>Discord have belatedly confirmed that they're working with Persona, an identity detection firm backed by a fund directed by Palantir chairman Peter Thiel, as part of Discord's new global age verification system rollout.
>As PCGamer note, Persona's lead investors during two recent rounds of venture capital funding were Founders Fund, who valued them at $1.5 billion in 2021. The Founders Fund was co-founded by Peter Thiel in 2020.
>Palantir have, among other things, worked extensively with the USA's Immigration and Customs Enforcement, aka ICE, [...]
The article tries to imply that Persona might be sending your ID scans to Palantir or doing other unsavory things with it, because it's linked to Thiel, but is there any evidence for this? For instance, is Thiel known for meddling in the affairs of the companies his fund invests in, or pushing them together for collabs like what Musk does (eg. with x/x.ai/spacex)?
I think it's prudent to assume that these companies are selling your information to anyone with two nickels to rub together, regardless of which tech celebrities they are linked to.
This. The data collection is the product, that’s why it’s free.
This is the part that loses me, my understanding was that this was only supposed to scan things offline, not collect any PII. Are they lying about not collecting the face scanned data?
There's two paths for verification, and the discussion on them is muddying things. There's k-id, which is the local-only age verification, and then there's a secondary process for places where k-id is indeterminate or their system flags you as possibly still being underage, and requires ID verification.
Previously, they handled this escalation path via Zendesk, which was breached revealing all of the messages with IDs.
Now, they're trying out Persona for this path.
There is no reason to trust them, and many not to.
Palantir is an integration company. There are plenty of data brokers to scrutinize. i.e. discord itself sells your data.
> Palantir is an integration company
That's not true at all. I worked with Palantir on a project for a prior company and they'd basically do whatever you wanted if you paid them. They had a very heavy data / "AI" presence and this was years ago. They certainly do not just do integrations.
They don't buy or sell data.
It doesn't matter if he's known to meddle in the affairs of the companies in which he owns equity stakes. Owning the stake means he could meddle.
Peter Thiel's personal brand and Palantir are so toxic and creepy in the eyes of most of the public that you can basically just substitute 'Satan' in any statement involving them, and that's how it looks to regular people. Try it:
"The article tries to imply that Persona might be sending your ID scans to [one of Satan's companies] or doing other unsavory things with it, because it's linked to Satan"
So for anyone who cares about PR at all, the immediate instinct upon discovering you might be linked them is to reverse course and apologize profusely to your users.
> Peter Thiel's personal brand and Palantir are so toxic and creepy in the eyes of most of the public that you can basically just substitute 'Satan' in any statement involving them, and that's how it looks to regular people. [...]
Which is very funny and ironic given Thiel's weird ass personal beliefs.
The irony is not lost on me. Thiel's political activism on the side of people who will immediately give him the Alan Turing treatment the first chance they get is a howler for the ages.
Money buys influence.
Do we need evidence beyond it being linked to Thiel? Being linked to one of the most evil people in America seems like more than enough to me.
He is also linked to ycombinator which owns hacker news. If we are that reductionist, would you say that hacker news sends data to Palantir.
Well, the privacy darling Flock was from the YC 2017 summer batch, so I think it's already known what VCs think about ethics if it can make good money.
Hint, it's optional.
(And while I'm not saying for eg PG is personally an anti privacy guy, it's impossible not to hold YC leadership accountable for aiding these cos, or at least looking away.)
Well it doesn't have to send much since 99% of information is already public. But I still would not doubt it for a second, there is no reason to think otherwise. There is no benefit to not sending them data and no downside to sending it.
I would say that HN's data is public so if Palantir wants it they already have it, unlike identifying documents collected by discord that connect discord identities to real identities.
Can I get every user's IP address and the login times publicly? Can I run fingerprinting code for the users?
Sure, just post something front page worthy, or get your minions to push your data collection endpoint there.
Why would you think it doesn't?
[deleted]
This sites ties to Thiel and people like him are problematic yes.
However, HN isn’t asking for our ids yet.
Probably does
I'm not a LLM, but you're absolutely right. That conclusion is sound.
One big difference is that Discord literally told people they were going to be using their data for a Theil backed experiment. That's a lot different than the possibility that a company might send your data.
That being said, no, it wouldn't particularly surprise me if Y Combinator sends data to Palantir.
> One big difference is that Discord literally told people they were going to be using their data for a Theil backed experiment.
You got a source for that? Because the only communication I've seen from Discord implies no data is sent when these scans take place, its supposed to all take place locally FIRST is my understanding. The only exception is if the local scan goofs in some way.
https://discord.com/press-releases/discord-launches-teen-by-...
> Key privacy protections of Discord’s age-assurance approach include:
> On-device processing: Video selfies for facial age estimation never leave a user’s device.
> Quick deletion: Identity documents submitted to our vendor partners are deleted quickly— in most cases, immediately after age confirmation.
> Straightforward age assurance: In most cases, users complete the process once and their Discord experience adapts to their verified age group. Users may be asked to use multiple methods only when more information is needed to assign an age group.
> Private status: A user’s age group status cannot be seen by other users.
> That being said, no, it wouldn't particularly surprise me if Y Combinator sends data to Palantir.
A point I hadn't thought of before. A denial at this point wouldn't mean much because with the API and some sensible pacing anyone can access the information.
"Sends" is active. "Is scraped by" is the assumed passive.
What does “linked to” mean? And why are you using such moralistic language?
The link is described in the first line of the article.
Some peoples actions make them evil.
> is there any evidence for this
I'm not sure. What I am pretty sure about is that none of those age verifying services are rolled out to protect children. Hence the question: then what for? And the only logical answer to this question is that one: to harvest data.
It’s a pretty safe assumption that any headline prominently featuring “Thiel-“ will not be substantiated by its article body. If we applied this standard of evidence to every pair of entities separated by one or two degrees of common investor, we’d have a whole industry of tainted corporations with dubious motives. (Oh wait…)
Mentioning Palantir on the internet right now is like socially acceptable qanon, in that any semblance of critical thinking or evidence is rapidly discarded if it gets in the way of a good story.
Can he make a profit doing it? If so, then yes, he's probably doing it. You don't become a billionaire by having scruples.
I mean it probably is willing to do unsavory things and that’s the problem. Startups often are pressured by investors to do things to get continued funding in the next round. You’re already taking so much risk, you wouldn’t risk more by being on the bad side of a VC. You have to cooperate with their other portfolio companies - basically all VCs expect this. So yes, merely having Peter Thiel around is a problem.
Remember, customers of Discord are facing a huge risk - that their identity could lead to the being detained or deported. Even if the chance is small they can’t take that risk. This Persona company is unfortunately not going to be acceptable to a rational user because of their affiliation.
[flagged]
Definitely, a Spotify boycott would only be necessary if they ran ads for ICE, but that would be ridiculous...
https://www.snopes.com/fact-check/spotify-ice-recruitment-ad...
In general, I would expect an identity verification firm that I'm hiring to secure and then physically delete any sensitive records my customers are uploading, unless I explicitly opt-in otherwise. My guess is in this case that Discord is attempting to train its own models for first-pass verification, so this is a training corpus; there's no evidence that Persona's doing anything with Palantir, other than proximity of funding.
The broader issue here is that SV VC is starting to feel mildly radioactive when it comes to public opinion; Persona's previous lead fund (up through its Series B) was Index, run by the more conventionally-liberal Neil Rimer, and no one worried about that. The entanglement of Silicon Valley's oligarch class in very extreme politics* at a time of very fraught national political upheaval is making VC money politically-exposed money; if you take FF or Sequioa cash, how certain are you that they won't just get involved in your business, but push you to take specific political or social positions that serve their non-fiscal interests? How certain are your customers that that isn't happening to you?
For decades, SV venture capital has been tech money, and generally smart tech money (I don't like Thiel, but the man is absolutely the smartest of the PayPal Mafia set, and his success bears that out). Now, for various reasons (the end of ZIRP, the failure of major tech bets since 2016 or so to pay off, COVID overvaluations), VCs have moved into rent-seeking, particularly on government and military contracts. It's no longer tech money, it's political money, and, compared to traditional prime vendors, it's not clear that it's smart political money. After all, when the political winds turn, possibly as soon as this November, is it a smart strategy to have worked aggressively and incessantly to alienate the party coming into power? For a lot of startups with regulatory, legal, or political exposure risk, getting entangled with that might be more trouble than it's worth.
* There is no other term that suits the mix of open white supremacy and anti-democratic policies -- repealing the 19th Amendement, for example! -- that we see emerging from the PayPal Mafia.
> I would expect an identity verification firm that I'm hiring to secure and then physically delete
I would expect exactly the opposite. See, KYC stuff is something that no one wants, everyone hates and something that everybody is forced into from both sides: users and companies. KYC service is a product being created in pure hatred.
There are no penalties for leaking users' data. Bad PR? Oh please, it won't hurt a company which is already universally hated.
At the same time proper storage security costs money and time and creates friction.
Thus there are NO incentives to securely keep user data while there IS an incentive to care as less as possible.
KYC stuff is something that no one wants, everyone hates and something that everybody is forced into from both sides: users and companies
Is this accurate? I’m sure there are significant portion of people with a ‘if you have nothing to hide’ attitude. Companies also don’t care as long a it makes them money.
I believe the argument will be that the rent seeking will be used to position themselves such that it doesn't matter who is in power, the government will listen to them not the other way around. Admittedly, the fact is, the Epstein Files existed across multiple political parties' justice departments and none of those folks have been investigated or prosecuted...
That's a model that works with SpaceX, which holds a unique grip on American orbital launch capability and capacity; less so for Anduril, which has been rather unsuccessful so far in its big-ticket drone-warfare efforts but has, to its credit, diversified key defense manufacturing areas by jumping into, e.g., SRMs; and possibly not at all for Palantir, which doesn't do anything a copy of Neo4J doesn't. And there's a real question regarding their ability to continue, post-DJT, holding security clearances given their personal lives and behaviors, their contacts with foreign officials, and whether they had derogatory information on other clearance holders that they did not bring forward.
Let's be fair: almost everything is linked to Peter Thiel's dark magic company these days.
The UK's NHS is already quite close with Palantir: https://www.palantir.com/uk/
As are Bedfordshire police: https://libertyinvestigates.org.uk/articles/uk-police-workin...
Health service buys software from massive multinational. They also work with Google, Azure and AWS. More news at 11.
> buys software
To do what, exactly? This is public money being spent. Why are you so eager to be ignorant of it?
> from massive multinational.
Let's be honest: "Health company buys software from US defense monopolist."
> They also work with Google, Azure and AWS
Yes, and you and I can also buy those products and use them, do you use any of palantirs products in your daily life?
And he was in the Epstein files, allegedly meeting with Russian officials repeatedly at Epstein’s place. One of which is a handler for assets of their intelligence service.
We should not be doing business with people mentioned that many times in the files.
funny how the FAQ disclaimer about Persona already vanished from the site. not a great look when your transparency lasts shorter than the data retention.
and every post about it being quickly deleted. It's afraid.
The addition of the UK experiment note was also ~48hrs and the removal thereof around 24hr.
These guys are just making it up as they go. Very comforting approach to personal data... /s
The use of "experiment" really irks me. Might be useful internally but running an involuntary experiment that users are forced to participate in to continue using a service they may pay for is straight up hostile- not even to mention the nature of the experiment handling sensitive personal data.
What I find quite interesting is that the internet was kind of the wild west in the early 2000s, it was exciting and vibrant, a kind of diaspora. Then in the late noughties early teens we saw massive consolidation through market forces, everyone moved onto Facebook, everyone moved into walled garden social media platforms and even the social networky ways of discovering organic content died off (Digg redesign, death of stumble upon etc.).
That was.... bad, but it wasn't a moral decision it was kind of just market forces. The market means that no one can run a taxi company anymore, you're just kind of all employees of uber or whoever your local monopoly is. Not great, and arguably the way they got there should have been under more scrutiny but it was more or less pure market forces.
What is happening now is not market forces. What is happening now is rich people telling the government to institute legislation that hands power to rich people. Whether it's Elon Musk's public funded, privatized space programme or Thiel's public mandated, private enforced age-gating. All of this is corrupt. There's not really another word for it.
The biggest change imo is that in the aughts, the idea that children should have unfettered access to personal computers, phones, and the internet was unthinkable. Now we have millennial parents seriously arguing their kids should have smartphones in class. But all this deanonymization garbage is downstream of that vibe shift.
I don't think it's responsible to blame any specific person or company, but I certainly can't excuse the Googles, Apples, Samsungs, Facebooks etc of the world. They manufactured a culture driven by putting as many devices in front of as many people as possible, using them as much as possible, while knowing as much about them as possible to monetize their attention. The careless disregard for how that affected the developing brains of two generations of people now is irresponsible and ugly.
It seems like no one is asking the real question here, which isn't why Roblox/Discord et al need to verify the age of their users. We should be asking how in the fuck there are so many children with unsupervised access to devices that this is a real problem.
As a socialist, I would argue those are both inevitable outcomes of capitalism.
First market forces incentivize consolidation (which imo killed off the vibrant early internet...), then a few players got really powerful.
Once you have that much money and power, and given the inevitable corruptability of politicians, it makes sense to try and use that money to try and manipulate market rules in your favor.
The evolution of the internet has been an in-vitro demonstration of capitalism failure modes and as somebody who liked the internet, that's very unfortunate.
The title should include Palantir too
> I know children aren't responsible for the sins of their parents, but it doesn't seem wholly irrelevant here that Palantir's UK division is headed by Oswald Mosley's grandson.
"ad-hominem is ugly and wrong, like you"
Never attribute to ad-hominem what is adequately explained by nepotism.
I honestly am glad that all of this is happening, because any time a conservative in the future starts complaining about government overreach, the only response to them should be is that "well, this is what you like".
As if this had anything to do with right and left or conservative and liberal. How are there still people who see the world like that in 2026?
Ah yes, because your side is a dumpster fire, the only way out that doesn't make you look like a complete fool is just to claim "both sides are bad".
Point to any such activity under the Democratic rule where federal government was specifically requesting data on in individuals that are simply critical of them if you wanna prove me wrong.
How do you see the world?
The mega rich and the rest of us.
If you look at voting distribution by income level this doesn't make sense.
And if you are gonna make the argument that people are brainwashed to think its left vs right, then you are automatically in favor of an authoritarian ruling class because people can't be trusted to make the right choice.
You’re not wrong. But in America there is only one party that is thoroughly owned by Russia and that’s the party in charge of the executive branch right now.
But both are owned by corporate interests. I don't really give a crap about Russia, they have thrown so much capital away on Ukraine that they have no chance against anybody else. I find large corporations and billionaires as the biggest, strongest, and most threatening actors. Even some of the US's most leftist politicians, like AOC, voted against allowing rail workers to strike, which only benefits the investor class and corporate interests.
Owned by Russia? How'd you reach that conclusion? Just take a look at the sanctions imposed on them and the US support for Ukraine in the war. Also: it seems you've fallen into the "Russia is our enemy" propaganda trap.
>US support
Remind everyone, which party was blocking this support for as long as possible, with a hole lot of media circus and scaremongering?
As long as russia bombs apartment buildings and terrorizes a soverein nation while waging hybrid war against a multitude of others, it's going to be the enemy. I hope russia crumbles, and people like you stop pretending that russia is innocent.
Objectively the evidence has been out in the open for many years so obviously you are choosing to believe in “alternative facts”.
From the first Trump campaign, to Jared Kushner, to Tulsi Gabbard, to all the things happening with this campaign, its abundantly clear that conservatives are communicating with Russia very much. The question is if it is illegal or not, and generally, considering Superme Court and DOJ are Trumps puppets, it really doesn't matter.
Also, I would highly urge you to consider the fact that you are defending pdf files running the government. You really don't want to go down the road of political arguments and out yourself as one.
Let's pretend that age verification is a valid need -- is there a way using cryptographic approaches to viably allow an end user to prove that they meet the criteria without sharing other data that they don't want third parties to have access to?
In my opinion that is just mathematical obfuscation. They will not be able to resist the urge to have a random looking token that through some obscure process can be mapped back to a person. If not at first, it will appear in some update after people stop talking about it. Discord knows what people are talking about.
Yes, and it is very easy. https://news.ycombinator.com/item?id=46223051 "Flash a driver's license at a liquor store to buy a single-use token" And to save a debate, you can swap the phrase "liquor store" for "store" aka supermarket/grocery store.
If that was a valid need, it would be solved entirely differently. ZK algorithms are a complete and privacy-preserving solution to that problem.
I find it impossible to believe that age verification services are rolled out for what they say they are.
I don't understand – what's the point of not collecting mass amounts of personal identity documents and face scans and linking them to online identities?
Remember when I said fuck discord and people came to defend them and say “but surely they aren’t keeping the data”…
They are not friendly.
[flagged]
That's the point of this website. The links that people want to click the most rise to the top.
That's not what clickbait means.