IdeaWell

Project ideas from Hacker News discussions.

OpenAI, the US government and Persona built an identity surveillance machine

Original Article

Hacker News Discussion

📝 Discussion Summary (Click to expand)

1. Privacy & data‑handling in Persona’s LinkedIn ID‑verification

  • Users are urged to exercise their GDPR rights:
    “Request your data. Email idv‑privacy@withpersona.com or privacy@withpersona.com. Under GDPR, they have 30 days to respond.”drac89
  • Persona’s own response down‑shifts responsibility to the customer:
    “TL;DR we’re not responsible, go talk to LinkedIn.”4midori

2. Surveillance, AI and a looming dystopian future

  • The tech‑industry’s promises are seen as “dreams” that become “memes”:
    “It seems like at every technological step, we’re sold the dream and delivered the meme.”pharos92
  • Many participants warn that we’re already “close to a Dystopian world where all elites of a certain group collaborate to run a Super Leviathan.” – ferguess_k

3. Corporate culture, engineer ethics and the need for accountability

  • The “evil pays more” mantra is repeated:
    “Evil pays more.”FrustratedMonky
  • Tech leaders justify surveillance by framing geopolitical threats:
    “Many tech execs operate under the thesis that China & the democratic party are existential threats that warrant a surveillance/military/police ramp‑up.”biophysboy
  • Calls for transparency about who builds these systems:
    “We need an open‑source platform that tracks the people who work and build such systems.”tamimio

These three threads—privacy rights, dystopian surveillance, and corporate/engineer accountability—dominate the discussion.

🚀 Project Ideas

Persona Data Request Manager

Summary

  • Automates GDPR Data Subject Access Requests (DSAR) to Persona and similar services, tracking status and sending follow‑ups.
  • Provides a single dashboard for users to see which requests are pending, responded to, or need escalation.

Details

Key Value
Target Audience Privacy‑conscious individuals, small businesses, compliance teams
Core Feature DSAR automation, status tracking, email templates, response logging
Tech Stack Node.js, Express, SendGrid API, PostgreSQL, Docker
Difficulty Medium
Monetization Revenue‑ready: $5/month subscription for advanced analytics and bulk requests

Notes

  • HN commenters complain “they just won’t respond, then you can wait for 4+ years and nothing will happen.” This tool turns that frustration into a measurable workflow.
  • Useful for regulators and journalists who need to audit compliance across multiple vendors.

OpenID Self‑Host KYC

Summary

  • Open‑source, self‑hosted identity verification platform that captures biometric data locally and never stores it in the cloud.
  • Enables organizations in the EU and other privacy‑sensitive regions to comply with KYC without relying on US tech.

Details

Key Value
Target Audience SMEs, NGOs, government agencies, fintech startups
Core Feature Local biometric capture, document OCR, zero‑knowledge proof generation, audit trail
Tech Stack Rust, WebAssembly, WebRTC, PostgreSQL, Docker, OpenSSL
Difficulty High
Monetization Hobby (open‑source) or Revenue‑ready: one‑time enterprise license ($5k)

Notes

  • Addresses the call for “homegrown solutions over US tech” and the need for “local identity verification” highlighted by commenters.
  • Provides a clear alternative to Persona’s cloud‑based model, satisfying GDPR “data minimisation” and “storage limitation” principles.

Surveillance Tech Transparency Dashboard

Summary

  • Public, searchable database that aggregates employee, contractor, and project information from surveillance‑related companies (Persona, OpenAI, Palantir, etc.).
  • Gives journalists, regulators, and activists a tool to trace who is building and deploying surveillance tech.

Details

Key Value
Target Audience Journalists, activists, policy makers, researchers
Core Feature Web‑scraping of LinkedIn, company filings, contract announcements; real‑time alerts for new hires or projects
Tech Stack Python, Scrapy, Django, ElasticSearch, Grafana
Difficulty Medium
Monetization Hobby (open‑source)

Notes

  • Responds to the demand for “exposing the enablers” and “publicly listing who works on such systems” expressed by several commenters.
  • Encourages accountability and could spark policy discussions on surveillance tech governance.

Privacy‑Preserving KYC API

Summary

  • API that performs identity verification using zero‑knowledge proofs, storing no biometric data and keeping personal data minimal.
  • Enables fintech, crypto, and SaaS companies to meet KYC/AML requirements without compromising user privacy.

Details

Key Value
Target Audience Fintech startups, crypto exchanges, SaaS platforms
Core Feature ZKP‑based identity proof, audit logs, GDPR‑ready data handling
Tech Stack Go, zk‑SNARK libraries, PostgreSQL, Docker, gRPC
Difficulty High
Monetization Revenue‑ready: $0.50 per verification or $50/month for bulk plans

Notes

  • Addresses the frustration that “KYC concerns for API access” are often over‑broad and invasive.
  • Provides a concrete solution to the “privacy‑friendly KYC” pain point raised by many HN users.

Read Later