Privacy and pledge?

As a stake pool operator, I am somewhat concerned about declaring my pledge and also being a public figure. You are basically saying: “Hey, look at me, I have at least this much Ada in my wallet.”

I became more concerned about this in recent days because I applied for an additional VPS with this German provider recommended in one of these threads “netcup.de”. This provider demanded that I provide a copy of my passport and proof of home address with an electricity bill. I have refused and will not be using them.

How do other stake pool operators feel about this? Are you OK with giving your home address out to various businesses and also publicly declaring how much Ada you own?

This is par for the course. There’s several ways to get around those issues, tho. Many SPOs maintain privacy by only existing through a username, and logo or NFT profile picture.

The protocol does not force an SPO to be a “public figure”. The only information that can be traced back to your are the IPs of your relays, which are needed to register your pool on-chain. You can hide those too by using a VPN with port forwarding. This isolates everything both ways: the VPS does not know you are a SPO (because they only see encrypted communication with the VPN), while the Cardano network does not know there is a VPS behind the VPN (it could as well be your home server in the basement).

@PhirePhlame @orpheus-ant
So I should just try to hide what I am doing after handing over my personal details. It just seems strange to me.

Why is the world generally accepting of this tracking and intrusive monitoring? Why does a VPS provider need to have a copy of my passport and know my home address.

The more I see of this sort of overreach, the more I think that the general public will be accepting of a CBDC.

It’s always trade-offs.

Bikes don’t have to be registered, cars have to be, because you can do lots of harm with them, although most don’t do it regularly.

With servers, you can also do lots of bad stuff – scams, frauds, distribution of illegal content (some of which you will probably consider wrongly illegal, but some totally legitimately illegal), …. We even see these scams and frauds in this very forum on a daily basis.

I would not call it overreach to have a registration to be able to get at the people behind a server, when the need arises. You would call it overreach. That’s what democratic decision-making was invented for.

I think the justification is along the lines that a VPS is effectively a carriage service, so as you say, it can be used to cause harm. I would have been paying with a credit card so that would be enough to trace back to me through the authorities if required.

I was quite surprised when netcup.de made these demands because both of the other VPS providers I had used in the past did not require such. I will just keep using them instead.

I also find it amazing that everyone seems fine with using their mobile phones for everything and happy to comply with using text messages for 2FA etc. Every site/service is linked to their mobile number. You can’t get an account with twitter, discord, telegram, or a google account without having a mobile phone number. I have tried various bypass mechanisms and it is not possible. Everything online is being linked and tracked by big tech back to you via mobile phone numbers.

Incredible how far this has gone in the past few years. I feel like I am the only one pushing back against it.

You most definitely are not. There are whole bubbles of privacy advocating tech people out there. Most of them just happen to also be avid opponents of cryptocurrencies – for more or less good reasons.

For the most part, big tech is, in my perception, not actively doing evil stuff, but rather not preventing evil stuff happening on their platforms, not deleting harmful content, letting their recommendation algorithms draw people into Trump and Nazi rabbit holes and conspiracy narratives, occasionally helping questionable governments too much, occasionally not helping legitimate governments enough, …

The story of them spying on people is also a bit oversimplified for the effect. Most people are much too insignificant that anyone would sit there and “Har, har, look at the embarassing sites this guy is surfing on!”-spy on them. They mostly use their privacy invading technologies for the mundane task of more successfully serving you ads, which sounds a lot less intimidating than the spying story. I don’t even know if they put any use besides 2FA to the mobile numbers, but, sure, they could.

Also: The alternatives to big tech are often not much better. While Meta’s WhatsApp really gives you encrypted chats and is a (relatively) safe space, Telegram is an unprecedented shit hole of scammers and pandemic deniers with no encryption out of the box and all the content on their servers under their control (that still wants your mobile number).

Yeah, Signal is better – same encryption as WhatsApp, but without the big tech behind it – but they also identify via mobile number, probably because time has shown that people in the majority like to use the mobile number as an identifier for mobile communications and cannot be bothered to get used to something else.

As for the sheer economic power of big tech (which is a risk, no matter if they become more successful in the “Do no evil!” endeavour), there’s a simple solution: Tax the shit out of them and if needed break them up under antitrust laws! But that would require that we empower our governments to do just that.

I agree. I am not so worried about how big tech analyses the data today. I am more worried about how they will analyse it in the future. We are leaving all sorts of bread trails about ourselves online which we don’t control and can’t delete. How artificial intelligence algorithms of the future analyse this and what they do with the analysis, could be quite scary.

I have a bit of hope (but can’t prove it) that it will mostly be a quite useless pile of data (if they save it at all and not garbage collect it, because even Google/Alpha does not have infinite storage).

Analysis to serve ads is still a rather simple task. (And for that it fails spectacularly surprisingly often. You also get lots of ads for things you already bought. Don’t you?)

But more to the topic, where we are here: Blockchains do leave a pretty impressive data trail in a very sensitive area. And we can already analyse a lot out of that even without AI, just by clicking through Cardanoscan. And then they want to additionally put this DID/SSI stuff on them (without a real need to do it that way).

I agree it is concerning.

I like the paper IOG has about Ouroboros Crypsinous. I don’t think the timing is right for it yet though.

I’m concerned too, in my country they catch a dude who were planning to torture and kill several whales, so personally I don’t have huge pledge, but if it will become much more valuable in fiat money, then probably I would try to hide.

It concerns me. I would like to see pledge valued more by the protocol (A0 parameter) but at the same time, I am worried about declaring it publicly.

I agree. Its concerning to me as well. I always try to leave some layer of disconnect and anonymity. It seems to be a simple way to stay safe, but also just to keep things uncomplicated. Anonymity is a core concept of crypto, and a large reason why I was attracted to it years ago. With all the buzz about CBDCs and regulatory overreach, I sometimes wonder if we are building our own prisons. Only time will tell.

Its also worth noting that a declared pledge doesn’t mean that an operator has domain or control over the pledge. It does, however, still paint a target on your back.

You can ask the same question about your ISP or your bank: they also want to know who you are. Do you trust your ISP or bank not to sell your details? On the other hand, a blockchain is transparent and exposes all information publicly by design. This is essential in achieving trustless, decentralized governance, which is its main advantage. You just need to make sure you separate your “public” virtual figure from your “private” real figure.

I agree.

The difference is that it used to be just banks which are heavily regulated by governments. Now it seem that almost every company you do business with needs to have a copy of your passport and verify your home address.

I find it quite alarming that in order to register a sim card for my mobile phone I need to record my driver’s licence or passport details. Why is it that to talk to others or access the internet I need to enable the government and mobile phone companies to track where I am and every network connection I make?

To me, this has gone way past the unreasonable line.

Run VMs on bare metal, if possible. Problem solved. Inserting a VPN would double (or more) your latency.

I already do that. Though it is important to have offsite redundant relays too.

Preach, Bro…

Billionaires/Millionaires/Entertainers/Celebs are targets. 99% of things are being tracked nowadays. 3,000+SPOs with some having millions pledged, some 5ADA pledged. People knowing that I have a pool and my pledge is a small price to pay for financial freedom. To each his own, tho. Gluck!