The companies in question could have a flag in every user data to confirm they a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		etiennebausson 5 months ago \| parent \| context \| favorite \| on: Discord says 70k users may have had their governme... The companies in question could have a flag in every user data to confirm they are over the age limit. At worse keep the birth date, since various aspect of a service can be available depending on age (and user can change locality / country, and therefore be subject to different law). If you keep on top of it, you have at most 3 days of user's "ongoing verification" sensible data available for theft. Keeping more than that will always be an invitation to bad actors.

Braxton1980 5 months ago [–]

Let's say Discord is sued for letting children access the service without verification or whatever.

If they only store a boolean or a birthday then they can't show how they verified the data.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact