51
submitted 1 year ago by wtry@lemm.ee to c/privacy@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] what_is_a_name@lemmy.world 12 points 1 year ago

To be honest. If you’re online you should expect to be compromised. If you want to be privacy obsessed- focus on countries that allow you to be offline. That is an aspect Germany and Switzerland are a bit unique.

By comparison Scandinavia has a high degree of trust in government and everything is online and connected. It’s convenient but also - if you do not trust your data on the government’s hands - you’re not gonna like it here.

Germany allows you to be more … disconnected.

[-] nottheengineer@feddit.de 3 points 1 year ago

If the past two decades have shown me anything, it's that I definitely don't want my data in any government's hands.

How is scandinavia more connected? I know cash is dying out everywhere but here and that everyone's earnings are public, but those aren't too important to me. Private communication and browsing (and generally not being spied on) are what I mostly care about.

[-] dojan@lemmy.world 13 points 1 year ago

In Germany you need to do most things in person, by fax, and fill out paper forms.

In Sweden for example, you do everything online. Booking appointments, renewing subscriptions, insurance claims, getting test driving permits, renting homes.

You pretty much need this software called BankID, owned by the banks, which is used to verify your identity. It’s used literally everywhere.

If I need to pick up a parcel at the local post office, I’ll use the PostNord app to pull up a QR code and validate myself via BankID, then I scan the code at the robot which then fetches the parcel for me.

Cash isn’t really dying out here, it’s pretty much dead. Grocery stores still take cash but plenty of businesses don’t. Buses in my town stopped taking cash all over a decade ago. Even the bakery refuses cash. It’s viewed as a safety thing; if the bakery gets robbed what are they going to take? The massive appliances? Flour?

[-] nottheengineer@feddit.de 3 points 1 year ago

Doing bureaucracy online versus in person is just a convenience thing, German government agencies still enter your data into computer systems, they just have a massively convoluted process for it. I expect no privacy in those cases anyways.

But bankID does seem scary. A single point of failure for basically everything and centralized tracking of every transaction.

[-] dojan@lemmy.world 3 points 1 year ago

I'd say there's more to it than just convenience though. It's not just bureaucracy but literally everything makes use of BankID. If I need to log on to my landlord's portal to report a problem or check some info, I need to use BankID to access it. Of course I can report the problem elsewhere, and obtain that info by calling or mailing them, but it's not the default. Everything here is defaulting to a digital way of doing it.

Say I need to pick up a parcel at the local post office. I just open the app, verify with BankID, scan a QR code, and wait for the robot to fetch my parcel. I'm in and out in the span of 30 seconds or so. If someone without a way of identifying themselves digitally need to pick up a parcel, they'll need to get in the queue, give the clerk the shipment ID (usually just the 4 last digits), show the clerk identification, just for them to print a QR label to scan at the robot. Our local post office, like most post offices nowadays really, is inside a grocery store. In the case of this particular one it's a separate checkout, shared with gambling and the café, it's not busy all the time so it might not take much longer, but sometimes you have to wait 10-15 minutes because of people buying baked goods, hotdogs, and scratch cards. In lots of other stores the post shares a queue with the regular grocery checkout, so even if you're just after a parcel you'll have to line up with people there for their regular groceries.

When I visited the U.S. back in 2019, one of the things I noticed was how everything was very much designed with the idea that you'd be in a car, pretty much all the time. Sure things were walkable, but everything was spaced great distances apart, and everything had massive parking lots. It was very obvious that cars were the default mode of transport, even if you were just going to the nearby grocery store.

That's what being a non-digital-denizen is like here. You can get things done, but it'll take lots more time, and you'll often have to explain why you can't do something the "normal" way, because here the digital way very much is the default way.

There are other services apart from BankID, like Freja e-ID, and I think one or two more, but not all services support them. Exceedingly few do, I'd say. BankID kind of has a monopoly by virtue of being the first out the door with it back in 2003. I personally think the government should take control over BankID, because it's become such an integral part to our societal infrastructure that it makes no sense for private entities to have full control over it.

[-] ErwinLottemann@feddit.de 1 points 1 year ago

It's not a convenience thing, it's because the government fucked up the whole online thing. They started too late, they constantly miss the goals they set themselves, nobody seems to want to push things forward. It's a bit frustrating. On the other hand, yeah privacy. If you ignore that the Finanzamt can check your bank account whenever they want without you being notified about it (yes, they need a reason, still...) and Krankenkassen knowing almost everything about your health because they get the bills from your doctor.

[-] nottheengineer@feddit.de 1 points 1 year ago

I don't quite get what you're trying to say. Those issues exist both in Germany and Sweden, so they are similar in that regard. I'd even be more comfortable with everyone knowing my income instead of just the state.

Doing it online instead of on paper doesn't compromise privacy any further.

[-] EngineerGaming@feddit.nl 1 points 1 year ago

Just curious: you mentioned an app is necessary. What do people that don't own smartphones do? Are they forced to?

[-] dojan@lemmy.world 7 points 1 year ago

You don't necessarily need a smartphone. This system has been around since like 2003 I believe, back then you needed a Windows PC.

Everything becomes much more roundabout and trickier to navigate. You actually need two, technically three things:

  1. A Swedish social security ID, they are shaped like YYYYMMDD-XXXX, or just YYMMDD-XXXX.
  2. An account with a Swedish bank.
  3. A BankID certificate issued by said bank.

My roomie is German, and he doesn't have his Swedish social security ID yet, but rather a "coordination ID", it's basically an interim ID that looks almost identical only the date of birth has had 60 (I think) added to it. So say he's born 15th of August 1996 it'd be 19967515-2345. The last 4 digits are semi-random. Used to be based on gender and area you were born, but they scrapped the area bit, so now the first digit is an even number if it belongs to a man, or an uneven if it belongs to a woman. This applies to trans people too, provided they ask to have their number changed. Genderfluidity is not taken into account though, it's a binary system.

You cannot use BankID with a coordination ID, and very few people know what a coordination ID actually is, so often people assume that it's been misspelled or systems that have a built in validator don't work with it properly.

This has translated to him having to jump through lots of hoops to get things working. I think we visited his bank five times before he was even allowed to open an account, even though the law states that anyone is allowed to open one unless the bank has a good reason to suspect illegal activity. Any time he's had to do any sort of governmental thing it's taken weeks to be processed, usually a lot of phone calls and mailing is involved too.

He studied to become a truck driver, and everything about that was incredibly roundabout for him. For any other person with a BankID, it basically looked like this

  1. Go to trafikverket
  2. Register for a test by logging in via BankID (no sign-up necessary)
  3. Do test in-person
  4. Receive results digitally, and certificate by post

For him it was basically

  1. Instructor calls Trafikverket
  2. Get a form posted to fill in
  3. Get form processed (takes a couple of weeks)
  4. Do test
  5. Explain that yes, his coordination ID is infact not misspelled
  6. Wait for results
  7. Pester instructor for results
  8. Instructor pesters Trafikverket
  9. Back and forth for weeks and even months before certificate is given out

Now repeat that for like half a dozen certificates. For a few months into his actual time working he wasn't allowed to drive forklifts, because after nine months they still hadn't issued his card. Things didn't really kick into gear until his boss called and yelled at his school.

Elderly people, and people without access to smartphones likely use autogiro to pay their bills, this basically means that they register a bill as a recurring payment, and then that's automatically pulled from your account on the payment date. I just have bills dumped into my bank and then I can pick and choose as I wish. On the odd occasion I'm sent a bill on the post, I just use my bank's app to scan it and pay.

There are still "analogue" ways of doing things, but 99% of the time when you make contact with a governmental institution they'll first ask you to just do it via their website, and if you ask for forms, they'll let you know that you can print them on their website. My first trip to the employment office I was basically greeted with "why are you even here? Just use our website."

Everything here is incredibly digitalised, and it all started in the early 00s, before smartphones. Apart from grocery stores and bigger chains, plenty of places don't take cash anymore, deeming it a security risk. There are also certain boons with it. For example, the chain I usually buy my groceries from (when I shop in-person that is) has an app you can use to scan and pay. When scanning an item to put it into your "basket" you get nutritional info and allergens displayed on the screen. As a life-long vegetarian that's always scoured labels to ensure I don't accidentally poison myself; this is incredibly nice.

When going to the check-out you just scan a QR code, and then I can pay using Apple Pay, or Swish. Once I've paid I get a "check out" QR code I show to a scanner to let me out of the store. There are stores that operate entirely on this concept and only have staff for stocking. This is particularly nifty in smaller sattelite communities that otherwise wouldn't have any grocery stores.

Swish is another service owned by the banks that let you easily transfer money to businesses or private people without having to bother with banks and account numbers, you just need a business number, a phone number, or a QR code, or an app that makes use of their API.

The system works really well most of the time, I've never experienced any sort of outage or anything, but I've now seen what being outside of that system looks like and it's tough!

this post was submitted on 05 Aug 2023
51 points (93.2% liked)

Privacy

32142 readers
758 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS