and if you have internet access without paying, that means someone else is legally responsible for your access
"problem solved" ?
I'm not for these draconian age verification nonsense, but this isn't a valid argument.
This is the way it works with e.g. alcohol and cigarettes, most places. Famously kids can just get a beer from a random fridge and chug it, but someone 16/18/21+ will be responsible and everyone seems mostly fine with this.
No, that's not the case.
just like you already are responsible for what happens on your free public network (torrenting, hacking, CSAM, etc.) in most jurisdictions
(for what its worth, i think age verification is dumb. but it looks like we're getting it one way or the other)
Is it bypassable by a sufficiently determined child? Yes, but so it is the current age verification nonsense.
I think most people are aligned here, and that an internet without identification is inevitable whether we like it or not.
Like everything else in society, there are tradeoffs here, I'm much more concerned with the damage done to children's developing brains than I am to violations of data privacy, so I'm okay with age verification, however draconian it may be.
If it's a concern, parents can prevent or limit their children's use. If all this were being done to prevent consistent successful terrorist attacks in the US with tens of thousands of annual casualties, I'd say okay maybe there is an unavoidable trade-off that must be made here, but this is so absurd.
Our middle child (aged 12) has an Android phone, but it has Family Link on it.
Nominally he gets 60 mins of phone time per day, but he rarely even comes close to that, according to Family Link he used it for a total of 17 minutes yesterday. One comes to the conclusion that with no social media apps, the phone just isn't that attractive.
He seems to spend most of his spare time reading or playing sports...
Just one of the many joys of parenting :)
Plus what you're asking would require international id verification for everyone, which would first mostly make those IDs a lot cheaper. But there's a second negative effect. The organizations issuing those IDs, governments, are the ones making the bot armies. Just try to discuss anything about Russia, or how bad some specific decision of the Chinese CCP is. Or, if you're so inclined: think about how having this in the US would mean Trump would be authorizing bot armies.
This exists within China, by the way, and I guarantee you: it did not result in honest online discussion about goods, services or politics. Anonymity is required.
Identification fixes nothing here, you log with your account, plug in the AI.
The problems with social media have nothing to do with ID and everything to do with godawful incentives, the argument seems to be that it's a large price to pay but that it's worth it. Worth it for what? The end result is absolutely terrible either way
Why? Like, what makes you think that?
Why don't we have PKI built in to our birth certificates and drivers licenses? Why hasn't a group of engineers and experts formed a consortium to try and solve this problem in the least draconian and most privacy friendly way possible?
At any point they can tell a real human what they can and can't say, and if they go against their masters, their "real human" status is revoked, because you trust the platform and not the person.
If we want to go full conspiritard, we could accuse those of wanting to control speech to be the financial backers of those flooding social media with AI slop: https://www.youtube.com/watch?v=-gGLvg0n-uY -- this fictional video thematically marries Metal Gear Solid 2's plot with current events: "perfect AI speech, audio and video synthesis will drown out reality [...] That is when we will present our solution: mandatory digital identity verification for all humans at all times"
2) Your point is valid. I too want to know whether I am engaging with a bot or a person. This is impossible now and it will be impossible once ID check becomes ubiquitous.
3) I will be happy to see (or not) a blue checkmark by the profile name. Just like in Twitter. That's enough.
No we do not.
>I don’t want to live in a world where the average person unknowingly interacts with bots more than other individuals and where black market actors can sway public opinion with armies of bots.
That is not the argument for identification on many places on the internet. It's not even the argument that the gov reps pushing it typically make. And why would it be. The companies that go along with all this don't want to get rid of all bots and public opinion campaigns. They make money off of many of those.
Look at the facebook real name policy.
So there is absolutely no way to change that and give out IDs from the age of 14? You can already get an ID for children in Germany https://www.germany.info/us-de/service/reisepass-und-persona...
This is a problem that has to be solved by the government and not by private tech companies.
This is a lazy cop out to say "we have tried nothing and we are all out of ideas"
(This is a genuine question) please could you describe the underlying problem that age verification is attempting to solve?
If governments want to require private companies to verify ages, those same governments need to provide accessible ways for their citizens to get verification documents, starting from the same age that is required.
To regulate access to addicting material. This is done in the physical world - why should digital be lawless when it applies to the same human behaviors?
I've been addicted to a lot of digital media parts in harmful ways and I had the luck and support to grow out of most of it. A lot of people are not that lucky.
The latter may not be great, but eating potato chips all day also probably isn't, and I don't think the government should outlaw minors eating potato chips. Plus it's variable: some get positive, educational, pro-social, productive outcomes from social media and some don't. Gambling is always bad in the limit.
A simple rule could probably be that if a website can make you lose over $200 of real money, it should probably require age verification. I don't see why other things should.
The cynic in me says that's not why governments want identity confirmation for gambling websites. It's so you can't dodge the taxman
You could buy 19 gallons of milk for that money (80 liters).
Another example where this plays a role are voter registration and ID requirements for voting in the US. It is entirely bizarre to me how these discussions just accept it as a law of nature that it's expensive and a lot of effort to get an ID. This is something that could be changed.
There are options that don't involve any ID uploads whatsoever.
For example, with a German ID you can provide proof that you are older than 18 without giving up any identifying information. I mean, nobody uses this system at the moment, but it does exist and it works.
If that happened in the US, Republicans would then:
1. Insist that non-white children carry ID at all times
2. Operationalize DHS and ICE to deport non-white children to foreign concentration camps.
For age verification specifically, the only information that services need proof of is that the users age is above a certain threshold. i.e. that the user is 14 years or older. But in order to make this determination, we see services asking for government ID (which many 14-year-olds do not have), or for invasive face scans. These methods provide far more data than necessary.
What the service needs to "prove" in this case is three things:
1. that the user meets the age predicate
2. that the identity used to meet the age predicate is validated by some authority
3. that the identity is not being reused across many accounts
All the technologies exist for this, we just haven't put them together usefully. Zero knowledge proofs, like Groth16 or STARKs allow for statements about data to be validated externally without revealing the data itself. These are difficult for engineers to use, let alone consumers. Big opportunity for someone to build an authority here.
They don't care whether you are 14 or not. They want your biometrics and identification. "Think of the children" is just a pretense.
like most proposed solutions, this just seems overcomplicated. we don't need "accessible cryptographic infrastructure for human identity". society has had age-restricted products forever. just piggy-back on that infrastructure.
1) government makes a database of valid "over 18" unique identifiers (UUIDs)
2) government provides tokens with a unique identifier on it to various stores that already sell age-restricted products (e.g. gas stations, liquor stores)
3) people buy a token from the store, only having to show their ID to the store clerk that they already show their ID to for smokes (no peter thiel required)
4) website accepts the token and queries the government database and sees "yep, over 18"
easy. all the laws are in place already. all the infrastructure is in place. no need for fancy zero-knowledge proofs or on-device whatevers.
to go on tiktok, you enter a UUID once onto your account, and thats it. the only person that sees your id card is the store clerk that glances at the birth date and says "yep, over 18" when you are buying the "age token" or whatever you want to call it. no copies of your id are made, it cant be hacked, theres no electronics involved at all. its just like buying smokes. theres no tie between your id and the "age token" UUID you received.
theres no fanciness to it, either. itd be dead simple, low-tech, cheap to implement, quick to roll out. all of the enforcement laws already exist.
>Why should I have to share more than required?
you shouldnt. having to prove age to use the internet is super dumb. but thats the way the winds are blowing apparently. if im gonna have to prove my age to use the internet, id much rather show my id to the same guy i buy smokes from (and already show my id to) than upload my id to a bunch of random services.
No matter what the actual mechanism is, I guarantee they will insist on something like that.
if the goal is "surveil everyone using the internet", yes, very obviously my proposal would not be selected, and you will have to upload your id to various 3rd-party id verifiers.
As it is we're seeing companies capture IDs and face scans and it's incredibly invasive relative to the need - "prove your birth year is in range". Getting hung up on unlinkable sessions is missing the forest for the trees.
At this point I think the challenge has less to do with the crypto primitives and more to do with building infrastructure that hides 100% of the complexity of identity validation from users. My state already has a gov't ID that can be added to an apple wallet. Extending that to support proofs about identity without requiring users to unmask huge amounts of personal information would be valuable in its own right.
Your crypto nerd dream is vulnerable to the fact that someone under 18 can just ask someone over 18 to make an account for them. All age verification is broken in this way.
There is a similar problem for people using apps like Ubereats to work illegally by buying an account from someone else. However much verification you put in, you don't know who is pressing the buttons on the screen unless you make the process very invasive.
An 18-year-old creating an account for a 12-year-old is a legal issue, not a service provider issue. How does a gas station keep a 21-year-old from buying beer for a bunch of high school students? Generally they don't, because that's the cops' job. But if they have knowledge that the 21-yo is buying booze for children, they deny custom to the 21-yo. This is simple.
They don't? Teenagers can easily get their hands on alcohol... you just need to know the right person at school who has a cool older brother. If their older brother is really cool they can get weed too!
The police absolutely do not have the time to investigate the crime of making a discord account for someone.
Governments (and a few companies) really want this.
The cynic in me fears they don't want a privacy-preserving solution, which blinds them to 'who'. Because that would satisfy parents worried about their kids and many privacy conscious folks.
Rather, they want a blank check to blackmail or imprison only their opponents.
"Citizens will be on their best behavior, because we’re constantly recording and reporting everything that is going on" - Larry Ellison
(I seem to recall from the context of the quote, he isn't saying this is the future he wants, but it's a future he's not particularly opposed to)
But the real threat is "accidental" database leaks from private websites. Let's say you live in a state where abortion isn't legal, and you sign up for a web forum where people discuss getting out-of-state abortions. As soon as that website is required to collect real names (which it will be), it becomes unusable, because nobody can risk getting doxxed.
When I challenged him on his rhetoric, my comment INSTANTLY disappeared. I thought maybe it was a fluke, so I tried again, and the next comment insta-disappeared also.
Soon thereafter I was locked out of the account and asked to provide a "selfie" to confirm my identity. (I declined.)
"Real" user verification is a wet dream to googlr, meta, etc. Its both a ad inflation and a competive roadblock.
The benefits are real: teens are being preyed upon and socially maligned. State actors and businesses alike are responsible.
The technology is not there nor are governments coordinating appropiate digital concerns. Unsurprising because no one trusts gov, but then implicitly trust business?
Yeah, so obviously, its implementation that will just move around harms.
Is that really evidence of astroturfing? If we're in the middle of an ongoing political debate, it doesn't seem that far fetched for me that people reach similar conclusions. What you're hearing then isn't "astro-turfing" but one coalition, of potentially many.
I often hear people terrified that the government will have a say on what they view online, while being just fine with google doing the same. You can agree or disagree with my assesment, but the point is that hearing that point a bunch doesn't mean it's google astroturfing. It just means there's an ideology out there that thinks it's different (and more opressive seemingly) when governments do it. It means all those people have a similar opinion, probably from reading the same blogs.
But I don't think we need 99.99% confidence -- isn't even acknowledged that 30% of twitter is bots or something? I think it's safe to conclude there's astroturfing on any significant political issue.
Also as far as documented cases, there were documented cases of astroturfing around fracking [1], or pesticides [2]
1. https://journals.sagepub.com/doi/10.1177/2057047320969435 2. https://www.corywatson.com/blog/monsanto-downplay-roundup-ri...
How do you suppose it is that millions of people, separated by vast geographic distances, somehow all reach similar conclusions all at once?
Related: How do you suppose it is that out of 350-700+ million people (depending on whose numbers you believe), there's always only two "choices" and both of them suck?
This is true of basically any issue discussed on the internet. Saying it must be astroturfing is reductive
Things that didn't seem likely to have broad support previously, now are seen as acceptable. In the 90's no one could envision rounding up immigrants. No one could envision uploading an ID card to use ICQ. No one could envision the concept of DE-naturalization or getting rid of birthright citizenship.
Today, in the US for instance, there are entire new generations of people alive. And many, many people who were alive in the 90's are gone. Well these new people very much can envision these things. And they seem to have stocked the Supreme Court to make all these kinds of things a reality.
All because the rest of us keep dismissing all of this as just harmless extreme positions that no one in society really supports. We have to start fighting things like this with more than, "It's not real."
Both Clinton and Obama deported way more people than Trump.
You are correct. Further, I suggest that Democrats and Democrat-controlled media cultivate a delusional worldview which allows their supporters to ignore the right-wing brutality consistently and continually imposed by Democrat leaders.
How do you feel about the second Trump admin's nationwide, made-for-TV DHS/ICE siege?
Never take TV seriously.
The key mistake is even watching it in the first place.
"If you don't read the newspaper, you're uninformed. If you do read the newspaper, you're misinformed." - Mark Twain
I love the quote, thanks for sharing.
And Clinton only deported 2 million across his entire 8 years in office. With a laser focus on convicted criminals as part of a war on drugs. (Now the efficacy of the old "War on Drugs" can be argued, but the numbers can't. We have the records.)
I think you're conflating the number of "returns", defined in the 90's as people who were not allowed to enter at the border; and "deportations", defined in the 90's as people who were in the US, and then we put on a plane back out of the US. IE - "Returns" were people who showed up at the border, sea port, airport or border checkpoint; asked to get in, and we said no. Basically, the nice people.
What you mean is that Clinton simply didn't let anyone into the country. This is true. (Again, we have the records. Clinton refused entry to the US more than any president in US history.) He didn't, however, round up immigrants living in the US on this scale and deport them like we're seeing today. People would never have allowed for that.
To put numbers on it, Trump is on year 5, and has already processed more formal removal orders than Clinton did by year 8. Not only that, voluntary removals were near non-existent under Clinton in the 90's. Today, for just this year alone, they sit at around 1.5 million.
Interesting. Are you saying all the concerns raised by the proponents of ID verification are invalid and meritless? For example,
1. Foreign influence campaigns
2. Domestic influence campaigns
3. Filtering age-appropriate content
I’m sure there are many other points with various degree of validity.
Instead it would be more appropriate to let sites pass headers, such as "we have adult content", thst you could filter on the network or client side. It's still voluntary, of course. Anyone will just visit sites that don't have the checks if necessary.
How do you know what is "shared talking points" vs "humans learning arguments from others" and simply echoing those? Unless you work at one of the social media platforms, isn't it short of impossible to know what exactly you're looking at?
Groups of people who wake up at the same time of the day often have a tendency to be from a similar place, hold similar values and consume similar media.
Just because a bunch of people came to the same conclusion and have had their opinions coalesce around some common ideas, doesn't mean it's astroturfing. There's a noticeable difference between the opinions of HN USA and HN EU as the timezones shift.
The site guidelines ask users to send those to us at hn@ycombinator.com rather than post about it in the threads, but we always look into such cases when people send them.
It almost invariably turns out to simply be that the community is divided on a topic, and this is usually demonstrable even from the public data (such as comment histories). However, we're not welded to that position—if the data change, we can too.
I also think the FUD they've succeeded in creating around the use of LLMs for code generation (there's a portion of the management class that seems to genuinely believe that Claude Code is AGI) is the greatest marketing operation of our lifetimes.
1. Automatic shaping of online community discussions (social media, bots, etc)
2. Automatic datamining, manipulating and reacting to all digitally communicated conversations (think dropping calls or MITM manipulation of conversations between organizers of a rival poltical party in swing districts proir to an election, etc. CointelPro as a service)
3. Giving users a new UI (speech) with which they can communicate with computer applications
I think a lot of the younger generation supports it, actually. They didn't really grow up with a culture of internet anonymity and some degree of privacy.
I still haven't read any truly compelling argument, why this type of surveillance is actually effective and proportionate.
This conflicts with my concerns about government crackdowns and the importance of anonymity when discussing topics that cover people who have a monopoly on violence and a tendency to use it.
So it's not entirely a black/white discussion to me.
I mean, this is _literally the only thing needed_ for the Trump admin to tie real names to people criticizing $whatever. Does anyone want that? Replace "Trump" with "Biden", "AOC", "Newsom", etc. if they're the ones you disagree with.
Stop trying to reason with fascists.
Everyone in the world knows that the Democrats you named are too ideologically aligned with right-wing hatred to ever leverage the repressive power of the state apparatus in the same way Republicans do.
The underlying internet should remain anonymous. People should remain able to communicate anonymously with consenting parties, send private DMs and create private group chats, and create their own service with their own form of identity verification.
* All big services are unlikely to require ID without laws, because any that does not will get refugees, or if all big services collaborate, a new service will get all refugees.
I've seen people post appalling shit on fuckin LinkedIn under their own names.
Strong moderation keeps Internet spaces from devolving into cesspools. People themselves have no shame.
When you’re older and have children—especially preteens and teenagers—you want those barriers up, because you’ve seen just how fucked up some children can get after overexposure to unhealthy materials and people who want to exploit or harm them.
It’s a matter of perspective and experience. As adults age, their natural curiosity evolves into a desire to protect their children from harm.
And you don't mind that freedoms of all of us would be restricted as a result?
And then, we keep blaming boomers for those restrictions.
Usually the people who say things like that really just want to restrict everyone's freedoms. Everything else is just bluster.
You may be failing to comprehend the concept of "freedom".
I'll get my simpleminded ass out of here leave this discussion to the scientists.
If you think only "political scientists and lawyers" have to decide what a freedom is, you have quite a totalitarian mindset.
If you have some arguments, pray tell. "I'm the smartest guy here" is not an argument. It's just something an NPC would say when they run out of arguments.
PS: This is not ad hominem. It's a dismissal of your claim of authority.
As for "freedoms," you're not free to vote or drink alcohol below a certain age. And before the internet, minors couldn't purchase pornography, either. Some people perceive this change as a return to normal, not an egregious destruction of freedom.
I think the solution we really need is age verification for table saws. Of course, it goes without saying that the saw should also monitor the user's cuts to make sure they're connected with the right national suppliers who can supply material to meet their needs, and to ensure that you aren't using the saw to cut any inappropriate materials from unregistered sources.
The door is over there, bozo. Take the baby out with the bathwater as you leave. -->
I am not talking about pornography or alcohol at all.
I hope you are aware that requiring an ID to surf the internet leads to total censoring and self-censoring of the complete internet. There goes your privacy, anonymity, and right to free speech.
If your country's regime really wanted to address pornography or alcohol, I'm pretty sure they would be able to shut it down without requiring everyone's identity. The issue is, they are just using these topics to manipulate people, and you are failing to that trap.
Who's proposing this? I don't want to argue over a straw man.
You mean that you shirk your responsibility to teach your child how to protect themself on the Internet, and instead trust the faceless corp to limit their access at the cost of everyone's privacy? How does this make sense...
What remains to be seen is if the outcome of teenagers becoming social pariahs is really worse than the alternatives.
Tons of data also showing higher suicide rates, depression rates, eating disorders etc. so it's not as if there is no good side to this.
Here is the data:
https://www.cdc.gov/mmwr/volumes/66/wr/mm6630a6.htm
and the more recent data:
https://afsp.org/suicide-statistics/
I was a child of the 90's, where the numbers were higher, where we had peak PMRC.
> depression rates
Have these changed? Or have we changed the criteria for what qualifies as "depression"? We keep changing how we collect data, and then dont renormalized when that collection skews the stats. This is another case of it, honestly.
> eating disorders
Any sort of accurate data collection here is a recent development:
https://pmc.ncbi.nlm.nih.gov/articles/PMC7575017/
> never ending cat and mouse game with my kids (especially my son)
Having lived this with my own, I get it. Kids are gonna be kids, and they are going to break the rules and push limits. When I think back to the things I did as a kid at their age, they are candidly doing MUCH better than I, or my peer group was. Drug use, Drinking, ( https://usafacts.org/articles/is-teen-drug-and-alcohol-use-d... ) teen pregnancy are all down ( https://www.congress.gov/crs-product/R45184 )
I dont think they want to figure it out. They think the internet should be stagnant unchanging and eternal as it currently exists because it makes the most money. If you disagree you're either a normie, bot, or need to parent harder or something. There is nothing you can do don't dare try to change it.
Realizing that much of the internet is totally toxic to children now and should have a means of keeping them out is distinct from agreeing to upload ID to everything.
A better implementation would be to have a device/login level parental control setting that passed age restriction signals via browsers and App Stores. This is both a simpler design and privacy friendly.
At least here in US: Google/Apple device controls allow app to request whether user meets age requirements. Not the actual age, just that the age is within the acceptable range. If so, let through, if not, can't proceed through door.
I know I am oversimplifying.
But I like this approach vs. uploading an ID to TikTok. Lesser of many evils?
- Governments benefit from easier monitoring and enforcement.
- The advertising industry prefers verified identities for better targeting.
- Social media companies gain more reliable data and engagement.
- Online shopping companies can reduce fraud and increase tracking.
- Many SaaS companies would also welcome stronger identity verification.
In short, anonymity is not very profitable, and governments often favor identification because it increases oversight and control.
Of course, this leads to political debate. Some point out that voting often does not require ID, while accessing online services does. The usual argument is that voting is a constitutional right. However, one could argue that access to the internet has become a fundamental part of modern life as well. It may not be explicitly written into the Constitution, but in practice it functions as an essential right in today’s society.
Do you think strip clubs and bars should stop IDing people at the door? I don't. Why should porn sites be any different?
The principle of online ID checks is completely sound; the implementation is not.
This would be impractical in meatspace, but works perfectly fine on the internet.
Why did you put "privacy" in scare quotes?
This is how you sound to me.
This is still the case. The difference now is that the astroturfed bot accounts are pushing for fascism (I.E., the second problem).
That being said, this is a 1 bit information, adult in current legislation yes/no.
I consider it a huge success of the Internet architects that we were able to create a protocol and online culture resilient for over 3 decades to this legacy meatspace nonsense.
> That being said, this is a 1 bit information, adult in current legislation yes/no.
If that's all it would take to satisfy legislatures forever, and the implementation was left up to the browser (`return 1`) I'd be all for it. Unfortunately the political interests here want way more than that.
The short version is that voters want government to bring tech to heel.
From what I see, people are tired of tech, social media, and enshittified apps. AI hype, talk of the singularity, and fears about job loss have pushed things well past grim.
Recent social media bans indicate how far voter tolerance for control and regulation has shifted.
This is problematic because government is also looking for reasons to do so. Partly because big tech is simply dominant, and partly because governments are trending toward authoritarianism.
The solution would have been research that helped create targeted and effective policy. Unfortunately, tech (especially social media) is naturally hostile to research that may paint its work as unhealthy or harmful.
Tech firms are burned by exposés, user apathy, and a desire to keep getting paid.
The lack of open research and access to data blocks the creation of knowledge and empirical evidence, which are the cornerstones of nuanced, narrowly tailored policy.
The only things left on the table are blunt instruments, such as age verification.
It's never fucking safety, or protecting children, or preventing fraud, or preventing terrorism, or preventing drugs or money laundering or gang activities. It's always, 100% of the time, inevitably, without exception, a tool used by petty bureaucrats and power hungry politicians to exert power and control over the citizens they are supposed to represent.
They might use it on a couple of token examples for propaganda purposes, but if you look throughout the world where laws like this are implemented, authoritarian countries and western "democracies" alike, these laws are used to control locals. It's almost refreshingly straightforward and honest when a country just does the authoritarian things, instead of doing all the weaselly mental gymnastics to justify their power grabs.
People who support this are ignorant or ideologically aligned with authoritarianism. There's no middle ground; anonymity and privacy are liberty and freedom. If you can't have the former you won't have the latter.
These are not the same people from 30 years ago. The new generation has come to love big brother. All it took to sell their soul was karma points.
So we should probably get ahead of this debate and push for good ways to do part-of-identity-checks. Because I don't see any good way to avoid them.
We could potentially do ID checks that only show exactly what the receiver needs to know and nothing else.
A stronger statement: we know how to build zero-knowledge proofs over government-issued identification, cf. https://zkpassport.id/
The services that use these proofs then need to implement that only one device can be logged in with a given identity at a time, plus some basic rate limiting on logins, and the problem is solved.
Yes.
Or more honestly, there was always an undercurrent of paternalistic thought and tech regulation from the Columbine Massacre days [0] to today.
Also for those of us who are younger (below 35) we grew up in an era where anonymized cyberbullying was normalized [1] and amongst whom support for regulating social media and the internet is stronger [2].
The reality is, younger Americans on both sides of the aisle now support a more expansive government, but for their party.
There is a second order impact of course, but most Americans (younger and older) don't realize that, and frankly, using the same kind of rhetoric from the Assange/Wikileaks, SOPA, and the GPG days just doesn't resonate and is out of touch.
Gen X Techno-libertarianism isn't counterculture anymore, it's the status quo. And the modern "tech-literate" uses GitHub, LinkedIn, Venmo, Discord, TikTok, Netflix, and other services that are already attached to their identity.
[0] - https://www.nytimes.com/1999/05/02/weekinreview/the-nation-a...
[1] - https://www.nytimes.com/2013/09/14/us/suicide-of-girl-after-...
[2] - https://www.washingtonpost.com/politics/2022/06/09/why-young...
Actually, yes, it seems to have shifted quite a bit. As far as I can tell, it seems correlated with the amount of mis/disinformation on the web, and acceptance of more fringe views, that seems to make one group more vocal about wanting to ensure only "real people" share what they think on the internet, and a sub-section of that group wanting to enforce this "real name" policy too.
It in itself used to be fringe, but really been catching on in mainstream circles, where people tend to ask themselves "But I don't have anything to hide, and I already use my real name, why cannot everyone do so too?"
HN has largely shifted away from tech literacy and towards business literacy in recent years.
Needless to say that an internet where every user's real identity is easily verifiable at all times is very beneficial for most businesses, so it's natural to see that stance here.
HN comments sentiment seems to shift over the age of the thread and time of day.
My suspicion is that the initial comments are from people in the immediate social circle of the poster. They share IRC or Slack or Discord or some other community which is likely to be engaged and have already formed strong opinions. Then if the story gains traction and reaches the front page a more diverse and thoughtful group weighs in. Finally the story moves to EU or US and gets a whole new fresh take.
I’m not surprised that people who support something are the ones most tuned in to the discussion because for anyone opposed they also have their own unrelated thing they care about. So the supporters will be first since they’re the originators.
Cui bono?
From what I’ve seen, most of the pro-ID commenters are coming from positions where they assume ID checks will only apply to other people, not them. They want services they don’t use like TikTok and Facebook to become strict, but they have their own definitions of social media that exclude platforms they use like Discord and Hacker News. When the ID checks arrive and impact them they’re outraged.
Regulation for thee, not for me.
If there's a fundamental culture shift, there's an easy way to prevent children from using the internet:
- Don't give them an unlocked device until they're adults
- "Locked" devices and accounts have a whitelist of data and websites verified by some organization to be age-appropriate (this may include sites that allow uploads and even subdomains, as long as they're checked on upload)
The only legal change necessary is to prevent selling unlocked devices without ID. Parents would take their devices from children and form locked software and whitelisting organizations.
A government could implement the equivalent of China's great firewall. Even if it doesn't stop everyone, it would stop most people. The main problem I suspect is that it would be widely unpopular in the US or Europe, because (especially younger) people have become addicted to porn and brainrot, and these governments are still democracies.
The problem of "kids accessing the Internet" is a purposeful distraction from the intent of these laws, which is population-level surveillance and Verified Ad Impressions.
But laws alone won't fix this, and laws aren't necessary (except maybe a law that prevents kids from buying phones). In the article, the child's devices had parental controls, but they were ineffective. There's demand for a phone with better parental controls, so it will come, and more parents are denying access, so their kids will become less alienated.
Any parent can be reckless and give their children all kinds of things - poison, weapons, pornographic magazines ... at some point the device has enough protective features and it is the parents responsibility.
I could not control how my parents were going to raise me, I was only able to play with the hand I was dealt. I hate the idea that parents are sacrosanct and do not share blame in these situations. At the same time, if this is just the family situation you're given and you're handed a device unaware of the implications, who is going to protect you from yourself and others online if your parents won't? Should anyone?
SOME parents give their children access to their ID. That is NOT the same as ALL parents, and therefore is not a reason not to give those parents a helping hand.
Even just informing children that they're entering an adult space has some value, and if they then have to go ask their parents to borrow their wallet, that's good enough for me.
I'm sure it will occasionally happen. But kids are terrible at keeping secrets, so they will only have the unlocked device for temporary periods, and I believe infrequent use of the modern internet is much, much less damaging than the constant use we see problems from today. A rough analogy, comparing social media to alcohol: it's as if today kids are suffering from chronic alcoholism, and in the future, kids occasionally get ahold of a six pack.
Ridiculous take.
We don't disagree on whether it is actually a problem, you just have your opinion about facts.
Of course no personal details should be provided to the site that requests age confirmation. Just "barer of this token" is an adult.
I think either is better than the staus quo. In the first case the parent is waiving away the protections, and in the second the kid is.
Even if a kid buys alcohol, I think it's healthier that they do it by breaking rules and faking ids and knowing that they are doing something wrong, than just doing it and having no way to know it's wrong (except a popup that we have been trained by UX to close without reading (fuck cookie legislation))
You mean this culture shift is needed for the masses but I don't think that's the case. In my widest social circle I am not aware of anyone giving alcohol to young kids (yes by the time they are 16ish yes but even that's rare). Most guardians would willingly do similar with locked devices.
The real problem is that the governments/companies won't get to spy on you if locked devices are given to children only. They want to spy on us all. That's the missing cultural shift.
It's my job as a parent (and I have several kids...) to monitor the things they consume and talk with them about it.
I don't want some blanket ban on content unless it's "age appropriate", because I don't approve that content being banned. (honestly - the idea of "age appropriate" is insulting in the first place)
Fuck man, I can even legally give my kids alcohol - I don't see why it's appropriate to enforce what content I allow them to see.
And I have absolutely all of the same tools you just discussed today. I can lock devices down just fine.
Age verification is a scam to increase corporate/governmental control. Period.
In the USA it depends on the state. Federal guidelines for alcohol law does suggest exemptions for children drinking under the supervision of their parents, but that's not uniformly adopted. 19 states have no such exceptions, and in many of the remaining 31, restaurants may be banned from allowing alcohol consumption by minors even when their parents are there.
Oh, remember those good old times when alcohol was kids' stuff.......
You could, for example, make it illegal to target children with targeted advertising campaigns and addictive content. Then throw the executives who authorized such programs in jail. Punish the people causing the harm.
Stronger punishment creates more of an incentive to age verify. Which is basically why it's happening now.
In china there are places to scan you device and get coupons. usually at elevators in residential buildings so they can track also if you're arriving or leaving easily.
In the US every store tracks and report to ad networks your Bluetooth ids. and we know what happens to ad networks.
US now requires cars to report data, which was optional before (e.g. onstar) and china joined on this since the ev boom.
the public id space is booming.
This isn't true, there is no federal requirement for a cellular modem in cars. Most modern cars have one, but nothing prevents you from disabling or removing it. I certainly would not tolerate such a "bug" in by car.
> In the US every store tracks and report to ad networks your Bluetooth ids.
This also isn't true, modern phones randomize Bluetooth identifiers. I personally disable Bluetooth completely.
Governments recycle "Think of the children" mantra and they are again after terrorists and bad guys.
We should focus on teaching parents how to educate their children properly, and teach children how to safely browse the internet and how to avoid common scams and pitfalls.
I played Roblox when I was a teenager and all the time my aunt told me to be careful of who I talked to online, as they could be a pedo. Even though there wasn't a constant monitoring from my parents or family, her words were repeated many times that I actually thought 5 times before sharing any kind of personal information online, back then.
The reason you don’t see it in policy discussion from the officials pushing these laws is because removal of anonymity is the point. It’s nit about protecting kids, it never was. It’s about surveillance and a chilling effect on speech.
Big tech don't have wait for an outright government ban when they can just say that we are a teen-only site by default and everyone have to verify if they are over 18 or not. This age verification will affect everyone no matter what.
Instead of requiring IDs, we should let parents manage what their children do online.
This is a false premise already; the company can check the age (or have a third party like iDIN [0] do it), then set a marker "this person is 18+" and "we verified it using this method at this date". That should be enough.
It cannot be a friction-less experience. Allowing children to see gore and extreme porn at a young age is not healthy. And then we have all the "trading" platforms (gambling).
Even though my brothers were able to get many hard drugs when I was young, around 1977, there was a lot of friction. Finding a dealer, trusting them, etc. Some bars would not card us but even then there was risk and sometimes they got caught. In NY we could buy cigarettes, no friction, and the one drug I took when I was young, addicted to them at 16, finally quitting for good at 20. I could have used some friction there.
So how do we create friction? Maybe hold the parents liable? They are doing this with guns right now, big trial is just finishing and it looks like a father who gave his kid an ak47 at 13 is about to go to jail.
I would like to see a state ID program when the ID is just verified by the State ID system. This way nothing needs to be sent to any private party. Sites like Discord could just get a OK signal from the state system. They could use facial recognition on the phone that would match it with the ID.
Something needs to be done however. I disagree that the internet needs to be open to all at any age. You do not need an ID to walk into a library, but you need one to get into a strip club. I do not see why that should not be the same on the internet.
Maybe TBL is right and we need a new internet? I don’t have the answer here, but this one is too commercialized and these companies are very hawkish.
To be clear, tackling the issue of child access to the internet is a valuable goal. Unfortunately, "well what if there was a magic amulet that held the truth of the user's age and we could talk to it" is not a worthwhile path to explore. Just off the top of my head:
1. In an age of data leaks, identity theft, and phishing, we are training users to constantly present their ID, and critically for things as low stakes as facebook. It would be one thing if we were training people to show their ID JUST for filing taxes online or something (still not great, but at least conveys the sensitivity of the information they are releasing), but no, we are saying that the "correct future" is handing this information out for Farmville (and we can expect its requirement to expand over time of course). It doesn't matter if it happens at the OS level or the web page level -- they are identical as far as phishing is concerned. You spoof the UI that the OS would bring up to scan your face or ID or whatever, and everyone is trained to just grant the information, just like we're all used to just hitting "OK" and don't bother reading dialogs anymore.
2. This is a mess for the ~1 billion people on earth that don't have a government ID. This is a huge setback to populations we should be trying to get online. Now all of a sudden your usage of the internet is dependent on your country having an advanced enough system of government ID? Seems like a great way for tech companies to gain leverage over smaller third world companies by controlling their access to the internet to implementing support for their government documents. Also seems like a great way to lock open source out of serious operating system development if it now requires relationships with all the countries in the world. If you think this is "just" a problem of getting IDs into everyone's hands, remember that it a common practice to take foreign worker's passports and IDs away from them in order to hold them effectively hostage. The internet was previously a powerful outlet for working around this, and would now instead assist this practice.
3. Short of implementing HDCP-style hardware attestation (which more or less locks in the current players indefinitely), this will be trivially circumvented by the parties you're attempting to help, much like DRM was.
Again, the issues that these systems are attempting to address are valid, I am not saying otherwise. These issues are also hard. The temptation to just have an oracle gate-checker is tempting, I know. But we've seen time and again that this just (at best) creates a lot of work and doesn't actually solve the problem. Look no further than cookie banners -- nothing has changed from a data collection perspective, it's just created a "cookie banner expert" industry and possibly made users more indifferent to data collection as a knee-jerk reaction to the UX decay banners have created on the internet as a whole. Let's not 10 years from now laugh about how any sufficiently motivated teenager can scan their parent's phone while they're asleep, or pay some deadbeat 18 year-old to use their ID, and bypass any verification system, while simulateneously furthering the stranglehold large corporations have over the internet.
1) Person signs up with discord with fake name and fake email.
2) Discord asks (state system) for an age validation.
3) In pop up window, state validates the persons age with ID matching with face recognition.
3) State system sends token to discord with yes or no with zero data retention in the state records.
4) Discord takes action on the account.
What is so hard about this?
Your system seems to address none of the issues I listed. For example, I argue that one difficulty is in the fact that these systems would be highly phishable -- a property that is present in your described "easy" solution. Your system trains users to become accustomed to being pestered by pop up windows that ask to see their ID and use their camera. Congrats, I can now trivially make a pop up a window that looks like this UI and use it to steal your info, as the user will just respond on auto-drive, as we have repeatedly shown both in user studies and in our own lived experiences. I also explained how a system like this would assist in the practice of trapping migrant workers by confiscating their government credentials [1]. This is a huge problem today in Asia, and one of the few outlets captive workers can use to escape this control is the internet -- a "loophole" your system would dutifully close for these corporations.
I am happy to have a discussion about this -- it's how we come up with new solutions! But that requires reading and responding to the concerns I brought up, not assuming that my issue is that I can't imagine implementing glorified OAuth login flow.
1. There's tons of articles about this, here is one of the first ones that comes up on Google: https://www.amnesty.org/en/latest/news/2025/05/saudi-arabia-...
> And the only way to prove that you checked is to keep the data indefinitely.
This is not true and made me immediately stop reading. If a social media app uses a third party vendor to do facial/ID age estimation, the vendor can (and in many cases does) only send an estimated age range back to the caller. Some of the more privacy invasive KYC vendors like Persona persist and optionally pass back entire government IDs, but there are other age verifiers (k-ID, PRIVO, among others) who don't. Regulators are happy with apps using these less invasive ones and making a best effort based on an estimated age, and that doesn't require storing any additional PII. We really need to deconflate age verification from KYC to have productive conversations about this stuff. You can do one thing without doing the other.
I don't think a bulletproof age verification system can be implemented on the server side without serious privacy implications. It would be quite easy to build it on the client side (child mode) but the ones pushing for these systems (usually politicians) don't seem to care about that.
Obvious flaws are OK. I absolutely hate the Nirvana fallacy that you people think is acceptable here, while hundreds of millions of kids suffer from serious developmental issues, as reported left and right by all kinds of organizations and governments themselves.
Aside from the privacy concerns, all this age verification tech seems incredibly complicated and expensive.
A service provider of adult content now cannot serve a child, regardless of the involvement or lack thereof of a parent.
Tradeoff acknowledged, and this runs both sides, there's hundreds of risks that these policies are addressing.
To mention a specific one, I was exposed to pornography online at age 9 which is obviously an issue, the incumbent system allowed this to happen and will continue to do so. So to what tradeoffs in policy do detractors of age verification think are so terrible that it's more important than avoiding, for example, allowing kids first sexual experiences to be pornography. Dystopian vibes? Is that equivalent?
Or, what alternative solutions are counter-proposed to avoid these issues without age verification and vpn bans.
Note 2 things before responding:
1)per the original quote, it is not valid to ignore the trade offs with arguments like "child abuse is an excuse to install civilian control by governments"
2) this was not your initiave, another group is the one making huge efforts to intervene and change the status quo, so whatever solution is counterproposed needs to be new, otherwise, as an existing solution, it was therefore ineffective.
If any of those is your argument, you are not part of the conversation, you have failed to act as wardens of the internet, and whatever systems you control will be slowly removed from you by authorities and technical professionals that follow the regulations. Whatever crumbs you are left as an admin, will be relegated to increasingly niche crypto communities where you will be pooled with dissidents and criminals of types you will need to either ignore or pretend are ok. You will create a new Tor, a Gab, a Conservapedia, a HackerForums, and you will be hunted by the obvious and inequivocal right side of the law. Your enemy list will grow bigger and bigger, the State? Money? The law? God? The notion of right and wrong which is like totally subjective anyways?
For you'll need to be accounted while they do the counting.
That being said nothing about these laws is about protecting children; their primary purpose is to crack down on the next Just Stop Oil or Palestine Action so for that reason should be opposed.
Give our personal devices have the ability to verify our age and identity securely and store on device like they do our fingerprint or face data.
Services that need access only verify it cryptographically. So my iPhone can confirm I’m over 21 for my DoorDash app in the same way it stores my biometric data.
The challenge here is the adoption of these encryption services and whether companies can rely on devices for that for compliance without having to cut off service for those without it set up.
The only reasonable way to deal with children on the Internet is to treat Internet access like access to alcohol/drugs. There is no need for children to access the Internet full stop.
Internet is a network in which everything can connect to everything, and every connected machine can run clients, servers, p2p nodes and what not. Shutting it down because "won't somebody please think of the children" is not acceptable.
And, don't let them trick you. This is the endgoal. An unprecedented level of control over the flow of information.
https://www.theguardian.com/technology/2026/jan/29/internet-...
In the United States, you can get in trouble if you leave alcohol/guns/cigarettes around for a minor to start using, yet somehow, the same social responsibility seems thrown out the window for parents and the web.
Yes, children are clever - I was one once. If you want to actually protect children and not create the surveillance state nightmare scenario we all know is going to happen (using protecting children as the guise, which is ironic, because often these systems are completely ineffective at doing so anyway) - then give parents strong monitoring and restriction tools and empower them to protect their children.
That is, after all, the primary responsibility of a parent to begin with.
RockRobotRock•1h ago
https://streamable.com/3tgc14