> If you're trying to hide who you are from our very first interaction, that's a massive red flag.
You conflate email with identity, just like the media companies conflated IP addresses.
It's not hiding who you are, it's hiding my real email address behind a mask that you can't choose to sell off to marketers, or spam yourself, or otherwise profit off, regardless of the nature of our relationship - I've got plenty of spam emails from companies that I closed accounts with, thus severing our relationship.
> If you can trivially create hundreds of these emails, and fill in the rest of the required info with bought/stolen/generated PII, now I have a vector for mass fraud. Requiring you to use a recognized non-anonymized provider doesn't stop you, but it sure does slow you down. (It's not this simple of course, but all security works in layers)
It's not that simple, but I guarantee it doesn't remotely slow anyone down, not at the scales we're talking. Maybe if you're talking one entity and tens or hundreds of thousands of accounts, but it's laughably naive to believe that such a person who is set up to conduct "mass fraud" can't create 100 Gmail/Outlook/iCloud email addresses a day, if not an hour, with near zero effort (it's not like they're committing "mass fraud" by hand, after all).
> I guarantee it doesn't remotely slow anyone down
I have watched the rate go down and stay down on real live dashboards.
> Maybe if you're talking one entity and tens or hundreds of thousands of accounts
We are.
I'm not so rude as to call you "laughably naive" but I am speaking from experience and you appear to be considering a hypothetical.
It sounds like you are trying to shoehorn email into some kind of “real person verification” role, when you ought to be doing actual KYC through some provider like ID.me. (If honest to god no-shit fraud is on the table.)
If I can filter/throttle fraudsters at the create account step for free, I save on the fees my KYC/IDV providers charge each time they attempt to defeat it.
At the cost of blocking legitimate users who don’t want to be spammed, don’t want to be correlated after a data breach, etc.
I have been willing to do KYC for services (usually financial) without giving out my main email. Services that put up too many barriers to this don’t get my business. I concede that there aren’t that many users like me, compared to the general public, but I’m a legitimate user.
There must be at least two of us!
Luckily I'm not obligated to serve legitimate users who's behavior is similar to that of fraudsters. That would make my job very difficult!
As I said above, and you concede, users like this are too small a minority to be worth worrying about.
Nowhere other than on HN have I seen so many people who are actively proud of their anti-consumer (and frankly anti-human) behaviour. It's a rather revealing look into the veil behind big tech. A lot of people have this misconception that it's evil $bigcorp forcing employees to do what earns a paycheck, but no, there's no shortage of normal people like yourself bragging about anything they can do to identify and track consumers more easily while comparing them to fraudsters for not wanting to be tracked. I suppose that's the narrative you have to concoct to help yourself sleep at night.
I'm curious, though:
> choosing to participate anonymously
Why are your name, e-mail address, and phone number not on your profile? Are you using HN with the intent to commit fraud?