags mandatory. It was argued that raising the drinking age would produce an equivalent or greater savings in life compared to mandating airbags in new cars. The Department of Transportation could withhold funds from any state that allowed those under 21 to purchase alcoholic beverages.
Those of you younger than I am will know how much effect raising the drinking age really had. My impression is, Not much.
Do you have a source? That’s never been the story I’ve been told. MADD and a few other groups lobbied for the age to be 21 and they tied it to federal highway funds. It’s one of the reason Louisiana had really bad roads, they held out for longer or so the story goes.
Mandatory airbags and seatbelts happened at the same time but MADD was focused on the alcohol part. 21-24 year olds had the highest rate of drunk driving but 37 year olds were the most to die in alcohol related crashes.[1]1993
Wisconsin was one of the states with a drinking age of 18 while Illinois had 21. The border between the states was referred to as a "blood border" because of the large number of drunk driving fatalities of 18–20 year olds crossing the border to be able to legally buy alcohol.
So, yes, the fact that the drinking age was 21 didn't prevent me from consuming excessive quantities of alcohol during my first three years of college¹, but it also eliminated differential situations like Illinois-Wisconsin which had a measurable impact on reducing DUI fatalities, so it was a bit more than not much.
---
1. During the late 80s, the dorm soda machines were stocked by the students. Many of the machines had a slot dedicated to beer (often a "random" slot where you took your chances. You might get something good, you might get Coors Light. The soda machine of the era were capable of dispensing glass bottles of beers even though they were designed for cans. Mostly capable. Occasionally, your 60 cents would end up buying you a pile of broken glass and beer foam. Regardless, having campus being the only place to feasibly buy alcohol meant that drunk driving incidents were rare to non-existent.
Is that any different from the large number of DUIs in and around dry counties? If you make it so that people have to drive somewhere else to drink then you're going to have some of those people making the return trip drunk.
First two years, any student could sign out the dorm lounge and with $40 and the school would provide 1/2 keg of beer, $80 would get you (2) 1/2 kegs, $120 etc.
Spring weekend, not break, First two years $5 wrist band let you drink Friday, Saturday and Sunday, regardless of age. The school provided the beer, and a constant run of bands on 3 alternating stages.
The end of my 2nd year, there was a really bad drunk driving accident with 3 underage students killed, the school stopped sponsoring alcohol at events. They also started enforcing drinking age laws.
The beer vending was semi-underground. The machines were kept in semi-private locations (dorm lounge or a store-room that only students had access to), administration looked the other way and if service was needed from the vending machine company, the beer would be removed and replaced with soda for the duration of the service visit (and the labels on the buttons changed to more innocent choices). On-campus underage drinking was widely tolerated. My cohort was probably the last to have such freedom. There were a number of serious alcohol poisoning incidents and the lax approach to on-campus alcohol came to an end in the course of the 90s.
I graduated in Massachusetts in 1979. I've never seen a beer vending machine.
But even after age 21 drinking came in in the state, most of the bars where I went to school were perfectly fine with a college ID with no age on it. (And my drivers license at the time was an unlaminated piece of index stock with no photo.)
1983. USAF dorms had beer vending machines. Cans, 50 cents.
Also in that time period, at "locally owned" establishments, a DD-2 (your ID card), was all it took to buy a drink. Even if you were 18.
Actually, a quick search shows the Minimum Legal Drinking Age (MLDA) of 21 has had a pretty significant impact in reducing drinking and drunk driving in those under 21. [0]
I learned to drive the ride on lawn mower when I was 6. I was small and light enough that the dead man switch sometimes shut off the mower when I went over a bump. I learned to drive the farm truck when I was about 12. I literally looked through the steering wheel rather than over it. At that age, it was still a big scary machine that I treated with respect. By the time I could legally drive on public roads, I was quite comfortable and confident with handling a vehicle. I already knew what I could get away with and what I couldn't. I think there is a lot to be said for learning to drive before you are a stupid teenager.
There is a difference between confident because you actually know what you are doing and confident because you are a dumb teenager. I don't know, maybe I was unusually smart, but I never dared mixing alcohol with driving.
Most people avoid accidents, so anecdotes are likely to skew toward "no effect". But the incidence of recklessness is still higher in young people, hence in countries where a lot of young people drive, there will be a bump in the DUI accident numbers for young people.
My argument is that unless young people have experience with both, it's unlikely that there won't be an initial increase in DUI accidents until they get that experience.
Yes, and my argument is that you can reduce the risks of that recklessness by teaching them about driving (or for that matter about alcohol) early, rather than treating them like children.
Yes, exactly that. After a few beers everyone's gangsta and feel like they are going to beat the Fast & Furious franchise on the road home. Even drunk driving takes experience, and young people don't have it, no matter what they start with (driving or drinking).
This author is almost as skilled as the staff at my local AMC Theatre, where I was a bystander to a woman getting denied a beer on account of her Washington, D.C. driver's license not being a "state-issued ID".
I haven't encountered this in years and years and especially with REALID standardization I assume it's vanishingly rare, but driver's licenses used to vary enormously from state to state and many didn't even have photos. So I assume the logic on requiring in-state government ID would be that a store clerk had no way of knowing whether an out-of-state license was a blatant forgery or not.
It's usually "government issued photo ID." I have seen (but not for many years) cases where a store wouldn't accept out of state ID for alcohol purchases.
Then you probably haven’t heard of airport TSA agents turning away people with New Mexico license, thinking that New Mexico is in Mexico and not the US.
I remember trying to buy beer in a grocery store in Arizona as a visitor using my passport as ID. The cashier called out the manager to decide if they could serve me. The manager said no.
Why do bouncers in the US enjoy looking at IDs so much, even for OBVIOUSLY adult people? In Austria and Germany, you don't usually get asked for your id, unless you look underage AND the clerk/bouncer is in the mood to check.
When I was clubbing in New York, the bouncer would even control my id very closly when I went back in after a smoke. It was cold, he saw me leave, he saw I wasn't wearing more than a t-shirt in the cold night. Yet he took 20 seconds to check my passport. People tell me I look like 35.
The police here send underage people to bars with fake IDs in order to try to punish the bars for serving the underage people the police sent. Really. The punishments are pretty severe, including losing their liquor license for some time or even being shut down entirely. So they are pretty rigorous in their ID checks. The system works, I guess.
That happens in every country with drinking age laws right? This can't be what makes the USA different (assuming GP's thesis is correct, I've never been to a place that had a bouncer let alone to the USA).
> The police here send underage people to bars with fake IDs in order to try to punish the bars for serving the underage people the police sent. Really.
I don’t have a source but I personally visited a restaurant that had their license temporarily suspended for serving a minor who turned out to be an undercover cop. Unsurprisingly these places prefer not to have this fact publicized, and it was their first offense, so you’re unlikely to find stories about it in news articles on the internet.
I don't know about the US, but so-called "test purchases" are an extremely well-known practice in the UK and it's not the least bit controversial to suggest they happen - and everyone knows it if they've ever worked on a bar. I know someone who lost his job for failing to ask for ID when the customer was a test purchase.
I know the writer of the article and the bouncer in question. While hanging out with said bouncer I've seen him catch fakes from some young looking adults who later revealed themselves to be cops running this very scheme. Regardless of whether this is a good use of anyone's time, I can confirm it happens.
The level of scrutiny you're describing sounds unusual for most parts of the US, but the broad answer is that the relevant enforcement authorities are more aggressive in the US than they are in Austria and Germany. This leads to inflexible policies so that the establishment's lawyer can more effectively defend against prosecution for any failures.
In your case, I think he was possibly just curious about your passport. In the general case, bouncers do this to not seen as slacking on the job by their peers or manager.
It might have to do with enforcement. Some liquor control boards don’t give a shit if someone had a fake ID, they will fine or shutdown them bar if someone underage comes in.
And I know in my city they’ll hire folks who are underage, with fake IDs to try and get pdf the checks.
The bar has probably been busted before and told the bouncers they’d be fired if they didn’t check closely.
This varies widely by city and state. There are some cities where you'll almost never get carded, and others where you'll get carded at every single bar.
Had this in vegas. But it seems to depend on the bar/staff. One would absolutely refuse to serve me without seeing my passport, another wouldn’t even ask.
I'm in the UK and it always perplexed me why the USA drinking ID laws are quite so strict. Surely people are going to get booze one way or another, and the idea is that by having some level of ID you're stopping most people from drinking underage in a bar? Most people over here start drinking in parks with mates around 13-16 and it's not big deal, if anything in my opinion it's safer they drink in pubs and bars where people can keep an eye on them.
Your country created puritanism, which it exported to the US where it continues to influence policy. The US once outright banned alcohol.
Prohibition tends not to be effective when there's broad demand for the prohibited item, especially when applied only to a small segment of society. In many places, it's customary to introduce teens to alcohol under parental supervision, which I suspect reduces later high-risk behavior.
I think part of it is the level of car use. Most places in the US, everything is quite far apart, and everyone has a car. The main way that people get home after drinking is driving. Hopefully they take an Uber or have someone else to drive them, but many times that is not the case unfortunately. So there are a lot of young people on the road or freeway on the weekends who have been drinking. And it is a fairly common cause of young people or the ones they crash into dying.
Yeah it's crazy. I think it's because the police seem to absolutely hate clubs and will turn the screw in any way they can under using the threat of taking away their license.
The data almost certainly isn't stored in any sort of secure manner, either.
They do this because the risk is very assymetrical. If someone is >18 and they ask for ID, no big deal. If someone is too young and they don't ask for ID, they risk a huge fine, criminal prosecution and possible loss of their license. So they instruct their staff to "think 25" to minimise the possibility of the latter. It's understandable.
I'm 30 and I still get asked for ID occasionally, and you know what? I don't care - because I've been on the other side. I've worked in those shitty low-paying jobs where you often have to ask people for ID and I've seen how rude, pissy and entitled people can be when you make them suffer the enormous inconvenience of flashing their ID so I can avoid the risk of getting fined thousands of pounds and fired. If you think it's such an indignity to be asked to prove you're above 18 then I suggest you spend more time working in service jobs.
Not as bad as NZ. NZ only serves beer and wine in the supermarket for starters. They have the same under 25 policy. They also have policies where if they smell alcohol on you they won't allow a sale. Not only that but if they smell alcohol on someone next to you, they won't allow the sale. Not only that but if the person next to you looks like they could be under-age and don't have ID on them then they will stop a sale. Is truly ridiculous. Once I bought some alcohol and they asked my mum for ID. My mum had me when she was 25.
I Reveal My Attributes (IRMA) proves things like age without giving up SSN or whatever. I don't know the details but I've been hearing about it from nerds for years so I'm assuming there's a solid signature scheme behind it or some way to prove you're not carrying your of-age friend's phone.
Doesn't seem like anyone's interested in rolling this out though... something something proof of vaccination in the EU without compromising privacy, perfect solution mumble mumble...
This would be great and all, but all parties who are in a position to choose to implement this kind of system or to keep the status quo are already motivated to keep (and expand) the existing systems, for any number of reasons. Everybody (except the end users) loves to keep that juicy metadata and incidental logs of everything.
The biography “Genius” has a picture of Richard Feynman’s New Mexico drivers license from WWII. Under name it just shows “Engineer #123” (can’t remember actual number) and address is “Special List”.
The sooner we use PKI for identification in some oauth2 like system (where we can choose to redact irrelevant information such as our name or address) the better.
Brisbane Australia scans ID cards on entry to nightclubs (I think there’s a control where if you’re booted from one club you’re barred from all for the night). I’m all for a safe nightlife, but good luck asking a bouncer what their data retention, data privacy, and operational/technical security are without getting laughed out of the cue.
I've left parties because they go to clubs that scan your ID and take your photo before you can enter on several occasions. Cryptographically verifiable identification is not a good idea, regardless of intentions.
> Cryptographically verifiable identification is not a good idea, regardless of intentions.
Technically not an identification, but Zero-Knowledge-Proofs might be the solution to that. If I remember correctly, some countries in the EU are looking into this for medical prescriptions - proving your eligibility while exposing zero information about you.
I had an argument with my local supermarked when they insisted on scanning my ID each time I buy beer. To add insult to the injusry: I was in my forties at this time with grey hair. I stopped shopping there.
An ID (I’m thinking specifically of a drivers licence in Australia) usually contains virtually all information anyone would ever need to identify themselves as you over the phone - name, address, date of birth, drivers licence number, etc. Having someone scan this and save it is not something you really want anyone to ever do.
I'd assume the information on the 2d barcode is the same as what's printed on the front. The problem is that you have no idea whether a scanner is connected to a larger surveillance database. A GDPR-style law and real enforcement would go a long way to restoring some societal trust in the US. As things stand right now, it's prudent to put tape over the 2d barcode and the printed ID number, and only remove it when necessary (eg actually interacting with the police).
Well, your address is printed right on the front too. I thought eye color was printed on the front, but I guess not. So perhaps there are a few fields like that.
I wouldn't think printing out your own 2d barcode with some fields masked would be strictly illegal, as long as you weren't committing fraud by putting fake info.
Practically though, even just covering mine up with tape I've run into a few people who call it a "tampered" ID. IIRC this has only happened for situations where I accept they're going to require the identification number, so I've removed the tape from the printed number on the front but not the barcode on the back (because it's harder to nicely put the bigger piece of tape back). When I hand over my ID I ask them to key in the number instead of scanning, and most people will happily do so. But the occasional person will get tense and say it's a "tampered" ID and refuse to accept it. I've always quieted them right down by removing the back tape and handing it back to them. But I can imagine if you have a different barcode and someone notices it might set off similar "serious business" flags that you won't be able to assuage so easily.
But if you've got the bandwidth to try it, go ahead. Human rights aren't going to defend themselves! Just remember to be pleasant in your interactions, and it helps to have examples ready of why you want to keep your information out of databases.
The German ID card works something like that. The fields you as a vendor are approved for, you can make either required or optional server-side. The user can then choose what they want to add or to abort process. It can be read either with a pin that's printed on it, or with your Personal six digit pin, depending on use case.
You can tell it to just do an age check (has completed nth year) or a place check (lives in community with x ID) and it'll just return yes or no. There's also a pseudonym function that returns a unique ID per card+vendor combination (so the same vendor can tell it's the same ID again, but a different vendor would receive a different ID).
I can't see it used in night clubs though. There's a staggering amount of requirements you have to meet in order to receive certification to go to one of the handful of service providers that meet even more requirements to run a secure server that are connected to the PKI allowed to talk to the ID card.
Yeah correct, but IDs are easily fake able anyway. The purpose of ID is to stop low leve falsification, high level ID forgery involves bribes for .
Worst comes to it, I’d opt more for biometric verification provided the software / hardware is produced by a sane entity such as local government and not some seedy nightclub.
How can you tell? Plus, even if they're not as sophisticated yet, all it takes is some marketing oxygen-wasters to say that they could improve profits/conversions/etc by 1% by capturing ID information for this to become reality.
The item you referred to as "fake passport" is a Swedish national ID card. While not a passport, it will double as one when traveling within the European Union. How did you come across it?
I think he's wrong about reflectivity on passports too. My European passport picture page is extremely reflective - it's hard to read anything on it at the wrong angles, and the reflective holograms make my picture very hard to see. The photo is printed with very low contrast and uses an online user-supplied photo, too!
When I was a kid, we would make fake IDs using a huge poster board. We used pinstriping meant for cars to make the "grid" that all the text went into, rub-on letters for all the text, and a highlighter to draw "see through" stuff like the state seal. Then, you cut out the space where your photo went and actually held it in front of your face. A friend takes photos from various distances, then you pick the photo that's closest to the size of an actual license. They worked, even with the obvious flaws they had, because the bouncers really just wanted plausible proof that they had checked.
Having read this, I went and found my Global Entry[1] card. It has remarkably few of the security features mentioned: it's clearly machine cut and has visible laminate layers, and the raised features are incredibly easy to miss. I've used this card to enter and leave the United States multiple times, but every bartender thinks it's fake.
Oh, and my picture on it is laughably bad. I distinctly remember the border agent using a consumer Logitech webcam to take it.
I have one of these too (including the terrible logitech portrait) and I think the important verification going on is that 1) once you're approved, your passport number is linked and the book can be cross-referenced and 2) I believe DHS is now doing facial recognition at global entry terminals, which does away with the card totally.
It's interesting to observe the process of bartenders or club bouncers in USA verifying foreign driver licenses, esp. if someone looks like they are in their 30s or older.
A person turns the driver license around a few times, too quick to read anything on it and gives it back to you, or they ask you where the birth date is and quickly check whether the four-digit number you pointed them to is smaller than whatever the current cut-off date is.
This was how it was done in 2008 at least, when I bartended. Our bouncers were very, very good at identifying fake ID’s from almost any state. Sometimes when they confiscated them, the people would call the police and the police would look at the ID and hand it back (there’s not a lot of verification that can be done in the field). This is despite that the ID was, in fact, 100% fake - often our friends who were staff at other bars who were drinking as “regular” customers could confirm that they admitted in private it was fake afterwards.
Depending on the night we’d instruct the bouncers to be either more strict or less strict about checking ID’s. Everyone’s paycheck came from the tips so if it was too quiet then staff might not be able to pay rent. If it was too crazy, staff might get hurt.
Yes, technically serving minors is “strict liability” but the city police didn’t enforce it that way. If someone had a reasonable quality fake ID it would let us off the hook as far as the usual cops were concerned. Obviously it wouldn’t help us if the alcohol enforcement agency specifically showed up that night (very very rare) or if an underage drinker died in a drunk driving accident (never happened thank god).
Our bouncers were better than police at checking fake ID’s because:
1) they check many orders of magnitude more ID’s than cops ever do
2) part of our on boarding is to give the new bouncers a pile (200+) of fake ID’s to study which we had because we confiscated them. These included real ID’s which we confiscated because they were being used by not-the-owner of the ID. Then 1-3 months later they are tested against a different set of fake/real ID’s and needed to get some absurdly high % correct.
> These included real ID’s which we confiscated because they were being used by not-the-owner of the ID.
Wait, how does this work? You (as a private, non-government entity) can just confiscate an ID simply because you suspect the bearer isn't the person whose ID it is?
It doesn't. If you confiscate an ID document you are supposed to turn it over to law enforcement. You don't just get to build up a collection of other peoples stuff.
In many states possession of a fake ID is a crime, in addition to laws that cover use or intent to defraud.
But what if law enforcement is manufacturing fake ids themselves?
That's one of the many ways Trump loyalist Matt Gaetz's best buddy pedo-pimp Joel Greenberg got in trouble, making fake ids using information from surrendered driver's licenses.
>The report claims that some customers came to Greenberg’s office to surrender their driver’s license -- for instance, when they were receiving a replacement or renewal -- with the understanding that their old ID would be shredded.
>Instead, federal prosecutors allege that Greenberg used the information from at least two IDs, one from Florida and one from Puerto Rico, to create a fake driver’s license that would have his picture on it along with the victims’ names, date of birth and other pertinent information.
>“Joel Micah Greenberg used the surrendered drivers licenses that he had taken to cause fake driver licenses to be produced that had his photograph but the personal information of the victims whose driver licenses he had taken,” prosecutors wrote.
Presumably the bouncer says "I'm confiscating this, you can leave or we can get the cops to sort it out" and anyone using a fake ID who isn't dumb chooses the former.
Most of the bars I knew of had their own collections of fake ID’s. The good ones would use them for training purposes and the bad ones would find ways to sell them on the black market.
Holding onto them for training purposes may be illegal but generally we had very good relationships with the police, it wasn’t something that would have ever been enforced.
To dispel the notion that this was some “bootlicker” bar that got special treatment from police, it was the actually the most popular bar in a college town very much like Berkeley or Austin or Cambridge. When Obama won the election the bar was standing room only but the manager had the staff give a free shot to everyone in the bar.
You confiscated them? Deny entry, sure, it's your business and you have no obligation to risk liability (although as you say, there's little risk and you bend the rules when your revenues are weak).
Nut how does that give you confiscatory rights? How do you come to be exercising police powers and deciding that you can take other people's stuff on behalf of your local jurisdiction? Is this a legal requirement, and if so, how do you justify a) bending the rules as described and b) not surrendering the confiscated property to the civil authorities?
(I realize you were tending bar, not operating the business, yourself.)
> technically serving minors is “strict liability”
As an aside, strict liability in criminal law strikes me as unjust. There should always be a culpable mental state attached to a crime, even if it's just negligence so that people are only punished for behavior that the relevant legislative authority has deemed bad.
They get huge fines from the state alcoholic beverage office. This is strict liability, and punishment can be gigantic fines and revocation of the alcohol selling license. So, intent doesn’t matter in most states and no matter how real an id appeared, selling underage creates these consequences.
I mean really the objective is to show that you put in an effort that was good enough for the state inspector. Most places that check ID don’t care if it’s actually fake just that an effort was made
When I was 19, I had a perfectly valid California ID card for my 23 year old cousin who kinda looked like me. A bouncer in Seattle confiscated it because "every California license I've seen says 'driver's license,' not ID card."
Weird that ID's still don't have, say, QR-codes or something similar with a cryptographic-signature to verify that the info's accurate. Or chips like with credit-cards. Lots of different ways stuff like that could be done.
The issue is that those are mechanisms to validate a card against a central authority. But most usages are in cases where the ID is self-validating and cannot be authenticated against a central authority.
With pubkey crypto you could easily allow validating with a self-contained device. That's just a signature check.
The obvious way to do that has some drawbacks though, the big one being that if the private key ever leaks, your whole system is now useless and needs to be replaced (cards, verifiers and all). And you'd need to either generate all the cards in one place, or the private key would need to be available in multiple places. Not really a recipe for success long-term.
In the EU, most states have eID systems. The German system is as follows:
You've got a central agency, responsible for IDs, paperwork and currency, with a root key in an HSM. From this key, intermediate certificates are generated for each ID production plant. This HSM is kept offline in the vault that also keeps the mint masters for coin and currency production.
The ID production plants then sign IDs with their intermediate key, also kept in an HSM, and tack their own certificate on.
The ID now has an X.509 certificate, or rather multiple ones, with a certificate chain going back to the root certificate of the agency.
Now if you send a correctly signed request via NFC to the ID, the ID will generate a response in its own HSM, and return a signed response with the whole certificate chain.
Such a request can be "given the following date, is the owner of this ID above 16?" (18, 21 are also available).
The request can also be "what is the full personal data for this person?"
To send such a request, the request also needs to be signed, also with a certificate chain going back to the same root CA.
The agency provides certificates with different features enabled or disabled to different users. e.g. a bar can get one that allows them to query IDs for "are you 18 today?" with a certain limit of how many requests per ID they can make per day (the ID verifies that) to avoid brute forcing the actual birthday.
This is for example used in fully automated cash-operated cigarette dispensers.
You can also get a certificate that allows you to request all ID data, but is restricted to your own ID.
From my anecdotal experience working with those cards, they'll fail and brick early into your brute force attempt anyway.
The card can use the date in the certificate provided to approximate the current date, and will remember the last good date it saw, so you can't just decide to change the date and do another x years old check. AFAIK there is no "rate limit" for those.
> The obvious way to do that has some drawbacks though, the big one being that if the private key ever leaks, your whole system is now useless and needs to be replaced (cards, verifiers and all).
> That's a problem addressed with [public key infrastructure (PKI)]
I don't really agree.
Yes, you want to use PKI. But it doesn't solve the problem of needing to immediately update all your equipment when there's a key leak, and replace or reprogram a huge number of cards. PKI just makes things a bit smoother in general.
My suggestion is pretty simple. Have a few different locations that sign keys, have them all sign each card, and require multiple valid signatures. Exact details up to the implementer, but that way you could have at least one key leak without causing any user hassle.
There's been multiple efforts towards some type of PKI verification of driver's licenses, but they've all failed to gain adoption for various reasons. Perhaps the simplest is this one: driver's licenses are not really intended by the state to be verifiable offline, as in basically every case the state has to verify a driver's license they will need to perform an online check anyway (for revocation, for example, if not also for warrants and the whole NCIC gamut). So the level of motivation for the state (and more specifically the AAMVA which promulgates standards for driver's license) to implement this kind of verification is pretty low. Add to that the moral hazard of normalizing digital imaging of driver's licenses (which is a real concern as "digital ID" schemes or anything that looks like one face significant political opposition in the US) and practical challenges (cryptographic signatures compact enough to add to the PDF417 are possible but not as well standardized, the federal government has consolidated cryptographic ID efforts on ICC "smart cards" which are costly) and it's just a hard sell.
> cryptographic signatures compact enough to add to the PDF417 are possible but not as well standardized
Do you know which are compact enough while remaining secure? I looked into this recently and failed to find one. Went for online verification in the end so data being signed was minimal.
An ECDSA signature for example can be represented as 64 bytes with good security, and adding 64 bytes to a PDF417 isn't too big of a deal. That's basically just the curve coordinates and nothing else though, so the verifying device has to either guess-and-check or use some other data to figure out what public key it should be verifying against, and there's no expiry or anything like that. In practice, now that we have elliptic curve algorithms that tend to allow very compact keys at a good security level, the bigger problem is less the actual cryptographic signature and more all the PKI metadata that normally needs to be tied to a signature to make it useful (especially if you have multiple levels of authority, which you probably want to or revocation becomes a huge problem). There are ways around carrying around PKI metadata with the signature (i.e. a normal x509 certificate) but there are tradeoffs and it's not like a well-established standard, which tends to make government organizations uncomfortable about adoption.
Signatures aren't just uniformly-distributed entropy, like hashes are; they encode real information, e.g. elliptic curve coordinates. Hashing and truncating the signature would destroy that information, meaning the signature could no longer be verified.
What prevents someone from checking an ID against a central-authority?
I mean, doing so online isn't necessary -- there're plenty of validation mechanisms that could work offline, and presumably they'd be useful in the odd cases in which internet-connectivity isn't available. But internet-connectivity tends to be pretty accessible in most scenarios where an ID would need to be checked anyway, right?
Pretty much all passports do have a chip you can read using NFC. The data on the chip is signed using a CSCA (Country Signer Certificate Authority), so you can validate the data. On most documents you can also perform a challenge-response protocol to determine the chip is authentic and not a copy (you can read the public key but not the private key).
There are free smartphone apps available for both Android and iOS that let you read and verify the chip.
In the US, the 2D barcode (PDF417) contains no signature, only a plaintext duplicate of the information on the face of the card. It's intended purely for convenience. Nonetheless, it's not too uncommon for bouncers to use an app to read the barcode because counterfeiters will surprisingly often generate the barcode improperly (causing failure to parse against the AAMVA specification) or outright duplicate it from another ID such that none of the information matches the face of the card. The specification for the barcode payload is a bit obtuse but it's available online and there are plenty of libraries out there for parsing and generating them.
Most US driver's licenses also include a 1D barcode along the top edge that contains just an excerpt of the information from the face. This is also according to an AAMVA standard.
"QR and Barcode Scanner" from F-Droid will decode those 2-dimensional barcodes on a CA driver's license. It's mostly the same info that's on the front. You see it as lines of raw unparsed text with that program.
Decent quality fakes will have the correct info in the barcode as well. I guess it weeds out the cheap ones at least? At my cousin's sorority they'd just find a similar-looking girl over 21 who would "lose" her ID and request a replacement, not sure how a bouncer would be able to detect that.
Most folks don't want to share the roads with drunken teenage drivers.
Don't get me wrong -- some teens are probably more than responsible enough to be trusted with controlling their own drinking. However, it's those that aren't that're the concern.
Parents generally don't want to have to worry about bars being allowed to serve their kids, either. Maybe not all parents feel that way, though I'd guess that those who'd be against their kids drinking would tend to have stronger feelings on the topic than those who'd be okay with it.
Doesn't seem to be a major problem in europe, where many countries have a legal drinking age of 18 or even 16 for beer. Besides, the law doesn't stop teens who want to drink from drinking, only from going to bars and makes them jump through more hoops to get their alcohol.
Here in the NL, it costs multiple thousands of EUR to get a drivers license. My friends won’t get behind the wheel after even one drink, just because it’s so clear how much driving is a privilege. In the states, it cost me less than $30. I knew people in the states who got a DUI, and their license (restricted) back after just a couple of weeks.
>NHTSA estimates that minimum-drinking-age laws have saved 31,959 lives from 1975 to 2017.
I wonder how many assaults and deaths have happened due to underage drinkers being too worried about going to the police or hospital due to their illegal consumption.
And how many didn't need police-assistance or hospitalization because they were sober?
If there's a perfect solution to ensuring that teens suffer no harm from alcohol, that'd be a neat thing! However broadly repealing prohibitions against teen-drinking wouldn't seem to be such a solution.
And yet, for all intents and purposes, it works fine in Europe to have the drinking age at 16/18. Perhaps even better than in the US! And with fewer drunk driving deaths as a percentage of fatal crashes [0].
Maybe because the driving age is slightly higher, training to become a driver is usually more rigorous, and max BAC levels are around 0.05%.
Another aspect might be cultural — in my experience alcohol is much more taboo and simultaneously more likely to be abused by youth in the US than in Europe. This is probably because many grandmothers will give their grandkids a small glass of wine with dinner or a schnapps for New Years or other stuff like that. This de-stigmatizes the drug, thereby making it less edgy and cool to drink.
I remember being 14 at a wedding in Germany and everyone very jovially encouraging me to have a small schnapps shot, and getting very drunk on absinthe at maybe 16/17 in France. No one really cared, and the lesson of the hangover was plenty to whip me into shape.
Might require some investigation and modeling to figure out a good cause. For example, the stats based on drunk-driving incidents compared to total might be misleading as the totals might vary significantly.. we'd probably want something more like [drunk-driving-incidents]-per-[driving-hour] for a starting point. Then probably explore stuff how frequently police catch people and typical consequences, how much folks in an area drink, how people drink (late nights at bars, or earlier at dinner?), if people in an area tend to car-pool, how the roadways might play in (safety features and well lit?; twisty backroads?), etc..
Really seems like there should be research on this sorta thing already, but not immediately seeing one on Google, which is odd..
But, yeah, dunno why folks'd do it in the first place. Seems like simple self-destructive behavior.
Overall, looks like they found that stricter regulations and beer-taxes significantly reduced drunk-driving incidents, while drivers-under-24, higher speed-limits, and unemployment had the opposite effect.
I can endorse what you have written about Germany. I think that the vast majority of people in my country consider it a good strategy for preventing alcohol abuse by their children in teaching them to handle it in a cultivated manner themselves. Not in theory, but in practice. And this needs to be done before they start to drink in secret with their friends.
Here in the US you need to be 17 to enlist in the armed forces. If a 17 year-old is mature enough to go to war, to potentially kill and be killed, then they're old enough to drink.
> The US has signed an international agreement barring child soldiers. What that means in practicality is only that you are non-deployable until you turn 18. (you must be 18 to actually fight).
> If you graduate High school early yes, you can join at 17 with parental consent, you can ship, train, you can join a unit and be active duty, you are just FLAGGED as non-deployable until your 18th birthday, when the flag is lifted.
The counterargument to this is that there is evidence young people are neurologically not full adults at 18 years of age, and alcohol impedes neurological development.
I have no doubt war also has neurological effects, but they don't seem to be age specific.
It is challenging, if not impossible, to otherwise defend it. If someone has the possibility to choose (or be forced) to harm themselves and shorten their life in war, then why shouldn't a choice apply to alcohol?
The argument in response is that it is legitimate for the government to legislate to promote the health of its citizens, as we are seeing with lockdown laws in COVID-19. That people break lockdown laws is not a reason not to have lockdown laws. So the argument involves a bit more analysis than simply accepting that 'prohibition doesn’t stop teens from drinking'.
So, this just invites the same perennial arguments frequently made in relation to drug decriminilisation.
On my part, had the drinking age been 21 where I live, I wouldn't have started drinking until I was 21.
Tell that to the 73.6%[0] of Americans who are overweight or obese, but that the government doesn't care too much about it, in fact they subsidize it[1] via the farm bill & friends. Being overweight or obese will shorten your life [2]. Also the US gov doesn't care, as it's own dietary reccomendations differ from accepted nutritional guidelines e.g. Harvard nutrition plate[3].
IMO the government should not be in the business of policing one's health, or advocating for the people's health, as the USDA and associated agencies are demonstrably corrupted.
Most of this isn't accurate despite the links, which is kinda odd to see. To tick off some stuff:
1. The government does care about overweight/obesity; it comes up a lot in discussing issues with the healthcare system (https://www.cdc.gov/obesity/data/adult.html). A lack of regulation isn't the same thing as not caring -- for example, there's no regulation requiring Americans to get vaccinated, either.
2. Farm subsidies seem unlikely to be a problem.. it's not like access to food makes people obese -- in fact, the opposite seems to be true (https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5781054/). Usually affordable-food helps folks eat better rather than more.
3. The US government's dietary recommendations not being a copy/paste of another set of recommendations isn't a meaningful observation... why would you think otherwise? For example, are you under the impression that someone following the US's nutritional guidelines would be worse off for it? (In case you're not American: the problem isn't the guidelines, but rather that most Americans don't follow them.)
4. The US government's call to regulate teen-drinking was based on a historical uptick in drunk-driving accidents when the drinking-ages were relaxed (https://en.wikipedia.org/wiki/U.S._history_of_alcohol_minimu...). This is, the argument wasn't based on a teen's personal health but rather people were crashing cars on public roads, which is definitely a reasonable concern for a government to have.
> had the drinking age been 21 where I live, I wouldn't have started drinking until I was 21.
You really don't know then. As someone who lives where it is 21, I'm qualified to tell you that you're very likely wrong.
Before the "Source? Study?" parrots show up, you're darn right this is anecdotal. The "real data" is going to be from kids who aren't telling the truth.
The last time anyone was drafted in the US the drinking laws in most states allowed 18 year olds to drink. So what is your point? I guess the government agrees with you: no one under 21 is allowed to drink and no one under 21 is being drafted.
Not that I am a fan of gvt control, but why don’t modern IDs have a QR code containing the key attributes signed using PKI, and perhaps a link to a photo from a gvt website? That would make it unfalsifiable, without the person checking the ID needing to be an expert, they could just use a gvt issued app.
In some more advanced countries, they do this exact thing (or in other cases, a barcode with a serial number that is used to double-check to a government-controlled database). Does not stop bribing government officials to make a genuine fake ID of course, but it significantly raises the bar of faking it.
In Italy the new ID card (issued from 2015 onwards) has NFC capabilities. It contains key attributes (including the picture) that can be read via NFC signed from governament PKI. Some information can be unlocked using a code printed on it, some using the private PIN given to the citizien, and some other only from police/governament.
Some innovative use cases could be using the ID also as a gym card or as transportation card.
Temporary paper IDs are issued in some states while you await receiving your real ID in the mail. They are easy to Photoshop and print and must be accepted with a photo ID with matching name, like a college ID.
Once upon a time, alcohol usage among college students--regardless of age--was something that a blind eye was mostly turned to, including most local bars and the like to say nothing of the college itself. From what I can tell, this has mostly changed a lot.
On your real ID, the laminate is almost unnoticeable, except for a slight glossy sheen. It ends at the end of the card, although if you look very closely at the edge of the card you can see two or three layers: the laminate, the card stock, and possibly another layer of laminate.
How many businesses actually care? Isn’t the business a victim of fraud if a customer uses dishonest papers to gain admittance? Last I knew fraud vitiates everything.
Depends. My wife's identity was recently stolen, and the fraudster rented an apartment; it's not clear if the fraudster showed a fake ID in that process, but they may have. The apartment complex is likely going to be out rent for several months as this plays out, better vetting could have prevented that loss.
If it's a bar, they might be on the hook for underage drinking if they don't do a decent job of checking.
Not even close. If you take a fake ID to a bar in the US, get drunk, drive home and slam into a bus full of nuns just before you reach your destination then the bartender who served you will need a criminal attorney as well as the bouncer who checked IDs at the door and probably the owner of the bar. Strict liability applies here.
Usually in common-law jurisdictions, absolute liability (i.e. mens rea is not required and due diligence is not a valid defence) cannot legally apply to criminal offences. Is that not the case in your jurisdiction?
Last winter my wife was ill with a cold. I stuck my credit card in my pocket and went to the drugstore to buy a box of Theraflu, an over-the counter decongestant. They wouldn't sell it to me without ID and when I protested this they grabbed the box and told me to get out of the store or they would call over their armed security guy. This was a corporate change, I had bought the same product many times before without ever being asked for ID.
People are forced to ask permission far more today than a few decades ago, and everyone is treated like a suspect if they object. I don't know who's more contemptible, the petty authoritarians or the people meekly giving up their privacy and dignity to get permission to engage in the most ordinary activities.