alt Hacker Newswhat if instead of this age gate or whatever government is doing, what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
remove all "reasonable step" shield to hide behind. for example, a shopkeeper can't say they took "reasonable steps" if they sell alcohol to a child so why should a website be any different? if we are going to the absurdity of age-gating VPNs, at least lets make it so that there is an incentive for children to self-report
Replies
> what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
All of these proposals probably sound good to people who think the Venn diagram of sites they use and sites covered by these laws are two separate circles.
They probably sound a lot less good when you realize the law covers site like YouTube. The Australian law (which they said they’re modeling this after) also includes social news sites like Reddit.
If they passed a law like this extending to VPN services then you’d have to hand over your ID to use a VPN.
Usually people realize how bad these proposals are once they realize it might impact their internet use, too.
Or perhaps we should expect parents to take some responsibility for their kids' screen use?
Because they will just withdraw from the jurisdiction rather than bother to implement that, most likely
> big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
HIPAA has been super effective this way. As we all know, American companies don’t give two shits about user privacy or even security. But wave the HIPAA flag and everyone starts caring real hard and taking extremely cumbersome steps to comply with patient privacy.
Very simple: Each HIPAA violation comes with a financial penalty for the business and personal penalty for every person involved in the leak. Very effective.
> these big companies need to self police
It's not possible to prevent a person (of any age) from reaching a specific website if they are determined enough. Full stop.
The end result will be the same. If you face a 10k liability for serving the wrong customer, you end up needing to ID your customers.
If the government isn't going to provide that service you end up with private companies verifying identity and the data security issues that entails.
If you want to shift the responsibility of protecting children away from parents, then you end up in a situation where third parties need to be able to differentiate between a child and an adult. I haven't yet seen a proposal that doesn't entail someone - government or private enterprise - getting access to identifiable information.
Of course, you could have something like a signed certificate, so the identity verifier doesn't see who you are patronizing, and the identity seeking business only gets to see your age, but it still has privacy issues.