cadence’s website.

Some changes will be applied after reloading.
Some changes will be applied after reloading.

Passport

Literally yesterday (read the post) I was saying to myself, wow, Discord added a good feature! Maybe this will be the start of a trend?

Today. One day after that.

We get this blog post.

The post starts by talking about how bots will be able to incorporate themselves into Discord's interface and feel more like part of the platform — cool!

The post then says that you'll need to tell Discord who you are in real life by sending them scans of your passport if you want your bot to grow beyond more than 100 guilds.

Neat.

Well, that's not an entirely fair way of putting it. Let's see what actually happens.

  • Your bot is in 75 guilds or more.
  • You are asked to prove your identity, otherwise after October 2020, your bot won't be able to be added to more than 100 guilds.
  • You submit scans of photo ID like a passport or driver licence to a beta API ran by Stripe who do something to it.
  • You write a blurb about how your bot protects your users' privacy and send that to Discord.
  • If all is well, you get a verified badge on your account and on your bot.

Problems with this:

  • You're sending uncensored full scans of your passport or similar ID to a for-profit company that may not even be in the same country as you, and leaving yourself subject to its million-word privacy policy and inevitable security issues.
  • You may be a minor. You may not even have an ID. You may not be able to do this even if you want to.
  • Discord is holding your bot ransom (by preventing it from joining new guilds) if you don't give them your identity. For many people, developing a bot is their hobby. For some, it's their entire income.
  • Your identity cannot be changed or replaced after you give it away. You cannot take this back.
  • Even though the verification is processed through Stripe, Discord seems to be able to access / the photos or scans you submit.

But the real question is, why is this necessary? Why are they doing this? What is this information going to be used for?

The blog post says that it's necessary and secure and proves you're legit, while providing absolutely no reasons what this helps to protect or what this data is used for exactly. And no, it's not necessary, it's not secure, and it doesn't prove that anyone is legit.

  • This isn't to stop alt accounts. Alt accounts can already be prevented if Discord requires a phone number for certain actions. This is already a feature on the platform that they can easily extend to lock creating bots if they wish. If a phone number doesn't cut it, a credit card is pretty good as well.
  • This isn't to prove that a bot is the real bot. If I can create a bot with whatever features, get it into 75 servers, and get it verified, then I can change its name and avatar to impersonate whatever I like while keeping the verified badge. I could become a verified copy of Tatsumaki, Rythm, Pokécord, Nadeko, or anything else.
  • This isn't to provide that a bot owner is the real bot owner. As above, I can get the badge on my account, then change my account name and avatar to look like whoever I want.
  • This doesn't force developers to stay within the TOS with regards to user data. Discord has no way to verify what code is running, what data is collected, or how it's being used, stored, or shared. A blurb and a badge won't change that.
  • This doesn't stop data harvesting or bad actors whatsoever. If you've seen dis.cool, they operate entirely through user accounts, not bots. These changes do not affect user accounts at all.

I'm extremely worried by the lack of transparency here. Remember gateway intents? Remember the GitHub issue where bot developers could discuss with Discord staff how these changes would work? Remember the transparency, and the information, and the gradual rollout, and the requested changes, and the experimental gateway version, and the feedback? We have none of that.

We have a screenshot of a design that is currently entirely a mockup to lure people in, followed by verification presented as a cool thing that will help trust and security on the platform, followed by them holding your bot at ransom until you upload scans of your passport, finished with a warning that you have 6 months to comply. This came out of nowhere. No opporunities for feedback. No progression towards it. No discussion. Just suddenly, "by the way, please give us your identity," and people are swarming over it at the promise of a profile badge.

So I've listed things that your identity is unlikely to be used for. How about a list of things that it can be used for? Because remember, we still have absolutely no idea why this is necessary or what it will help improve. The best I can do is write theories on the internet.

The key to my theory is that the form Discord asks you to fill out about your bot includes many questions about keeping your user's data safe. It's similar to the GDPR controls you see on some websites. You're asked what you do with the data, how long you hold it for, how you keep it safe, how users can report security issues, and how you delete data if a user asks you to. Based on this form, and the fact that they want to know your real world identity, and that they plan to minimise your impact on the platform if you do not comply, and in absence of any official information, my prediction is that they plan to hold bot developers legally accountable if the developer mishandles user information.

It's probably correct, it's hopefully not correct, but it's the only thing I can think of that makes sense.

Finally, speculation about its purpose aside, this verification procedure is bad for the Discord ecosystem in several ways.

  • As I discussed above, creating a fake bot that appears to be the real thing, verified badge included, is probably really easy. This means your fake bot might trick more users since it's more likely to be trusted and seen as the real thing if it has the platform's verified badge on it.
  • This will stifle many teenage developers whose chose a Discord bot as their first coding project because Discord is a cool platform that is easy to start developing for. These verified restrictions take away all hope of some kid's hobby project ever succeeding by capping it to 100 servers.

One comment I've seen a lot about verification is that 100 servers is too low. My question is, too low for what? We have no idea what this will be used for. What are you comparing the number 100 to? What information did you use to make the decision that it's too small? "100 is too low" is not a good argument at all.

Another argument: "this is a vetting process for big bots so that they don't harvest private conversations from thousands of servers". The verification process does not vet anything or ensure that data is kept safe at all. Discord cannot verify what your bot does with the information it receives.

To sum up why this is a bad thing:

  • Bye bye privacy, sending your identity to two for-profit companies. You can't get a new identity when they fuck this up. If you're the type of person to distrust China specifically, Tencent has stakes in both Discord and Stripe.
  • Verified does not actually verify anything.
  • A platform verified badge that anyone can get on any bot creates false trust.
  • Smaller developers are shut out of a hobby, unless they comply. Large developers are shut out of an income, unless they comply.
  • Transparency? Please?

Scream.

The memes / of / the / day [oc] / are all related to this post.

— Cadence

← Previous: Tableau IINext: Hill III →
↵ Back to blog index
A seal on a cushion spinning a globe on its nose.
Another seal. They are friends!