Australia has strict KYC and AML laws that means many financial institutions and fintech businesses will request drivers licences and passports as a part of user registration. This may well be common all over the world but I’ve had to upload a photo of my drivers licence to one service or another twice in the last month.
Some bars also take a photo of your driving license, I found that very weird but didnt say anything because I didnt want to cause any fuss going with a group.
This happens at a lot of places in Las Vegas, too. I don’t give any business to places I can’t prove my age, walk in, and pay with cash without a record being made of my whereabouts.
The real issue I find is that your data is being handed off immediately by the bar to a third party provider, with whom you have no business relationship. The moment you hand over your ID, the bar is uploading it, and now the data is entirely out of your control. They could publish your home address (if you’re foolish enough to have the location where you sleep on your ID card, which is effectively public record) and you’d have no recourse whatsoever against them when people show up at your house, or at your hotel while on holiday (because the hotel bar published/leaked a name+location+timestamp).
At the least, it’s a major privacy violation; at the most it’s a physical safety issue.
Make a fuss. That shit’s absolutely over the line. Take the whole group somewhere else.
From my POV as a former bouncer turned software developer, causing a fuss (assuming you mean in the moment) isn't the right move.
If you blow up and start yelling at the bouncer (who will get fired if he doesn't scan your ID), you're taking it out on someone who can't change the policy, and you're going to sully the entire evening for the rest of your group. Contact management, absolutely, but causing a fuss at the scene is less than effective.
And there is a flipside to the physical safety issue - there were two stabbings (and countless other attacks) in the club I worked at, and we were able to positively ID the attackers within ~30 minutes of the incident, which led to their arrest hours later.
Violating the privacy of 100% of patrons, putting them ALL at risk, to be able to catch the small percentage of violent people is not an acceptable trade-off, whether the group is 100 people or all of society. This is why we have the presumption of innocence and the 4th amendment. Private businesses can act otherwise, but they’re douchebags if they do so.
Showing ID doesn’t make anyone safer; indeed your bar violated everyone’s privacy and on multiple occasions someone STILL got stabbed. Worst of all options. It makes everyone less safe.
Privacy is a basic right.
Don’t give a single dime to organizations that act otherwise.
Why can't this just be centralized? upload KYC once and that one service verifies to other companies that you're legit, compared to uploading KYC to 33 different websites.
There are hundreds if not thousands of servers open to the internet that contains CT/CET/MRI/X-ray scans (PACS servers or DICOM)
I accidently found some of them, you can download 'sensitive' patient data, illness/disease information specifically labelled and categorized waiting for you to collect.
Some of those also include family-tree information, random ID scans (driver's license, national IDs etc), and contract scans (hand-signed versions)
I found those back in 2017, even though notified respective hospitals and institutions, they're still open. Given WFH/remote-working practices are more common now, probably there are more.
In most US states they are also public - you can query traffic citations from many court houses and get full person details and drivers licenses, address, dob,and more. It's really quite wild how many public data sets are out there with your data.
