-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add dpv:AgeVerification
as a purpose concept
#128
Comments
Do we need to differentiate between these two?:
For example, if one have a driving license it can be infer that that person is at least X years old. This fact of a person possesses something (which itself has an age requirement) can be use for age requirement verification without the need to ask for age data. |
I don't think we need both, you can specify whether you want generic age data or a specific value or range with DPV-PD using Age, AgeExact or AgeRange. The purpose will always be to do age verification even if you infer the age from a piece of data that is not "age data". That way the purpose stands on its own -- does not depend on whether you use a certain data type. |
Most attempts at age verification are problematic. The best I've yet seen is currently running as TruAge in the US, which is primarily focused on and driven by convenience stores (that commonly sell age-restricted things like alcohol, pornography, cigarettes, etc.). I don't know that this is currently adaptable/adapted for online use by arbitrary web surfers, but perhaps it could be... @msporny might be able to provide some insight on this. |
Hi, I agree with @besteves4 comment about the purpose. To include what @bact describes as the distinction between exact age (e.g. 21) verification and age status (e.g. adult), we can have text in the description of the purpose. I also propose we have Term: AgeVerification This is a placeholder description. I think ISO is currently working on an age assurance standard - so I'll see the final definitions once they have been published. |
@coolharsh55 agreed! You meant that |
Yes, for now it should be under |
@TallTed wrote:
Yes, agreed, please tread carefully... some of the vocabulary terms you're defining here are known anti-patterns. I'm one of the Chief Architects of the TruAge system and the open standards work (standardized at Conexxus). https://www.conexxus.org/resources/age-verification-initiative Retail standard specification available here: https://www.conexxus.org/resources/conexxus-age-verification-specification-v11 The TruAge digital age verification went into production in January 2023 (over a year ago) and covers 150,000 retail locations in the US. It is designed to be strongly privacy preserving, even to the point of preventing a retailer from being able to track an individual from store to store (even within the same retail brand). The standards WG discussed some of the concepts that you seem to be defining above and came to the conclusion that some of them are privacy anti-patterns (like asking for a specific age). We do have an RDF vocabulary defined here (if you're interested in the concepts that we did end up standardizing):
It is usable in online scenarios. In a more broad sense, this is the first I've heard of this CG, but it looks like you're doing interesting and relevant work. Specifically, the W3C Verifiable Credentials Working Group would be looking for something like DPV for use in a Verifiable Credential query language (like Verifiable Presentation Request). Is that something this group is looking into? |
Hi. Thanks for the caution. For DPV, we are really only looking to provide a single term for 'purpose' stating the goal is to do age verification. We can point to this and other works for further description/implementation. Other groups like ODRL or Verifiable Credential are orthogonal to this work in the sense that they can use DPV to represent information in their respective data structures, and yes we would like to have some alignment or links between them. |
Hi. I have added the following as a proposed concept:
|
Excellent, that looks good. Thank you! :) |
Maybe of interest for people in this issue. https://www.greens-efa.eu/en/article/document/trustworthy-age-assurance |
It would be nice to have
dpv:AgeVerification
as a purpose concept for websites that need age data to ensure minors are not exposed to inappropriate online content.I'm not sure if it should be narrower than
dpv:IdentityVerification
or if it should be at the same level and thus narrower thandpv:EnforceSecurity
.The text was updated successfully, but these errors were encountered: