For those unfamiliar with this "rental tax": If you own a house in Switzerland, the tax office assumes that you are your own landlord and rent your house to yourself. It estimates the fictitious rent you charge yourself, and you have to pay income tax on it. The Swiss German name for this estimated rent is "Eigenmietwert" ("self-rental value") and this is what will now be abolished.
What makes this strange tax even more absurd: as you are your own landlord, your property interest rate becomes a business expense of your hypothetical rental company. So you can deduct your property interest from this income tax on the fictitious rent you pay yourself.
In effect, it is unattractive to fully repay your mortgage (you just leave enough debt to avoid the income tax), and Switzerland has the highest household debt in the world. By a large margin [0].
It is not that absurd, we have the same in The Netherlands (eigenwoningforfait). And yes, we also have the property interest deduction, we literally call it mortgage interest deduction (hypotheekrenteaftrek, HRA).
They reason this is done is because it allows tax systems to tax main residencies differently from regular real estate tax measures, which is usually in the wealth section of tax policy.
It stems from the 1890s in The Netherlands, I assume it'll be around the same era for Switzerland and Germany.
And for other readers, yes it is as terrible a tax policy as it sounds. It is highly regressive, favoring home owners over renters, and the more expensive your house the bigger the deduction. In The Netherlands the current election cycle has it as one of the subpoints of our housing crisis, and it seems the battle won't even be about if it should be abolished, but rather if the timeline should be 30, 15, or 8 years.
It's only partially open source. Some server-side code remains proprietary, and the client-side will depend on proprietary code of Google and Apple and they do not plan to support platforms that are actually Free Software. The law overall is badly written. For example, articles 12 and 26 effectively say that "The source is shared with public, except if it is proprietary or insecure." Or take Article 4: "The government may operate systems that protect the privacy of the identity subjects."
The Swiyu team dropped the Play Integrity requirement on Android: https://github.com/swiyu-admin-ch/eidch-android-wallet/issue... This means that the E-ID will be officially supported on AOSP based secure ROMs like GrapheneOS, without any requirement for Google services.
I'm guessing you'd want to separate age verification from identity verification. A hash of your name is as good as your name since you don't change name and you provide both to certain providers, or it can be bruteforced.
A sad development. At least in the US, the fact that rent is taxable income to the landlord but imputed rent is untaxed is a regressive tax break for property owners (and was apparently a mistake of the original Form 1040; see Lawrence Zelenak, “The Early Income Tax and the Imputed Rental Income of Homeowners” https://doi.org/10.1017/9781108377157.008). I wonder what convinced majority-renter Swiss voters to enact such a tax break?
Wages are taxable income to workers but imputed wages are untaxed. That’s a regressive tax break for people who cook their own food and care for their own children.
lol but it’s true. The less productive stuff you do outside the formal economy the more value you get to keep. That’s why digital cash is so problematic
The difference is that you’re comparing labor income (making your own dinner) to rental income from land (imputed rent). Poor people tend to not own property, whereas poor people do tend to make their own meals, so I doubt your claim that taxing home meals would be equally progressive.
Unlike the proposed UK digital ID (which is not a "card"), this one is optional. Nobody is being forced to buy a smartphone and accept Apple or Google's terms of service.
Define optional? There will be new checks introduced online where you can only enter if you have an E-ID.
Companies do have to accept a physical card as well, but only if you appear physically at the companies doors. Otherwise, that statement was kind of deceptive in my opinion because there will be a lot of pressure to get one. They also decided to make it free, which shows they probably want to achieve a high adoption.
“Les personnes habitant en Suisse et les Suisses de l'étranger pourront demander une e-ID. L'utilisation de cette dernière ne sera toutefois pas obligatoire. En effet, la Confédération continuera à offrir toutes ses prestations dans le monde réel. Il faudra modifier la loi si l'on veut un jour déclarer obligatoire l'utilisation de l'e-ID dans certains cas. Un référendum pourra alors être lancé contre la modification décidée par le Parlement.”
Automatic translation: “People living in Switzerland and Swiss abroad will be able to apply for an e-ID. However, the use of the latter will not be mandatory. Indeed, the Confederation will continue to offer all its services in the real world.
It will be necessary to amend the law if one day we want to declare the use of e-ID mandatory in certain cases. A referendum can then be launched against the amendment decided by Parliament.”
Optional meaning you have the choice of using the existing physical ID. I don't see how this is deceptive. "A lot of pressure" is not the same as being unable to legally work without the digital ID.
Because they did advertise it in a way to make people believe they could still do their things online without an E-ID, which will not be the case. It's not optional online.
Companies can already request and will still be able to request a PDF scan of your ID. Or worse, video ident through a private third party.
This is the status quo for ordering alcohol online, or if you want to open a bank account.
The new E-ID based on SSI (self-sovereign identity) is so much better than the status quo from a real-world privacy perspective towards companies that must verify your identity or age.
> This is the status quo for ordering alcohol online, or if you want to open a bank account.
I just ordered alcohol yesterday and they only checked it up on delivery. There's no obligation to check it online.
> The new E-ID based on SSI (self-sovereign identity) is so much better than the status quo from a real-world privacy perspective towards companies that must verify your identity or age.
While I agree it's better than scanning your documents, it probably will become more popular since it's easier to check and integrate. That will in my opinion become a net negative for privacy
Fair, this may be a legal option for ordering alcohol. I really don't see the pure cryptographic hash "is older than 18y" as a big privacy issue though, as long as it is properly salted, does not provide other information on my identity and is unlinkable (i.e. multiple such signed claims are different).
The last time I opened an account for a financial service, as well as when creating an account with a service for digital document signatures, I had to do a video ident process with a private third party company. There was no other option, and I felt quite uneasy about it. I would have preferred the E-ID by far in both cases.
Both companies will inevitably store information about me to provide their service, independently of the identity verification. That is legitimate and inevitable for their service. That other, third party company storing a video of me holding my ID and my face into the camera is now not inevitable anymore.
But the Swiss already have a unique digital identifier for everyone living and working in Switzerland (your AVS number I think?) so it's really not optional, and is the primary purpose of the new UK id. The actual application itself is much of a muchness.
Also, the UK gov has already said there will be solutions for old people/time travellers/the Amish etc without phones. Nobody is going to force anybody to buy a phone.
Switzerland is transitioning to online voting, and having a digital ID for authentication is helpful for that. I hope it is used as part of the voting process.
My understanding is that the current approach for e-voting in Switzerland works with voters being sent a PIN in the mail [1]. Then the voter uses the PIN to log into the system and vote. Unfortunately that means that insecurely discarded letters from non-voters could be used to cast votes on behalf of these voters.
Some jurisdictions try to use a second factor to prevent these attacks. In Ontario, for example, many municipalities use a combination of the voter's PIN in the mail + the voter's date of birth. But a date of birth isn't really secret. Lots of people know your date of birth (especially insiders at organizations that collect this data), and it may appear in data breaches or even publicly on social media. If you're curious about this, I recently co-authored a paper which is all about security problems relating to online voting credentials in Ontario -- It's relevant to the Swiss case as well: https://link.springer.com/chapter/10.1007/978-3-032-05036-6_...
Long story short, using a digital ID to authenticate to the system (like Estonia does) goes a long way to mitigate this authentication problem. However, there are still plenty of other potential risks with online voting that are unrelated to authentication (how do you prevent ballot stuffing, clientside-vote-altering malware, falsified counts, etc). And there may be privacy risks with digital ID depending on the practical implementation.
Different systems have different approaches. If you're a voter, you can use your web browser's developer tools to see what's going on, and part of my research is essentially doing that with systems like this.
With one Ontario online voting system used by dozens of municipalities, your choice is sent via a form submission (POST) to the server. The POST contains your choice in its body (in plain text) and your browser also sends a cookie/authorization header which contains a token which was generated by the server and given to the client when the client logged in with the PIN/birthday. In that case, the online voting system could identify you and who you voted for at the time the request is made (they receive both the authorization token linked to your identity and the vote in the same request). The vendors then takes procedural steps to then separate you from your vote, and the elections authority running the election receives a report of the totals (but not who each voter voted for) from the vendor.
However, other systems are a bit more complicated. They'll serve you client-side javascript which does cryptography with your PIN / voting choice such that you can prove to the server you are authorized and made a valid vote, but the server can't link your vote to your identity. Then there's a lot of stuff that happens to mix votes together before they are unsealed and counted. I'm not a cryptographer, so I can't give you the best explanation off the dome.
The Swiss system does try to do something that looks like the latter approach, and they hire cryptographers and security professionals (and have public testing) to ensure the system's design meets requirements for ballot secrecy and if the implementation is correct.
There's a video about how ballot secrecy is ensured with the Swiss system which you can watch at this link:
So bascially you log in to the login server, which passes a token to the vote counting server that the vote is valid but with no identifying information? And there is some way to verify that these two entities do not cooperate?
How do you override a previously cast vote in that system?
(Overriding a vote is a popular solution to vote buying/intimidating which is otherwise a problem with mail-in votes and e-votes.)
> So bascially you log in to the login server, which passes a token to the vote counting server that the vote is valid but with no identifying information? And there is some way to verify that these two entities do not cooperate?
With the Ontario system I described (first example), no. You can't ensure this. In fact, the server that receives your authentication credentials is the same as the server that receives your vote.
How things work:
1. You send a POST with {"DOB":"1995-01-01", "PIN":"12345678"} to server.
2. Server responds with a session cookie. That cookie is included with all subsequent requests in order for the server to know you are authenticated. This is a typical authentication scheme for web applications.
3. Eventually you make a selection and cast your vote. This will send your vote, and the cookie, to the server.
4. The server verifies the cookie is valid and records your vote.
It is definitely possible for the server to connect the identification information you provided in your initial login with the cookie, if it chooses to log that data. There's no way for the client to know if it's happening or not.
It's also a proprietary system, and because it's owned and operated by the online voting vendor (and not a government body) it's exempt from freedom of information legislation, so you wouldn't be able to see any information about the system's design even if you really wanted to. We do know steps 1-4 exist though, because we can infer all of it from the browser's development tools when interacting with the website.
With this type of system, there is also no meaningful way for a municipality to verify the count is correct, beyond the testimony of the vendor. The system is a black box, where votes go in and a result comes out. The vendor reports the result, and the municipality then declares candidates elected.
To be clear: Not a hypothetical. This is a real system! Used by 49 municipalities in 2022!
> How do you override a previously cast vote in that system? (Overriding a vote is a popular solution to vote buying/intimidating which is otherwise a problem with mail-in votes and e-votes.)
You don't! To the best of my knowledge, no vendor/municipality offers this feature in Ontario.
There's a nugget of truth there, but I will say that the Swiss government has taken a very thorough/careful approach to implementing online voting. There are legislated cybersecurity standards for e-voting, individual and universal verifiability, pilot programs, meaningful observation, everything is open source, funding is set aside to incentivize researchers to find vulnerabilities [1].
When critical vulnerabilities were found with the previous implementation done by a private vendor, they dropped their vendor and restarted from scratch, doing everything in-house [2,3].
Not all jurisdictions are so careful. Over 200 municipalities in Ontario do voting online, despite no legislated standards (though a voluntary standard was recently developed). The voting systems are offered by private vendors, no organization is responsible for certifying these systems, and many systems do not offer any cryptographic verification of the results. It's quite interesting [4].
The idea is, if you live in your own house, you’re no better off than if you lived in another property and rented out your property, and paid the tax on the rent you get.
It’s supposed to reduce friction / bias in the market (though you could also obviously argue the reverse).
Suppose you buy bread, meat, and cheese and pay sales tax for each of them. You make a sandwich. You eat the sandwich.
Do you now owe the government the difference in sales tax on the market price of a pre-assembled sandwich versus on the market price of the individual bread, meat, and cheese?
Is it "fair" to owe the government the incremental sandwich sales tax? Should someone who can buy separate bread, meat, and cheese ingredients get such marginal sales tax benefits relative to someone who only can buy pre-made sandwiches? Or does owning the bread, meat, and cheese mean that whatever marginal value you extract from the ingredients' use is fully yours?
Supporting imputed rent seems consistent with supporting my hypothetical sandwich marginal sales tax. It's ridiculous.
Not much. They are moving from a regime where owner-occupier mortgage interest is deductible but you have to pay income tax on the imputed rental value of your owner-occupied home, to one where you don't pay the tax but also can't take the deduction.
For most Swiss people, who rent, it doesn't directly affect them. And even for most owner-occupiers, they never pay off their mortgages, and so the two effects currently cancel out. It's mostly a handout to rich people who can pay off a house (or inherited one).
Destroys it. The change will immediately raise property prices 5-10%. The only beneficiaries are those who own property today. It becomes harder to buy property, while people who own property free and clear get a huge tax benefit and only lose a tax deduction they weren't using. Essentially, it is generational warfare in the style of Prop. 13 in California.
The price of houses has just gone up because they have removed a real estate tax. Simple, and short sighted. The taxes need to be raised from somewhere so now let's see what convoluted and complex schemes they come up with to do that.
There’s nothing inherently wrong with e-ID, it can be mighty useful, especially when implemented thoughtfully. The real problem is when it’s imposed despite widespread societal opposition and refusal (which obviously is not the issue here, but is in other countries).
I agree that it can be useful, but I fear that in the future, we will have many more online platforms that require an ID than we currently do.
In the past, things like age verification required users to upload a scan or photo, and someone had to verify it. Because that was too much work for the platform operators, they didn't do it (or only with the banner "Are you over 18?").
With the e-ID instead, this will be much simpler to implement. And I expect it to become much more widespread in the future.
Even though I am for the eID I do share your worry but I don‘t think it‘s hopeless. Both politically and socially there are avenues to combat such over-identification. Still, most uses will probably more private than sharing copies of your ID so I am not sure what the gain for companies will be as it might just limit the customer base without much data gained. That does not seem in the interest of those companies. It‘s easier for the government to enforce certain checks, which is also not ideal but still there are avenues to fight this if it happens.
Quite a few actually do require ID-scan-through-email (which is horrible). Or, they simply delegate to a third party video ident service, often in another country (because cheaper).
How exactly is the status quo not much worse than "I give you a cryptographic hash proving that I am over 18, but nothing else, and without the state knowing that this transaction happened"?
The inherently wrong part about it is that it is extremely easy to revoke at the push of a button, vs a physical card that must be physically confiscated.
For those unfamiliar with this "rental tax": If you own a house in Switzerland, the tax office assumes that you are your own landlord and rent your house to yourself. It estimates the fictitious rent you charge yourself, and you have to pay income tax on it. The Swiss German name for this estimated rent is "Eigenmietwert" ("self-rental value") and this is what will now be abolished.
What makes this strange tax even more absurd: as you are your own landlord, your property interest rate becomes a business expense of your hypothetical rental company. So you can deduct your property interest from this income tax on the fictitious rent you pay yourself.
In effect, it is unattractive to fully repay your mortgage (you just leave enough debt to avoid the income tax), and Switzerland has the highest household debt in the world. By a large margin [0].
[0] https://en.wikipedia.org/wiki/List_of_countries_by_household...
> "Eigenmietwert"
It is not that absurd, we have the same in The Netherlands (eigenwoningforfait). And yes, we also have the property interest deduction, we literally call it mortgage interest deduction (hypotheekrenteaftrek, HRA).
They reason this is done is because it allows tax systems to tax main residencies differently from regular real estate tax measures, which is usually in the wealth section of tax policy.
It stems from the 1890s in The Netherlands, I assume it'll be around the same era for Switzerland and Germany.
And for other readers, yes it is as terrible a tax policy as it sounds. It is highly regressive, favoring home owners over renters, and the more expensive your house the bigger the deduction. In The Netherlands the current election cycle has it as one of the subpoints of our housing crisis, and it seems the battle won't even be about if it should be abolished, but rather if the timeline should be 30, 15, or 8 years.
I'm Belgium this rental tax is the same. You're taxed on the hypothetical rent income.
But... this is based on values of either in the 90s, or 70s.
I remember because the hypothetical income (on a yearly basis) for our 2016 new build was €1,200. Remember, income, not profit.
You couldn't rent a place within 5 miles that was below €1,000 per month.
> The Swiss German name for this estimated rent is "Eigenmietwert" ("self-rental value")
In English this is called imputed rent, it's used in US for CPI calculations.
Sounds like it’s an indirect property tax.
Swiss e-ID is self sovereign and built on open protocols.
https://github.com/swiyu-admin-ch
I like that it is open source, I don't like that they use SD-JWT tokens which contain hashes of people's names for things like age verification.
It's only partially open source. Some server-side code remains proprietary, and the client-side will depend on proprietary code of Google and Apple and they do not plan to support platforms that are actually Free Software. The law overall is badly written. For example, articles 12 and 26 effectively say that "The source is shared with public, except if it is proprietary or insecure." Or take Article 4: "The government may operate systems that protect the privacy of the identity subjects."
The Swiyu team dropped the Play Integrity requirement on Android: https://github.com/swiyu-admin-ch/eidch-android-wallet/issue... This means that the E-ID will be officially supported on AOSP based secure ROMs like GrapheneOS, without any requirement for Google services.
why is that bad?
I'm guessing you'd want to separate age verification from identity verification. A hash of your name is as good as your name since you don't change name and you provide both to certain providers, or it can be bruteforced.
It's a bit better than that, you really have to get access to the disclosure because the hash also contains a salt. But it's a needless risk
Yet I was forced to own a telephone number to sign my taxes this year. Which is honestly much worse than whatever the shit was we had before
A sad development. At least in the US, the fact that rent is taxable income to the landlord but imputed rent is untaxed is a regressive tax break for property owners (and was apparently a mistake of the original Form 1040; see Lawrence Zelenak, “The Early Income Tax and the Imputed Rental Income of Homeowners” https://doi.org/10.1017/9781108377157.008). I wonder what convinced majority-renter Swiss voters to enact such a tax break?
Wages are taxable income to workers but imputed wages are untaxed. That’s a regressive tax break for people who cook their own food and care for their own children.
lol but it’s true. The less productive stuff you do outside the formal economy the more value you get to keep. That’s why digital cash is so problematic
The difference is that you’re comparing labor income (making your own dinner) to rental income from land (imputed rent). Poor people tend to not own property, whereas poor people do tend to make their own meals, so I doubt your claim that taxing home meals would be equally progressive.
Unlike the proposed UK digital ID (which is not a "card"), this one is optional. Nobody is being forced to buy a smartphone and accept Apple or Google's terms of service.
Define optional? There will be new checks introduced online where you can only enter if you have an E-ID.
Companies do have to accept a physical card as well, but only if you appear physically at the companies doors. Otherwise, that statement was kind of deceptive in my opinion because there will be a lot of pressure to get one. They also decided to make it free, which shows they probably want to achieve a high adoption.
> Define optional?
“Les personnes habitant en Suisse et les Suisses de l'étranger pourront demander une e-ID. L'utilisation de cette dernière ne sera toutefois pas obligatoire. En effet, la Confédération continuera à offrir toutes ses prestations dans le monde réel. Il faudra modifier la loi si l'on veut un jour déclarer obligatoire l'utilisation de l'e-ID dans certains cas. Un référendum pourra alors être lancé contre la modification décidée par le Parlement.”
Automatic translation: “People living in Switzerland and Swiss abroad will be able to apply for an e-ID. However, the use of the latter will not be mandatory. Indeed, the Confederation will continue to offer all its services in the real world. It will be necessary to amend the law if one day we want to declare the use of e-ID mandatory in certain cases. A referendum can then be launched against the amendment decided by Parliament.”
Optional meaning you have the choice of using the existing physical ID. I don't see how this is deceptive. "A lot of pressure" is not the same as being unable to legally work without the digital ID.
Because they did advertise it in a way to make people believe they could still do their things online without an E-ID, which will not be the case. It's not optional online.
Companies can already request and will still be able to request a PDF scan of your ID. Or worse, video ident through a private third party.
This is the status quo for ordering alcohol online, or if you want to open a bank account.
The new E-ID based on SSI (self-sovereign identity) is so much better than the status quo from a real-world privacy perspective towards companies that must verify your identity or age.
> This is the status quo for ordering alcohol online, or if you want to open a bank account.
I just ordered alcohol yesterday and they only checked it up on delivery. There's no obligation to check it online.
> The new E-ID based on SSI (self-sovereign identity) is so much better than the status quo from a real-world privacy perspective towards companies that must verify your identity or age.
While I agree it's better than scanning your documents, it probably will become more popular since it's easier to check and integrate. That will in my opinion become a net negative for privacy
Fair, this may be a legal option for ordering alcohol. I really don't see the pure cryptographic hash "is older than 18y" as a big privacy issue though, as long as it is properly salted, does not provide other information on my identity and is unlinkable (i.e. multiple such signed claims are different).
The last time I opened an account for a financial service, as well as when creating an account with a service for digital document signatures, I had to do a video ident process with a private third party company. There was no other option, and I felt quite uneasy about it. I would have preferred the E-ID by far in both cases.
Both companies will inevitably store information about me to provide their service, independently of the identity verification. That is legitimate and inevitable for their service. That other, third party company storing a video of me holding my ID and my face into the camera is now not inevitable anymore.
But the Swiss already have a unique digital identifier for everyone living and working in Switzerland (your AVS number I think?) so it's really not optional, and is the primary purpose of the new UK id. The actual application itself is much of a muchness.
Also, the UK gov has already said there will be solutions for old people/time travellers/the Amish etc without phones. Nobody is going to force anybody to buy a phone.
AFAIK, the UK gov has only said there will be solutions for people unable to use a phone, not people unwilling to use a phone.
" As part of our consultation, we will be making sure the scheme is inclusive by considering:
- physical alternatives are available for those without smartphones "
From
https://www.gov.uk/government/publications/digital-id-scheme...
>the Swiss already have a unique digital identifier
Digital as in being a sequence of thirteen digits?
Switzerland is transitioning to online voting, and having a digital ID for authentication is helpful for that. I hope it is used as part of the voting process.
My understanding is that the current approach for e-voting in Switzerland works with voters being sent a PIN in the mail [1]. Then the voter uses the PIN to log into the system and vote. Unfortunately that means that insecurely discarded letters from non-voters could be used to cast votes on behalf of these voters.
Some jurisdictions try to use a second factor to prevent these attacks. In Ontario, for example, many municipalities use a combination of the voter's PIN in the mail + the voter's date of birth. But a date of birth isn't really secret. Lots of people know your date of birth (especially insiders at organizations that collect this data), and it may appear in data breaches or even publicly on social media. If you're curious about this, I recently co-authored a paper which is all about security problems relating to online voting credentials in Ontario -- It's relevant to the Swiss case as well: https://link.springer.com/chapter/10.1007/978-3-032-05036-6_...
Long story short, using a digital ID to authenticate to the system (like Estonia does) goes a long way to mitigate this authentication problem. However, there are still plenty of other potential risks with online voting that are unrelated to authentication (how do you prevent ballot stuffing, clientside-vote-altering malware, falsified counts, etc). And there may be privacy risks with digital ID depending on the practical implementation.
[1] https://digital-solutions.post.ch/en/e-governmenthttps/digit...
How do any of these schemes ensure that votes can't be traced back to individuals? Secrecy is an important part of voting.
Different systems have different approaches. If you're a voter, you can use your web browser's developer tools to see what's going on, and part of my research is essentially doing that with systems like this.
With one Ontario online voting system used by dozens of municipalities, your choice is sent via a form submission (POST) to the server. The POST contains your choice in its body (in plain text) and your browser also sends a cookie/authorization header which contains a token which was generated by the server and given to the client when the client logged in with the PIN/birthday. In that case, the online voting system could identify you and who you voted for at the time the request is made (they receive both the authorization token linked to your identity and the vote in the same request). The vendors then takes procedural steps to then separate you from your vote, and the elections authority running the election receives a report of the totals (but not who each voter voted for) from the vendor.
However, other systems are a bit more complicated. They'll serve you client-side javascript which does cryptography with your PIN / voting choice such that you can prove to the server you are authorized and made a valid vote, but the server can't link your vote to your identity. Then there's a lot of stuff that happens to mix votes together before they are unsealed and counted. I'm not a cryptographer, so I can't give you the best explanation off the dome.
The Swiss system does try to do something that looks like the latter approach, and they hire cryptographers and security professionals (and have public testing) to ensure the system's design meets requirements for ballot secrecy and if the implementation is correct.
There's a video about how ballot secrecy is ensured with the Swiss system which you can watch at this link:
https://digital-solutions.post.ch/en/e-governmenthttps/digit...
So bascially you log in to the login server, which passes a token to the vote counting server that the vote is valid but with no identifying information? And there is some way to verify that these two entities do not cooperate?
How do you override a previously cast vote in that system?
(Overriding a vote is a popular solution to vote buying/intimidating which is otherwise a problem with mail-in votes and e-votes.)
Love the questions!
> So bascially you log in to the login server, which passes a token to the vote counting server that the vote is valid but with no identifying information? And there is some way to verify that these two entities do not cooperate?
With the Ontario system I described (first example), no. You can't ensure this. In fact, the server that receives your authentication credentials is the same as the server that receives your vote.
How things work:
1. You send a POST with {"DOB":"1995-01-01", "PIN":"12345678"} to server.
2. Server responds with a session cookie. That cookie is included with all subsequent requests in order for the server to know you are authenticated. This is a typical authentication scheme for web applications.
3. Eventually you make a selection and cast your vote. This will send your vote, and the cookie, to the server.
4. The server verifies the cookie is valid and records your vote.
It is definitely possible for the server to connect the identification information you provided in your initial login with the cookie, if it chooses to log that data. There's no way for the client to know if it's happening or not.
It's also a proprietary system, and because it's owned and operated by the online voting vendor (and not a government body) it's exempt from freedom of information legislation, so you wouldn't be able to see any information about the system's design even if you really wanted to. We do know steps 1-4 exist though, because we can infer all of it from the browser's development tools when interacting with the website.
With this type of system, there is also no meaningful way for a municipality to verify the count is correct, beyond the testimony of the vendor. The system is a black box, where votes go in and a result comes out. The vendor reports the result, and the municipality then declares candidates elected.
To be clear: Not a hypothetical. This is a real system! Used by 49 municipalities in 2022!
> How do you override a previously cast vote in that system? (Overriding a vote is a popular solution to vote buying/intimidating which is otherwise a problem with mail-in votes and e-votes.)
You don't! To the best of my knowledge, no vendor/municipality offers this feature in Ontario.
I really enjoy these detailed answers
Happy to provide them! It's an interesting area of research for sure.
As always, relevant xkcd: https://xkcd.com/2030
There's a nugget of truth there, but I will say that the Swiss government has taken a very thorough/careful approach to implementing online voting. There are legislated cybersecurity standards for e-voting, individual and universal verifiability, pilot programs, meaningful observation, everything is open source, funding is set aside to incentivize researchers to find vulnerabilities [1].
When critical vulnerabilities were found with the previous implementation done by a private vendor, they dropped their vendor and restarted from scratch, doing everything in-house [2,3].
Not all jurisdictions are so careful. Over 200 municipalities in Ontario do voting online, despite no legislated standards (though a voluntary standard was recently developed). The voting systems are offered by private vendors, no organization is responsible for certifying these systems, and many systems do not offer any cryptographic verification of the results. It's quite interesting [4].
[1] https://digital-solutions.post.ch/en/e-government/blog/volls...
[2] https://openprivacy.ca/assets/knightsandknaves.pdf
[3] https://www.swissinfo.ch/eng/politics/swiss-post-set-to-rela...
[4] https://whisperlab.org/ontario-online.pdf
not rental tax. Rental tax on the house you own, if you live in it
At least according to phind
https://www.phind.com/search/cmg40zr9i00002a6lqddmuyxt
I suppose that would count as a progressive tax (as opposed to regressive, like VAT)
It’s actually “imputed rental value tax”.
The point is fairness, not progressiveness.
The idea is, if you live in your own house, you’re no better off than if you lived in another property and rented out your property, and paid the tax on the rent you get.
It’s supposed to reduce friction / bias in the market (though you could also obviously argue the reverse).
Suppose you buy bread, meat, and cheese and pay sales tax for each of them. You make a sandwich. You eat the sandwich.
Do you now owe the government the difference in sales tax on the market price of a pre-assembled sandwich versus on the market price of the individual bread, meat, and cheese?
Is it "fair" to owe the government the incremental sandwich sales tax? Should someone who can buy separate bread, meat, and cheese ingredients get such marginal sales tax benefits relative to someone who only can buy pre-made sandwiches? Or does owning the bread, meat, and cheese mean that whatever marginal value you extract from the ingredients' use is fully yours?
Supporting imputed rent seems consistent with supporting my hypothetical sandwich marginal sales tax. It's ridiculous.
So everyone is a permanent renter ?
Yes
Abolishing rental tax is huge. What does that do for affordability?
Not much. They are moving from a regime where owner-occupier mortgage interest is deductible but you have to pay income tax on the imputed rental value of your owner-occupied home, to one where you don't pay the tax but also can't take the deduction.
For most Swiss people, who rent, it doesn't directly affect them. And even for most owner-occupiers, they never pay off their mortgages, and so the two effects currently cancel out. It's mostly a handout to rich people who can pay off a house (or inherited one).
Destroys it. The change will immediately raise property prices 5-10%. The only beneficiaries are those who own property today. It becomes harder to buy property, while people who own property free and clear get a huge tax benefit and only lose a tax deduction they weren't using. Essentially, it is generational warfare in the style of Prop. 13 in California.
Why will property prices increase by 5-10%? How was that range calculated?
It's what Swiss wealth management firms are predicting.
makes swiss landlords richer. Foreign nationals cannot own rental homes.
Not at all, it depends on the residence permit. With a C permit you can buy and rent properties, while with B you can buy only your own home
Not quite. If you reside in Switzerland, you can own rental homes. Just foreign non-residents cannot buy.
Can you go into more detail?
This only affects homeowners who live in their own property, not landlords. If you earn rent on your property, you will still pay income tax on it.
The price of houses has just gone up because they have removed a real estate tax. Simple, and short sighted. The taxes need to be raised from somewhere so now let's see what convoluted and complex schemes they come up with to do that.
There’s nothing inherently wrong with e-ID, it can be mighty useful, especially when implemented thoughtfully. The real problem is when it’s imposed despite widespread societal opposition and refusal (which obviously is not the issue here, but is in other countries).
I agree that it can be useful, but I fear that in the future, we will have many more online platforms that require an ID than we currently do.
In the past, things like age verification required users to upload a scan or photo, and someone had to verify it. Because that was too much work for the platform operators, they didn't do it (or only with the banner "Are you over 18?").
With the e-ID instead, this will be much simpler to implement. And I expect it to become much more widespread in the future.
Even though I am for the eID I do share your worry but I don‘t think it‘s hopeless. Both politically and socially there are avenues to combat such over-identification. Still, most uses will probably more private than sharing copies of your ID so I am not sure what the gain for companies will be as it might just limit the customer base without much data gained. That does not seem in the interest of those companies. It‘s easier for the government to enforce certain checks, which is also not ideal but still there are avenues to fight this if it happens.
Quite a few actually do require ID-scan-through-email (which is horrible). Or, they simply delegate to a third party video ident service, often in another country (because cheaper).
How exactly is the status quo not much worse than "I give you a cryptographic hash proving that I am over 18, but nothing else, and without the state knowing that this transaction happened"?
Indian Aadhaar has some examples discussed here
https://news.ycombinator.com/item?id=41608810
I hate that everything is being pushed onto the phone. Its a single point of failure.
The inherently wrong part about it is that it is extremely easy to revoke at the push of a button, vs a physical card that must be physically confiscated.