this post was submitted on 06 Aug 2023
122 points (88.1% liked)

Asklemmy

43917 readers
1691 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

There are a lot of GOP-controller legislatures in the USA pushing through so-called “child protection” laws, but there’s a toll in the form of impacting people’s rights and data privacy. Most of these bills involve requiring adults to upload a copy of their photo ID.

you are viewing a single comment's thread
view the rest of the comments
[–] scrubbles@poptalk.scrubbles.tech 2 points 1 year ago (1 children)

which I think we all agree on. There are ways that we could enforce age verification (the best one so far is that the browser itself checks your age, then a website tells the browser that it must do an age check before loading, which then your ID is never transmitted or logged for these sites). But politicians don't want to think about that, they love this because it plays into their surveillance state.

[–] manpacket@lemmyrs.org 2 points 1 year ago (1 children)

(the best one so far is that the browser itself checks your age

How? As a user I want to have total control over my browser and Internet is an open platform - any browser should be able to view any website even though google is trying to change that with their DRM.

[–] scrubbles@poptalk.scrubbles.tech 1 points 1 year ago (1 children)

I don't know exactly but the two big things I've seen, and again I'm not the engineer of it or anything, but

  1. Your browser would have to implement some sort of 3rd party ID checker that the results could then be stored in a non-adaptable way (specifically parental controls I think would need to be set up), then when a site is loaded it reports to the browser the minimum age limit and the browser decides if you can see it or
  2. You could register your ID on a third party ID checker site that does not log data, only verifies that you are of age. Then on load websites could then check against this third party service to verify the user is 18+.

Know that yes this is a limitation of a browser, and that's why it's viewed as a compromise, a word that a lot of people have forgotten. None of us really want to have to prove it, but if there is a need to prevent children from accessing content (and tbh there is a need), then I'd rather have it be done in a privacy focused way.

[–] manpacket@lemmyrs.org 2 points 1 year ago (1 children)

So it's not your browser that checks your age but a third party. This raises a few questions:

  1. What kind of IDs are accepted? Say I have one issued by Singapore...
  2. How often should it check that a person that uses my browser is still me?

the browser decides if you can see it or

Yea, no. I decide, not the browser.

[–] scrubbles@poptalk.scrubbles.tech 1 points 1 year ago (1 children)

Again, 2 huge points I pointed out, I am not the developer or the privacy focused engineers who are putting forward these ideas, and again, compromise. The option of "I don't want to do it" may not be on the table anymore. If it's going to happen, it would be better to compromise and instead push a privacy focused approach.

[–] manpacket@lemmyrs.org 1 points 1 year ago (1 children)

The option of “I don’t want to do it” may not be on the table anymore.

For this to be on the table you need to convince all the browser manufacturers to implement it and close the sources so it cannot be undone by the users or forked. And remove all the earlier copies and sources Next you need to ban tools like curl or wget because they can pretend to be browsers. If you want something that can't be removed in reasonable time realistically you have to demand full web drm a-la Google but this means a bunch of older computers needs to be thrown away just because they can't use newer browsers and/or newer OS.

Now that we figured out what needs to be done on the client site - let's talk about server side. You need to convince every porn site out there to perform this check. A few more interesting things to think about - how many porn sites are out there? What to do with those that won't follow your proposal?

In short - from technical point of view if you really want to achieve "enforced age verification" - internet must become a very different, much more closed system.

[–] scrubbles@poptalk.scrubbles.tech 1 points 1 year ago (1 children)

I mean they're already doing that, there's already a handful of states that require porn sites check a user's ID before granting access, that's why I keep reiterating compromise, because it's already happening. And the version they're pushing is we hand over our ID to ever site which then of course would be subpoenable. So, again, I don't know why you're thinking these solutions are the bad ones, the bad ones are already in place and being used, they're just trying to roll it out nationwide now.

And again, I really feel like I keep repeating the same point over and over and over and over and over again, if it's going to happen, which they're really trying to push through and looks like they are going to, a compromise would be to at least have a privacy focused approach.

[–] manpacket@lemmyrs.org 1 points 1 year ago

a handful of states that require porn sites

A handful of states can require that, sure, but requiring is not enough. All the browsers and all the porn sites need to follow that and this is not going to happen

So, again, I don’t know why you’re thinking these solutions are the bad ones

If the goal is to make sure there's age verification for users of some porn sites with some web browsers - yea, you can totally achieve that. A workaround is a) switch the website or b) switch the browser. That's security theater though. Wastes time and money, fails to achieve the goal. If the goal is to make sure age is tested for users of all the porn sites for users of all browsers - this goal cannot be achieved without massive effort.

they’re just trying to roll it out nationwide now.

They have internet with porn in it in other nations :)