What's wrong with EU age verification? (Nothing)(blog.vrypan.net) |
What's wrong with EU age verification? (Nothing)(blog.vrypan.net) |
I am not worried for myself and for others who are technically inclined, we will just silently find and implement solutions for ourselves and any others who have the energy and inclination to use them. This is worst, as usual, for the most vulnerable among us. Those most in need of the information which they will not be able to access. Every freedom comes with risks and responsibilities, freedom of information maybe more than any, but the harms of limiting information are much more unacceptable than any caused by its unhindered natural flow. You can propagandize and scheme to your hearts content. You can lobby your governments to implement your halfbaked schemes. But in the end it won't work... Because people like me and millions of other will just not comply. We will build our own networks if need be, but we will do just about anything rather than accept your terms.
For adults.
There is information and images that are developmentally harmful to children. As the author says, this is no different from drugs, alcohol, tobacco, or gambling.
If you can’t understand that, you either don’t have children, have a screw loose, or are a child predator.
Firstly lets be honest to ourselves, who gives kids access to alcohol? It is the parents ultimately. You cannot freely access alcohol in public without a venue offering it, but at home a parent can choose if and how much alcohol their kids have access to. Typically kids who have alcohol in public had taken it from home. There are societal morals that rightfully we consider reckless depending on how much access you give your kids to alcohol.
Now replace the word alcohol with 'the internet' in the last paragraph. The internet is already moderated for kids, they cannot buy access to it, and it is the parents responsibility to manage that. Since when did this change to being the governments job to dictate this moral and its implementation.
Parents just need the right tools to properly moderate their kids access, some of us had this from our parents decades ago with software managing content and time on the internet, I doubt these tools disappeared. The government should be facilitating programs like this. The cost would be substantially less and entirely opt-in, as it should be.
I as a parent should be able to put my kids device into a parental mode that allows me to manage what they have access to and for how long, the same way the Nintendo Switch works. I should be able to control the content my kids sees, not the government. The government can help me enable this across industry without forcing the world into an authoritarian regime using the vile of keeping kids safe.
“Anyone who disagrees with me is either ignorant, insane, or evil.”
Ad Hominem
This is not helpful, don't do it. GP likely has to suppress the urge to call you a stalinist.
GP comment made it clear that they are a free-internet absolutist. You can make no conclusions beyond that.
Absolutism is daft; attack that, if you must.
> When children are very young, parents can set strict boundaries. But as kids move into their teens, parents also have an obligation to loosen them. Teenagers need spaces where they can act independently, make decisions, and talk to others — where they can learn to navigate the world without a parent looking over their shoulder.
You are still responsible. If you allow your child more freedoms, you are still responsible if something bad happens. Your choice to loosen your parenting shouldn't become everybody else's problem. Some parents for example allow children to try a small quantity of alcohol - if your child is suddenly found drunk, they shouldn't ban alcohol for sale everywhere.
I would go the other way, if it's found as a parent that your child is drinking, smoking, etc, then this carries punishments for the parents. I think it should also be punished if they are found accessing online services targeted at adults.
> The digital version is the same idea, with cryptography. An authorized issuer verifies your age once and issues a signed credential:
Sounds great, but there is a clear agenda for digital IDs that 'they' are trying to shoehorn in with this "protect the kids" thing. They tried rolling it out digital IDs in the UK in 2006 [1].
As I said the other day, what really makes me suspicious is that most Western countries suddenly have the same idea at the same time. This isn't just some random politician wanting to protect children, this is an international concerted joint effort to roll out a form of mass censorship.
> So instead of fighting a system that is built to preserve privacy, we should be fighting to put the right checks in place — the ones that guarantee the implementation actually honors it.
The objective is the system itself. Once there is a control in place to stop you accessing these services/systems, changing the exact unlocking procedure is trivial and can be done gradually. We'll all just be frogs in slowly boiling pots.
The same applies online/digitally except that you can very likely distribute the same ID to many minors without getting a new one allocated.
I’m in the “we should protect kids online” camp, but I am not sure there’s a real way to do it without compromising privacy for everyone.
Parent have an obligation to loosen the restrictions, and, what, the government has obligations to tighten them and deprive them of the spaces where they can act independently?
I don't care to talk about the premise itself. This reasoning is absurd.
Guess who is heavily using social media today and unreflectively repeats fake news.
> Here is cryptographic proof that I hold a valid credential proving I am over 18. You can verify the proof, but you learn nothing about who I am.
Is this true though? I am genuinely interested as I haven't looked into the details, but must the user not at least also disclose who the issuer of the credential is so the verifier can verify it against a public key? This also reveals at least the nationality of the user and could be misused to block access to foreigners using VPN.
Can they also provide other ZKPs? Specifically to attest that someone is a unique human being? Humanity verification is incredibly important to fight against propaganda online[1]
1 - https://blog.picheta.me/post/the-future-of-social-media-is-h...
The author described a narrow path that provides "kid safety in the internet" without sacrificing the general population privacy.
Is it technically possible to implement the way he suggests? Yes. Will it be implemented that way? No.
There are people who can affect the way this verification will be implemented who are genuinely interested in more surveillance, heck, remember chat control that is an ongoing fight in a very similar vein, there is a global desire in politicians to get more control over the communications.
To me the author seems either naive or straight up malicious.
I actually don’t think it is. Fundamentally this kind of certificate is going to be revocable. It’s untenable politically to hand out irrevocable attestations that can be handed off to minors. If you allow that, the system has failed to prevent minors from accessing adult materials, and if you don’t then the system has failed to preserve privacy.
> To me the author seems either naive or straight up malicious.
I think just naive.
Maybe the EU knows it's untenable and is still moving forward because they will be able to demonstrate to the public that privacy enables abuse, creating pretext to make the system not private anymore after it's already been implemented.
And just like in those cases, what is to prevent someone who is of age giving their ID to someone underage?
If you handed over your id, and the person checking it made a photocopy and handed it to a police officer who put it in a file in a briefcase they carried, you might feel differently.
No scheme is going to issue cards/tokens that can be traded between people, that's obviously unworkable.
Untraceable is for the consumers of the cards obviously, but in order to have trust they need to be traceable for somebody to verify them. The government can already determine who you are and already requires you to prove that at certain points, this is not a new invention of government it is required for governments to function.
If you put an id on the card, then it’s a layer of indirection, but you’ve still handed them a unique personal identifier.
Traceable credentials are fundamentally not privacy preserving, because that’s what traceable means.
This system is good for a bunch of reasons:
* It gives parents control such that they can tailor the experience to their kids. This is a problem with current proposals.
* It doesn't bring identity into the mix at all, completely defusing the risk of mass surveillance.
* It's easy to verify if adult sites are complying: hit them with a curl request containing the header, check the response. This is much easier that verifying that Discord is checking user ages properly using their face-scanning technology.
This “it’s the parents job” is also reductionist. It is, but somehow we still have made it illegal for minors to buy hard liquor and pornography from physical stores in the United States and few argue that restriction is wrong.
We have many place in real life where we already have to prove our age or identity but somehow the internet should be excluded
I actually don't have to show my ID when I buy alcohol because I'm old. There's a material difference between an electronic record being submitted, passed through and stored on several different servers, and somebody seeing you and seeing a grey beard and saying, yeah, you can buy that beer. The worst case scenario in real life is that the bouncer at the bar looks at your ID, seems real enough, checks the date, matches the picture, and that's it. There is no record being stored, there is no log. It's not equivalent to the vast majority of online age verification mechanisms in use today.
Today I can walk into a shop and buy alcohol without showing my ID.
I can also walk into my local library and read any book I wish to, some with adult themes. I could do this as a teenage too. I also did this in my own school library.
Demanding to see ID to access online content is a terrible idea and it is the parent's responsibility to look after children. It should be an understanding between the parent and child on what they should be accessing online. If that breaks down then the parent should do their job of being a parent. Take the device away and punish the child.
That is beside the point. I'm talking about the incoherent argument about a parent's supposed obligation to stop parenting and the government taking over. There are three premises here asserted by the author: 1) the child's need for independence, 2) a parent's duty to stop parenting, and 3) the government stepping in. Number 1 is contrary to 3, and I don't agree with either 2 or 3. What do you think?
The government does not get to put child locks on my liquor cabinet, or even keep me from leaving booze out on the counter. They get to restrict businesses from selling to people without identification. Note that this has already always been the case on the internet, too.
If you ever talked to a parents with children in elementary schools, you will quickly learn that nearly every one of them had been given an online porn, gambling, gaming, social media device by their school. This is not hypothetical.
What happens when your child’s school or library doesn’t restrict the devices they give your child when outside of your home? What happens when predators infest children’s games and platforms you expected to be safe? What happens when your idea of safety doesn’t align with the platform holder?
That existing physical ID is government issued, has an issue no, usually has a photo on it, often other biometrics nowadays, and is definitely traceable!
Absolutely such a proposal cannot be fully privacy preserving, because at the very least it gives away your age, but also probably other identifiers.Just like your browser that you're using right now gives away a lot of information which advertisers use to fingerprint you like fonts etc. This sort of solution requires a central issuer/authority to know about the tokens, there's no way round that as there is no way round governments issuing passports if you want border control.
The goal is that it'll preserve much better privacy than uploading passports etc to random websites, which I think it will.
However, you can buy fake IDs online, and the IDs are reportedly beating those machines. So if you trust the machine for age-verification, you might let in underage people.
We’ve seen this play out dozens of times. School boards will say no book should be banned and then a parent tries to read a book from their child’s school library during open comment and their mic is shut off while the board shrieks in horror.
That’s OK! Children are not adults. They haven’t developed the executive function or mental guards to deal with all content. As adults we protect them from things. Information is no different.
At least I gave some options.
I'm not saying the government shouldn't do anything, they should and it should probably involve legislature around social media that positively affects adults as well. But raising a child, teaching it what's dangerous and what's safe and developing a relationship of trust so you're aware when there's danger lurking, that's a parent's job. No amount of legislation will help neglected children. They're tiny, curious, ingenious humans who will find ways to get what they want.
I agree nothing will replace parenting. The children who do drink themselves into comas are largely enabled by adults (who are also generally committing a crime). But there is harm reduction the government can and probably should do.
I have to say, as much as I think the article author here is naive, I also have to wonder if the net positives outweigh the net negatives. Uploading an id and face scan to a pornography site seems like the worst of all possible scenarios. Getting a government issue credential is better than that at least.
By having a discussion about privacy we’re already saying some information _must_ be kept confidential.