EFF launches Age Verification Hub

Why they don't use zero knowledge proof? Also question for the USA constitution experts, is this considered a violation of free speech? The article is not clear on this.

I'd be OK with an "I am a child" header mandated by law to be respected by service providers (eg. "adult sites" must not permit a client setting the header to proceed). On the client side, mandate that consumer devices that might reasonably be expected to be used by children (every smartphone, tablet, smart TV, etc) have parental controls that set the header. Leave it to parents to set the controls. Perhaps even hold parents culpable for not doing so, as a minimum supervision requirement, just as one may hold parents culpable for neglecting their children in other ways.

Forcing providers to divine the age of the user, or requiring an adult's identity to verify that they are not a child, is backwards, for all the reasons pointed out. But that's not the only way to "protect the children". Relying on a very minimal level of parental supervision of device use should be fine; we already expect far more than that in non-technology areas.

I would be happy if we just moved to a way we could more realistically enable audits of information flow in our lives. I don't, necessarily, want to restrict my kids consumptions. It does worry me that I don't know how to teach them to audit all of the information that is being exposed to them. Or worse, collected about them.

back in the day the worst thing you could do in a blog or channel was to self identify as female, as you would get flooded

i am a child header = i am verifying myself as valid target header

has anyone realized that whatever at all the "good" guys do, the "bad" guys will abuse it.

we need canaries [bots with child header], to get a metric on any increase of attempted crimes vs a child.

That is an extremely poor title. Reading it I'd expect the average person to be like "yea, it's about time" and skip the article.

Any time law-makers claim that a law is meant to protect children you can guarantee that the safety of children had almost nothing to do with it. This is all a push to normalize digital ID (to protect the children!); once normalized it will become mandatory.

The end goal of this line of thinking is tracking every molecule in the universe. Exagerated I know, but we're moving in that direction.

> we must fight back to protect the internet that we know and love.

This is not compelling. The internet I know and love has been dying for a long time for unrelated reasons. The new internet that is replacing that one is an internet that I very much do not love and would be totally ok to see lots of it get harder to access.

Good. Let this version of internet be locked down and censored.

If people care enough, they will build a new internet.

Not to mention people lose accounts because someone reported them as underage, and now they don't want to fully dox themselves over this. Who can blame them considering discord's own support ticket system was hacked which included people who had to validate their age.

Infuriating that we get all the bad sides of digital ID without the good sides.

It's deanonymizing and intrusive and mandatory for sites to implement without protecting them from sockpuppets and foreign troll farms.

How are you going to verify the age of someone coming in from another country?

We must destroy all freedom and forsake all right to free speech and privacy... for the children!

Would be great if EFF also sets up a phone verification hub.

https://news.ycombinator.com/item?id=45989890

"SAN FRANCISCO-With ill-advised and dangerous age verification laws proliferating across the United States and around the world, creating surveillance and censorship regimes that will be used to harm both youth and adults, the Electronic Frontier Foundation has launched a new resource hub that will sort through the mess and help"

The surveillance and censorship system is built, administered and maintained by Silicon Valley companies who have adopted this as their "business model". "Monetising" surveillance of other peoples' noncommercial internet use

These Silicon Valley companies have been surveilling internet subscribers for over a decade, relentlessly connecting online identity to offline identity, hell bent on knowing who is accessing what webpage on what website, where they live, what they are interested in, and so on, building detailed advertising profiles (including the age of the ad target) tied to IP addresses, then selling the subscribers out to advertisers and collecting obscene profits (and killing media organisations that hire journalists in the process)

Now these companies are being forced to share some of the data they collect and store

Gosh, who would have forseen such an outcome

These laws are targeting the Silicon Valley companies, not internet subscribers

But the companies want to spin it as an attack on subscribers

The truth is the companies have been attacking subscriber privacy and attempting to gatekeep internet publication^1 for over a decade, in the name of advertising and obscene profits

1. Discourage subscribers from publishing websites and encourage them to create pages on the company's website instead. Centralise internet publication, collect data, perform surveillance and serve advertisements

I wonder what the psychological effect of having little or no privacy would do to people. Are we all going to be paranoid schizophrenics? How would a world of paranoid schizophrenics work? How insane are world events going to be from that point on?

The net got too big, the 90% got in because of facebook and google, and automated bots took over from there.

Either we create the fix, or the feds take it over. we need to sever the idea of a global internet. per-country and allied nations only. anonymous cert-chain verified ID stored on device. problem fixed.

I am disappointed to find no mentions of zero knowledge proofs or any other indications that we wont have to trust anyone with this task.

We have the technology to do age verification without revealing any more information to the site and without the verification authority finding out what sites we are browsing. However, most people are ignorant of it.

If we don't push for the use of privacy preserving technology we wont get it and we will get more tracking. You cannot defeat age verification on the internet, age verification is already a feature of our culture. The only way out is to ensure that privacy preserving technologies are mandated.

Like any wrong government initiative, mass surveillance is being justified by "think of the children" and "fighting the bad guys".

This gives me Leisure Suit Larry flashbacks

I think sadly, this is a lost battle in public opinion. And the gambling of digital assets on Roblox and other casino-like website is also starting to get public attention, and will turn public opinion further.

The CNIL gave up 3 years ago, and gave guidelines, you can read about it here [0]. At the time it read like "How well, we tried, we said it is incompatible with privacy and the GDPR multiple times, we insist one more time that giving tools to parents is the only privacy-safe solution despite obvious problems, but since your fucking law will pass, so the best we can do is to draw guidelines, and present solutions and how to implement them correctly".

I think the EFF should do the same. That's just how it is. Define solutions you'll agree with. Fight the fight on chat control and other stuff where the public opinion can be changed, this is too late, and honestly, if it's done well,it might be fine.

If the first implementation is correct, we will have to fight to maintain the statu quo, which in a conservative society, is the easiest, especially when no other solution have been tested. If it's not, we will have to fight to make it correct, then fight to maintain it, and both are harder. the EFF should reluctantly agree and draft the technical solution themselves.

[0] https://www.cnil.fr/en/online-age-verification-balancing-pri...

* for the US Internet. Internet access, even on cafe shop wifi, in India is trace backable to the ID of the user already.

I understand this is a technology forum, frequented mostly by liberal adults, who built a lot of their internet nous on totally free internet of 90s and 00s. I am one of them.

Equally, I think insisting that there must be no controls to internet access whatsoever is not right either. There is now plenty of evidence that eg. social media are very harmful to teenagers - and frankly, before I noticed, going on FB got me depressed each time I did it at one point. And as a parent, you realise how little control you have over your children's tech access. Case in point - my kids seem to have access to very poorly locked down iPads at school. I complained, but they frankly don't understand.

We all accept kids can't buy alcohol and cigarettes, even if that encroaches on their freedom. But or course flashing an ID when you're over 18 is not very privacy-invading.

Likewise, I think it is much better to discuss better means of effecting these access controls. As some comments here mention, there are e.g. zero knowledge proofs.

I'm sure I'll be told it's all a sham to collect data and it's not about kids. And maybe. But I care about kids not having access to TikTok and Pornhub. So I'd rather make the laws better than moan about how terrible it is to limit access to porn and dopamine shots.