Open xaur opened 3 years ago
pluja
commented
3 years ago I understand, but I don't think this makes sense for what the site was created for. KYCNot lists only exchanges and services that do not require KYC and does it for a very clear reason: because KYC is bad.
Having a list of KYC services would be somewhat promoting them and this is something I don't want to do.
xaur
commented
3 years ago I didn't mean the list to promote them, rather a list of things to avoid. Especially things that may not appear as "too KYC-cy" on the surface. Anyways, thanks for considering the idea.
pluja
commented
3 years ago Ahh! I see, yeah this would be good. I'll work on it.
obeho
commented
3 years ago Especially things that may not appear as "too KYC-cy" on the surface.
Mentioning only these would be a good idea. Obvious ones shouldn't be mentioned, as @pluja stated. But I think this list would largely intersect with the ones in #30.
Consider this hypothetical, a service X, is currently in this category (not appearing as "too KYC-cy" on the surface). And in the future they made changes to suffice a listing in the website (under services or exchanges). That would probably not happen if there are two sections #30 and this(#37)
This issue is a subset of #30 or can be made so.
xaur
commented
3 years ago @obeho, #30 is about moving bad (KYCed) exchanges and services to another list instead of removing them.
Consider this hypothetical, a service X, is currently in this category (not appearing as "too KYC-cy" on the surface). And in the future they made changes to suffice a listing in the website (under services or exchanges).
If a service becomes "good" and removes KYC requirements it can be moved back from the bad into the good list. In practice though I expect the opposite will happen much more often and services will mostly flow from the good into the bad list or just go out of business. The current trend is to increase the amount of invasion, sometimes to extreme levels. Note that all of this is about services.
This issue is not about exchanges or services and so it is not a subset of #30. It is about enumerating a handful of KYC providers that quietly sit behind hundreds of exchanges and collect everything in a few central vulnerable locations.
For a fresh example, just recently I ran across this Brazilian exchange Monnos that shares private user data with US-based Jumio, ZenDesk, and a bunch of others. How cute is it that ID of Brazilian citizens is sent to a US entity for verification? Well, at least Monnos is honest about listing them in terms, while some will not even bother to disclose it.
The stakes are too high. These data vacuums suck in too much private data to not leak it elsewhere. They will either lose it to hackers (because computer security is damn hard and being a big corp doesn't help), sell voluntarily (because it is so tempting to make a quick buck), or get coerced to share it. A handful of entities is a huge risk to everyone's privacy, yet they are rarely mentioned in the headlines. One way to mitigate it is to raise public awareness, by exposing them to the sunlight.
This idea extends the scope of the site quite a bit but bear with me.
As a follow-up to #30, I suggest to also represent KYC providers on the site.
The spirit of kycnot, as I see it, is to make people much more informed about opportunities of KYC-less services (the good list) as well as warn them about KYC-ed services (the "bad" list suggested in #30), especially ones that try to sell themselves as "no account" but then strike you with "oops sorry surprise KYC.. aaand we'll hold your funds hostage for now".
I think people are slowly getting the dangers of sharing their personal data with exchanges. But few people realize that many exchanges actually delegate KYC services to a small set of mostly unknown KYC providers. These entities act as centralized hubs for collecting enormous amounts of sensitive user data.
One way to add them to the site is to have a page for each one of them, and establish a bidirectional linking between KYC providers and exchanges/processors that use them.