You can have age gating or you can have privacy. Same as you can have porn filtering or you can have privacy.
(NB: I am firmly opposed to any of this. The solution for parents concerned about their kids is parenting and parental controls, not giving authoritarians of all stripes the means to snoop and ban whatever they decide is obscene or troubling.)
Which makes sense- since exposing minors to pornography was a crime, and got even more illegal somewhere in that time frame, along with the web becoming "professional" (whitehouse top level domain mixup stories anyone?), the honest pornography sites all started self-regulating and asking if somebody is an adult before anything naughty gets shown.
Push from the different generation? Late boomers got very puritan with age, also see themselves as more moral, again with age.
There's no reasonable demonstration of harm and a very strong correlation between availability of pornography and a big reduction in sex crimes. The purported harms are due to blocking reasonable sex education, leaving teens with the equivalent of Hollywood being the only model of sex they see. The original study that was created to show the harms concluded they couldn't find any to anyone, even minors.
Here's an easy explanation.
Someone you don't like somehow gets voted into power and begins trying to enact changes towards a social group you belong to.
Building anonymous systems is one way to avoid Bad Actor X from having Big List Y, leading to Atrocity Z.
Having a really successful social network isn't a goal post, it's just a result.
Great -- it made a zillion dollars, meanwhile we've built the biggest leakiest information trove on individuals, for individuals to be exploited, ever imagined.
Yes, they just give megaphones to, and make bank on, the propagandists that are responsible for the current moral panic that's resulted in the US government discriminating against LGBT people.
These are the same companies that facilitated propaganda that led to hate and violence like this[1]. A deeper look with plentiful citations is here[2] from the Harvard Systemic Justice Project.
To give you an example that happened here in the US, a friend recently moved back to the city because his neighbors felt emboldened to constantly call him slurs on Facebook when they disagreed with him. He couldn't use local Facebook groups without bigots following him around and calling him slurs. They felt emboldened after this[3], knowing Facebook would do nothing about it. Discriminatory harassment over Facebook after their policy shift drove him from his own home. Facebook's policies allowed a community to successfully rid itself of a minority it didn't want to see or hear.
[1] https://www.pbs.org/newshour/world/amnesty-report-finds-face...
[2] https://systemicjustice.org/article/facebook-and-genocide-ho...
[3] https://www.nbcnews.com/tech/social-media/meta-new-hate-spee...
I'll be just fine, I don't suck at the teat of tech companies like some do.
The real question is what will you do when they come for you? Note that writing code and posting on the internet will get you nowhere.
Tech platforms are valued at billions of dollars because they found ways of convincing their users to give up anonymity. That has nothing to do with whether the anonymity was important.
A huge issue with the modern web is that everything is seen as a profit motive. I don't care how many billions of dollars tracking everything we do and tying it to our person is worth. I don't want it.
I live next to idiots with gigabit and guns, that’s why.
And anyway, they created a library (https://blog.google/technology/safety-security/opening-up-ze...) to make age verification not useful for identification but still real.
So… I’m sure you meant fingerprinting but presumably porn sites already do that?
If you are under 18 there is no checking to stop you from saying you are are 18+
The only people it seems might have their privacy slightly reduced are people under 18 who are using a computer or smartphone/tablet that had parental controls set up by presumably a parent or guardian before giving the minor access.
The bill requires that the parent be able to enter the minor's birthday or age in one place, and then provide a way that the age range (under 5, 5-10, 10-13, 13-16, 16-18, 18+) can be given to apps/sites if they ask for it.
Thus, if you are a minor using a device that was set up with parental controls and you try to use an app or site that is restricted, that app or site will find out your age range.
As a counter-point, where in the US has any law stopped teenagers looking at naughty things on the internet?
The data proves nothing about whether it works because it's a cultural problem far more than it is a means problem. They choose to go out in a blaze of infamy rather than be a nobody. They generally are planned long in advance, there's plenty of lethal things they can get their hands on.
1) Many sources seek to inflate the number of school shootings by counting incidents in which the school is only incidental, not the target. Think drug deal in the parking lot when school is out etc. And note that counting firearm deaths to minors counts mostly gang vs gang stuff.
2) It is almost certain that guns save more people in self defense situations than they take in all mass shootings (using the realistic test of public and indiscriminate targets--again, the numbers are inflated by things like gang fights), let alone just school shootings. (And, no, I do not believe Lott's numbers. He's way high and an awful lot of what he does count is deterred robbers and the like, where death was unlikely in the first place.)
Think: verify age without giving any other information. I've seen compelling stories against it, but the zero knowledge proof aspect is a fun thing to look in to.
https://blog.google/technology/safety-security/opening-up-ze...
Only with that attitude will it be.
What could possibly make it inevitable? We are either okay with those with authority forcing us to ID ourselves in some form or we aren't.
Although, a much more sensible alternative, would be to have parents (that do want the control) give their sons devices that send the "minor alert" signal, and have the services detect that.
(A) Under five years of age.
(B) At least 5 years of age and under 10 years of age.
(C) At least 10 years of age and under 13 years of age.
(D) At least 13 years of age and under 16 years of age.
It seems a menu, I wonder what could go wrong....
I'm still against age verification in general, but I don't think this particular bill warrants the massive outrage similarly being made lately about more serious age verification laws, as it does not require any facilities for actually verifying, well, anything.
https://trackbill.com/bill/california-assembly-bill-1043-age...
Summary reads to me as this bill requiring calls to an API to verify the user's age.
By simply asking for their age. There's nothing about requiring that the age is actually attempted to be verified as accurate at all. And the "age bracket" is specifically defined as nonpersonally identifiable information.
And it still gives no consequences for wrong/fake information.
Interestingly, they also define a "developer" simply as "a person that owns, maintains, or controls an application".
Wouldn't that inherently include all users of a computer in general?
To quote: requires a business that provides an online service, product, or feature likely to be accessed by children to do certain things, including estimate the age of child users with a reasonable level of certainty appropriate to the risks
"Reasonable level of certainty" requires some kind of attempt at verification. In Australia for example they allow facial estimation software (which I agree is not good, but it provides some kind of estimate the government is happy with)
> And it still gives no consequences for wrong/fake information.
Where are you seeing that?
To quote the bill:
> This bill would punish noncompliance with a civil penalty to be enforced by the Attorney General, as prescribed.
And:
line 17 A person that violates this title shall be subject
line 18 to an injunction and liable for a civil penalty of not more than two
line 19 thousand five hundred dollars ($2,500) per affected child for each
line 20 negligent violation or not more than seven thousand five hundred
line 21 dollars ($7,500) per affected child for each intentional violation,
line 22 which shall be assessed and recovered only in a civil action brought
line 23 in the name of the people of the State of California by the Attorney
line 24 General.> (2)(A) A developer that receives a signal pursuant to this title shall be deemed to have actual knowledge of the age range of the user to whom that signal pertains across all platforms of the application and points of access of the application even if the developer willfully disregards the signal.
> (B) A developer shall not willfully disregard internal clear and convincing information otherwise available to the developer that indicates that a user’s age is different than the age bracket data indicated by a signal provided by an operating system provider or a covered application store.
> (3)(A) Except as provided in subparagraph (B), a developer shall treat a signal received pursuant to this title as the primary indicator of a user’s age range for purposes of determining the user’s age.
> (B) If a developer has internal clear and convincing information that a user’s age is different than the age indicated by a signal received pursuant to this title, the developer shall use that information as the primary indicator of the user’s age.
https://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...
As long as they don't willfully disregard clear and convincing contradictory information from somewhere else the signal is good enough.
I could say "some kind of attempt" is merely asking the user if they are over 18. I see no language that says that's not good enough, especially appropriate to the "risks" of 98% of websites.
> Where are you seeing that?
The noncompliance is on the part of the site owner, not the user. It just means you must ask their age (bracket), it doesn't mean the user has to tell the truth.
>MPA urged state lawmakers to reject Wicks’ bill this week in a letter, obtained by POLITICO, claiming device-based age checks may sow confusion; for example, if parents and kids had separate Netflix profiles under one account that’s logged in on multiple devices.
To the point where I'm asking if someone needs some token opposition to frame this obvious bill a political win?
However, any system that just uses age is useless. They’re always excessively cautious, so you may as well just not provide access at all for kids between the ages of 6 and 12 or so, if that’s all you have.
No, block all + allow lists are still where it’s at. Please make those work better.
(If anyone knows the magic to make Minecraft [java] work with macOS allowlist-only network access, I’d love to know what it is. The fucking launcher wants to talk to a half-dozen bare IP addresses to work, and the addresses change seemingly every single launch, from a pool of what must be many hundreds, at least, it’s completely unusable)
This seems... not terrible? The typical counter-argument to any "think of the children!" hand-wringing is that parents should instead install parental controls or generally monitor what their own kids are up to. Having a standardized way to actually do that, without getting into the weirdness of third-party content controls (which are themselves a privacy/security nightmare), is not an awful idea. It's also limited to installed applications, so doesn't break the web.
This is basically just going to require all smartphones to have a "don't let this device download rated-M apps" mode. There's no actual data being provided - and the bill explicitly says so; it just wants a box to enter a birth date or age, not link it to an actual ID. I'm not clear on how you stop the kid from just flipping the switch back to the other mode; maybe the big manufacturers would have a lock such that changing the user's birthdate when they're a minor requires approval from a parent's linked account?
That said, on things like this I'm never certain whether to consider it a win that a reasonable step was taken instead of an extreme step, or to be worried that it's the first toe in the door that will lead to insanity.
Notably, a "covered app store" doesn't seem to need to be... a store. Any website or application that allows users to download software is covered. There's no exemption for non-commercial activity. So every FOSS repo and programs like apt are covered? The requirement is also that developers will request the signal. No scoping to developers that have a reason to care? So vim is covered? Sort? Uniq?
Honestly I can't believe big tech would go along with it. Most of their infrastructure seems like it would clearly be illegal under this bill. Either there's something extremely obvious I'm missing or every lawyer looking at this bill is completely asleep at the wheel.
"We can't allow side loading because that would be illegal in terms of age verification".
I would love to be wrong about this though.
> The requirement is also that developers will request the signal. No scoping to developers that have a reason to care?
I don't see that requirement. Here's the sum total of the developer's responsibilities (emphasis added):
> A developer with actual knowledge that a user is a child via receipt of a signal regarding a user’s age shall, to the extent technically feasible, provide readily available features for parents to support a child user with respect to the child user’s use of the service and as appropriate given the risks that arise from use of the application, including features to do all of the following:
> (A) Help manage which accounts are affirmatively linked to the user under 18 years of age.
> (B) Manage the delivery of age-appropriate content.
> (C) Limit the amount of time that the user who is 18 years of age spends daily on application.
It would be nice if it had specific carve outs for things that aren't expected to interact with this system, but it seems like they're leaving it up to court judgment instead, with just enough wiggle room in the phrasing to make that possible.
If your application doesn't have a concept of "accounts", then A is obviously moot. If you don't deliver age-inappropriate content, then B is moot. The only thing that can matter is C, but I'd expect that (a) nobody is going to complain about the amount of time their kids are spending on Vim and (b) the OS would just provide that control at a higher level.
> (b) (1) A developer shall request a signal with respect to a particular user from an operating system provider or a covered application store when the application is downloaded and launched.
> (b) If an application last updated with updates on or after January 1, 2026, was downloaded to a device before January 1, 2027, and the developer has not requested a signal with respect to the user of the device on which the application was downloaded, the developer shall request a signal from a covered application store with respect to that user before July 1, 2027.
Application developers are required to request an age signal from the operating system.
> (c) “Application” means a software application that may be run or directed by a user on a computer, a mobile device, or any other general purpose computing device that can access a covered application store or download an application.
So applications are any program that runs on any computer with the capability to install software from an online source. Ergo, a program like `sort` must request an age signal when it runs.
The bill is clearly thinking in terms of the two big phone monopolists while ignoring computers that are meant to act as useful tools (which contain thousands of programs from tens of thousands of authors and which have no business caring about what "store" they came from or what date they were installed on or anything about the user running them), but it explicitly says it applies to general purpose computers.
A massive improvement would be to say this only applies when there is an actual commercial store involved, and only place requirements on developers to do something if they would have some other requirement they need to comply with. And also realize that lots of applications are not meant to have the user there the whole time. How are batch jobs or interpreters like `python ` that you might leave running overnight on a job supposed to deal with the time limit? This bill is entirely focused on toys at the expense of computers. It should just place requirements on the actual companies that are causing the issues (social media/adtech, porn, gambling games, etc.)
Your store doesn't distribute social media apps, gambling, porn, etc. and just has things like text editors, music players, PDF readers, etc? No requirements should be needed. You develop a workout tracker? No requirement should be needed.
Thats actually reasonable. Does not personally identify anyone, can be opted out of as easily as those "i am over 18" buttons. The only freedom being lost is by minors to their parents, which is already how things work. I like this
anenefan•4mo ago
klysm•4mo ago