In Shakespeare’s Henry V, shortly after the St Crispin’s day speech reaches its crescendo ahead of the Battle of Agincourt, the Herald Montjoy visits King Harry to request he give himself up for ransom.
It’s not the first time this has been asked and, once again, Harry refuses. He then asks rhetorically “Good God, why should they mock poor fellows thus?”
Anyone with sense that heard Government figures, including Tánaiste Simon Harris and Minister for Communications Patrick O’Donovan, speak about plans to introduce online digital IDs must have felt the frustrations of King Harry at that moment.
Time and again the clear and obvious dangers that such provisions, which are meant to make us safer, have been highlighted. Time and again Ireland’s Government has sought to lead the EU into ignoring these warnings.
READ MORE
These Government figures are approaching this from a good place. They have rightly recognised that platform self-regulation isn’t working and that there are public risks with it.
The problem lies in their proposed solution at the user level. A Government-linked digital wallet is proposed, where some form of verification (either Government ID or through the user’s own selfie camera) is used.
Ireland was one of the 25 signatories to the EU’s Jutland declaration last autumn, which has aligned most of the union in this direction. This coupled with the recent statements by Harris and O’Donovan are moving to reduce or wholly remove anonymity.
Those advocating for the end of anonymity believe that if people can be identified, harmful behaviour will reduce. While often touted as a bogeyman, anonymity is really a fundamental pillar of online safety especially as it translates to the physical world.
This already starts to crumble when abuse is already rampant from plenty of people using their real names to harass and abuse others online. Moreover, there are plenty of determined actors out there that will always move faster than regulators and find a way to conceal themselves.
Then there are those for whom anonymity is a cause for good online. This ranges from people trying to escape a form of personal or domestic abuse, political dissidents, or those going through a personal health crisis.
The “if you’ve got nothing to hide” argument falls apart once we accept that nearly all of us have something to hide, like our bank details. Much of it isn’t even that dramatic.
Safety issue
That’s where it becomes a cybersecurity safety issue. Any system brought in to verify identification will be hacked. There is no maybe. This is the one certainty in cybersecurity and data will leak. That will impact every citizen across Ireland and the wider EU.
Yet still there’s the press from those in leadership positions across the continent to take steps guaranteed to backfire.
This is not the first time Irish or EU leaders have pushed for such a policy nor is it close to the first time that the catastrophic flaws have been pointed out. That even goes for these pages.
Almost two years ago to this day, Karlin Lillington wrote in The Irish Times that age verification won’t stop children accessing adult content (one of the goals of such verification measures). Meanwhile last July, the ProtectEU plan to get around encryption was highlighted by me as a security mess waiting to happen.
Cybersecurity experts and civil liberties groups have been stating this obvious case for even longer.
The costs of these measures, which are meant to protect us, is an exposure to a different range of risks for all of us while removing a key protection for some of the most vulnerable people in society.
Yes, of course, regulation is needed to ensure that social media giants enforce stricter safety controls but these actions need to take place at a core operational level. Targeting the user as the point of failure is a dangerously flawed mindset.
Any reduction to online anonymity has the potential, and frankly likelihood, to harm all of us. Trying to push for ID verification online was wrong in 2024, it was wrong last year, it is wrong today, and it will remain wrong so long as this is the path our policymakers choose to follow.
There were two outliers to the Jutland declaration. Belgium later regretted not signing it but Estonia’s government made its view clear. Liisa-Ly Pakosta, Estonia’s justice and digital affairs minister, said a blanket approach would likely be bypassed by young users and that instead the EU should focus on holding social media companies to account so they adhered to existing regulations, like GDPR, to protect citizens.
The French side of the Hundred Years War, when Henry V is set, was mostly one disaster after another for more than the front half of it. That’s worryingly reminiscent of how our policymakers have handled online safety in the social media age.
Agincourt was, of course, a disaster for the French. Pushing through digital IDs across the EU would be one for us all.
