Correction: to make sure the only bots/manipulation of views etc are the bots they control.

💩 No one expects the enshittification! 💩

Yes. He ordered one, expecting to be scammed and to make a video about it.

Now he has made a video about the exposed data.

To be fair, some people have less reason to trust their government with their data, then others.

There are varying degrees of trust in authorities in the world.

For nations with high confidence and trust in the authorities, this feels like a no-brainer.

Eu is working on a digital wallet that would (among other things) help with this.

Afaik It has a tiered information/identity structure, where the lowest level is: “is this a human being” (as an alternative to captcha)

Then you could have age. (Just “is this person above %age”) Response would be just yes/no

Then spesific age, nationality etc etc.

You get the prompt, where it says what data they are asking for and you can concent or decline.

The source of authority would be the nation you are a citizen of, the origin of data would be obscured through EU proxies, and data would only be transferred if you approve the transaction from your app.

It’s a pretty big and ambitious project and could eventually lead to a lot easier transfer of sensitive data, where you are in control of who gets what and less need to store local copies of sensitive data. (An example usecase is for instance confirming a prescription to a drug for a pharmacy while traveling abroad).

Biggest risk as i see is people confirming data request without scrutiny. There needs to be mechanisms to aggressively revoke the ability to ask for data if abused. And I would assume the requirements to what org can ask for high tier data are really strict.

Going to be interesting to see what comes of it.

I’ve edited my response to include some of the reason some countries require the Hotels to identify their guests.

It can also be a liability/insurance requirement in case of fires or other accidents.

Many countries have several mechanisms to have a certain control of the movement of foreign nationals within their borders. Especially if they have problems with unofficial immigration.

I might not agree with all of the mentioned rationales, but at least a few I can understand why someone, somewhere considers it a “good idea”

Lastly if you are asking how you would deal with getting new credentials. There would be a mechanism similar to when you first get the electronic id where your previous device gets deauthorized and you authorize a new one.

All of these are allready solved problems at this point. We do this all the time with other credentials like online banking etc.

This varies by country, but in Norway for instance all of these things are already solved and online/phone banking is both safe and the most common way of doing things.

Loss/theft of phone is at worse a few phone calls and security questions to get it deauthorized (a properly secured phone would not be any significant hazard as mentioned in other responses) and authorizing a new device can be done with mail/SMS combo identification pr by showing up to a local office if you wanna do it that way.

Laws requiring Hotels identify their guests. This is a requirement for several reasons.

Some of which are visa requirements for foreign visitors, making it harder to use fake guests to launder money, in addition to several other uses of hotels by criminals (including prostitution) leaving a paper trail for authorities to follow up on.

It of course requires on device lock, like a pin or biometrics.

Also anyone with a nibble of security awareness will have their phone properly secured so it cannot be opened by anyone else.

(My phone requires face match, fingerprint or 6 digit pin. Additionaly it locks up to only accept the pin if it moves out of range of my smartwatch. It can also be remotely locked further, traced, and even remotely wiped)

If you run your phone without security pin or fingerprintint lock, this would be the least of your worries if your phone got stolen.

How are your banking apps secured?

No. A properly managed eid system like the EU digital wallet would be better.

You would not hand over any document to the hotel. They would ask the central authority server if you are who you claim. You would get a prompt to confirm that you allow the hotel to confirm your identity. The server would respond, yes you are indeed that person. End of transaction.

No data would be left to whatever security standard (or lack there of) that the hotel has. No critical documents stored on their end.

Yea Octopi is the closest to 1:1 my old setup.