In the example you give there is no needed provision to store the id or all information in the document. Only extracting the date of birth, name and document number is sufficient.
Yes I know this a utopia and it won't happen.
Edit: afaik storing the photo is only needed in medical cases to alternatively asses having the correct person. Bit much for something simple as age verification.
This breach is them being irresponsible with customer support software. In the case of automated age verification, the providers say that nothing identifiable gets stored and they might be lying but it’s feasible that you could run that service the way they say they do.
This breach is about the manual alternative to that, where you can appeal to Discord customer support if the automated thing says you’re not the right age. They seem to do that in part by having you send a picture of your ID.
I’m sure in their database they’re then just storing the date of birth etc, but then they obviously just don’t bother deleting the private image from the customer service software.
Sounds like a great use case for an automated ML cleanup/reporting feature. Maybe as a daemon as a bolt-on fix, or integrated as a feature into the support software itself.
Add in blockchain and we’ll be all set.
Even then, for age verification, just verify the ID, record + sign the verification, and DESTROY THE DATA! Don't retain the original document "just in case", or even the birthday or name.
But why? I mean... this data might be valueable at some time, if nothing else, when the company is sold to some other data-gathering company... and the punishment for such a breach will be less than the data is worth.
I mean.. if the governments did their jobs and multipled the punishment for a single breach by 70.000 (in this case) and cause the company to go bankrupt.... well, only then would the companies reconsider. But until then, they won't.