Age verification is merely the background task to set up infrastructure for OS to provide many many other signals about who's using the device.
Age signals from the OS? Need to provide a channel of information available to applications. Applications already talk to servers with unchecked commonality.
Biometric data? Today it unlocks your private key. Tomorrow it's used to verify you are the same person that was used during sign-up -- the same that was "age-verified".
Next year, the application needs to "double-check" your identity. That missile that's coming to you? Definitely not AI-controlled, definitely not coming to destroy the "verified" person who posted a threatening comment about the AI system's god complex. Nope, it's coming to deliver freedom verification.
Muromec 1 hours ago [-]
Nobody stops the government from sending goons to your door right now for a snarky comment. Some govts in fact do it today. It is also cheaper than ai rocket and more precise too
In a sense, surveillance is a multiplier on your goons, creating virtual goons. If you have 5 goons but you can send them directly to the house of people who disagree with the government with 99% accuracy, it's like you had 500 goons waiting outside 500 houses then only entering the ones where people disagree with the government.
mystraline 50 minutes ago [-]
Its called police. And they scale extraordinarily well.
And turns out power-tripping men offered raw power over other humans on threat of violence is something they like.
And ICE? Remember J6 and Three Percenter's and all those right wing militias? They ended up in ICE. Same reasons.
brewcejener 42 minutes ago [-]
A very bold claim I have heard repeatedly, backed up with zero evidence. Care to share any proof you have found?
That was from a quick search, no doubt there's more. Now it gets down to trust issues on reporting.
nurettin 32 minutes ago [-]
It is called swatting.
nesky 1 hours ago [-]
Cost kind of stops the government from sending goons right now, sure some governments do it but, it's costly at scale.
justsid 58 minutes ago [-]
Missiles are a lot more expensive and much less reusable than goons though. If the nation state can’t afford the goons, it can’t afford to missile you either
c22 48 minutes ago [-]
With the digital panopticon neither goons nor missles are really necessary. Opressive forces can just disable your spending and travel credits. If they need you dead or in custody they can just grab you the next time you pop up on camera near one of their agents.
riffraff 2 minutes ago [-]
[delayed]
motbus3 7 minutes ago [-]
There are cheap drones with guns now thought
collingreen 51 minutes ago [-]
Drones aren't though. Plenty of ways to use the data above for evil deeds.
brewcejener 40 minutes ago [-]
Reaper drones will be the more cost effective way to eradicate amalek.
jpadkins 51 minutes ago [-]
The UK gov has shown to be incredibly efficient at arresting and imprisoning citizens for social media comments.
dboreham 8 minutes ago [-]
This is widely promoted but not true.
dontwannahearit 15 minutes ago [-]
Please share evidence.
vikingerik 25 minutes ago [-]
The cost effectiveness is the intimidation and chilling effects on a wider population, when that can be achieved with a small number of actual goons.
motbus3 7 minutes ago [-]
Stop justifying more horrible stuff with "there is already some horrible stuff"
ImPostingOnHN 25 minutes ago [-]
The government already does that. The only challenge is scale.
marcosdumay 52 minutes ago [-]
The goons are. Almost no government can create goons that are submissive enough to comply with any kind of crazy order.
XajniN 38 minutes ago [-]
Are you living under a rock?
gzread 11 minutes ago [-]
The application has access to your entire home folder, isn't that enough information?
ccvannorman 2 hours ago [-]
[flagged]
inetknght 2 hours ago [-]
Buddy... I've been called a robot since long before AI became mainstream.
scottyah 35 minutes ago [-]
Ha! We should have a T shirt with this.
gruez 2 hours ago [-]
>Age signals from the OS? Need to provide a channel of information available to applications. Applications already talk to servers with unchecked commonality.
This is a non-issue because it's almost certainly going to be gated behind a permission prompt. There are more invasive things sites/apps can ask for, and we seem to be doing fine, eg. location. Moreover is it really that much of a privacy loss if you go on steam, it asks you to verify you're over 18, and the OS says you're actually over 18?
>Biometric data? Today it unlocks your private key. Tomorrow it's used to verify you are the same person that was used during sign-up -- the same that was "age-verified".
Given touch id was introduced over a decade ago, and the associated doom-mongering predilections did not come to pass, I think it's fair to conclude it's a dud.
sylos 11 minutes ago [-]
This is the doommongering coming to pass. Did it happen overnight? No! But you just provided the excuse! "gee see nothing bad came to pass. We can just use that tool"
vachina 1 hours ago [-]
> permission prompt
Watch as apps refuse to work when you deny them permission. Also the OS (and “privileged apps”) don’t ask for permission, they have full unfettered access to everything already.
gruez 28 minutes ago [-]
>Also the OS (and “privileged apps”) don’t ask for permission, they have full unfettered access to everything already.
If you can't trust the OS, you have bigger issues than it knowing whether you're 18 or not. At the very least it has a camera pointed at you at all moments you're using it, and can eavesdrop in all your conversations.
Nevermark 21 minutes ago [-]
Of course you can trust an OS that is engineered against you.
If your OS prevented encryption, because one of the anti-encryption laws got passed, would you still trust its privacy and security?
a456463 2 hours ago [-]
I bet you are the same clown that also says that we don't need QA because there are no incidents in production
inetknght 2 hours ago [-]
> This is a non-issue because it's almost certainly going to be gated behind a permission prompt.
lol.
> Moreover is it really that much of a privacy loss if you go on steam, it asks you to verify you're over 18, and the OS says you're actually over 18?
Slippery slope, but an interesting argument. While SteamOS is a thing, Steam isn't my OS.
> Given touch id was introduced over a decade ago, and the associated doom-mongering predilections did not come to pass, I think it's fair to conclude it's a dud.
Really? You think that things built decades ago can't be further built-upon in the now or the future?
gruez 24 minutes ago [-]
>Slippery slope, but an interesting argument. While SteamOS is a thing, Steam isn't my OS.
You mean non slippery slope?
>Really? You think that things built decades ago can't be further built-upon in the now or the future?
If there's no deadlines for predilections, how can we score them? Should we still be worried about some yet undiscovered way that cell phones are causing cancer, despite decades of apparently no harmful side effects?
troyvit 53 minutes ago [-]
The original post was removed from reddit but it links to this GitHub repo that has most of the same information, but in a different format:
I am now waiting for Gruber (daringfireball.net) to post another rant about how terrible EU regulation is.
Zero-knowledge proofs are the way to go for this type of thing, I find it mind-boggling that the US lets itself be bamboozled into complete lack of privacy.
cosmos0072 5 hours ago [-]
I am from EU, and contrary to age verification laws in general.
My stance is that if somebody is a minor, his/her/their parents/tutors/legal guardian are responsible for what they can/cannot do online, and that the mechanism to enforce that is parental control on devices.
Having said that, open-source zero-knowledge proofs are infinitely less evil (I refuse to say "better") than commercial cloud-based age monitoring baked into every OS
heavyset_go 4 hours ago [-]
> Having said that, open-source zero-knowledge proofs are infinitely less evil (I refuse to say "better") than commercial cloud-based age monitoring baked into every OS
To be honest, I worry that the framing of this legislation and ZKP generally presents a false dichotomy, where second-option bias[1] prevails because of the draconian first option.
There's always another option: don't implement age verification laws at all.
App and website developers shouldn't be burdened with extra costly liability to make sure someone's kids don't read a curse word, parents can use the plethora of parental controls on the market if they're that worried.
> App and website developers shouldn't be burdened with extra costly liability
Why not? Physical businesses have liability if they provide age restricted items to children. As far as I know, strip clubs are liable for who enters. Selling alcohol to a child carries personal criminal liability for store clerks. Assuming society decides to restrict something from children, why should online businesses be exempt?
On who should be responsible, parents or businesses, historically the answer has been both. Parents have decision making authority. Businesses must not undermine that by providing service to minors.
MonkeyClub 2 hours ago [-]
> Physical businesses have liability if they provide age restricted items to children.
Ok, suppose the strip club is the website, and the club's door is the OS.
Would you fine the door's manufacturer for teens getting into the strip club?
jerf 1 hours ago [-]
Dueling physical analogies is never a productive way to resolve a conversation like this. It just diverts all useful energy into arguing about which analogy is more accurate but it doesn't matter because the people pushing this law don't care about any of them and aren't going to stop even if the entire internet manages to agree about an analogy. This needs to be fought directly.
ndriscoll 1 hours ago [-]
The OS is not the club's door. The OS is unrelated. The strip club needs to hire someone to work their door and check ID, not point at an unrelated third party. They should have liability to do so as the service provider.
Ray20 2 hours ago [-]
> Why not?
This implies the creation of an infrastructure for the total surveillance of citizens, unlike age verification by physical businesses.
gzread 8 minutes ago [-]
Knowing if the user's over 18 doesn't imply total surveillance, it only implies a user profile setting that says if they're over 18.
ndriscoll 2 hours ago [-]
Spell it out: how do ID checks for specific services (where the laws I've read all require no records be retained with generally steep penalties) create an infrastructure for total surveillance? Can't sites just not keep records like they do in person and like the law mandates? Can't in-person businesses keep records and share that with whomever you're worried about?
How do you reconcile porn sites as a line in the sand with things like banking or online real estate transactions or applying for an apartment already performing ID checks? The verification infrastructure is already in place. It's mundane. In fact the apartment one is probably more offensive because they'll likely make you do their online thing even if you could just walk in and show ID.
pixl97 2 hours ago [-]
>create an infrastructure for total surveillance
I mean, we're talking about age verification in the OS itself in some of these laws, so tell me how it doesn't.
Quantity is a quality. We're not just seeing it for porn, it's moving to social media in general. Politicians are already talking about it for all sites that allow posts, that would include this site.
So you tell me.
ndriscoll 2 hours ago [-]
App and website developers having liability is an alternative to OS controls. Mandatory OS controls are OS/device manufacturers having liability. I agree that's a poor idea, and actually said as much like a year ago pointing out that this California bill was the awful alternative when people were against bills like the one from Texas. It's targeting the wrong party and creates burdens on everyone even if you don't care about porn or social media.
heavyset_go 1 hours ago [-]
No, in the CA law OS controls are part and parcel with app and website developer liability.
ndriscoll 34 minutes ago [-]
They're separate concepts. Clearly, obviously, mandating OS controls is creating liability for OS providers, not service operators. Other states do liability for providers without mandating some other party get involved.
California is also stupid for creating liability for service/app providers that don't even deal in age restricted apps, like calculators or maps. It's playing right into the "this affects the whole Internet/all of computing" narrative when in fact it's really a small set of businesses that are causing issues and should be subject to regulation.
MSFT_Edging 3 hours ago [-]
> Physical businesses have liability if they provide age restricted items to children.
These are often clear cut. They're physical controlled items. Tobacco, alcohol, guns, physical porn, and sometimes things like spray paint.
The internet is not. There are people who believe discussions about human sexuality (ie "how do I know if I'm gay?") should be age restricted. There are people who believe any discussion about the human form should be age restricted. What about discussions of other forms of government? Plenty would prefer their children not be able to learn about communism from anywhere other than the Victims of Communism Memorial Foundation.
The landscape of age restricting information is infinitely more complex than age restricting physical items. This complexity enables certain actors to censor wide swaths of information due to a provider's fear of liability.
This is closer to a law that says "if a store sells an item that is used to damage property whatsoever, they are liable", so now the store owner must fear the full can of soda could be used to break a window.
gzread 6 minutes ago [-]
However there are also parts of the internet that are clear cut, like porn.
ndriscoll 3 hours ago [-]
That's not a problem of age verification. That's a problem of what qualifies for liability and what is protected speech, and the same questions do exist in physical space (e.g. Barnes and Noble carrying books with adult themes/language).
So again, assuming we have decided to restrict something (and there are clear lines online too like commercial porn sites, or sites that sell alcohol (which already comes with an ID check!)), why isn't liability for online providers the obvious conclusion?
MSFT_Edging 2 hours ago [-]
> That's a problem of what qualifies for liability and what is protected speech
The crux is we cannot decide what is protected speech, and even things that are protected speech are still considered adult content.
> why isn't liability for online providers the obvious conclusion?
We tried. The providers with power and money(Meta) are funding these bills. They want to avoid all liability while continuing to design platforms that degrade society.
This may be a little tin-foil hat of me, but I don't think these bills are about porn at all. They're about how the last few years people were able to see all the gory details of the conflict in Gaza.
The US stopped letting a majority of journalists embed with the military. In the last few decades it's been easier for journalists to embed with the Taliban than the US Military.
The US Gov learned from Vietnam that showing people what they're doing cuts the domestic support. I've seen people suggesting it's bad for Bellingcat to report on the US strike of the girls school because it would hurt morale at home.
The end goal is labeling content covering wars/conflicts as "adult content". Removing any teenagers from the material reality of international affairs, while also creating a barrier for adults to see this content. Those who pass the barrier will then be more accurately tracked via these measures.
NoMoreNicksLeft 1 hours ago [-]
>Plenty would prefer their children not be able to learn about communism
Plenty of people would prefer that children not learn about scientology from pro-scientology cultists too. It's not that they can't know about scientology (they probably should, in fact, because knowledge can have an immunizing effect against cults)...
And it's not that they can't know about communism (they probably should, in fact, because knowledge can have an immunizing effect against cults)...
inetknght 2 hours ago [-]
> Physical businesses
Physical businesses nominally aren't selling their items to people across state or country borders.
Of course, we threw that out when we decided people could buy things online. How'd that tax loophole turn out?
ndriscoll 2 hours ago [-]
But when they do, federal law requires age verification (at least with e.g. alcohol).
It turned out we pretty much closed the tax loophole. I don't remember an online purchase with no sales tax since the mid 00s.
scythe 2 hours ago [-]
For one thing, it's fairly uncommon for children to purchase operating systems. As long as there is one major operating system with age verification, parents (or teachers) who want software restrictions on their children can simply provide that one. The existence of operating systems without age verification does not actually create a problem as long as the parents are at least somewhat aware of what is installed at device level on their child's computer, which is an awful lot easier than policing every single webpage the kid visits.
gzread 6 minutes ago [-]
What if all the useful apps refuse to run on the childproof operating system?
ndriscoll 2 hours ago [-]
So I agree that operating systems and device developers should not be liable. That's putting a burden on an unrelated party and a bad solution that does possibly lead to locked down computing. I meant that liability should lie with service providers. e.g. porn distributors. The people actually dealing in the restricted item. As a role of thumb, we shouldn't make their externalities other people's problems (assuming we agree that their product being given to children is a problem externality).
Bender 3 hours ago [-]
App and website developers shouldn't be burdened with extra costly liability to make sure someone's kids don't read a curse word, parents can use the plethora of parental controls on the market if they're that worried.
App and website operators should add one static header. [1] That's it, nothing more. Site operators could do this in their sleep.
User-agents must look for said header [1] and activate parental controls if they were enabled on the device by a parent. That's it, nothing more. No signalling to a website, no leaking data, no tracking, no identifying. A junior developer could do this in their sleep.
None of this will happen of course as bribery (lobbying) is involved.
ZKP methods are just as draconian as they rely on locking down end user devices with remote attestation, which is why they're being pushed by Google ("Safety" net, WEI, etc).
The real answer to the problem is for websites/appstores to publish tags that are legally binding assertions of age appropriateness, and then browsers/systems can be configured to use those tags to only show appropriate content to their intended user.
This also gives parents the ability to additionally decide other types of websites are not suitable for their children, rather than trusting websites themselves to make that decision within the context of their regulatory capture. For example imagine a Facebook4Kidz website that vets posts as being age appropriate, but does nothing to alleviate the dopamine drip mechanics.
There has been a market failure here, so it wouldn't be unreasonable for legislation to dictate that large websites must implement these tags (over a certain number of users), and that popular mobile operating systems / browsers implement the parental controls functionality. But there would be no need to cover all websites and operating systems - untagged websites fail as unavailable in the kid-appropriate browsers, and parents would only give devices with parental controls enabled to their kids.
verisimi 4 hours ago [-]
> There's always another option: don't implement age verification laws at all.
Where do you go to vote for this option?
andrepd 2 hours ago [-]
The concern is ubiquitous all-pervasive surveillance, control, and manipulation of algorithmical social media and its objective consequences for child development and well-being. Not "kids reading a bad word". Disagree all you want, but don't twist the premise.
Surely you can find a rationalwiki article for your fallacy too.
ori_b 2 hours ago [-]
If you want to avoid all pervasive surveillance, it might be wise to not mandate all pervasive surveillance in the OS by law.
In fact, I suspect adults, and not just children, would also appreciate it if the pervasive surveillance was simply banned, instead of trying to age gate it. Why should bad actors be allowed to prey on adults?
heavyset_go 46 minutes ago [-]
You mean the same social media companies that want this legislation and wrote it themselves? The same legislation that introduces more surveillance and tracking for everyone, including kids?
Also, I heard the same thing about video games, TV shows, D&D, texting and even youth novels. It's yet another moral panic.
From the Guardian[1]:
> Social media time does not increase teenagers’ mental health problems – study
> Research finds no evidence heavier social media use or more gaming increases symptoms of anxiety or depression
> Screen time spent gaming or on social media does not cause mental health problems in teenagers, according to a large-scale study.
> With ministers in the UK considering whether to follow Australia’s example by banning social media use for under-16s, the findings challenge concerns that long periods spent gaming or scrolling TikTok or Instagram are driving an increase in teenagers’ depression, anxiety and other mental health conditions.
> Researchers at the University of Manchester followed 25,000 11- to 14-year-olds over three school years, tracking their self-reported social media habits, gaming frequency and emotional difficulties to find out whether technology use genuinely predicted later mental health difficulties.
From Nature[2]:
> Time spent on social media among the least influential factors in adolescent mental health
From the Atlantic[3] with citations in the article:
> The Panic Over Smartphones Doesn’t Help Teens, It may only make things worse.
> I am a developmental psychologist[4], and for the past 20 years, I have worked to identify how children develop mental illnesses. Since 2008, I have studied 10-to-15-year-olds using their mobile phones, with the goal of testing how a wide range of their daily experiences, including their digital-technology use, influences their mental health. My colleagues and I have repeatedly failed to find[5] compelling support for the claim that digital-technology use is a major contributor to adolescent depression and other mental-health symptoms.
> Many other researchers have found the same[6]. In fact, a recent[6] study and a review of research[7] on social media and depression concluded that social media is one of the least influential factors in predicting adolescents’ mental health. The most influential factors include a family history of mental disorder; early exposure to adversity, such as violence and discrimination; and school- and family-related stressors, among others. At the end of last year, the National Academies of Sciences, Engineering, and Medicine released a report[8] concluding, “Available research that links social media to health shows small effects and weak associations, which may be influenced by a combination of good and bad experiences. Contrary to the current cultural narrative that social media is universally harmful to adolescents, the reality is more complicated.”
Yes! This is the way, give parents the ABILITY to advertise the users age to browsers, apps and everything in between. Only target cooperations, do not target open source projects. Fine websites for not using this API (ex: porn sites). Assume an adult if not present.
fn-mote 4 hours ago [-]
> Fine websites for not using this API (ex: porn sites).
Recent posters here are clear that porn sites are setting every available signal that they are serving adult-only content.
According to them, you are targeting the wrong audience.
Facebook/Instagram studying how to get young users addicted should be of greater concern. I have my doubts about the effectiveness of age-based blocking there, though.
troyvit 1 hours ago [-]
> Facebook/Instagram studying how to get young users addicted should be of greater concern. I have my doubts about the effectiveness of age-based blocking there, though.
Yeah quite the opposite. Once they have that formalized attestation they will move in like sharks.
edgyquant 4 hours ago [-]
Both are problems, porn sites have also targeted children and any non-enforced age “verification” on these sites is simply plausible deniability that isn’t plausible at all
XorNot 2 hours ago [-]
In what way have porn sites targeted children? They have no disposable income to target and the product is literally self age gated in appeal.
fivetomidnight 4 hours ago [-]
No. This is not the way.
> give parents the ABILITY to advertise the users age to browsers, apps and everything in between.
Accounts and Applications to services that provide countent are set to a country-specific age rating restrictions (PG, 12+, 18+, whatever). That's it.
None of the things you mentioned have any point to concern themself with the age or age-bracket of the user in front of the device. This can and will be abused. This is very obvious. Think about it.
ryandrake 1 hours ago [-]
Why should the applications get to decide if they are appropriate for a particular age? Shouldn't that be up to the parent? I shouldn't need to tell my kid: "Well, to use this compiler software, you need to set your age to 18 temporarily, because some product manager 3,000 miles away decided to rate it 18+. But, set it back to age 13 afterwards because you shouldn't be on adult sites." It's stupid.
himata4113 3 hours ago [-]
That is what I meant by age(-rating), you are correct. However, drop country specifics - too complicated. Age brackets are enough: child, preteen, teen, adult. At around 16-17 these should be dropped anyway since at that point people are smart enough to get around these measures anyway and usually have non-parent controlled devices.
idiotsecant 5 hours ago [-]
This is a great solution to the stated problem. The issue is that nobody is actually trying to solve the stated problem. This is a terrible solution to the real 'problem' which is the lack of surveillance power and information control.
simion314 4 hours ago [-]
>This is a great solution to the stated problem. The issue is that nobody is actually trying to solve the stated problem. This is a terrible solution to the real 'problem' which is the lack of surveillance power and information control.
So on the Sony consoles I created an account for my child and guess what they have implemented some stuff to block children from adult content on some stuff.
So if Big Tech would actually want to prevent laws to be created could make it easy for a parent to setup the account for a child (most children this days have mobile stuff and consoles so they could start with those), we just need the browsers to read the age flag from the OS and put it in a header, then the websites owners can respect that flag.
I know that someone would say that some clever teen would crack their locked down windows/linux to change the flag but this is a super rare case, we should start with the 99% cases, mobile phones and consoles are already locked down so an OS API that tells the browser if this is an child account and a browser header would solve the issue, most porn websites or similar adult sites would have no reason not to respect this header , it would make their job easier then say Steam having to always popup a birth date thing when a game is mature.
necovek 3 hours ago [-]
When one clever teen figures it out, they will share it with 80% of their friend group, making that number 80% and not 1%.
Let's go back to parenting: yes, world is a scary place if you get into it unprepared.
gzread 3 hours ago [-]
When one teen figures out how to get alcohol without ID, 80% of them will.
himata4113 4 hours ago [-]
That's why I suggested kernel enforced security (simple syscall) that applications could implement and are incredibly hard to spoof / create tools and workarounds for, but I got downvoted to hell.
Permission restricted registry entry (already exists) and a syscall that reads it (already exists) for windows and a file that requires sudo to edit (already exists) and a syscall to read it (already exists). Works on every distro automatically as well including android phones since they run the linux kernel anyway. Apple can figure it out and they already have appleid.
simion314 3 hours ago [-]
For linux we have the users and groups concept, the distro can add an adult group and when you give your child a linux a device and create the account you would just chose adulr or minor , or enter a birthdate. No freedom lost for the geeks that install Ubuntu or Arch for themselves and we do not need some extra hardware for the rare cases where a child has access to soem computer and he also can wipe it and install Linux on it. Distro makes can make the live usb default user to be set as not adult. Good enough solutions are easy but I do not understand why Big Tech (Google and Apple) did not work on a standard for this. (maybe both Apple and Google profits would suffer if they did)
himata4113 3 hours ago [-]
Definitely the latter, exploiting kids (roblox) is very very profitable.
gzread 4 hours ago [-]
Three states now implement this solution that you just called a great solution, and most of HN still hates it. Are they seeing something that you're not? https://news.ycombinator.com/item?id=47357294
idiotsecant 2 hours ago [-]
Psst I was talking about zero knowledge proofs. Read twice before talking.
gzread 1 hours ago [-]
Can't see where you said that. You definitely commented about parental controls.
mijoharas 4 hours ago [-]
This is what I think. I saw someone else on HN suggested provide an `X-User-Age` header to these sites, and provide parents with a password protected page to set that in the browser/OS.
Responsibility should be on the website to not provide the content if the header is sent with an inappropriate age, and for the parent to set it up on the device, or to not provide a child a device without child-safe restrictions.
It seems very obviously simple to me, and I don't see why any of these other systems have gained steam everywhere all of a sudden (apart from a desire to enhance tracking).
qup 3 hours ago [-]
Seems simple until you try to figure out what's allowed for what age, which surely will differ by country at a minimum.
module1973 2 hours ago [-]
that is correct the parents are meant to pass on morals and parent the child. If the parents fall through, there is the community such as church, neighbors, schools etc. The absolute last resort is government or law enforcement intervention, and this should be considered an extreme situation. But as John Adams noted, "Our Constitution was made only for a moral and religious people" -- in other words, all these laws start to rip at the seams when the fabric of society, the people who make up the society no longer have morals. But I appreciate this article in general, we need to fight against mass surveilance at all costs.
pixl97 2 hours ago [-]
>all these laws start to rip at the seams when the fabric of society, the people who make up the society no longer have morals
Morals like owning slaves, right?
A moral system that requires everyone to be white Christian males isn't a moral system, it's a theocracy.
teekert 4 hours ago [-]
"mechanism to enforce that is parental control on devices."
Meh, I use it, but it's super annoying and I think that with my Daughter I'll take a different approach (but it will be some years before that is relevant).
On Android: The kid can easily go on Snapchat (after approval of install of course, and then you can just see their "friends") before Pokemon Go (just a pain to get working, it keeps presenting some borked version which led to a lot of confusion at first). I just lied about his age in a bunch of places at some point. Snapchat is horrible and sick from our experiences in the first week.
On Windows: It's a curated set of websites (and no FireFox) or access to everything. It's not even workable for just school. Granting kids access to our own minercraft servers: My god, I felt dirty about what the other parents had to go through to enable that.
epiccoleman 2 hours ago [-]
> Granting kids access to our own minercraft servers: My god, I felt dirty about what the other parents had to go through to enable that.
This is a hobby horse of mine to the point that coworkers probably wish I'd just stfu about Minecraft - but holy shit is it crazy how many different things you need to get right to get kids playing together.
I genuinely have no idea how parents without years of "navigating technical bullshit" experience ever manage to make it happen. Juggling Microsoft accounts, Nintendo accounts, menu-diving through one of 37 different account details pages , Xbox accounts, GamePass subscriptions - it's just fucking crazy!
teekert 1 hours ago [-]
I always wonder about this. I read most dialogs (as I do) but man, the sanity of most people must require that they just next next next this stuff right? Perhaps they even let their kids do it instead.
tasuki 5 hours ago [-]
> My stance is that if somebody is a minor, his/her/their parents/tutors/legal guardian are responsible for what they can/cannot do online
As a parent, sure, that is my stance as well. What... what other stances are there even? How would they work?
pjc50 4 hours ago [-]
The steelman argument is that parents are not necessarily up to date on the technology, and cannot reasonably be expected to supervise teenagers 24/7 up to the age of 18. Compare movie ratings or alcohol laws, for example: there's a non-parental obligation on third parties not to provide alcohol to children or let them in to R18 showings.
But the implementation matters, and almost all of these bills internationally are being done in bad faith by coordinated big-money groups against technologically illiterate and reactionary populist governments.
(if we really want to get into an argument, there's what the UK calls "Gillick competence": the ability of children to seek medical treatment without the knowledge and against the will of their parents)
graemep 3 hours ago [-]
In the UK parents can give children alcohol below the age of 18. parents get to make the final decision at home so I do not think its really comparable.
I would personally favour allowing parents to buy drinks for children below the current limits (18 without a meal, 16 for wine, beer and cider with a meal).
The alternative to this is empowering parents by regulating SIM cards (child safe cards already exist) and allowing parents to control internet connectivity either through the ISP or at the router - far better than regulating general purpose devices. The devices come with sensible defaults that parents can change.
_heimdall 4 hours ago [-]
That steelman still stands on a core assumption that its both the state's responsibility and right to step in and parent on everyone's behalf.
Maybe a majority of people today agree with that, but I know I don't and I never hear that assumption debated directly.
gzread 3 hours ago [-]
The point of having a state at all is to create a framework where people are set up to succeed.
heavyset_go 3 hours ago [-]
Everyone shouldn't have to lose their privacy just because you're too lazy to use parental controls or give your kids devices that are made for children.
gzread 3 hours ago [-]
Entering your child's age when you create their user account is a loss of privacy?
PeterisP 3 hours ago [-]
The current bills (e.g. NY one at https://www.nysenate.gov/legislation/bills/2025/S8102/amendm... ) require age assurance that goes beyond mere assertions, so when creating your (adult) user account it would be required to give away your privacy to prove your age - if you can't implement a way for anonymous/pseudonymous people to verify that they indeed are adults (and not kids claiming to be so), these bills prohibit you to manufacture internet-connected systems that can be used by anonymous/pseudonymous users.
gzread 1 hours ago [-]
We are also talking about the Illinois one, which doesn't do that
_heimdall 3 hours ago [-]
Where exactly are you getting that goal of a state from? Maybe that's one of the goals today, historically I don't think it was anywhere on the list.
edgyquant 4 hours ago [-]
Then frankly you haven’t seen many debates around age verification as it’s the main thing discussed every time it’s brought up
_heimdall 2 hours ago [-]
You are correct, I didn't pay close attention to any EU debates that may have happened, I haven't lived there in years. In the US I haven't seen much debate at all, regardless of the bill really we don't seem to have leaders openly and honestly debate anything.
edgyquant 4 hours ago [-]
The other stance is that most parents are not capable of winning a battle against tech giants for the mind of their children, just as parents were not capable of winning this fight with tobacco and alcohol companies.
heavyset_go 4 hours ago [-]
The tech giants want this. They drafted the bill. They paid tens of millions of dollars to promote it. Think about that for a minute.
hackinthebochs 3 hours ago [-]
They want it because it absolves them of responsibility for what their app does to kids. They can then just point to the existence of an already working mechanism for parents to intervene. The alternative would be for each app to implement stringent age verification or redesign itself to avoid addictive patterns. Neither option is good for their earnings.
duskdozer 2 hours ago [-]
If this had anything to do with reigning in tech giants, it would be done for adults as well, without restricting anyone's rights (well, aside from the people-corporations' of course). The issues are the manipulative algorithmic datafeeds, advertising, and datamining. Age verification does nothing for any of this and only provides the tech giants and governments the means to secure even more control over people.
Markoff 5 hours ago [-]
ignore parent, outsource parenting to gov verification authority
TBH many parents done exactly that by giving phones/tablet already to kids in strollers
graemep 3 hours ago [-]
The latter is true, but we cannot regulate the vast majority of parents on the basis of the worst.
croes 5 hours ago [-]
You could make the same case for parental control as evil.
"You‘re reading about evolution! Not in my house"
cosmos0072 5 hours ago [-]
Parents already have a lot of control on children' education.
Examples: most children believe in the same religion as their parents, and can visit friends and places only if/when allowed by their parents.
This is simply extending the same level of control to the internet.
Government-mandated restrictions are completely another level.
edgyquant 4 hours ago [-]
I have personally worked with parents trying to prevent their children from using social media and it’s nearly impossible. Kids are almost always more tech savvy than their parents and unlike smoking it’s nearly impossible to tell a child is doing so without watching them 100% of the time.
croes 5 hours ago [-]
Who controls your age if you try to buy alcohol.
Who controls your age if you want to see an R-rated movie?
This is simply extending the same level of control to the internet.
More control for parents is a completely different level.
heavyset_go 4 hours ago [-]
There are no laws preventing children from seeing R-rated movies with or without their parents, theaters implement that policy by choice.
jfengel 1 hours ago [-]
Sort of by choice. Often, the municipality won't let you build a movie theater unless you pinky-promise to abide by the rating system.
They rarely enforce it, but if it gets out of hand, the city will start getting on your case about it.
croes 4 hours ago [-]
Welcome to the world where many countries aren’t the US
heavyset_go 4 hours ago [-]
The OP is about legislation and companies in the US
croes 3 hours ago [-]
And parent is from the EU and talks about age control in general.
Does the US have a zero-knowledge proof system that is mentioned in the discussion?
applfanboysbgon 4 hours ago [-]
Disingenuous, but I'm sure you know that and were being intentionally so. The government is not using alcohol age laws as a justification to place a camera in your bedroom to make sure you aren't sneaking booze, but it is using internet age laws as a justification to surveil your entire life in a world which is becoming increasingly digital-mandatory to participate in government services or the economy. Nobody had a problem with internet age laws when "are you over 13? yes/no" was legally sufficient.
gzread 3 hours ago [-]
Is California doing this?
croes 4 hours ago [-]
You‘re missing the point
> Having said that, open-source zero-knowledge proofs are infinitely less evil (I refuse to say "better") than commercial cloud-based age monitoring baked into every OS
Parent prefers more control by parents over zero-knowledge proof
applfanboysbgon 4 hours ago [-]
If that was your point, I don't think your previous comment did a very good job of making it at all.
I do think parental controls can be and are abused for evil, but they're still better than the alternative. Zero-knowledge proof is not an alternative, and to suggest that it is is misunderstanding the situation. These laws are proposed and funded by people who want complete surveillance of the population. Zero-knowledge proof is, therefore, explicitly contrary to the goal and will never be implemented under any circumstances. Suggesting that it can be muddies the issue and tricks people into supporting legislation that exists only to be used against them.
In a benevolent dictatorship, sure, go for a zero-knowledge proof verification as your solution. In the reality of democracy, where politicians are corporate puppets who cloak surveillance laws in "think of the children" to rally support from the masses, we need to convince people to see through the lie and reject the proposals outright while reassuring them that they can protect the children themselves via parental controls. You will never be able to sufficiently inform 50.1% of the population of any country of what zero-knowledge proof even means, let alone convince them to support age verification laws but strictly conditional on ZKP requirements. That level of nuance is far too much to ask of millions of people who are not technically-informed, and idealism needs to give way to pragmatism if we wish to avoid the worst-case scenario.
Pxtl 3 hours ago [-]
> My stance is that if somebody is a minor, his/her/their parents/tutors/legal guardian are responsible for what they can/cannot do online, and that the mechanism to enforce that is parental control on devices.
Imho there is a place for regulation in that, actually. Devices that parents are managing as child devices could include an OS API and browser HTTP header for "hey is this a child?" These devices are functionally adminned by the parent so the owner of the device is still in control, just not the user.
Just like the cookie thing - these things should all be HTTP headers.
"This site is requesting your something, do you want to send it?
Y/N [X] remember my choice."
Do that for GPS, browser fingerprint, off-domain tracking cookies (not the stupid cookie banner), adulthood information, etc.
It would be perfectly reasonable for the EU to legislate that. "OS and browsers are required to offer an API to expose age verification status of the client, and the device is required to let an administrative user set it, and provide instructions to parents on how to lock down a device such that their child user's device will be marked as a child without the ability for the child to change it".
Either way, though, I'm far more worried about children being radicalized online by political extremists than I am about them occasionally seeing a penis. And a lot of radicalizing content is not considered "adult".
lynx97 4 hours ago [-]
Same here, EU citizen who thinks parents should do some parenting, after all. However, try to confront "modern" parents with your position. Many of them will fight you immediately, because they think the state is supposed to do their work... Its a very concerning development.
soulofmischief 3 hours ago [-]
I'll go further. As a human being, I am responsible for myself. I grew up in an extremely abusive, impoverished, cult-like religious home where anything not approved by White Jesus was disallowed.
I owe everything about who I am today to learning how to circumvent firewalls and other forms of restriction. I would almost certainly be dead if I hadn't learned to socialize and program on the web despite it being strictly forbidden at home. Most of my interests, politics and personality were forged at 2am, as quiet as possible, browsing the web on live discs. I now support myself through those interests.
We're so quick to forget that kids are people, too. And today, they often know how to safely navigate the internet better than their aging caretakers who have allowed editorial "news" and social media to warp their minds.
Even for people who think they're really doing a good thing by supporting these kinds of insane laws that are designed to restrict our 1A rights: the road to hell is paved with good intentions.
duskdozer 2 hours ago [-]
This is obviously where it's going to go, at least in the US. Things that are non-religious, non-Christian especially, pro-LGBT, and similar will be disproportionately pulled under "adult content" to ensure that children are not able to be exposed to unapproved ideas during formative years.
tokai 1 hours ago [-]
That has already been going on for decades, with satanic panic and banning of library books.
soulofmischief 38 minutes ago [-]
The scary thing about legislation and software is that they can negatively reinforce each other if not properly designed and implemented. We run the risk of codification of morality-of-the-week becoming embedded deeply embedded into the compute stack, which will not self-correct until there is a great political movement for liberation of compute.
soulofmischief 2 hours ago [-]
Exactly. Having lived through it already, I know what it did to me and I would never wish that upon another child. The internet saved me from being a religious, colonial, racist piece of shit like the rest of my family.
rustystump 51 minutes ago [-]
Colonial? Religious? Idk your family but maybe the internet did more harm to your brain than you think.
soulofmischief 40 minutes ago [-]
Did you have an actual point to make or did you just choose two random words and hurl an insult with zero context? Were you looking for an actual discussion or is this all you had to offer?
choo-t 5 hours ago [-]
Even with ZKP this is still highly problematic, it create difficulty for undocumented people to access the web, create ton of phishing opportunity, reinforce censorship on most site (as they will now all need to be minor compliant or need age verification), reinforce the chilling effect and make the web even less crawlable/archivable (or you need to give a valid citizen ID to your crawler/archiver).
With no proof it will protect anyone from proven harm.
gruez 3 hours ago [-]
>it create difficulty for undocumented people to access the web
Why is this such a sticking point in US politics? If the "undocumented" people aren't supposed to be in the country in the first place, why should rest of society cater to them? Even if you're against age verification for other reasons, dragging in the immigration angle is just going to alienate the other half of the population who don't share your view on undocumented people, and is a great way to turn a non-partisan issue into a partisan one. It's kind of like campaigning for medicare for all, and then listing "free abortions and gender affirming surgery" as one of the arguments for it.
ryandrake 1 hours ago [-]
There are many ways to not have a state or national ID document in the USA. You might simply not have a driver license or passport. That's totally legal. You might be in the country temporarily for business or as a tourist. The constitution applies to all of these people.
gruez 44 minutes ago [-]
>There are many ways to not have a state or national ID document in the USA. You might simply not have a driver license or passport. That's totally legal.
Great, frame it as "poor people without IDs" or whatever, not "undocumented", which in the current political discourse is basically the left's version of the term "illegal immigrant".
>You might be in the country temporarily for business or as a tourist. The constitution applies to all of these people.
The constitutional right to... watch 18+ videos on youtube while in the US?
gzread 4 hours ago [-]
No, the way to go is the California way. The device owner (root user) can enter the age of the user. Restrictions are applied based on that. Nothing is verified.
mrob 5 hours ago [-]
Zero-knowledge proofs are unworkable for age verification because they can't prevent use of somebody else's credentials.
a022311 4 hours ago [-]
The same argument could be said for other age verification methods. Nothing stops a kid from getting their older cousin to verify their identity for something and it will never be possible to prevent this.
Aurornis 4 minutes ago [-]
The older cousin case doesn’t scale. True ZKP could be fully automated to dispense verification tokens from a website to every visitor. If the proofs are truly zero knowledge there is no way to discover who is giving millions of kids their ID.
When we hear about “zero knowledge” ID checks in real proposals they’re not actually zero knowledge altogether. They have built in limits or authorities to prevent these obvious attacks, like requiring them to interact with government servers and then pinky promising that those government servers won’t log your requests.
mrob 3 hours ago [-]
The people proposing these laws presumably think imperfect enforcement is better than no enforcement at all. In the non-zero-knowledge case, it's possible to revoke falsely shared credentials.
Aurornis 2 minutes ago [-]
> In the non-zero-knowledge case, it's possible to revoke falsely shared credentials.
In a true zero-knowledge system sharing falsely shared credentials becomes easy because it’s untraceable. If the proof has no knowledge attached, you can’t conclude who used their credentials on a website that generates proof-of-age tokens on demand for visitors.
gzread 3 hours ago [-]
The one where the root user can enable parental controls requires the kid to know their parent's password or save up to buy their own device.
iamnothere 1 hours ago [-]
Oh no, a $20 Walmart phone, how will they ever afford it.
axegon_ 5 hours ago [-]
Though the EU is at large keeping it's composure with this. My only criticism towards the EU as an EU citizen is how slow and bureaucratic the EU is and that decisions that should be made on the fly are dragged on forever.
That said, government agencies have been doing a terrible job at keeping the private information of citizens safe. But it is nowhere nearly as bad as the US. My best childhood friend died in very questionable circumstances in 2009 in the US in very questionable circumstances. He had a US citizenship and we never really found out what had happened(to the point where we never really got any definitive proof that he had died). But that didn't stop me from trying and I was blown away by the fact that I could log into a US government website, register with a burner mail, pay 2 bucks with an anonymous gift credit/debit card and get a scanned copy of his death certificate in my email. And I didn't even have to provide his passport/id/anything. Just his name.
Point is, the US has been terrible at privacy for as long as I can remember. It is probably worse now with Facebook and Ellison holding TikTok.
pjc50 5 hours ago [-]
The critical thing is not so much "Americans" as "big money". Big Russian money is also a threat. Big Chinese money .. well, there's a bit of that about, but it doesn't seem to have shown up at the legislation influencing layer.
tinfoilhatter 2 hours ago [-]
You fail to mention big Israel money, when 98% of US congress members are taking donations from AIPAC. Strange omission on your part.
whimsicalism 1 hours ago [-]
100% of AIPAC money is from Americans.
axegon_ 5 hours ago [-]
Oh, that's a different topic: as someone from and living in eastern Europe, there's not a single doubt in my mind that the biggest threat to any civilization is russia by a long shot. The alarming part is that the current US administration hasn't got a single clue of history, suffers from chronic incompetence and the whole superiority complex and fanboying russia as a consequence - those pose a threat. In the context of the conversation, the incompetence is arguably the biggest facepalm moment.
officeplant 3 hours ago [-]
>biggest threat to any civilization is russia by a long shot
I don't mean to be the average gloating US citizen, but I'm pretty sure we're the largest threat to the Earth.
bojan 3 hours ago [-]
Only because of Russian money and influence that helped this administration to power.
The root of the problem is Russia, always has been.
Ray20 2 hours ago [-]
That sounds dubious. The government's actual approval rating in Russia is, what, 5 percent? I remember watching a report about how people in Russia were literally jailed for giving the "wrong" answer to a street poll.
So, I suppose if they could somehow use money and influence to determine election results, they would use it in Russia, no?
So, I think the civilizational threat from Russia is about the same as from North Korea: nearly zero.
lionkor 5 hours ago [-]
> the biggest threat to any civilization is russia
Surely you meant this as hyperbole, right? If not, I would love your reasoning as to why its a bigger threat than literally anything and anyone else.
axegon_ 4 hours ago [-]
> someone from and living in eastern Europe
Reasoning: experience.
edgyquant 4 hours ago [-]
Most civilization is not in Eastern Europe though, Russia is not a threat outside of its immediate proximity and its relative strength has only lessened over the decades
axegon_ 40 minutes ago [-]
Explain this[1] then. If you think they aren't doing this outside eastern Europe, do I have some news for you. Comments are pretty telling too. And If the scenario described in the video rings some bells surrounding all elections in the democratic world over the last decade, congrats.
Russia is not a _physical_ threat outside of its immediate proximity.
But they invest large amounts of money to propaganda channels everywhere, have direct military influence in large parts of Africa, are known to poison people in the UK and elsewhere, etc.
> its relative strength has only lessened over the decades
Russia is not a _physical_ threat outside of its immediate proximity.
But they invest large amounts of money to propaganda channels everywhere, have direct military influence in large parts of Africa, are known to poison people in the UK and elsewhere, etc.
lionkor 4 hours ago [-]
At this point the US is arguably a much larger threat to random small countries. "We will make so much money if we find a reason to attack <your country>" is the real threat, if any. Of course, far behind other existential threats.
lionkor 4 hours ago [-]
Experience is no good reason to make a blanket statement about a country and all its people, especially not when it's made with such an assertive voice.
axegon_ 4 hours ago [-]
Is it not? Have you heard about a TV program called the news? They have caused more death to eastern Europe than Hitler did in WW2 and is continuing to do so, has infiltrated countries and governments for generations, actively threatens everyone on daily basis and the entirety of their social media (domestically and expats/immigrants/spies) is nothing but endless wishes for death of anyone that is not russian. Westerners see that through the prism of "out of sight, out of mind" + language barrier, but the threat is neither out of sight, nor out of mind. Spend a few hours on bellingcat and you'll quickly change your mind.
lionkor 4 hours ago [-]
> Experience is no good reason to make a blanket statement about a country and all its people
> Is it not?
No, and no part of your comment really seems to argue otherwise? I know about current world events. Your argument was that "experience" is a good enough reason to make a blanket statement about a country and all its people, and you doubled down on it, so it's not even like I'm constructing a strawman here or anything.
It's just wild to me how far this kind of blind hate goes. If "experience" is enough to say that a country is a bigger threat to civilization(!) than, lets say, pandemics, natural disasters, global nuclear war, etc., then there really remains no basis for any kind of healthy discussion. At that point it's just blind hatred.
axegon_ 3 hours ago [-]
I've never been subtle about how I feel about russians: Private properties confiscated. Several instances of terminal diseases in my family as a direct consequence of their actions. Several instances of people spending their entire lives in concentration camps, several instances of people being thrown out of hospitals and let to die in the streets. To the point where I barely have any living relatives. And in recent years, death of a number of close friends. And I am supposed to have a different feelings? Come back to me when you go through the same.
lionkor 3 hours ago [-]
I'm sorry, I don't mean to invalidate your own experiences. I understand the need for hyperbole, and I also cannot even begin to understand the pain and suffering that you must have experienced. I'm not talking about that.
I'm trying to steer the conversation to stay factual, because I usually appreciate HN for its clear communication style. Sorry for offending you and I'm sorry if I've caused you further suffering. Let's not continue this conversation.
pjc50 4 hours ago [-]
I think this is entirely reasonable given the history of Russia vs Eastern Europe, but especially the invasion of Ukraine. Russia is currently being held at the Dnipro river, but Putin has stated his intention to "recapture" most of the former USSR.
lionkor 4 hours ago [-]
> Putin has stated his intention to "recapture" most of the former USSR.
I keep hearing this but I struggle to find any sources, beyond articles like [1] which are... not particularly good sources, even a reddit comment would be a better primary source than that.
I'm not trying to be combative, I just genuinely struggle to find primary sources, probably because I'm using the wrong keywords or something.
I understand the reasoning, but I would love to actually see/read/hear/whatever where Putin "states" this desire explicitly!
That's a book by Aleksandr Dugin, not Putin. I was asking specifically if there are ANY sources for the recurring statement that Putin wants to conquer back former USSR states. I see why its concerning, and how Dugin's close ties to the government are interesting, but I do not see a quote, or any other source, where Putin explicitly STATES this intent. I don't see it.
Surely I'm missing something here. Putin's 2023 "The Concept of the Foreign Policy of the Russian Federation" also does not state conquering back former USSR states. Where is it? If he states it so clearly that people keep quoting it, surely there must be a source for it? Sorry if I'm a PITA.
To be clear, I'm interested in this because this would be a fantastic argument to bring to discussions, but without having seen a source, I don't think I could.
AnimalMuppet 3 hours ago [-]
Imagine that someone writes a post saying something outrageous. And imagine that Trump retweets it. He didn't say it... but he kind of did.
I think Dugin's book is like that. Sure, Dugin said it, not Putin. But IIRC Putin did some things to make Dugin's book more influential. I forget the specifics - making it required reading in the Russian military academies, maybe?
There have been other statements by Russian politicians who are widely regarded as Putin's mouthpieces. Medvedev, certain key figures in the Russian parliament. I know I've seen that, though I don't recall the specifics.
So Putin maybe didn't say it. And yet, his endorsed mouthpieces (more than one) do say it.
You said "without having seen a source". Well, I didn't give you one. But if you want to look, I have given some places to start.
lionkor 3 hours ago [-]
I fully get that! I understand how people get to that conclusion. What I don't understand is why I repeatedly see people online, also on HN (as you can see), who claim that Putin "stated" that he wants to rebuild the USSR, when I can't find any source that he did.
> making it required reading in the Russian military academies, maybe
Yeah, I think he did.
> So Putin maybe didn't say it.
That's my concern. When people make the statement that he did, when he didn't, they essentially preempt any reasonably discussion and start it off on the entirely wrong foot.
If I want to have a discussion with my neighbor about him not cleaning up his own trash, surely I would not start the discussion with "you LOVE living in trash, don't you", even if I can reasonably deduce that he does. It just turns the entire discussion hostile to make claims that aren't supported, and it weakens all subsequent arguments!
AnimalMuppet 3 hours ago [-]
But does it start the discussion off on the entirely wrong foot? If Putin endorses Dugin's book, requiring the military academies to read it, don't we have fairly high confidence that it is at least close to Putin's position?
So I don't think it's the entirely wrong foot. It's a shortcut and an imprecision, but the point (that Putin actually thinks this) seems to be valid. (Though one should have less than 100% certainty that it represents his position - but with Putin, that should apply to a direct quote as well.)
lionkor 2 hours ago [-]
The statement should be "he endorses XZY who/which argues for reforming the USSR by force" or something. I think factual accuracy is the one thing we need to hold ourselves to, to the best of our abilities, also to ensure that we don't create an echo chamber and can keep our biases in check a bit more.
AnimalMuppet 2 hours ago [-]
Fair enough. He endorses, he didn't say. I can buy that.
tokai 1 hours ago [-]
Here[0] you have it directly from Putin; Ukraine is not a real country and Ukrainian is a fake ethnicity and they are actually Russian.
You have to remember how political communication works in Russia. They rarely state goals outright, and always juggle several narratives at the same time. To make it hard to pin them down to any position and achieve exactly what is happening here.
Death certificates are public records (at least in the UK) so why shouldn't you be able to get one? I think the alternative, where people's deaths could be kept secret by the state is a far greater risk than the privacy rights of the dead (GDPR type laws generally apply to the living).
I don't know about elsewhere but in the UK anyone can apply for any death certificate going back to 1837.
axegon_ 1 hours ago [-]
Applying is one thing. Giving unrestricted access to anyone, which contains a ton of private information, be it of a deceased person, is not OK. Going back to my original statement: fake name, fake email, untraceable payment.
alecco 2 hours ago [-]
You are missing the point. The real purpose is to control the Internet and free speech. They've been trying this for ages. Now the excuse is protecting children. Soon terrorism will be back. And don't forget aոtisеmіtism, too.
Not exactly a good moment for this particular caste of politicians/elites to pretend they care about children's well-being!
everdrive 2 hours ago [-]
The internet we grew up with is nearly gone. For my part I've downloaded most of what I want and am trying to move more towards physical books. I think in the future, the internet could be a lot like cable TV. The value it brings is not worth the costs it imposes.
ori_b 2 hours ago [-]
The way to go for this kind of thing is to not go for this kind of thing at all.
Aurornis 1 hours ago [-]
> Zero-knowledge proofs are the way to go for this type of thing,
The benefit of zero-knowledge proofs is that the hide information about the ID and who it belongs to.
That’s also a limitation for how useful they are as an ID check mechanism. At the extreme, it reduces to “this user has access to an ID of someone 18+”. If there is truly a zero-knowledge construction using cryptographic primitives then the obvious next step is for someone to create an ad-supported web site where you click a button and they generate a zero-knowledge token from their ID for you to use. Zero knowledge means it can’t be traced back to them. The entire system is defeated.
This always attracts the rebuttal of “there will always be abuse, so what?” but when abuse becomes 1-click and accessible to every child who can Google, it’s not a little bit of abuse. It’s just security theater.
So the real cryptographic ID implementations make compromises to try to prevent this abuse. You might be limited to 3 tokens at a time and you have to request them from a central government mechanism which can log requests for rate limiting purposes. That’s better but the zero-knowledge part is starting to be weakened and now your interactions with private services require an interaction with a government server.
It’s just not a simple problem that can be solved with cryptographic primitives while also achieving the actual ID goals of these laws.
totetsu 3 hours ago [-]
Seeming as this affect everyone .. Is there anything like and Open Collective .. grassroots consortium, to put together strong sensible zero-knowledge proof based policy examples that could be given to law-makers instead of this shadowy surveillance Trojan horse nonsense?
keybored 4 hours ago [-]
Two billion in lobbying. And the conclusion is that regulation is the problem?
attila-lendvai 4 hours ago [-]
it's not about protecting children. that's only the PR.
once you get this you stop asking why the tech details are the way they are.
edgyquant 4 hours ago [-]
Counterpoint: yes it is
officeplant 3 hours ago [-]
Countercounterpoint: It's privacy destruction creep and it always has been.
gzread 3 hours ago [-]
Countercountercounterpoint: did you actually read the California age "verification" law?
officeplant 2 hours ago [-]
Countercountercountercounterpoint: Yes and like every other age verification scheme in the US the underlying idea is privacy erosion. With a side serving of censorship given most dev's can't be bothered to implement these age verification schemes into their software so users might just end up gated out of applications if their OS goes through with this nonsense.
Other states are even worse, creating another way to have your buddy buddy lobbyist folks fire up a new business opportunity to make money as a verification service.
gzread 1 hours ago [-]
Type in the number 30 to disable gating
zoobab 2 hours ago [-]
"how terrible EU regulation is"
Judges in other countries (Texas) found out this kind of law was a violation of the Free Speech.
Since when Free Speech do not apply to -16y old?
Made laws are made, then killed by courts later one.
jmyeet 3 hours ago [-]
Not sure what the Gruber thing is about. I guess I lack context. But on ZKP, I will agree but add this:
The only authority that can be trusted to do age verification is the government.
You know, those people who give you birth certificates, passports, SSNs, driver's licenses, etc.
The idea that parental supervision here is sufficient has been shown to be wholly inadequate. I'm sorry but that train has sailed. Age verification is coming. It's just a question of who does it and what form it takes.
Take Youtube, for example. I think it should work like this:
1. If you're not of sufficient age, you simply don't see comments. At all;
2. Minors shouldn't see ads. At all;
3. Videos deemed to have age-restricted content should be visible;
4. If you're not logged in, you're treated as an age-restricted user; and
5. Viewing via a VPN means you need age verification regardless of your country of origin.
It's not perfect. It doesn't have to be.
khat 12 minutes ago [-]
Does this surprise anyone, just over a decade ago there was a whistleblower who said the government was spying on its own citizens. The president and half the country called him a traitor. The only way to stop this from happening is half the country refuse to buy any tech that implements OS age verification. That includes working any job that also requires the use of that tech(Basically all jobs). The only thing that talks is money and when half your workforce is not working(or buying anything because they aren't working) then things will get changed real quick. But most people don't want to do that because no one is willing to suffer short term for long term gains. The govt and 1% know this that's why they increment it slowly overtime with generic causes like "save the children"
These bills also need to be opposed on a legal/political level.
Something I realized last night is that people who lie about their age to send false signals may inadvertently open themselves up to CFAA liability (a felony). So this is a serious matter for users who want to maintain anonymity.
gzread 3 hours ago [-]
I believe CFAA talks about exceeding authorization, not just typing in things that are not true.
iamnothere 3 hours ago [-]
CFAA has been narrowed in scope through legal decisions but AFAIK it still applies to anyone using false information to bypass security measures. In my view, a federal prosecutor could easily make the argument that age gating is a security measure. You’re welcome to be a test case if you disagree!
dml2135 3 hours ago [-]
But are you bypassing a security measure if you provide false information, when true information would also have let you pass?
iamnothere 3 hours ago [-]
Again, you’re welcome to be a test case.
I do think there is a stronger case against the next under-18 Aaron Swartz, who will get hit with 200 felonies for setting his age wrong (one felony per app/service) after pissing off someone important.
ryanmcbride 2 hours ago [-]
I'm more than happy to be a test case. I'm pushing 40 but I will do every single thing in my power to give false information to the surveillance machine.
If I get arrested for lying about my age, when I'm of age, then they could probably get me on a whim already anyway. No point in trying to fall in line.
iamnothere 2 hours ago [-]
Another one I just thought of is when they arrest a parent for setting their 17 year old kid’s age to 18 (again under CFAA) because said parent thinks the kid is mature enough to access whatever the hell they want to. Easy to imagine in a red state, especially if the kid tells others about their 18+ access.
mrtesthah 1 hours ago [-]
Did that link just get taken down?
iamnothere 1 hours ago [-]
I can still access it, is it blocked for you?
esseph 1 hours ago [-]
No? I just hit it.
khimaros 1 hours ago [-]
no
PeterisP 3 hours ago [-]
What I'm confused about is how the proposed bills would apply to servers.
Like, in general, a software change to add an "age class" attribute to user accounts and a syscall "what's this attribute for the current user account" would satisfy the California bill and that's a relatively minor change (the bad part is the NY bill that allegedly requires technical verification of whatever the user claimed).
The weird issue is how should that attribute be filled for the 'root' or 'www-data' user of a linux machine I have on the cloud. Or, to put aside open source for that matter, the Administrator account on a Windows Active Directory system.
Because "user accounts" don't necessarily have any mapping (much less a 1-to-1 mapping) to a person; many user accounts are personal but many are not.
khafra 3 hours ago [-]
We're all going to have to use service accounts created on Windows Server 2003 or RHEL 4, otherwise they won't be old enough and will require manual login from an of-age administrator
singron 2 hours ago [-]
In the CA bill, "User" means child. It's pretty clear that non-human users aren't covered and don't have to participate. E.g. the API can return N/A or any other value for non-humans. If there is a way to make the API applicable only to human children users, then it doesn't even need to be callable for other entities. E.g. on android, each app gets its own uid, so the unix user doesn't correspond to a child, so the API will instead (probably) be associated with another entity (e.g. their Google account, an android profile, or an android (non-unix) user)
troyvit 1 hours ago [-]
Honestly what I hope is that if these bills pass, sysadmins just turn off any server that doesn't have attestation and go off to the beach to collect shells.
anymouse123456 5 hours ago [-]
Every single Linux kernel currently operating within the borders of any of these states should turn itself off and refuse to boot until an update is installed after these bills are rolled back.
We should also update all FOSS license terms to explicitly exclude Meta or any affilites from using any software licensed under them.
someguyiguess 4 hours ago [-]
I probably don't have all the info on the various laws across the US and EU that are being pushed, but I'm confused why Linux distros don't just update their licensing and add a notice on the installation screen that it is illegal to run their OS in places where these laws exist?
Heck, Linus Torvalds should just add an amendment to the next release of the Linux Kernel that makes it illegal to use in any jurisdiction that requires age verification laws.
This would obviously cause such a massive disruption (especially in California) that the age laws would have to be rolled back immediately.
This seems like a no-brainer to me but I am admittedly ignorant on this situation. I'm sure there's a good reason why this isn't happening if anyone cares to explain.
PeterisP 3 hours ago [-]
That would be a violation of the copyright law or the GPL licence - you aren't permitted to take GPL code and redistribute it with some extra restrictions added on to it.
If it's not (fully) your code, you aren't free to set the licence conditions; Linus can't do that without getting approval from 100% (not 99% or so) of authors who contributed code.
What one can do is add an informative disclaimer saying "To the best of our knowledge, installing or running this thing in California is prohibited - we permit to do whatever you want with it, but how you'll comply with that law is your business".
1 hours ago [-]
bregma 3 hours ago [-]
The Linux kernel is licensed GPLv2. The GPLv2 license forbids adding addition terms that further restrict the use of the software.
A "Linux distro" is not the Linux kernel. It's possible for some distros to add such license terms to their distribution media, but others like Debian and Debian-based ones adhere to the GPL so no go.
gzread 3 hours ago [-]
Because they want market share, and throwing a hissyfit over being asked to add an "I am over 18" checkbox is not good PR. If Debian starts refusing to work in California because it doesn't want to add a checkbox, it will simply be replaced by someone who adds that checkbox and doesn't throw the fit.
troyvit 1 hours ago [-]
As the article says, it's not about just checking a box:
"Every OS provider must then: provide an interface at account setup collecting a birth date or age, and expose a real-time API that broadcasts the user's age bracket (under 13, 13 to 15, 16 to 17, 18+) to any application running on the system."
Aunche 30 minutes ago [-]
There is no requirement that the OS has to verify the person's ID. It literally just requires a dropdown menu to select your age bracket.
gzread 46 minutes ago [-]
Fine, a drop-down menu. They're throwing a hissy fit over a drop-down menu with 4 items.
kbelder 38 minutes ago [-]
I disagree slightly. It may not be good business, but it could be good PR, situationally. I expect a lot of 2nd-tier distros will refuse to implement it, and see a boost in their installs as a result.
Debian, Ubuntu, etc., they'll all fall right in line because the clear and immediate losses will outweigh any PR issue.
mvdwoord 3 hours ago [-]
Would be funny indeed... And also curious why nobody does that.
6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.
It would be in violation of the GPL and such a license would not be an OSI approved license.
5. No Discrimination Against Persons or Groups
The license must not discriminate against any person or group of persons.
ivanjermakov 3 hours ago [-]
> should turn itself off
If this was somehow introduced without anyone noticing and deployed, imagine the damage it would cause.
If we're fantasizing here, I like to imagine two major OS makers trying to comply these laws, fail miserably, and let FOSS OSes and kernels more recognition in the desktop market.
user_7832 4 hours ago [-]
Honestly, like the Left-pad incident [1], getting things to go suddenly dark is extremely effective at getting people to drop everything else to fix an issue.
Ideally, getting these servers to auto turn off the day this goes into effect ("In compliance with this new law, Linux is now temporarily unusable. Please <call to action>.") would be glorious for getting the bill staved off, or killed.
It would hurt some productivity, but that is a risk these lawmakers taking donations are probably willing to make.
Side note, this comment is evidently quite controversial, it went from +3 to +1. If anyone is angry at me I would like to assuage them that I am not, in fact, any owner or maintainer of anything in the linux distribution system.
edgyquant 4 hours ago [-]
It would make people move quickly to use a forked version of the kernel and would be an all around blunder by the Linux foundation
user_7832 2 hours ago [-]
My comment was half in jest (I wasn't super serious about it.) In another sibling comment below I wrote how it's still possible to leverage this without actually implementing it.
voidUpdate 4 hours ago [-]
"some"? It would hurt a lot of productivity lol. If all linux boxes turned themselves off suddenly, I think the internet would fall over pretty fast. I dont know how much of the internet runs on windows or apple (or others), but I cant imagine it's very much
user_7832 2 hours ago [-]
> It would hurt a lot of productivity lol.
I know. That's exactly the point.
In such situations where one party (Meta) has enough money to lobby and is playing dirty, it's a massively asymmetric situation. In such cases, if you really want to make sure you're heard (which I'm not sure distributers want or care about tbh), you've got to play the game too.
Malicious compliance, if you will.
PS: For a "practical" variant, simply a warning might be sufficient - given how many hospitals/critical infra uses linux. For eg "There is a chance this server will fail to work on x date due to this y law. Not as glamorous/all-guns-blazing, but probably much more sensible and practical.
PPS: For an even more "safer" variant, one could go "Post x, please note that using linux/this server is a violation of law y. Please turn off the server yourself manually. Failure to comply with these instructions and violating the law will be borne entirely by the (no informed) sysadmin/manglement.
voidUpdate 1 hours ago [-]
Most hospitals I know of, at least in the UK, still use windows, its why WannaCry was such a big deal here
officeplant 3 hours ago [-]
It still blows my mind that anyone trusts npm after this whole incident.
edgyquant 4 hours ago [-]
Someone would just submit a patch overriding this
esseph 1 hours ago [-]
Microsoft would love that.
anymouse123456 2 hours ago [-]
Obviously not a serious proposal, but I do like the alt mentioned below:
Update the terms to indicate that you can do what you want, but this OS is probably not compliant with states run by evil dipshits.
triceratops 52 minutes ago [-]
Bravo, some actual journalism! I wish a professional media organization had done this research. It seemed obvious this was a coordinated wave but I always figured it was moral busybodies.
that goes against the goals of the professional media organizations.
triceratops 48 minutes ago [-]
Keep being cynical and that's the media you'll get.
In the real world, professional media organizations regularly expose corruption. More often than not? No idea. But to pretend they only engage in cover-ups is cynical fatalism.
I wonder what made them do it. The conspiracy theorists are really going to enjoy this.
simonebrunozzi 5 hours ago [-]
Not surprisingly, Meta is possibly the worst "offender" behind funding of these campaigns.
tencentshill 1 hours ago [-]
Which is strange, because it is widely known a large amount of their advertising revenue comes from fake accounts.
cryptoegorophy 26 minutes ago [-]
This doesn’t make sense, how do these fake accounts bring revenue ? I thought the end goal is to improve conversion rate by removing the “bots” and this would therefore lead to higher ad spend and more money to Facebook direct
Ritewut 3 minutes ago [-]
I work in marketing and not nearly as much effort as you think goes into removing bots. They go after the lowest hanging fruit, the most obvious bots like scrapers and crawlers but most bots impersonating real people easily make it through. Traffic is traffic.
heavyset_go 4 hours ago [-]
AI companies are also donating tens of millions to these PACs and others that are promoting age verification laws, it lets them sell AI content rating systems using their models.
lotsofpulp 5 hours ago [-]
I’m curious why Meta would benefit. Meta seems wholly unnecessary, the verification can be done at the OS level, completely in the hands of Apple/Alphabet and maybe Microsoft.
If anything, Meta’s utility would seem to shrink if the OS handles proof of being a real person.
c0balt 5 hours ago [-]
Regulatory capture through a higher barrier to entry. Any social media platform that wants to compete with Meta's portfolio will now also need to have an age-verification system in place (which is guaranteed to introduce higher costs). Meta can likely afford to eat the costs here as a tradeoff for the higher impact on smaller players.
It also gives them more information on users as a bonus. Further, verification with a real ID is also a quite effective barrier against excessive bots.
lotsofpulp 5 hours ago [-]
I would think the barrier to entry gets lower because Apple/Alphabet handle age verification, and they let apps/websites use that verification.
heavyset_go 4 hours ago [-]
Look beyond the CA law, states have already passed laws that put the liability on app and website developers to ensure users aren't kids, there's no passing the buck to Apple or Google.
Meta's entire business model lives on ad deals that are not on the frontend. They are in the data business and this campaign is to get access to more data without an option to opt out. Who takes the data doesn't really matter.
4 hours ago [-]
pjc50 5 hours ago [-]
Meta get to impose verified ID on everyone and link it to their advertisers, AND kill competing networks.
wil421 5 hours ago [-]
Liability and they probably want whatever blob of bits they use to identify you from the OS.
xbar 2 hours ago [-]
1. It deflects any obligation that would have landed on Meta itself to do age verification (which is what the regulators have long asked for).
2. It gives Instagram/Facebook/Messenger the ability to deliver the right ads to the right audience. It's free targeting data.
negroesrnegro 5 hours ago [-]
because upstart competitors cant afford the verification process / lobbying efforts
next instagram wont be bought out, it cant even begin to exist
CarVac 4 hours ago [-]
The same sort of thing is happening for the 3d printer laws. Some company is trying to legislate its own software into ubiquity (guns first, then copyright enforcement) and then double-dip by charging both IP holders and printer manufacturers for their "services".
gosub100 3 hours ago [-]
This was the thing the saws-all (or whatever it was called, the brake that stops you from cutting your fingers off with the table saw) tried, right? I don't know if it succeeded but the idea was a government mandate for an otherwise good idea. Everyone then pays more.
busterarm 1 hours ago [-]
SawStop
flowerthoughts 4 hours ago [-]
When I moved from Sweden to Ireland and realized the Swedish central address registry makes moving fantastically easy, I started dreaming of a central registry where consumers and producers could meet. I can give my supplier access to exactly the information they need, and nothing else. I can revoke access when I feel like it. Like OAuth2 for personal data. They can subscribe to updates. It could be a federated protocol.
Not saying I think it's a good idea to provide the year of birth to all sites, but (session ID, year of birth) is the only information they would need. The problem is proving who's behind the keyboard at the time of asking, which would require challenge-response, and is why I think this should be an online platform, not a hardware PKI gadget with keys inevitably tied to individuals.
itopaloglu83 3 hours ago [-]
Knowing what we know about the current environment, each company is going to start selling everything they know about you to anybody who's willing to pay. Enforcing privacy is hard not because it's not possible, but companies have greater financial incentives to just breach your privacy to track and manipulate us.
deaux 1 hours ago [-]
> Enforcing privacy is hard not because it's not possible, but companies have greater financial incentives to just breach your privacy to track and manipulate us.
No, enforcing privacy is not hard, all it takes is imposing penalties _much greater than_ those financial incentives.
istillcantcode 53 minutes ago [-]
This feels like a waste of time and money. Why are people so interested in tracking people who on average can't read or write better than a 12 year old child? By my count, I'm assuming things will be increasingly degraded for about the next 8-10 years or so.
neya 3 hours ago [-]
Damn, had to scroll a couple of comments to find this:
Anthropic donated $20 million to Public First Action, a PAC that promotes Republican Senator Marsha Blackburn and her sponsored Kids Online Safety Act (KOSA), a bill that will force everyone to scan their faces and IDs to use the internet under the guise of saving the children.
The legislative angle taken by companies like Anthropic is that they will provide the censorship gatekeeping infrastructure to scan all user-generated content that gets posted online for "appropriateness", guaranteeing AI providers a constant firehose of novel content they can train on and get paid for the free training. AI companies will also get paid to train on videos of everyone's faces and IDs.
As for why Blackburn supports KOSA:
Asked what conservatives’ top priorities should be right now, Senator Blackburn answered, “protecting minor children from the transgender [sic] in this culture and that influence.” She then talked about how KOSA could address this problem, and named social media platforms as places “where children are being indoctrinated.”
If Anthropic, the PACs it supports and Blackburn get their way with KOSA, the end result will be that anything posted on the internet will be able to be traced back to you.
Christ on a crutch, had they donated $25k or something you'd figure it was just a rounding error, but why this much from a company that isn't profitable? This is doing nothing to disabuse me of my theory 90% of "Startup Culture" is just an excuse for rich people to move money around. "Need to get your stoned mope of a C student a head-start on a resume that will let him stay gainfully employed? Well, I just brokered a VC deal for these kids that want to throw micro-concerts in parking spaces, we'll get your boy in as Senior Music Programmer."
bix6 4 hours ago [-]
O great more big money warping our lives for the worse.
I’d write my senator but they won’t do shit. Is there anything that can seriously be done?
iamnothere 1 hours ago [-]
Download the source code and ISOs of distros without age gating and put them on durable media. Tell your friends about the issue and its implications (legislating how an OS works is a huge deal, is likely unconstitutional, and opens up the door to all kinds of future abusive laws). Find like minded people so if the worst happens you will have mutual support and can work together on circumvention of any future restrictions. Work on your C skills.
0xbadcafebee 4 hours ago [-]
That is the most serious thing you can do, and the most effective.
Do you know how democracy works? There are these people called representatives. They are hired by you. They pass laws. They only get to continue having a job if people like you vote for them. When you tell them "I don't like the law you are passing", they are hearing "the people who hire me are angry with me". The more people that are angry at what they're doing, the more their job is at risk.
They do what the lobbyists say because somebody else is doing the work, and they get paid (by the lobbyist). But they won't have a job to get paid for if the voters don't vote for them again. So your entire defense against tyranny and bad laws is you speaking out. If you never talk to your reps (or vote), you're telling them you don't care what kind of government it is, and they really will do whatever they want.
You have to tell them how you feel, along with all the rest of us. That's the only power we have.
In addition to that, tell everyone you know. Your friends, family, coworkers, the dude running the local gas station. Explain to them why government-mandated surveillance of everything they do on a computer is a bad idea. Ask them to talk to their reps.
bix6 3 hours ago [-]
It’s not the most effective though. I’ve been writing all my reps at various levels and yet the things I don’t want keep happening.
SubiculumCode 1 hours ago [-]
The problem is hat there are too many citizens per Representative. They barely know your community.
nobodyandproud 4 hours ago [-]
The hard part is writing in a way that these legislators and their help can instantly understand.
Ideas? Time to spin up a local LLM for some editing advice.
busterarm 1 hours ago [-]
Every election boils down to Kang vs Kodos.
bogwog 3 hours ago [-]
Do your homework, vote, and help inform other people so they vote too.
bix6 3 hours ago [-]
O yeah that worked so well in this last election.
turbinemonkey 5 hours ago [-]
Compare this to what the EU built. The EU Digital Identity Wallet under eIDAS 2.0 is open-source, self-hostable, and uses zero-knowledge proofs. You can prove you're over 18 without revealing your birth date, your name, or anything else. No per-check fees, no proprietary SDKs, no data going to a vendor's cloud. The EU's Digital Services Act puts age verification obligations on Very Large Online Platforms (45M+ monthly users), not on operating systems. FOSS projects that don't act as intermediary services are explicitly outside scope. Micro and small enterprises get additional exemptions.
The US bills assume every operating system is built by a corporation with the infrastructure and revenue to absorb these costs. The EU started from the opposite assumption and built accordingly.
Just another reminder of how we need to protect what we have in the EU (not a guarantee, but at least a chance of fair dealing and a sustained commitment to civic values). Now that the mask has fully fallen, we have to take every step possible to root out American influence.
sidewndr46 5 hours ago [-]
Isn't eIDAS the same technology stack that would put the government in total control of what websites you can view & what ones you can't?
QWACs exist to provide a more stringent and user-accessible way to assert a website's identity, mostly to foil phishing and other exploits that regular certificate systems don't address well. Where does this cross into censorship at all?
sidewndr46 4 hours ago [-]
When the government decides not to issue certificates to websites they don't like.
turbinemonkey 4 hours ago [-]
Oh, stop. Tinfoil-hatting like this is how privacy and internet freedom activism gets a bad rap.
QWAC certs are only for "high value" sites: banks, government services, etc. They can only be issued by "Qualified Trust Service Providers" (e.g. digisign, D-TRUST, etc -- not governments), and cost many hundreds of euros. Your blog and mastodon instance and 98% of businesses just aren't affected.
People operating in "high risk" sectors that need access to payment infra (porn, drugs, etc) are, as always, going to have a hard time. That's a worthy conversation, but nothing about QWAC or eIDAS is about "the government not issuing certs to people they don't like".
sidewndr46 4 hours ago [-]
This is how total control of a platform always starts. Google starts with Android and just does digital signing for applications through their store. Until they achieve control of the platform, then suddenly you can't load your own applications without them signing it either.
Secure Boot is just a technology for those that need it, until Microsoft decides it's mandatory for everyone.
gzread 3 hours ago [-]
It's not really tinfoil hatting, EU countries already deny privileges based on political affiliation and so on. Germany shut down a Muslim cultural center for refusing to censor a speech by someone who came from Gaza, merely because of the fact they came from Gaza. Limiting government power is still something the EU needs - they're not all good.
deaux 56 minutes ago [-]
> Just another reminder of how we need to protect what we have in the EU (not a guarantee, but at least a chance of fair dealing and a sustained commitment to civic values).
> Now that the mask has fully fallen, we have to take every step possible to root out American influence.
You have literal rogue states in your union that neutralize the entirety of it, as the above shows. It's a joke. The EU is a joke. A single country is enough to mean US tech can do whatever it wants, similarly a single other country is enough to mean Russia can largely do what it wants.
The others are of course in on it too. Which is why for all the empty EU talk on US big tech you've never heard them talk about the Irish DPA and what they all enable. Strange right? Would think that this would be a priority. But it shows that even if the rest weren't in on it, just one country would be enough. And it could even be a tiny place like Luxembourg.
Laws and regulations aren't worth the paper they're written on if they're not enforced. The current ones aren't enforced at all, why would any new ones be? Did you know that there was a long period where hosting European citizens' PII on US-controlled servers (like Amazon instances in Europe) was illegal, after the "Privacy Shield" was deemed unlawful? No one cared. Did you know that this is currently the case again, because the thing that replaced it has once again had its basis ripped out from under it by Trump? Once again, no one cares, and indeed EU governments and corporations are _still_ making migrations _to_ US clouds.
Not that it matters, within a few years RN will be running France and AfD will be running Germany and you don't have to pretend any more as the "mask will have fallen" just as much.
retrocog 2 hours ago [-]
This discussion, being so timely and important, inspired me to draft an article that explains a possible third way that might not have been fully considered. I would be humbled and honored to receive any feedback:
(posting link because it would be too much for a comment)
DavidPiper 3 hours ago [-]
The idea that it might cost "someone" $2 every time a user opens and app AND it sends a bunch of private data to a 3rd party is completely dystopian, let alone everything else.
And a serious question: with deepest respect to the author for their extraordinarily impressive time and effort in this investigation... Why was this not already flagged by political reporters or investigative journalists? I'm not American so maybe I don't understand the media structure over there but it feels like SOMEONE should have been all over this way before it's gotten to the point described in this post.
TheRealDunkirk 3 hours ago [-]
When a megacorp funds a network of non-profits to lobby a bunch of politicians, draft legislation, and tell them to take it to committee, that can happen without much visibility, especially when it's been orchestrated at the state level, as this has. Where does any of this show up until there's a vote called on it? There's no open debate. No working "across the aisle" to address concerns. There's nothing left of the legislative process that started this country, or, indeed, any Western representative democracy. So someone has to be watching, see something on an agenda that raises the hairs on their necks, figure out what it is, and if there's a story there, and they're not going to get any help from anyone because everyone involved knows how the public is going to feel about it. And then, as the article indicates, even a place like Reddit is going to astroturf the effort to get the story out. (Which I've been trying to point out for YEARS, but which -- surprise, surprise! -- gets supressed.)
dfxm12 2 hours ago [-]
Mainstream media is largely captured by the same monied interests as discussed in the reddit post. Although the poster does mention an article from Bloomberg as evidence, most of their sources are local outlets or tech-focused. https://github.com/upper-up/meta-lobbying-and-other-findings...
john_strinlai 3 hours ago [-]
for ~2 decades i have attended events, written to my representatives, proposed solutions to whoever i can, and encouraged my students to do the same as various attempts are made to strip regular people of their privacy. for ~2 decades now, i have been trying to fight this fight.
one scary observation is that each year, less and less people care. at least, this is true among my students. plenty of them believe the 'protect the children' line and are more than willing to do whatever the government/big tech suggests. or they just shrug ("what difference would i make?").
for context, i teach at a college level, in tech. a few of my classes are from the cybersec program, one of the programs that should understand and care about the implications of bills like these, and even the majority of them do not care about this stuff anymore. they grew up with instagram and facebook and cameras everywhere. they grew up knowing that any little fuck up they have is recorded and posted online. they know that by the time they go to college, all of their data has already been leaked a few times. they never really had an expectation of privacy in the first place, so it just isnt a big deal.
as someone who interacts with this next generation of "hackers" on a daily basis... the concept of cypherpunk is gone. i got into this field because of my beliefs. they are going into this field because they want a chance at buying a house some day, and know that big tech has big bucks.
i am tired. and i recognize that this is exactly what they (lobbyists, meta, etc.) want! but i am tired and discouraged. more and more i find myself having to actively fight the urge to give up. i am not ready to give up just yet... but, i am sorry to say that as someone closer to retirement than i am comfortable admitting, i only have so much energy left.
zoobab 2 hours ago [-]
27 years against software patents in the EU, feeling the same unfortunately.
But sometimes very few people can make a difference.
julkali 2 hours ago [-]
i felt that.
marcosdumay 19 minutes ago [-]
Eh... That "[removed]" there means there was something to read and now it's gone?
At least the author posted a link to the dataset in a comment so it survived:
I don't understand why nobody in the comments is freaked out about this. This isn't just "oh Google knows my age", or "oh politicians being corrupt again!" This is "the government made a law that every computer in the world must track every person's identity and send it to the cloud".
No offline devices. Commercial vendors get your biometric data (and the equivalent of your driver's license / SSN). Every application on the OS can query your data.
If you think it stops with one bill, after they get all the infrastructure for this in place? You're fooling yourself. The whole point of this is to identify you, on every web page you visit, every app you open, on every device you own. Once bills are passed, it's very hard to get them revoked or nullified.
This is the most aggregious, authoritarian, Big Brother government surveillance system ever devised, and it's already law. I am fucking terrified.
(Yes, the EU has a less horrifying version of this. But Google, Apple, and Microsoft still control most of the devices in the world, and they are US companies.)
SkyeCA 3 hours ago [-]
> I don't understand why nobody in the comments is freaked out about this.
Because it's hopeless? It's been proven time and time again there's nothing the average person can do to fight this sort of thing.
It's just better to sit back and watch as everything gets ruined.
ExpertAdvisor01 3 hours ago [-]
I don't understand it .
There are so many ways to child-proof a device .
Google Family Link and the Apple equivalent .
Use cloudflares Family dns (blocks porn websites etc ..)
Instead of just creating a course that explains how to child-proof a device, we have to surveil everyone.
actsasbuffoon 3 hours ago [-]
Because they’re not really trying to protect kids.
onlyrealcuzzo 3 hours ago [-]
Please scan your asshole to use the toaster.
It's to save the kids.
We care about the kids. We don't bomb them.
eigencoder 1 hours ago [-]
Do you have a child? Because I think the device makers haven't really done a good job, there are just too many workarounds.
Chance-Device 5 hours ago [-]
TLDR: Meta want to push all the age verification requirements onto the OS makers (Apple, Google, everyone else gets caught in the crossfire) so that they don’t have to do anything AND they want it done in such a way that they can use it to profile people to push them targeted ads.
Its like they want to keep being seen as the bad guys.
chongli 5 hours ago [-]
I think this is also a way of getting ahead of any “ban social media for teens and preteens” bills that might pop up in the US. They do not want repeats of Australia! By adding age verification into the operating system they can deflect responsibility but also respond to legislators with a scalpel rather than getting sledge-hammered.
user_7832 4 hours ago [-]
…Honestly this seems something very likely, more than the other suggestions.
2OEH8eoCRo0 4 hours ago [-]
I want age verification but not at the OS level.
hackinthebochs 3 hours ago [-]
Yes, let me send a picture of my ID to every app on the internet. That's so much better than having the device I own attest to my age anonymously.
gzread 3 hours ago [-]
What would a world with your preferred age verification system look like?
I also forgot to mention in my original post that the token issuer is not a monopoly. Any company that wants to participate can do so, just like there are many brands of tobacco and alcohol. Require websites to accept at least 5 providers to ensure competition.
To be clear though if it's being used as wedge for privacy violation then it should not exist at all. And from reading TFA preventing that may need a similarly coordinated counter-effort.
inetknght 2 hours ago [-]
> I want age verification
Why?
2OEH8eoCRo0 2 hours ago [-]
Because it's absurd to allow children to simply click "I am 18." Nowhere else works like this.
inetknght 2 hours ago [-]
> Nowhere else works like this.
Are you serious? Because this comment doesn't make it sound like you're serious.
EULAs and the like allow adults to simply click "I accept". That's apparently the way contracts work these days. Speaking of contracts: children aren't allowed to sign contracts. So those apps that children are using with EULAs? It's absurd to allow adults to simply click "I accept". We need to have "acceptance verification" laws to prevent this kind of abuse.
It's also absurd to allow children to simply enter a church. Churches teach dangerous thoughts. Have you read their books?! Those books have sex, murder, theft! Think of the children! There's many kinds of religions and we need to track the religion bracket of our children. It's absurd to allow a child to simply click "I am Christian." Nowhere else works like this. We need to have "religious verification" laws to prevent this kind of abuse.
What you want isn't conducive to a "high trust" society [0].
I want reverse age verification that lists the ages of every social network post. I think a lot of people that criticize social network toxicity don't realize their interlocutors are half their age. It's not one-to-one, meaning maturity doesn't follow from age, but I think there would be some affordances made in both directions. A younger person would be less surprised that a 60+ yr old would hold certain views. And vice versa.
nobodyandproud 5 hours ago [-]
Jesus. As an American I can do my part, but it’s not much.
$70 million is chump change for Meta, yet is far more money than I’ll ever have and does so much to influence state legislation.
trymas 19 minutes ago [-]
Time and time again it amazes me how incredibly cheap lobbied politicians are. They may be earning big sums for an individual, but if you go full corruption[1] to sell out a state or a country - sell it for a fair price.
I remember from peak net neutrality discussions during trump 1 maybe around 2017-2018 ant saw an article on theverge.com (that cannot find now) and biggest sum to individual politician was around $200k, when median values were much much lower.
Politicians are selling tens of billions of dollars (if not hundreds of billions) worth of revenue to ISPs for couple or dozen million. Literally 1000x return on investment (if successful).
I remember local politician (I am not from US) got caught taking 100k bribe from a company for helping with alleged highway construction procurement. Project was valued ~1B - 10 000x return on investment (if they wouldn't have been caught).
[1] I am sorry, not "corruption", but "lobbying".
budman1 4 minutes ago [-]
in the 1990's there was a woman prime minister of Turkey.
she ended up resigning in a scandal caused by her husband accepting a boat (or work on the boat..i don't remember). the scandal was caused by the amount of the bribe. it was too low. the Turkish people could understand some corruption, but to be able to bribe the top leader for $50k. Unacceptable. If it would have been $100 million, it would not have been a scandal.
mrtesthah 1 hours ago [-]
We should ask ourselves why we continue to participate and perpetuate economic systems that result in levels of inequality so vast that they threaten control of our democracy.
Aunche 23 minutes ago [-]
Am I the only person who recognized that this bill explicitly does not require any sort of id verification? The point is to make apps and websites more accountable.
It (for the second time) was automatically removed via mass reporting by reddit accounts.
Terr_ 5 hours ago [-]
Oh look, the Heritage Foundation, the ones who wrote up the "Project 2025" agenda for most of the corruption and authoritarianism that has plagued America in the last year.
The very last people you should trust when it comes to "protecting the children."
bluescrn 5 hours ago [-]
To me it feels that the age verfication (adult de-anonymisation) push, at least in Europe, is coming more from the increasingly-authoritarian left as a reaction to the rise of the online right and Musk's Twitter.
(Maybe some unspoken element of concern over social media bots, too - as they evolve from spamming copy+pasted comments to being near-indistinguisable from actual human accounts?)
malfist 3 hours ago [-]
If you look at the people pushing these bills it's the anti-trans and anti-porn activists. Not the left.
dingi 2 hours ago [-]
This issue looks partisan from the outset, but both sides push the same thing. They just use partisan justifications.
mrtesthah 1 hours ago [-]
Age verification efforts in the US have been privacy-attacking (demanding government ID) whereas the system being proposed in europe is privacy-preserving (zero-knowledge proof).
phendrenad2 3 hours ago [-]
In Europe though? You have those?
dv_dt 3 hours ago [-]
It would be interesting to see a similar lobbying breakdown for the EU and UK. I bet it's still Meta with other right wing actors. The left rarely has the money for this kind of lobbying scale
turbinemonkey 5 hours ago [-]
Heritage has been laying waste to America my whole life. They basically planned all of Reagan's legislative agenda, too, just like Project 2025 is doing today. In very real ways, they and their vision are America (a system is what it does, not what it says it does).
sporadicallyjoe 2 hours ago [-]
If politicians care so much about protecting children, then why aren't they going after the rich and powerful child abusers mentioned in the Epstein files?
SilverElfin 1 hours ago [-]
The post looks to be deleted. Anyone know a way to view the original content?
matheusmoreira 4 hours ago [-]
See? It was never about children. Never fails.
Corporations literally buy the laws they want and Silicon Valley is the newest lobbying monster. Genuinely terrifying.
zoobab 2 hours ago [-]
That's what Washington and Brussels are about: lobbying capitals and buying influence over how laws are made.
throw8fasdffdf 1 hours ago [-]
I'm surprised the "laboratory" of the globalist elite, India, hasn't implemented this yet.
Digital-ID (Aadhar) was heavily pushed by USAID and other US-deepstate associates; the same with digital-money and the "demonetization". Bill Gates's org actively tests out things on actual humans like guinea pigs, before globalizing the "solutions". These days all of this is kind of redundant since the phone-number + verification has become essentially a necessity to live in the city in any part of world today.
The prev. Govt. had considered doing this "login with your ID or no internet" scheme (to "protect" people no doubt) back in 2012s - there were explicit statements about disallowing people who would not authenticate with Aadhar, but it was shelved (likely because of their unpopularity).
If our current "Dear Leader" were to propose this, I think a significant population would opt-in simply because of a sense of belonging to a hero-worship-cult.
The state is determined to ensure that every human be their slave.
dyauspitr 1 hours ago [-]
Your take in this entire ends up with you blaming Bill Gates like some MAGA tinhat? The GOP are literally the cabal of pedophilic, privacy ending, freedom crushing elites you’re looking for and this is somehow your perspective?
If we want really a set up where a child does not access it...
Psychology has a higher success rate...just tell them that their parents use it....
There are many systems where accuracy is loose and that is its core feature...for example postal addresses worldwide...I can a mistake in the address but the letter or package will still get there...
2 hours ago [-]
npn 2 hours ago [-]
Now it is only age verification. Next they will try to impose digital ID.
That's when you know the new world has begun.
thiago_fm 4 hours ago [-]
America will just get behind even more as years pass behind Europe in terms of proper regulation of the digital economy, which benefits citizens instead of companies and rich billionaries.
The reason is that europeans have nothing to win from those "winner-take-all" platforms the US has built in the past decades. Europe has built zero of them.
It contributes very little to Europe's GDP or the overall being of the european. And in some cases, it eats Europe's GDP, moving economic activity back to the US. This is different than for Americans which big tech is a net-positive contributor to society in my POV, mainly because how much economic activity $ it generates.
Big techs provide huge paychecks and made a lot of people rich in the US, and most of its GDP growth in the last decade. But it's a double-edged sword.
They will make laws in favor of them in detriment of the average American, while minting more billionaries than Europe could ever dream of.
Europe will take a long time to get the digital revolution the US already did, but it'll mostly come from regulations and government initiatives. And will be net-positive for humans living in Euope, not for owners of corporations.
gzread 3 hours ago [-]
It is interesting isn't it? Most of Europe has better internet access than the US for similar reasons: sensible regulation led to high competition.
lII1lIlI11ll 52 minutes ago [-]
> Most of Europe has better internet access than the US for similar reasons: sensible regulation led to high competition.
Which "most of Europe" would that be? Switzerland and handful of northern countries? Because it is definitely not Germany or several "you can't access half of the internet during times when twenty men kicking a ball on a field" southern states.
b112 5 hours ago [-]
How much do you want to bet that Amutable, via its founder's control of the systemd codebase and ability to drive change, will be first-in-line to force a switch to its variant of systemd, along with a module for age verification?
I don't see it as coincidence that with all these laws passing, suddenly he announces a secure, "controlled", "locked down" version of systemd. Why, RedHat and Ubuntu can simply drop in this new variant, pay a small fee, and be done with compliance.
close04 5 hours ago [-]
This truly is the best democracy money can buy. As long as money and/or favors change hands in exchange for getting favorable laws passed, it's just legalized bribery and buying off your own "democracy".
And it snowballs, the more favorable laws someone buys, the more favorable their position, and the more they can buy in the future. The transition from "democratic facade" to "outright oligarchy" will be swift and seamless.
NoImmatureAdHom 3 hours ago [-]
Where do I donate to oppose this bullshit?
I want to open my wallet. It should be the top comment.
casey2 11 minutes ago [-]
Donate a phone call. You aren't gonna win the bribing war against people who own a machine that turns your worthless data into millions of dollars.
If everybody who cared to and lived in the affected districts called they would kill the bill just to clear their phone-lines.
Rendered at 16:28:37 GMT+0000 (Coordinated Universal Time) with Vercel.
Age signals from the OS? Need to provide a channel of information available to applications. Applications already talk to servers with unchecked commonality.
Biometric data? Today it unlocks your private key. Tomorrow it's used to verify you are the same person that was used during sign-up -- the same that was "age-verified".
Next year, the application needs to "double-check" your identity. That missile that's coming to you? Definitely not AI-controlled, definitely not coming to destroy the "verified" person who posted a threatening comment about the AI system's god complex. Nope, it's coming to deliver freedom verification.
And turns out power-tripping men offered raw power over other humans on threat of violence is something they like.
And ICE? Remember J6 and Three Percenter's and all those right wing militias? They ended up in ICE. Same reasons.
That was from a quick search, no doubt there's more. Now it gets down to trust issues on reporting.
This is a non-issue because it's almost certainly going to be gated behind a permission prompt. There are more invasive things sites/apps can ask for, and we seem to be doing fine, eg. location. Moreover is it really that much of a privacy loss if you go on steam, it asks you to verify you're over 18, and the OS says you're actually over 18?
>Biometric data? Today it unlocks your private key. Tomorrow it's used to verify you are the same person that was used during sign-up -- the same that was "age-verified".
Given touch id was introduced over a decade ago, and the associated doom-mongering predilections did not come to pass, I think it's fair to conclude it's a dud.
Watch as apps refuse to work when you deny them permission. Also the OS (and “privileged apps”) don’t ask for permission, they have full unfettered access to everything already.
If you can't trust the OS, you have bigger issues than it knowing whether you're 18 or not. At the very least it has a camera pointed at you at all moments you're using it, and can eavesdrop in all your conversations.
If your OS prevented encryption, because one of the anti-encryption laws got passed, would you still trust its privacy and security?
lol.
> Moreover is it really that much of a privacy loss if you go on steam, it asks you to verify you're over 18, and the OS says you're actually over 18?
Slippery slope, but an interesting argument. While SteamOS is a thing, Steam isn't my OS.
> Given touch id was introduced over a decade ago, and the associated doom-mongering predilections did not come to pass, I think it's fair to conclude it's a dud.
Really? You think that things built decades ago can't be further built-upon in the now or the future?
You mean non slippery slope?
>Really? You think that things built decades ago can't be further built-upon in the now or the future?
If there's no deadlines for predilections, how can we score them? Should we still be worried about some yet undiscovered way that cell phones are causing cancer, despite decades of apparently no harmful side effects?
https://github.com/upper-up/meta-lobbying-and-other-findings
Zero-knowledge proofs are the way to go for this type of thing, I find it mind-boggling that the US lets itself be bamboozled into complete lack of privacy.
My stance is that if somebody is a minor, his/her/their parents/tutors/legal guardian are responsible for what they can/cannot do online, and that the mechanism to enforce that is parental control on devices.
Having said that, open-source zero-knowledge proofs are infinitely less evil (I refuse to say "better") than commercial cloud-based age monitoring baked into every OS
To be honest, I worry that the framing of this legislation and ZKP generally presents a false dichotomy, where second-option bias[1] prevails because of the draconian first option.
There's always another option: don't implement age verification laws at all.
App and website developers shouldn't be burdened with extra costly liability to make sure someone's kids don't read a curse word, parents can use the plethora of parental controls on the market if they're that worried.
[1] https://rationalwiki.org/wiki/Appeal_to_the_minority#Second-...
Why not? Physical businesses have liability if they provide age restricted items to children. As far as I know, strip clubs are liable for who enters. Selling alcohol to a child carries personal criminal liability for store clerks. Assuming society decides to restrict something from children, why should online businesses be exempt?
On who should be responsible, parents or businesses, historically the answer has been both. Parents have decision making authority. Businesses must not undermine that by providing service to minors.
Ok, suppose the strip club is the website, and the club's door is the OS.
Would you fine the door's manufacturer for teens getting into the strip club?
This implies the creation of an infrastructure for the total surveillance of citizens, unlike age verification by physical businesses.
How do you reconcile porn sites as a line in the sand with things like banking or online real estate transactions or applying for an apartment already performing ID checks? The verification infrastructure is already in place. It's mundane. In fact the apartment one is probably more offensive because they'll likely make you do their online thing even if you could just walk in and show ID.
I mean, we're talking about age verification in the OS itself in some of these laws, so tell me how it doesn't.
Quantity is a quality. We're not just seeing it for porn, it's moving to social media in general. Politicians are already talking about it for all sites that allow posts, that would include this site.
So you tell me.
California is also stupid for creating liability for service/app providers that don't even deal in age restricted apps, like calculators or maps. It's playing right into the "this affects the whole Internet/all of computing" narrative when in fact it's really a small set of businesses that are causing issues and should be subject to regulation.
These are often clear cut. They're physical controlled items. Tobacco, alcohol, guns, physical porn, and sometimes things like spray paint.
The internet is not. There are people who believe discussions about human sexuality (ie "how do I know if I'm gay?") should be age restricted. There are people who believe any discussion about the human form should be age restricted. What about discussions of other forms of government? Plenty would prefer their children not be able to learn about communism from anywhere other than the Victims of Communism Memorial Foundation.
The landscape of age restricting information is infinitely more complex than age restricting physical items. This complexity enables certain actors to censor wide swaths of information due to a provider's fear of liability.
This is closer to a law that says "if a store sells an item that is used to damage property whatsoever, they are liable", so now the store owner must fear the full can of soda could be used to break a window.
So again, assuming we have decided to restrict something (and there are clear lines online too like commercial porn sites, or sites that sell alcohol (which already comes with an ID check!)), why isn't liability for online providers the obvious conclusion?
The crux is we cannot decide what is protected speech, and even things that are protected speech are still considered adult content.
> why isn't liability for online providers the obvious conclusion?
We tried. The providers with power and money(Meta) are funding these bills. They want to avoid all liability while continuing to design platforms that degrade society.
This may be a little tin-foil hat of me, but I don't think these bills are about porn at all. They're about how the last few years people were able to see all the gory details of the conflict in Gaza.
The US stopped letting a majority of journalists embed with the military. In the last few decades it's been easier for journalists to embed with the Taliban than the US Military.
The US Gov learned from Vietnam that showing people what they're doing cuts the domestic support. I've seen people suggesting it's bad for Bellingcat to report on the US strike of the girls school because it would hurt morale at home.
The end goal is labeling content covering wars/conflicts as "adult content". Removing any teenagers from the material reality of international affairs, while also creating a barrier for adults to see this content. Those who pass the barrier will then be more accurately tracked via these measures.
Plenty of people would prefer that children not learn about scientology from pro-scientology cultists too. It's not that they can't know about scientology (they probably should, in fact, because knowledge can have an immunizing effect against cults)...
And it's not that they can't know about communism (they probably should, in fact, because knowledge can have an immunizing effect against cults)...
Physical businesses nominally aren't selling their items to people across state or country borders.
Of course, we threw that out when we decided people could buy things online. How'd that tax loophole turn out?
It turned out we pretty much closed the tax loophole. I don't remember an online purchase with no sales tax since the mid 00s.
App and website operators should add one static header. [1] That's it, nothing more. Site operators could do this in their sleep.
User-agents must look for said header [1] and activate parental controls if they were enabled on the device by a parent. That's it, nothing more. No signalling to a website, no leaking data, no tracking, no identifying. A junior developer could do this in their sleep.
None of this will happen of course as bribery (lobbying) is involved.
[1] - https://news.ycombinator.com/item?id=46152074
The real answer to the problem is for websites/appstores to publish tags that are legally binding assertions of age appropriateness, and then browsers/systems can be configured to use those tags to only show appropriate content to their intended user.
This also gives parents the ability to additionally decide other types of websites are not suitable for their children, rather than trusting websites themselves to make that decision within the context of their regulatory capture. For example imagine a Facebook4Kidz website that vets posts as being age appropriate, but does nothing to alleviate the dopamine drip mechanics.
There has been a market failure here, so it wouldn't be unreasonable for legislation to dictate that large websites must implement these tags (over a certain number of users), and that popular mobile operating systems / browsers implement the parental controls functionality. But there would be no need to cover all websites and operating systems - untagged websites fail as unavailable in the kid-appropriate browsers, and parents would only give devices with parental controls enabled to their kids.
Where do you go to vote for this option?
Surely you can find a rationalwiki article for your fallacy too.
In fact, I suspect adults, and not just children, would also appreciate it if the pervasive surveillance was simply banned, instead of trying to age gate it. Why should bad actors be allowed to prey on adults?
Also, I heard the same thing about video games, TV shows, D&D, texting and even youth novels. It's yet another moral panic.
From the Guardian[1]:
> Social media time does not increase teenagers’ mental health problems – study
> Research finds no evidence heavier social media use or more gaming increases symptoms of anxiety or depression
> Screen time spent gaming or on social media does not cause mental health problems in teenagers, according to a large-scale study.
> With ministers in the UK considering whether to follow Australia’s example by banning social media use for under-16s, the findings challenge concerns that long periods spent gaming or scrolling TikTok or Instagram are driving an increase in teenagers’ depression, anxiety and other mental health conditions.
> Researchers at the University of Manchester followed 25,000 11- to 14-year-olds over three school years, tracking their self-reported social media habits, gaming frequency and emotional difficulties to find out whether technology use genuinely predicted later mental health difficulties.
From Nature[2]:
> Time spent on social media among the least influential factors in adolescent mental health
From the Atlantic[3] with citations in the article:
> The Panic Over Smartphones Doesn’t Help Teens, It may only make things worse.
> I am a developmental psychologist[4], and for the past 20 years, I have worked to identify how children develop mental illnesses. Since 2008, I have studied 10-to-15-year-olds using their mobile phones, with the goal of testing how a wide range of their daily experiences, including their digital-technology use, influences their mental health. My colleagues and I have repeatedly failed to find[5] compelling support for the claim that digital-technology use is a major contributor to adolescent depression and other mental-health symptoms.
> Many other researchers have found the same[6]. In fact, a recent[6] study and a review of research[7] on social media and depression concluded that social media is one of the least influential factors in predicting adolescents’ mental health. The most influential factors include a family history of mental disorder; early exposure to adversity, such as violence and discrimination; and school- and family-related stressors, among others. At the end of last year, the National Academies of Sciences, Engineering, and Medicine released a report[8] concluding, “Available research that links social media to health shows small effects and weak associations, which may be influenced by a combination of good and bad experiences. Contrary to the current cultural narrative that social media is universally harmful to adolescents, the reality is more complicated.”
[1] https://www.theguardian.com/media/2026/jan/14/social-media-t...
[2] https://www.nature.com/articles/s44220-023-00063-7
[3] https://www.theatlantic.com/technology/archive/2024/05/candi...
[4] https://adaptlab.org/
[5] https://pubmed.ncbi.nlm.nih.gov/31929951/
[6] https://www.nature.com/articles/s44220-023-00063-7#:~:text=G...
[7] https://pubmed.ncbi.nlm.nih.gov/32734903/
[8] https://nap.nationalacademies.org/resource/27396/Highlights_...
Recent posters here are clear that porn sites are setting every available signal that they are serving adult-only content.
According to them, you are targeting the wrong audience.
Facebook/Instagram studying how to get young users addicted should be of greater concern. I have my doubts about the effectiveness of age-based blocking there, though.
Yeah quite the opposite. Once they have that formalized attestation they will move in like sharks.
> give parents the ABILITY to advertise the users age to browsers, apps and everything in between.
Accounts and Applications to services that provide countent are set to a country-specific age rating restrictions (PG, 12+, 18+, whatever). That's it.
None of the things you mentioned have any point to concern themself with the age or age-bracket of the user in front of the device. This can and will be abused. This is very obvious. Think about it.
So on the Sony consoles I created an account for my child and guess what they have implemented some stuff to block children from adult content on some stuff.
So if Big Tech would actually want to prevent laws to be created could make it easy for a parent to setup the account for a child (most children this days have mobile stuff and consoles so they could start with those), we just need the browsers to read the age flag from the OS and put it in a header, then the websites owners can respect that flag.
I know that someone would say that some clever teen would crack their locked down windows/linux to change the flag but this is a super rare case, we should start with the 99% cases, mobile phones and consoles are already locked down so an OS API that tells the browser if this is an child account and a browser header would solve the issue, most porn websites or similar adult sites would have no reason not to respect this header , it would make their job easier then say Steam having to always popup a birth date thing when a game is mature.
Let's go back to parenting: yes, world is a scary place if you get into it unprepared.
Permission restricted registry entry (already exists) and a syscall that reads it (already exists) for windows and a file that requires sudo to edit (already exists) and a syscall to read it (already exists). Works on every distro automatically as well including android phones since they run the linux kernel anyway. Apple can figure it out and they already have appleid.
Responsibility should be on the website to not provide the content if the header is sent with an inappropriate age, and for the parent to set it up on the device, or to not provide a child a device without child-safe restrictions.
It seems very obviously simple to me, and I don't see why any of these other systems have gained steam everywhere all of a sudden (apart from a desire to enhance tracking).
Morals like owning slaves, right?
A moral system that requires everyone to be white Christian males isn't a moral system, it's a theocracy.
Meh, I use it, but it's super annoying and I think that with my Daughter I'll take a different approach (but it will be some years before that is relevant).
On Android: The kid can easily go on Snapchat (after approval of install of course, and then you can just see their "friends") before Pokemon Go (just a pain to get working, it keeps presenting some borked version which led to a lot of confusion at first). I just lied about his age in a bunch of places at some point. Snapchat is horrible and sick from our experiences in the first week.
On Windows: It's a curated set of websites (and no FireFox) or access to everything. It's not even workable for just school. Granting kids access to our own minercraft servers: My god, I felt dirty about what the other parents had to go through to enable that.
This is a hobby horse of mine to the point that coworkers probably wish I'd just stfu about Minecraft - but holy shit is it crazy how many different things you need to get right to get kids playing together.
I genuinely have no idea how parents without years of "navigating technical bullshit" experience ever manage to make it happen. Juggling Microsoft accounts, Nintendo accounts, menu-diving through one of 37 different account details pages , Xbox accounts, GamePass subscriptions - it's just fucking crazy!
As a parent, sure, that is my stance as well. What... what other stances are there even? How would they work?
But the implementation matters, and almost all of these bills internationally are being done in bad faith by coordinated big-money groups against technologically illiterate and reactionary populist governments.
(if we really want to get into an argument, there's what the UK calls "Gillick competence": the ability of children to seek medical treatment without the knowledge and against the will of their parents)
I would personally favour allowing parents to buy drinks for children below the current limits (18 without a meal, 16 for wine, beer and cider with a meal).
The alternative to this is empowering parents by regulating SIM cards (child safe cards already exist) and allowing parents to control internet connectivity either through the ISP or at the router - far better than regulating general purpose devices. The devices come with sensible defaults that parents can change.
Maybe a majority of people today agree with that, but I know I don't and I never hear that assumption debated directly.
TBH many parents done exactly that by giving phones/tablet already to kids in strollers
"You‘re reading about evolution! Not in my house"
Examples: most children believe in the same religion as their parents, and can visit friends and places only if/when allowed by their parents.
This is simply extending the same level of control to the internet.
Government-mandated restrictions are completely another level.
Who controls your age if you want to see an R-rated movie?
This is simply extending the same level of control to the internet.
More control for parents is a completely different level.
They rarely enforce it, but if it gets out of hand, the city will start getting on your case about it.
Does the US have a zero-knowledge proof system that is mentioned in the discussion?
> Having said that, open-source zero-knowledge proofs are infinitely less evil (I refuse to say "better") than commercial cloud-based age monitoring baked into every OS
Parent prefers more control by parents over zero-knowledge proof
I do think parental controls can be and are abused for evil, but they're still better than the alternative. Zero-knowledge proof is not an alternative, and to suggest that it is is misunderstanding the situation. These laws are proposed and funded by people who want complete surveillance of the population. Zero-knowledge proof is, therefore, explicitly contrary to the goal and will never be implemented under any circumstances. Suggesting that it can be muddies the issue and tricks people into supporting legislation that exists only to be used against them.
In a benevolent dictatorship, sure, go for a zero-knowledge proof verification as your solution. In the reality of democracy, where politicians are corporate puppets who cloak surveillance laws in "think of the children" to rally support from the masses, we need to convince people to see through the lie and reject the proposals outright while reassuring them that they can protect the children themselves via parental controls. You will never be able to sufficiently inform 50.1% of the population of any country of what zero-knowledge proof even means, let alone convince them to support age verification laws but strictly conditional on ZKP requirements. That level of nuance is far too much to ask of millions of people who are not technically-informed, and idealism needs to give way to pragmatism if we wish to avoid the worst-case scenario.
Imho there is a place for regulation in that, actually. Devices that parents are managing as child devices could include an OS API and browser HTTP header for "hey is this a child?" These devices are functionally adminned by the parent so the owner of the device is still in control, just not the user.
Just like the cookie thing - these things should all be HTTP headers.
"This site is requesting your something, do you want to send it?
Y/N [X] remember my choice."
Do that for GPS, browser fingerprint, off-domain tracking cookies (not the stupid cookie banner), adulthood information, etc.
It would be perfectly reasonable for the EU to legislate that. "OS and browsers are required to offer an API to expose age verification status of the client, and the device is required to let an administrative user set it, and provide instructions to parents on how to lock down a device such that their child user's device will be marked as a child without the ability for the child to change it".
Either way, though, I'm far more worried about children being radicalized online by political extremists than I am about them occasionally seeing a penis. And a lot of radicalizing content is not considered "adult".
I owe everything about who I am today to learning how to circumvent firewalls and other forms of restriction. I would almost certainly be dead if I hadn't learned to socialize and program on the web despite it being strictly forbidden at home. Most of my interests, politics and personality were forged at 2am, as quiet as possible, browsing the web on live discs. I now support myself through those interests.
We're so quick to forget that kids are people, too. And today, they often know how to safely navigate the internet better than their aging caretakers who have allowed editorial "news" and social media to warp their minds.
Even for people who think they're really doing a good thing by supporting these kinds of insane laws that are designed to restrict our 1A rights: the road to hell is paved with good intentions.
With no proof it will protect anyone from proven harm.
Why is this such a sticking point in US politics? If the "undocumented" people aren't supposed to be in the country in the first place, why should rest of society cater to them? Even if you're against age verification for other reasons, dragging in the immigration angle is just going to alienate the other half of the population who don't share your view on undocumented people, and is a great way to turn a non-partisan issue into a partisan one. It's kind of like campaigning for medicare for all, and then listing "free abortions and gender affirming surgery" as one of the arguments for it.
Great, frame it as "poor people without IDs" or whatever, not "undocumented", which in the current political discourse is basically the left's version of the term "illegal immigrant".
>You might be in the country temporarily for business or as a tourist. The constitution applies to all of these people.
The constitutional right to... watch 18+ videos on youtube while in the US?
When we hear about “zero knowledge” ID checks in real proposals they’re not actually zero knowledge altogether. They have built in limits or authorities to prevent these obvious attacks, like requiring them to interact with government servers and then pinky promising that those government servers won’t log your requests.
In a true zero-knowledge system sharing falsely shared credentials becomes easy because it’s untraceable. If the proof has no knowledge attached, you can’t conclude who used their credentials on a website that generates proof-of-age tokens on demand for visitors.
That said, government agencies have been doing a terrible job at keeping the private information of citizens safe. But it is nowhere nearly as bad as the US. My best childhood friend died in very questionable circumstances in 2009 in the US in very questionable circumstances. He had a US citizenship and we never really found out what had happened(to the point where we never really got any definitive proof that he had died). But that didn't stop me from trying and I was blown away by the fact that I could log into a US government website, register with a burner mail, pay 2 bucks with an anonymous gift credit/debit card and get a scanned copy of his death certificate in my email. And I didn't even have to provide his passport/id/anything. Just his name.
Point is, the US has been terrible at privacy for as long as I can remember. It is probably worse now with Facebook and Ellison holding TikTok.
I don't mean to be the average gloating US citizen, but I'm pretty sure we're the largest threat to the Earth.
The root of the problem is Russia, always has been.
So, I suppose if they could somehow use money and influence to determine election results, they would use it in Russia, no?
So, I think the civilizational threat from Russia is about the same as from North Korea: nearly zero.
Surely you meant this as hyperbole, right? If not, I would love your reasoning as to why its a bigger threat than literally anything and anyone else.
Reasoning: experience.
[1](https://www.instagram.com/reel/C5TnWyEtwgN/)
But they invest large amounts of money to propaganda channels everywhere, have direct military influence in large parts of Africa, are known to poison people in the UK and elsewhere, etc.
> its relative strength has only lessened over the decades Russia is not a _physical_ threat outside of its immediate proximity.
But they invest large amounts of money to propaganda channels everywhere, have direct military influence in large parts of Africa, are known to poison people in the UK and elsewhere, etc.
> Is it not?
No, and no part of your comment really seems to argue otherwise? I know about current world events. Your argument was that "experience" is a good enough reason to make a blanket statement about a country and all its people, and you doubled down on it, so it's not even like I'm constructing a strawman here or anything.
It's just wild to me how far this kind of blind hate goes. If "experience" is enough to say that a country is a bigger threat to civilization(!) than, lets say, pandemics, natural disasters, global nuclear war, etc., then there really remains no basis for any kind of healthy discussion. At that point it's just blind hatred.
I'm trying to steer the conversation to stay factual, because I usually appreciate HN for its clear communication style. Sorry for offending you and I'm sorry if I've caused you further suffering. Let's not continue this conversation.
I keep hearing this but I struggle to find any sources, beyond articles like [1] which are... not particularly good sources, even a reddit comment would be a better primary source than that.
I'm not trying to be combative, I just genuinely struggle to find primary sources, probably because I'm using the wrong keywords or something.
I understand the reasoning, but I would love to actually see/read/hear/whatever where Putin "states" this desire explicitly!
[1] https://gppreview.com/2015/02/12/putins-dream-reborn-ussr-un...
Surely I'm missing something here. Putin's 2023 "The Concept of the Foreign Policy of the Russian Federation" also does not state conquering back former USSR states. Where is it? If he states it so clearly that people keep quoting it, surely there must be a source for it? Sorry if I'm a PITA.
To be clear, I'm interested in this because this would be a fantastic argument to bring to discussions, but without having seen a source, I don't think I could.
I think Dugin's book is like that. Sure, Dugin said it, not Putin. But IIRC Putin did some things to make Dugin's book more influential. I forget the specifics - making it required reading in the Russian military academies, maybe?
There have been other statements by Russian politicians who are widely regarded as Putin's mouthpieces. Medvedev, certain key figures in the Russian parliament. I know I've seen that, though I don't recall the specifics.
So Putin maybe didn't say it. And yet, his endorsed mouthpieces (more than one) do say it.
You said "without having seen a source". Well, I didn't give you one. But if you want to look, I have given some places to start.
> making it required reading in the Russian military academies, maybe
Yeah, I think he did.
> So Putin maybe didn't say it.
That's my concern. When people make the statement that he did, when he didn't, they essentially preempt any reasonably discussion and start it off on the entirely wrong foot.
If I want to have a discussion with my neighbor about him not cleaning up his own trash, surely I would not start the discussion with "you LOVE living in trash, don't you", even if I can reasonably deduce that he does. It just turns the entire discussion hostile to make claims that aren't supported, and it weakens all subsequent arguments!
So I don't think it's the entirely wrong foot. It's a shortcut and an imprecision, but the point (that Putin actually thinks this) seems to be valid. (Though one should have less than 100% certainty that it represents his position - but with Putin, that should apply to a direct quote as well.)
You have to remember how political communication works in Russia. They rarely state goals outright, and always juggle several narratives at the same time. To make it hard to pin them down to any position and achieve exactly what is happening here.
[0] https://en.wikisource.org/wiki/On_the_Historical_Unity_of_Ru...
I don't know about elsewhere but in the UK anyone can apply for any death certificate going back to 1837.
Not exactly a good moment for this particular caste of politicians/elites to pretend they care about children's well-being!
The benefit of zero-knowledge proofs is that the hide information about the ID and who it belongs to.
That’s also a limitation for how useful they are as an ID check mechanism. At the extreme, it reduces to “this user has access to an ID of someone 18+”. If there is truly a zero-knowledge construction using cryptographic primitives then the obvious next step is for someone to create an ad-supported web site where you click a button and they generate a zero-knowledge token from their ID for you to use. Zero knowledge means it can’t be traced back to them. The entire system is defeated.
This always attracts the rebuttal of “there will always be abuse, so what?” but when abuse becomes 1-click and accessible to every child who can Google, it’s not a little bit of abuse. It’s just security theater.
So the real cryptographic ID implementations make compromises to try to prevent this abuse. You might be limited to 3 tokens at a time and you have to request them from a central government mechanism which can log requests for rate limiting purposes. That’s better but the zero-knowledge part is starting to be weakened and now your interactions with private services require an interaction with a government server.
It’s just not a simple problem that can be solved with cryptographic primitives while also achieving the actual ID goals of these laws.
once you get this you stop asking why the tech details are the way they are.
Other states are even worse, creating another way to have your buddy buddy lobbyist folks fire up a new business opportunity to make money as a verification service.
Judges in other countries (Texas) found out this kind of law was a violation of the Free Speech.
Since when Free Speech do not apply to -16y old?
Made laws are made, then killed by courts later one.
The only authority that can be trusted to do age verification is the government.
You know, those people who give you birth certificates, passports, SSNs, driver's licenses, etc.
The idea that parental supervision here is sufficient has been shown to be wholly inadequate. I'm sorry but that train has sailed. Age verification is coming. It's just a question of who does it and what form it takes.
Take Youtube, for example. I think it should work like this:
1. If you're not of sufficient age, you simply don't see comments. At all;
2. Minors shouldn't see ads. At all;
3. Videos deemed to have age-restricted content should be visible;
4. If you're not logged in, you're treated as an age-restricted user; and
5. Viewing via a VPN means you need age verification regardless of your country of origin.
It's not perfect. It doesn't have to be.
These bills also need to be opposed on a legal/political level.
Something I realized last night is that people who lie about their age to send false signals may inadvertently open themselves up to CFAA liability (a felony). So this is a serious matter for users who want to maintain anonymity.
I do think there is a stronger case against the next under-18 Aaron Swartz, who will get hit with 200 felonies for setting his age wrong (one felony per app/service) after pissing off someone important.
If I get arrested for lying about my age, when I'm of age, then they could probably get me on a whim already anyway. No point in trying to fall in line.
Like, in general, a software change to add an "age class" attribute to user accounts and a syscall "what's this attribute for the current user account" would satisfy the California bill and that's a relatively minor change (the bad part is the NY bill that allegedly requires technical verification of whatever the user claimed).
The weird issue is how should that attribute be filled for the 'root' or 'www-data' user of a linux machine I have on the cloud. Or, to put aside open source for that matter, the Administrator account on a Windows Active Directory system.
Because "user accounts" don't necessarily have any mapping (much less a 1-to-1 mapping) to a person; many user accounts are personal but many are not.
We should also update all FOSS license terms to explicitly exclude Meta or any affilites from using any software licensed under them.
Heck, Linus Torvalds should just add an amendment to the next release of the Linux Kernel that makes it illegal to use in any jurisdiction that requires age verification laws.
This would obviously cause such a massive disruption (especially in California) that the age laws would have to be rolled back immediately.
This seems like a no-brainer to me but I am admittedly ignorant on this situation. I'm sure there's a good reason why this isn't happening if anyone cares to explain.
If it's not (fully) your code, you aren't free to set the licence conditions; Linus can't do that without getting approval from 100% (not 99% or so) of authors who contributed code.
What one can do is add an informative disclaimer saying "To the best of our knowledge, installing or running this thing in California is prohibited - we permit to do whatever you want with it, but how you'll comply with that law is your business".
A "Linux distro" is not the Linux kernel. It's possible for some distros to add such license terms to their distribution media, but others like Debian and Debian-based ones adhere to the GPL so no go.
"Every OS provider must then: provide an interface at account setup collecting a birth date or age, and expose a real-time API that broadcasts the user's age bracket (under 13, 13 to 15, 16 to 17, 18+) to any application running on the system."
Debian, Ubuntu, etc., they'll all fall right in line because the clear and immediate losses will outweigh any PR issue.
https://opensource.org/osd
If this was somehow introduced without anyone noticing and deployed, imagine the damage it would cause.
If we're fantasizing here, I like to imagine two major OS makers trying to comply these laws, fail miserably, and let FOSS OSes and kernels more recognition in the desktop market.
Ideally, getting these servers to auto turn off the day this goes into effect ("In compliance with this new law, Linux is now temporarily unusable. Please <call to action>.") would be glorious for getting the bill staved off, or killed.
It would hurt some productivity, but that is a risk these lawmakers taking donations are probably willing to make.
1 - https://en.wikipedia.org/wiki/Npm_left-pad_incident
I know. That's exactly the point.
In such situations where one party (Meta) has enough money to lobby and is playing dirty, it's a massively asymmetric situation. In such cases, if you really want to make sure you're heard (which I'm not sure distributers want or care about tbh), you've got to play the game too.
Malicious compliance, if you will.
PS: For a "practical" variant, simply a warning might be sufficient - given how many hospitals/critical infra uses linux. For eg "There is a chance this server will fail to work on x date due to this y law. Not as glamorous/all-guns-blazing, but probably much more sensible and practical.
PPS: For an even more "safer" variant, one could go "Post x, please note that using linux/this server is a violation of law y. Please turn off the server yourself manually. Failure to comply with these instructions and violating the law will be borne entirely by the (no informed) sysadmin/manglement.
Update the terms to indicate that you can do what you want, but this OS is probably not compliant with states run by evil dipshits.
EDIT: why is it deleted now?
In the real world, professional media organizations regularly expose corruption. More often than not? No idea. But to pretend they only engage in cover-ups is cynical fatalism.
https://web.archive.org/web/20260313125244/https://old.reddi...
If anything, Meta’s utility would seem to shrink if the OS handles proof of being a real person.
It also gives them more information on users as a bonus. Further, verification with a real ID is also a quite effective barrier against excessive bots.
https://www.eff.org/deeplinks/2025/12/congresss-crusade-age-...
Not saying I think it's a good idea to provide the year of birth to all sites, but (session ID, year of birth) is the only information they would need. The problem is proving who's behind the keyboard at the time of asking, which would require challenge-response, and is why I think this should be an online platform, not a hardware PKI gadget with keys inevitably tied to individuals.
No, enforcing privacy is not hard, all it takes is imposing penalties _much greater than_ those financial incentives.
I’d write my senator but they won’t do shit. Is there anything that can seriously be done?
Do you know how democracy works? There are these people called representatives. They are hired by you. They pass laws. They only get to continue having a job if people like you vote for them. When you tell them "I don't like the law you are passing", they are hearing "the people who hire me are angry with me". The more people that are angry at what they're doing, the more their job is at risk.
They do what the lobbyists say because somebody else is doing the work, and they get paid (by the lobbyist). But they won't have a job to get paid for if the voters don't vote for them again. So your entire defense against tyranny and bad laws is you speaking out. If you never talk to your reps (or vote), you're telling them you don't care what kind of government it is, and they really will do whatever they want.
You have to tell them how you feel, along with all the rest of us. That's the only power we have.
In addition to that, tell everyone you know. Your friends, family, coworkers, the dude running the local gas station. Explain to them why government-mandated surveillance of everything they do on a computer is a bad idea. Ask them to talk to their reps.
Ideas? Time to spin up a local LLM for some editing advice.
https://en.wikipedia.org/wiki/Qualified_website_authenticati...
QWAC certs are only for "high value" sites: banks, government services, etc. They can only be issued by "Qualified Trust Service Providers" (e.g. digisign, D-TRUST, etc -- not governments), and cost many hundreds of euros. Your blog and mastodon instance and 98% of businesses just aren't affected.
People operating in "high risk" sectors that need access to payment infra (porn, drugs, etc) are, as always, going to have a hard time. That's a worthy conversation, but nothing about QWAC or eIDAS is about "the government not issuing certs to people they don't like".
Secure Boot is just a technology for those that need it, until Microsoft decides it's mandatory for everyone.
What you have in the EU is this: https://noyb.eu/en/project/dpa/dpc-ireland
> Now that the mask has fully fallen, we have to take every step possible to root out American influence.
You have literal rogue states in your union that neutralize the entirety of it, as the above shows. It's a joke. The EU is a joke. A single country is enough to mean US tech can do whatever it wants, similarly a single other country is enough to mean Russia can largely do what it wants.
The others are of course in on it too. Which is why for all the empty EU talk on US big tech you've never heard them talk about the Irish DPA and what they all enable. Strange right? Would think that this would be a priority. But it shows that even if the rest weren't in on it, just one country would be enough. And it could even be a tiny place like Luxembourg.
Laws and regulations aren't worth the paper they're written on if they're not enforced. The current ones aren't enforced at all, why would any new ones be? Did you know that there was a long period where hosting European citizens' PII on US-controlled servers (like Amazon instances in Europe) was illegal, after the "Privacy Shield" was deemed unlawful? No one cared. Did you know that this is currently the case again, because the thing that replaced it has once again had its basis ripped out from under it by Trump? Once again, no one cares, and indeed EU governments and corporations are _still_ making migrations _to_ US clouds.
Not that it matters, within a few years RN will be running France and AfD will be running Germany and you don't have to pretend any more as the "mask will have fallen" just as much.
https://www.robpanico.com/articles/display/presence-derived-...
(posting link because it would be too much for a comment)
And a serious question: with deepest respect to the author for their extraordinarily impressive time and effort in this investigation... Why was this not already flagged by political reporters or investigative journalists? I'm not American so maybe I don't understand the media structure over there but it feels like SOMEONE should have been all over this way before it's gotten to the point described in this post.
one scary observation is that each year, less and less people care. at least, this is true among my students. plenty of them believe the 'protect the children' line and are more than willing to do whatever the government/big tech suggests. or they just shrug ("what difference would i make?").
for context, i teach at a college level, in tech. a few of my classes are from the cybersec program, one of the programs that should understand and care about the implications of bills like these, and even the majority of them do not care about this stuff anymore. they grew up with instagram and facebook and cameras everywhere. they grew up knowing that any little fuck up they have is recorded and posted online. they know that by the time they go to college, all of their data has already been leaked a few times. they never really had an expectation of privacy in the first place, so it just isnt a big deal.
as someone who interacts with this next generation of "hackers" on a daily basis... the concept of cypherpunk is gone. i got into this field because of my beliefs. they are going into this field because they want a chance at buying a house some day, and know that big tech has big bucks.
i am tired. and i recognize that this is exactly what they (lobbyists, meta, etc.) want! but i am tired and discouraged. more and more i find myself having to actively fight the urge to give up. i am not ready to give up just yet... but, i am sorry to say that as someone closer to retirement than i am comfortable admitting, i only have so much energy left.
But sometimes very few people can make a difference.
At least the author posted a link to the dataset in a comment so it survived:
https://github.com/upper-up/meta-lobbying-and-other-findings
No offline devices. Commercial vendors get your biometric data (and the equivalent of your driver's license / SSN). Every application on the OS can query your data.
If you think it stops with one bill, after they get all the infrastructure for this in place? You're fooling yourself. The whole point of this is to identify you, on every web page you visit, every app you open, on every device you own. Once bills are passed, it's very hard to get them revoked or nullified.
This is the most aggregious, authoritarian, Big Brother government surveillance system ever devised, and it's already law. I am fucking terrified.
(Yes, the EU has a less horrifying version of this. But Google, Apple, and Microsoft still control most of the devices in the world, and they are US companies.)
Because it's hopeless? It's been proven time and time again there's nothing the average person can do to fight this sort of thing.
It's just better to sit back and watch as everything gets ruined.
Instead of just creating a course that explains how to child-proof a device, we have to surveil everyone.
It's to save the kids.
We care about the kids. We don't bomb them.
Its like they want to keep being seen as the bad guys.
And responses to some common criticisms of the idea: https://news.ycombinator.com/item?id=46459959
I also forgot to mention in my original post that the token issuer is not a monopoly. Any company that wants to participate can do so, just like there are many brands of tobacco and alcohol. Require websites to accept at least 5 providers to ensure competition.
To be clear though if it's being used as wedge for privacy violation then it should not exist at all. And from reading TFA preventing that may need a similarly coordinated counter-effort.
Why?
Are you serious? Because this comment doesn't make it sound like you're serious.
EULAs and the like allow adults to simply click "I accept". That's apparently the way contracts work these days. Speaking of contracts: children aren't allowed to sign contracts. So those apps that children are using with EULAs? It's absurd to allow adults to simply click "I accept". We need to have "acceptance verification" laws to prevent this kind of abuse.
It's also absurd to allow children to simply enter a church. Churches teach dangerous thoughts. Have you read their books?! Those books have sex, murder, theft! Think of the children! There's many kinds of religions and we need to track the religion bracket of our children. It's absurd to allow a child to simply click "I am Christian." Nowhere else works like this. We need to have "religious verification" laws to prevent this kind of abuse.
What you want isn't conducive to a "high trust" society [0].
[0]: https://en.wikipedia.org/wiki/High-trust_and_low-trust_socie...
$70 million is chump change for Meta, yet is far more money than I’ll ever have and does so much to influence state legislation.
I remember from peak net neutrality discussions during trump 1 maybe around 2017-2018 ant saw an article on theverge.com (that cannot find now) and biggest sum to individual politician was around $200k, when median values were much much lower.
Politicians are selling tens of billions of dollars (if not hundreds of billions) worth of revenue to ISPs for couple or dozen million. Literally 1000x return on investment (if successful).
I remember local politician (I am not from US) got caught taking 100k bribe from a company for helping with alleged highway construction procurement. Project was valued ~1B - 10 000x return on investment (if they wouldn't have been caught).
[1] I am sorry, not "corruption", but "lobbying".
she ended up resigning in a scandal caused by her husband accepting a boat (or work on the boat..i don't remember). the scandal was caused by the amount of the bribe. it was too low. the Turkish people could understand some corruption, but to be able to bribe the top leader for $50k. Unacceptable. If it would have been $100 million, it would not have been a scandal.
The very last people you should trust when it comes to "protecting the children."
(Maybe some unspoken element of concern over social media bots, too - as they evolve from spamming copy+pasted comments to being near-indistinguisable from actual human accounts?)
Corporations literally buy the laws they want and Silicon Valley is the newest lobbying monster. Genuinely terrifying.
Digital-ID (Aadhar) was heavily pushed by USAID and other US-deepstate associates; the same with digital-money and the "demonetization". Bill Gates's org actively tests out things on actual humans like guinea pigs, before globalizing the "solutions". These days all of this is kind of redundant since the phone-number + verification has become essentially a necessity to live in the city in any part of world today.
The prev. Govt. had considered doing this "login with your ID or no internet" scheme (to "protect" people no doubt) back in 2012s - there were explicit statements about disallowing people who would not authenticate with Aadhar, but it was shelved (likely because of their unpopularity).
If our current "Dear Leader" were to propose this, I think a significant population would opt-in simply because of a sense of belonging to a hero-worship-cult.
The state is determined to ensure that every human be their slave.
https://news.ycombinator.com/item?id=47361235
https://github.com/upper-up/meta-lobbying-and-other-findings...
Psychology has a higher success rate...just tell them that their parents use it....
There are many systems where accuracy is loose and that is its core feature...for example postal addresses worldwide...I can a mistake in the address but the letter or package will still get there...
That's when you know the new world has begun.
The reason is that europeans have nothing to win from those "winner-take-all" platforms the US has built in the past decades. Europe has built zero of them.
It contributes very little to Europe's GDP or the overall being of the european. And in some cases, it eats Europe's GDP, moving economic activity back to the US. This is different than for Americans which big tech is a net-positive contributor to society in my POV, mainly because how much economic activity $ it generates.
Big techs provide huge paychecks and made a lot of people rich in the US, and most of its GDP growth in the last decade. But it's a double-edged sword.
They will make laws in favor of them in detriment of the average American, while minting more billionaries than Europe could ever dream of.
Europe will take a long time to get the digital revolution the US already did, but it'll mostly come from regulations and government initiatives. And will be net-positive for humans living in Euope, not for owners of corporations.
Which "most of Europe" would that be? Switzerland and handful of northern countries? Because it is definitely not Germany or several "you can't access half of the internet during times when twenty men kicking a ball on a field" southern states.
I don't see it as coincidence that with all these laws passing, suddenly he announces a secure, "controlled", "locked down" version of systemd. Why, RedHat and Ubuntu can simply drop in this new variant, pay a small fee, and be done with compliance.
And it snowballs, the more favorable laws someone buys, the more favorable their position, and the more they can buy in the future. The transition from "democratic facade" to "outright oligarchy" will be swift and seamless.
I want to open my wallet. It should be the top comment.
If everybody who cared to and lived in the affected districts called they would kill the bill just to clear their phone-lines.