Universal background checks plus privacy?

by  Tyler Cowen in

I found this discussion of interest:

I believe I’ve sketched out an idea that enables all transfers to verify the recipient is not a prohibited person without communicating any distinguishing information to the government while optionally leaving an audit trail useful for prosecution.

  • When an individual applies for state-issued identification, let them choose a public-private key pair. Make the public key part of their identification card, and the private key remain private. Not even the issuing state would know it. Add their public key to a whitelist.

  • At the same time, perform a background check to determine if the individual is a prohibited person. If so, add their public key to a blacklist.

  • Publish the blacklist in bulk and make updates available daily. We all have access to the Internet. We can do this. Regularly update the blacklist according to adjudicating events associated with the definition of “prohibited person.” For example, at the time of conviction of a felony, and individual’s public key gets added to the blacklist.

  • Firearms sellers, private and commercial, must maintain a copy of the blacklist up-to-date at the time of sale. Perhaps use a blockchain of sorts and/or share via BitTorrent or some other distributed service.

  • At the time of sale, the recipient provides their public key to the seller. Seller verifies the public key is not on the blacklist. The seller constructs a secret cryptographic nonce and encrypts it with the recipient’s public key. Recipient decrypts with their private key and returns the nonce in plaintext to the seller to confirm their public-private key pair is valid. This form of handshaking is common place and may be automated.

  • If the recipient is on the whitelist and not on the blacklist, the transfer may proceed.

  • Optionally, the seller may record a log of the recipient’s public key, perhaps encrypted with their private key. On the event of a warranted search, the seller may choose to decrypt their log entry to reveal the identify of the recipient.This leaves the audit trail which we may be legislatively require.

Thus, no direct communication with the state on the event of a transfer is needed which prevents the creation of a registry. Prohibited persons cannot acquire firearms without unlawful behavior from the seller which satisfies the aims of universal background checks. We already have all the cryptographic primitives and communications infrastructure needed to implement this and verify its integrity.

Thoughts?

That is from kermudgeon on Reddit, via N.  Some of the comments are quite good as well.

Comments

Comments for this post are closed