Privacy

Mostly reads as labelling bots. The verify bit doesn't seem to actually say the workflow they'll use, but spew some suggestions of how it could be done.

When confirming that there is a human behind an account, we prefer third-party tools that keep a distance between verification and Reddit itself. Any system we use will not expose your real-world identity to Reddit nor your Reddit username or activity to any third party. There are a handful of ways to do this, and I’m sure there will be more. Each have their tradeoffs:

• Passkeys (which are well supported by Apple, Google, YubiKey, and various password managers) - These are lightweight, require a human to do something, and don’t require your ID. The tradeoff is that there is no proof of individuality or anything other than “a human probably did something.” Nevertheless, it’s a great starting point.

• Third-party biometric services - For example, World ID (yes, the Orb company, though they have non-Orb solutions as well). This technology unlocks proof-of-individual without requiring your name, government ID, or a centralized database. I think the internet needs verification solutions like this, where your account information, usage data, and identity never mix.

• Third-party government ID services - In some countries, such as the UK and Australia, governments require us to use these. These are the least secure, least private, and least preferred. When we are forced to do this, we design the integrations so that we never actually see your ID information, so your Reddit data cannot be tied to you.