I verified my LinkedIn identity. Here's what I handed over

Posted by ColinWright 1 day ago

I verified my LinkedIn identity. Here's what I handed over(thelocalstack.eu)

1221 points | 428 commentspage 6

mamma_mia 13 hours ago|

I've never used linkedin and have been more than fine, I feel that like with most social media that noise makes it seem more important than it is

eel 18 hours ago||

I'm glad the absurdity of verification is getting attention. I was "forced" to verify by Linkedin to unlock my account. It was last year, and I had left my previous job, but I had not yet lined up a new job. So one of the only times in my career I might actually get value from Linkedin, they locked me out, removed my profile, and told me if I wanted back in, I'd have to verify. I felt helpless and disgusted.

I gave in and verified. Persona was the vendor then too. Their web app required me to look straight forward into my camera, then turn my head to the left and right. To me it felt like a blatant data collection scheme rather than something that is providing security. I couldn't find anyone talking about this online at the time.

I ended up finding a job through my Linkedin network that I don't think I could have found any other way. I don't know if it was worth getting "verified".

---

Related: something else that I find weird. After the Linkedin verification incident, my family went to Europe. When we returned to the US, the immigration agent had my wife and I look into a web cam, then he greeted my wife and I by name without handling our passports. He had to ask for the passport of our 7 month old son. They clearly have some kind of photo recognition software. Where did they get the data for that? I am not enrolled in Global Entry nor TSA PreCheck. I doubt my passport photo alone is enough data for photo recognition.

kccqzy 17 hours ago||

The thing about looking straight into the camera and turning your head seems to originate from Chinese apps, including some payment apps, bank apps, and government apps. It’s especially disgusting since it imitates the animation used by Apple Face ID, but of course it’s not at all implemented like Face ID.

egorfine 13 hours ago||

> I'm glad the absurdity of verification is getting attention

It's not. The developers' bubble we're in on the HN is invisibly tiny compared to the real life. And normies are not only perfectly happy uploading all their PII to Persona - they won't even understand what's wrong with that.

eel 8 hours ago||

It's a start. I agree HN is a bubble and doesn't reflect real life as a whole. But I do think HN has a significant bearing on US tech. I've been reading HN for nearly 19 years and in that time almost every new major tech, unicorn, or big culture shift is discussed here before it is mainstream.

There has also been a backlash against verification in other communities like Reddit (also a bubble), mainly stemming from Discord's recent announcement.

The discourse is good, and while I wish every user and potential user understood all the pros, cons, and ramifications, I'm also happy we are finally talking about it in our bubbles.

efavdb 17 hours ago||

The privacy concerns are real.

The need / demand for some verification system might be growing though as I’ve heard fraudulent job application (people applying for jobs using fake identities… for whatever reason) is a growing trend.

snowhale 13 hours ago||

the Persona CEO response addresses the AI training concern but totally sidesteps the CLOUD Act issue. doesn't matter where data is stored -- if Persona or any of their US-based subprocessors get a US national security letter, that data is accessible. "deleted within 30 days" also means it exists for up to 30 days, which is plenty of time for a legal demand.

rambojohnson 15 hours ago||

everyone on linkedin sounds like chatgpt / claude.

ceramati 10 hours ago||

Why can't we have an ATproto LinkedIn? It seems pretty well suited.

_pdp_ 20 hours ago||

On EU data sovereignty:

The OP is right. For that reason we started migrating all of our cloud-based services out of USA into EU data centers with EU companies behind them. We are basically 80% there. The last 20% remaining are not the difficult ones - they are just not really that important to care that much at this point but the long terms intention is a 100% disconnect.

On IDV security:

When you send your document to an IDV company (be that in USA or elsewhere) they do not have the automatic right to train on your data without explicit consent. They have been a few pretty big class action lawsuits in the past around this but I also believe that the legal frameworks are simply not strong enough to deter abuse or negligence.

That being said, everyone reading this must realise that with large datasets it is practically very likely to miss-label data and it is hard to prove that this is not happening at scale. At the end of the day it will be a query running against a database and with huge volumes it might catch more than it should. Once the data is selected for training and trained on, it is impossible to undo the damage. You can delete the training artefact after the fact of course but the weights of the models are already re-balanced with the said data unless you train from scratch which nobody does.

I think everyone should assume that their data, be that source code, biometrics, or whatever, is already used for training without consent and we don't have the legal frameworks to protect you against such actions - in fact we have the opposite. The only control you have is not to participate.

peter_retief 14 hours ago||

My ISP and my bank decided they needed my biometrics to have an account, same sort of thing

tagami 14 hours ago|

Thank you for doing and sharing what I was hesitant to do. Now I know with good reason why.

More comments...