But the only way to do this is to require ID checks, effectively regulating and destroying the anonymous nature of the internet (and probably unconstitutional under the First Amendment, to boot.)
It's the same problem with requiring age verification for porn. It's not that anyone wants kids to have easy access to this stuff, but that any of these laws will either be (a) unenforceable and useless, or (b) draconian and privacy-destroying.
The government doesn't get to know or regulate the websites I'm visiting, nor should it. And "protecting the children" isn't a valid reason to remove constitutional rights from adults.
(And if it is, let's start talking about gun ownership first...)
> But the only way to do this is to require ID checks, effectively regulating and destroying the anonymous nature of the internet
That seems intuitive, but it's not actually true. I suggest looking up zero-knowledge proofs.
Using modern cryptography, it is easy to send a machine-generated proof to your social media provider that your government-provided ID says your age is ≥ 16, without revealing anything else about you to the service provider (not even your age), and without having to communicate with the government either.
The government doesn't learn which web sites you visit, and the web sites don't learn anything about you other than you are certified to be age ≥ 16. The proofs are unique to each site, so web sites can't use them to collude with each other.
That kind of "smart ID" doesn't have to be with the government, although that's often a natural starting point for ID information. There are methods which do the same based on a consensus of people and entities that know you, for example. That might be better from a human rights perspective, given how many people do not have citizenship rights.
> (and probably unconstitutional under the First Amendment, to boot.)
If it would be unconstitutional to require identity-revealing or age-revealing ID checks for social media, that's all the more reason to investigate modern technical solutions we have to those problems.
Assuming you can make active queries to the verifier, you could do something like
- Have your backend generate a temporary AES key, and create a request to the verifier saying "please encrypt a response using AES key A indicating that the user coming from ip X.Y.Z.W is over 16". Encrypt it with a known public key for the verifier. Save the temporary AES key to the user's session store.
- Hand that request to the user, who hands it to the verifier. The verifier authenticates the user and gives them the encrypted okay response.
- User gives the response back to your backend.
Potentially the user could still get someone to auth for them, but it'd at least have to be coming from the same IP address that the user tried to use to log into the service. The verifier could become suspicious if it sees lots of requests for the same user coming from different IP addresses, and the service would become suspicious if it saw lots of users verifying from the same IP address, so reselling wouldn't work. You could still find an over-16 friend and have them authenticate you without raising suspicions though, much like you can find an over-21 friend to buy you beer and cigarettes.
Since you use a different key with each user request, the verifier can't identify the requesting service. Both the service and the verifier know the user's IP, so that's not sensitive. If you used this scheme for over-16 vs. over-18 vs. over-21 services, the verifier does learn what level of service you are trying to access (i.e. are you buying alcohol, looking at porn, or signing up for social media). Harmonizing all age-restricted vices to a single age of majority can mitigate that. Or, you could choose to reveal the age bucket to the service instead of the verifier by having the verifier always send back the maximum bucket you qualify for instead of the service asking whether the user is in a specific bucket.
If you can make active queries to the verifier, so can any adversarial party. These kinds of ZK-with-oracle schemes need to be very carefully gamed to ensure they're truly ZK, and not just "you learn nothing if you only query once."
> and the service would become suspicious if it saw lots of users verifying from the same IP address
This implodes under CGNAT, cafe internet, hotel internet, etc.
You can make active queries, with the user's involvement. The verifier can potentially have a prompt with e.g. "The site you were just on would like to know that you are over 21. Would you like to share that with them?"
We do need to get people onto ipv6 so CGNAT can die. Restricted services could potentially disallow signups or require more knowledge (e.g. full ID) if coming from shared IPs as a risk mitigation strategy, depending on how liable we want to hold them to properly validate age. If you've already signed up for facebook at home, obviously you don't need to validate your age again at the cafe.
Fake IDs exist in the real world. The system doesn't have to be perfect, and we can say that there's some standard of reasonable verification that they should do for these sorts of cases.
Personally I'm more in favor of an approach where sites label their content in a way where parents can configure filters (ideally using labels that are descriptive enough that we don't get into fights over what's "adult", and instead leave that decision to individual families), but if we're going to go an ID-based route, there are at least more private ways we could do it, and I think technologists should be discussing that, and perhaps someone at one of these big companies can propose it.
That's the protocol for the computer, similar to oauth. From the user perspective, your 94-year-old neighbor would have an account with id.gov that they've somehow previously established (potentially the DMV or the post office does this for them), and the user flow works much like "Sign in with Google" buttons do today.
Addendum: you can actually preserve the privacy of which bucket the user is in to all parties if this is sufficiently standardized that it goes through a browser API.
- Have the service generate the request as above, but now the request is "Please encrypt a response with key A for the user coming from ip X.Y.Z.W".
- Service calls a standard browser API with the request, telling the browser it would like to know the user is in the over 16 bucket. Browser prompts the user to verify that they want to let the service know they are over 16. Browser sends the request to the verifier.
- Verifier responds with a token for each bucket the user is in. So a 22 year old gets an over-16 token, an over-18 token, and an over-21 token.
- Browser selects the appropriate response token and gives it back to the service.
So the service only ever learns you are over the age limit they care about, and the verifier only ever learns that you asked for some token, but not which one.
It would be neat if some authority like the passport office or social security office also provided a virtual ID that includes the features OP described and allowed specific individual attributes to be shared or not shared, revoked any time, much like when you authenticate a 3rd party app to gmail or etc.
Putting on my conspiracy hat for a minute: They don't want to make it easy for you to authenticate anonymously. They obtain their surveillance data from the companies that tie you, individually, to your data. They'd be shooting themselves in the feet.
There's a unique identifier, but it's your secret and can't be used for tracking. Sites needing verification don't learn anything except that you "have" a token matching the condition they are checking. This includes not learning your unique identifier, so they can't use it for tracking. The issuer also doesn't learn anything about your verification queries.
You have an incentive to keep the secret token to yourself, and would probably use existing mechanisms for that: You might manage like your phone number, private email and other personal accounts today. Not perfect, but effective most of the time for most people.
You might decide to share it with someone you trust, like your sibling. That's up to you, but you wouldn't share it widely or with people you don't trust, even under pressure, because:
To prevent mass reuse of stolen tokens, it's possible to use more cryptography to detect when the same token is reused in too many places, either on the same site or across many sites, without revealing tokens that don't meet the mass-reuse condition, so they still can't be used for tracking. If mass-reused tokens auto-revoke, they can't be reused thousands of times by anyone, and that also provides an incentive to avoid sharing with people you don't trust.
I won't pretend this is trivial. It's fairly advanced stuff. But the components exist these days. The last paragraph above requires combining zero-knowledge proofs (ZKP) with other branches of modern cryptography, called multi-party computation (MPC) and perhaps fully homomorphic encryption (FHE).
mDL wide scale rollout works be using the trusted computing element that is part of your phone and enrollment would be the same as obtaining a driver’s license in the first place.
There is no physical card - there is an attestation that only an enrolled device can hand out with revocation support in case of security flaws.
Is it going to be absolutely secure? No. The cost just needs to be high enough that it becomes inaccessible to the vast majority of adolescents.
Theft of your parents phone becomes a lot easier attack vector but phone biometrics/password requirements will thwart that for most parents.
Let me expand on this because Digital Identity proponents tend to try and oversimplify everything and then act surprised when their favorite cryptos implode.
There are 2 situations.
1. Everyone who wants to access restricted content needs to access a government or corporate tool to generate their wallet or keys or whatever you want to call it.
2. Everyone in the jurisdiction is required to sign up for the tool.
1. Is effectively putting yourself on a list for future fascist governments to purge.
2. Is an onerous burden on the entire population. We had enough issues with Digital TV.
Government already has all information about you, they put on your passport when they print it for you. Zero knowledge proofs allow you to generate attestation about some facts (ie that you are above 21 years) where 3rd party can verify it, where proof itself doesn’t reveal your identity or any other information - just the fact that you’re passing this check is revealed.
Yes and you can consider the passport office a list of everyone who wants to travel overseas.
Ditto, if you apply for internet porn license, you will be on a list of internet porn enthusiasts. Its non trivial information that its largely in your best interest not to provide the government.
Again this all happens before your zero knowledge check.
Design is far from the only threat vector. Any implementation that is less than perfect is prone to all kinds of attacks. A few years ago, there was a report that the NSA could decrypt a double-digit percentage of encrypted web traffic thanks to a larger-than-expected bag of factored primes they keep handy.
Great story, are you claiming that NSA can infer from zero-knowledge proofs inputs, maybe map cryptographic hashes to plain input text or something of that nature?
No, but I bet a dollar that NSA isn't just going to collectively fold hands and say "These schemes and implementations are too good and too secure for us to break. We'll ignore the meta data, network analysis, side channels and our data centers that can store 2 days worth of internet traffic; we'll give up and focus on defensive security only"
Your argument applies equally to any initiative ever made by humans that mentions "internet". Yet it appears quite few things exist on the "internet". We do have cryptography with good guarantees available.
My argument is not that those things don't exist - its just that to my knowledge, I never heard of any real-life implementation that's guaranteed to be NSA-proof[1] - you're welcome to offer a counterexample.
1. Your fancy encryption scheme is pointless if your plaintext can be acquired at either endpoints, of if a bug in the implementation leaks data. The security of the whole matters a lot more than the individual parts as attackers go for the weakest link.
> The government doesn't learn which web sites you visit, and the web sites don't learn anything about you other than you are certified to be age ≥ 16.
If the zero-knowledge proof doesn't communicate anything other than the result of an age check, then the trivial exploit is for 1 person to upload an ID to the internet and every kid everywhere to use it.
It's not sufficient to check if someone has access to an ID where the age is over a threshold. Implementing a 1:1 linkage of real world ID to social media account closes the loophole where people borrow, steal, or duplicate IDs to bypass the check.
As I mentioned elsewhere, you’re falling for letting perfect be the enemy of good. The ZKP + phone biometrics only needs to raise the cost of bypass above what adolescents have access to. And no, you can’t just share the same ID because there’s revocation support in the mDL and it’s difficult to extract the raw data once it’s stored on the trusted element. This is very similar to how credit cards on phones work which are generally very difficult to steal.
You’re thinking like a group of technically proficient 15 year olds and their friends. That’s a small minority. The vast majority of teens are likely to be stymied.
Revocations are not for the individual ID but if an exploit is found compromising the IDs stored on a trusted element. Your older siblings ID can’t be used to sign for millions of accounts - just those who the older sibling lets borrow their phone that has their ID (and assuming there isn’t some kind of uniqueness cookie that can be used to prevent multiple accounts under a single ID). That’s a much different and more manageable problem (fake ids via older siblings have been a thing for forever).
>As I mentioned elsewhere, you’re falling for letting perfect be the enemy of good
No, this line of reasoning deserves nothing but absolute contempt when it comes to laws. We are not talking about getting the finnicky API to work at your job. Too often laws have had unintended consequences as a result of loopholes or small peculiarities. If the damn law doesn't even work on a fundamental level then it should be opposed on principle.
There are technical methods to detect and revoke large-scale reuse of an uploaded id. I wrote more detail in another comment.
That only covers large-scale reuse. It doesn't cover lending your id to your younger sibling if you want to, or if they find a way. Maybe that should be acceptable anyway. Same as you can lend your phone or computer to someone to use "as you", or you can buy them cigarettes and alcohol. Your responsibility.
Today you can scan your passport with your phone, and get enough digitally signed material chained up to nation level passport authorities to prove anything derived from the information on your passport.
You could prove to an arbitrary verifier that you have a US passport, that your first name starts with the letter F, and that you were born in July before 1970, and literally share zero other information.
The selective disclosure is super cool, I wonder how it works since smthing like a hash of DG1 is what is actually signed, how can you selectively disclose verified data from "inside" the hashed area? It does not sound very feasible to me but I am not an expert in zk-snarks etc.
There are some wrinkles that prevent passport data being used more broadly - technically it is a TOS violation to verify passports / use the ICAO pkd without explicit permission from ICAO or by direct agreement with the passport holder's CSCA (country signing certificate authority). Some CSCAs allow open use but many do not.
Also, without being too pedantic about it, what you are able to prove is more like possession of a document. An rfid passport (or rfid dump & mrz) - or in fact any kind of identity document - does not prove that you are the subject - you need some kind of biometric bind for that.
ZK circuts have gotten really fancy lately, to the point where full blown ZK virtual machines are a thing, which means you can write a program in rust or whatever, compile it to riscv, and then run it on the risc zero zkVM. (https://github.com/risc0)
This means you can literally just write a rust program that reads in the private data, verifies the signature, reads the first byte in the name string and confirms that it matches what you expect, and then after everything looks good, it returns "true", otherwise it returns "false". This all would happen on your phone when you scan a QR code or something that makes the request, then you send the validity proof you generated to the verifier, they can see that the output was true, and nothing else.
In theory, the private data would be stored on a trusted device you own, like your phone or something, so someone who steals your phone would have a hard time using your identity. Using fancy blockchain stuff you could even to a one time registration of your passport such that even if someone steals your passport, they wouldn't be able to import as a usable ZK credential. Presumably there would be some logic around it so you can re-register after a delay period or something, giving the current credential holder a chance to revoke new enrollment requests or whatever. So, yes, proving your exact identity to a website isn't perfect, but it's easy enough to make it really noisy if someone is trying to tamper with your identity, and maybe that's good enough.
If you want to go the trusted hardware route, you could make someone take a picture of their face with some sort of trusted hardware camera on their phone or laptop, and then use some zkml magic to make sure it kinda looks like the face on the passport data. Given the right resources, trusted hardware is never that hard to tamper with, so I don't like that solution very much.
What's often more important in an online context is that your credential is unique. It doesn't matter who you are, it matters that you've never used this credential to sign up for a twitter account, or get past a cloudflare captcha, or any other captcha use case. If you steal 10 passports, maybe you can set up a bot that will automatically vote for something 10 times, but at least you can't vote millions of times. This is sybil resistance, and it's massively important for a ton of things.
Thanks! I have a big rabbit hole to go down now :)
I don't get what causes the proof to fail if I provide the wrong bytes to the zkvm when it tries to read from inside the hashed area after the hash & signature are verified (this might not be directly sequential I guess, I think it has to be part of the same proof).
Put another way, I get we have to zk prove that a) I know a message M that hashes to H ... (can see this is do-able from googling), but also that a particular byte range M[A-B] is part of M, in a way that the verifier can trust I'm not lying and I don't see how the second bit is accomplished. It feels like there are also details in proving that the data comes from the right "field" in the DG1.
This stuff is such black magic! EDIT: will try this out in ZoKrates...
> Using modern cryptography, it is easy to send a machine-generated proof to your social media provider that your government-provided ID says your age is ≥ 16, without revealing anything else about you to the service provider (not even your age), and without having to communicate with the government either.
There's just one problem. How does the machine proving your age know that you are who you say you are? Modern cryptography doesn't have any tools whatsoever that can prove anything about the real body currently operating the machine--it can never have such a tool. And the closest thing that people can think of to a solution is "biometrics," which immediately raises lots of privacy concerns.
The government need not know what sites you visit. It is damaging enough that the government know that you are visiting sites that require an age verification. You can then be flagged for parallel construction if you should, I don't know, start a rival political party.
Not if this were widespread. I wouldn’t be too bothered if the government knew that I either watched an R-rated movie or rented a car or purchased alcohol or created a Facebook account.
You missed the either in GP's comment. i.e. they know you did one of those things because you requested an over-18 token, but not which one. The more covered activities there are, the more uncertainty they have about why you might have asked for a token.
This isn't really my area of expertise, is there a way to know for sure that those are all the same token? Or could the government just lie and say they are all the same when in reality they can really differentiate.
The government would have to document the API for requesting tokens for anyone to use it. I suggested a scheme here[0] where it's clear that the government doesn't get any information about the service (unless the service re-uses AES keys) and the service doesn't get any information about the user other than whether they're in the appropriate age group.
Potentially there could be coordination between .gov and the service to track users by having each side store the temporary AES key and reconcile out-of-band. But .gov has other ways they could get that information anyway if they have cooperation from businesses (e.g. asking your ISP for your IP address, and asking the service provider for a list of user IPs).
Definitely, we can use a government issued id, or we can create our own. Social graphs i call em. Zero knowledge proofs have so many ground breaking applications. I have made a comment in the past, relevant to how could a social graph be build, without the need of any government [1]. We can create effectively one million new governments to compete with existing ones.
I've been thinking a lot lately about decentralized moderation.
All we need to do is replace the word "moderate" with "curate". Everything else is an attestation.
We don't really need a blockchain, either. Attestations can be asserted by a web of trust. Simply choose a curator (or collection of curators) to trust, and you're done.
Yeah, blockchain is not needed at all. A computer savvy sheriff might do it, an official person of some kind. Or even private companies, see also "Fido alliance".
Additionally the map of governments which accept Esthonian passport might be of some relevancy here[1].
Let's suppose that 1 million new governments are founded, and violence still can be enforced only by the existing ones. The new governments will be in charge of ids, signatures, property ownership and reputation. Governments of Rust programmers, or Python programmers, or football players, or pool players, or truck drivers will be created.
When a citizen of Rust programmers social graph uploads code, he can prove his citizenship via his id. We may not even know his name, but he can prove his citizenship. He can sign his code via his signature, even pull request in other projects. He can prove his ownership of an IT company, as it's CEO, the stock shares and what not. And he will be tied to a reputation system, so when a supply attack happens, his reputation will be tainted. Other citizens of Rust's social graph, will be able to single out the id of the developer, and future code from him will be rejected, as well as code from non-citizens.
Speaking of supply chains, how about the king of supply chains of products and physical goods? By transferring products around, in a more trustworthy way, by random people tied to reputation, Amazon may get a little bit of competition ain't it?
But in reality this would not hide age, for example if a child signs up for Facebook, the only information revealed is that they are <16 years old. But once they turn 16, they want to have an unrestricted Facebook experience, so they will send a new token to Facebook, showing that they are older then 16 now. Facebook can now record the day the user does this and will now know the approximate birthday of a person. Sure, the user might not do this right on their birthday, probably in a span of a few weeks, but they will still have a good understanding of the age. This system would still be better then having to reveal your whole Id with all details.
So I hash some combination of ID, name and birthday and send it to Facebook to create an account. Facebook relays that hashed info to a government server which responds with a binary yes/no.
Of course you need to trust that the hash is not reversable.
That doesn’t stop kids from using Facebook, but it stops kids’ ID from being used to create an account.
Thanks for bringing this solution up. Many people are unaware of Zero-Knowledge proofs are actually possible. Probably because it's very counter intuitive.
And as with electronic voting, the contract will go to the lowest bidder with the worst security, not the company that's got the CS chops to do it right.
We did a hackathon at work and one of the guys from one of my project teams covered this stuff as his project.
I trust that it _would_ work 100%,but what I don't trust is that a government would implement it properly and securely, because no government works like that lmao (even NZ's great one).
I mean living in the UK now I got like a dozen different fucking gov numbers for all manner of things, dvla, NHS, nin, other tax numbers, visa, etc...why isn't there just one number or identity. Gov.uk sites are mostly pretty stellar besides.
Minors dont get full constitutional protections. I think they should have more rights than they do, but the first amendment is already more limited for minors than for adults.
Tinker v. Des Moines has repeatedly been chipped away (e.g. Bethel School District v. Frasier).
Minors cant produce pornography.
Minors have their freedom of association and expression limited by employment laws.
Minors speech is not free at home due to parental control or at school.
Minors can’t consent to medical treatment which limits their ability to discuss sensitive issues.
Minors cant vote or run for public office, which limits their direct participation in political expression and civil engagement.
Wrong I’m afraid. Minors don’t have full rights, that’s why their bag/locker/car can be searched randomly, why they can have speech abridged, why they can’t see NC-17 movies(edit: scratch that one). The supreme court has weighed against minors many times.
The first amendment is a restriction on Congress, and does not apply to the private Motion Picture Association that maintains the film rating system.
> why they can have speech abridged
I don't think that's true of federal law. There are cases, such as in school, where more restrictions are permitted to the school. But those restrictions are not based on age.
> There are cases, such as in school, where more restrictions are permitted to the school. But those restrictions are not based on age.
After 18 you can choose whether to be in school or not. Those restrictions are voluntary for adults but compulsory for minors (who do not get to choose whether they go to public school, private school, homeschool, or just pass the GED)
”that’s why their bag/locker/car can be searched randomly"
This has always disgusted me about public school.
No better way to erode rights and democracy than ingraining absolute tyranny in children. I was never search but I was convicted and punished many times on zero evidence, just some authority assuming I did something.
You are not free to enter the White House to express yourself.
Enforcing a property owners right to refuse entry (digital or physical) does not prevent you from expressing yourself, but rather from doing it that specific property.
Yes, this isn't the right solution. The power needs to be given to the users.
A better solution is more robust device management, with control given to the device owner (read: the parent). The missing legislative piece is mandating that social media companies need to respond differently when the user agent tells them what to send.
I should be able to take my daughter's phone (which I own), set an option somewhere that indicates "this user is a minor," and with every HTTP request it makes it sets e.g. an OMIT_ADULT_CONTENT header. Site owners simply respond differently when they see this.
in HTTP responses that include adult content, and every parental controls software in existence will block it by default, including the ones built into iPhones/etc and embedded webviews. As far as I know all mainstream adult sites include this (or the equivalent meta tag) already.
In general, I don’t think communicating to every site you visit that you are a minor and asking them to do what they will with that information is a good idea. Better to filter on the user’s end.
It's much easier to regulate and enforce that websites must expose these headers so that UAs can do their own filtering. Adult Content = headers in response, no ifs, ands, or buts
Response headers are encrypted in the context of HTTPS, so there's no real sacrifice in privacy. Implementation effort about as close to trivial as can be. No real free speech implications (unless you really want to argue that those headers constitute compelled speech). All in all, it's a pretty decent solution.
This is not a response header. It's a meta tag that's added to a websites head element to indicate it's not kid friendly. The individual payloads returned from an adult site don't include this as a header.
That'd be the "equivalent meta tag" I mentioned. And this site claims the header works too, though I haven't tested it myself. https://davidwalsh.name/rta-label
I honestly wasn't aware of this, and it sounds like a great solution for "adult content." Certainly, the site specifying this is better than the user agent having to reveal any additional details about its configuration.
Emancipation of children is also a thing, where a minor may petition the court to be treated as an adult. This also falls afoul of a blanket age restriction.
I think there's an ambiguity here. Even on this page, talking about "for all purposes". This seems to mostly refer to parental decision making and rights.
i.e. even as an emancipated minor, being treated as a "legal adult" does not mean you can buy alcohol or tobacco.
Understood, but being emancipated could mean that you need to be able to used LinkedIn, perhaps as part of a job search. An argument could be made that an emancipated minor should have access to some social media.
Exactly, any design for this stuff requires parental-involvement because every approach without it is either (A) uselessly-weak or (B) creepy-Orwellian.
If we assume parents are involved enough to "buy the thingy that advertises a parental lock", then a whole bunch of less-dumb options become available... And more of the costs of the system will be borne by the people (or at least groups) that are utilizing it.
Geolocation to that degree not that reliable and not necessarily 1:1 with jurisdiction or parental intent.
If we're already trusting a parental-locked device to report minor-status, then it's trivial to also have it identify what jurisdiction/ruleset exists, or some finer-grained model of what shouldn't work.
In either case, we have the problem of how to model things like "in the Flub province of the nation of Elbonia children below 150.5 months may not see media containing exposed ankles". OK, maybe not quite that bad, but the line needs to be drawn somewhere.
Sounds like you want PICS (though it works on the opposite direction, with the web site sending the flag, and the browser deciding whether to show the content based on it).
> "Reasonable age verification method" means any commercially reasonable method regularly used by government agencies or businesses for the purpose of age and identity verification.
In particular, "anonymous speech is required if you want to have free speech" is actually a very niche position, not a mainstream one. It just happens to be widely spammed in certain online cultures.
Those laws are frequently overturned as unconstitutional, but may still remain on the books because we don't do a good job of clearing out laws that were ruled unconstitutional.
As a general rule of thumb, almost every time someone brings an edge case about whether or not speech is First Amendment-privileged before SCOTUS, SCOTUS rules in favor of the speech. (The main exception is speech of students in school.) SCOTUS hasn't specifically ruled on anti-mask laws to my knowledge, but I strongly doubt it would uphold those laws.
Random aside, I haven’t seen NY enforce the anti mask legislation during the Halloween parade, various protests, or Covid. So I bet a new constitutional challenge could be erected.
There are places where it wouldn't be safe to protest without masks. In that case people effectively would be losing their freedom of speech if it isn't anonymous.
Wealthy, politically connected men with the ability to read and write about political philosophy and get it distributed is a bit different situation than a thousand Russian AI trollbots posting bad-faith "opinions" on American current events.
> But the only way to do this is to require ID checks
Not necessarily, consider the counterexample of devices with parental-controls which--when locked--will always send a "this person is a minor" header. (Or "this person hits the following jurisdictional age-categories", or some blend of enough detail to be internationally useful and little-enough to be reasonably private and not-insane to obey.)
That would mostly puts control into the hands of parents, at the expense of sites needing some kind of code-library that can spit out a "block or not" result.
> It's the same problem with requiring age verification for porn. It's not that anyone wants kids to have easy access to this stuff,
Depends on the argument being made, on the ideology of the audience, on the current norms, etc.
I had an exchange here on HN some time back (topic was about schools removing certain books from their libraries), and very many people in support of those books, which dealt with gender-identity and sexual orientation, also supported outright porn (the example I used was pornhub) for kids of all ages as long as those books with pictures (not photos) of male-male sexual intercourse could stay in the library.
Right now, if you made the argument "There are some things kids below $AGE shouldn't be exposed to", you'll still get some (vocal) minority disagreeing because:
1. They feel that what $AGE kids get exposed to should be out of the parent's hands ("Should we allow parents to hide evolution from their children?", "Should we allow parents to hide transgenderism from their children?")
2. They know that, especially with young children, they will lose their chance to imprint a norm on the child if they are prevented from distributing specific material to young children.
In the case of sex and sexual education, there is currently a huge push for specific thoughts to be normalised, and unfortunately if it means that graphic sexual depictions are made to children, so be it.
The majority is rarely so vocal about things they consider "common sense", like no access to pornhub for 10 year olds.
> effectively regulating and destroying the anonymous nature of the internet
Technically you can make that work without issues (You only need to prove your age not your identity, something which can reasonably be archived without leaking your identity).
There are just two practical issues:
- companies, government and state (at least US police & spy agencies) will try to undermine any afford to create a reasonable anonymous
- it only technically works if a "reasonable degree" of proof is "good enough", i.e. it's must be fine that a hacker can create a (illegal?) tool with which a child could pretend to be 16+, e.g. by proxing the age check to a hacked device of an adult. Heck it should be fine if a check can be tricked by using the parents passport or phone. I mean it's an 16+ check, there really isn't much of a reason why it isn't okay to have a system which is only "good enough". But lawmakers will try nonsense.
Interestingly this is more a problem for the US then some other states AFIK due to how 1) you can't expect everyone 18+ to have an id and everyone 16+ to be able to easily get one (a bunch of countries have owing (not carrying) id requirements without it being a privacy issue. 2) Terrible consumer protection making it practically nearly impossible to create a privacy preserving system even if government and state agencies do not meddle.
Similar if there wouldn't be the issue with passports in US it probably wouldn't touch the First Amendment as it in the end protects less then a lot of people believe it does.
Lately I'm repeatedly reminded of how in Ecuador citizens, when interviewed during a protest, see it as a normal thing to tell their name as well as their personal ID number into the camera when also speaking about their position in regards of the protest. They stand to what they are saying without hiding.
Since about half a year I've noticed the German Twitter section getting sunk in hate posts, people disrespecting each other, ranting about politicians or ways of thinking, but being really hateful. It's horrible. I've adblocked the "Trending" section away, because its the door to this horrible place where people don't have anything good to share anymore but disrespect and hate.
This made me think about what we're really in need for, at least here in Germany, is a Twitter alternative, where people register by using their eID and can only post by using their real name. Have something mean to say? Say it, but attach your name to it.
This anonymity in social media is really harming German society, at least as soon as politics are involved.
I don't know exactly how it is in the US but apparently it isn't as bad as here, at least judging from the trending topics in the US and skimming through the posts.
People have zero qualms about being absolute ghouls under their wallet names. The people with the most power in society don't need anonymity. The people with the least often can't safely express themselves without it.
>> "What matters, it seems, is not so much whether you are commenting anonymously, but whether you are invested in your persona and accountable for its behaviour in that particular forum. There seems to be value in enabling people to speak on forums without their comments being connected, via their real names, to other contexts. The online comment management company Disqus, in a similar vein, found that comments made under conditions of durable pseudonymity were rated by other users as having the highest quality. "
- Illegal content, such as insults or the like, will not get published. And if it does, it will have direct consequences.
I'm also not tending towards a requirement to have all social networks ID'd, but I think that a Twitter alternative which enables a more serious discussion should exist. A place where politicians and journalists or just citizens can post their content and get commented on it, without all that extreme toxicity from Twitter.
The thing is, the political climate is very toxic and the absence of anonymity can have a real impact for things that are basically wrong think.
Say for example I held the opinion that immigration threshold should be lower. No matter how many non-xenophobic justifications I can put on that opinion, my possibly on H1B colleagues can and would look up my opinion on your version of Twitter and it would have a real impact on my work life.
There is a reason why we hold voting in private, it's because when boiled down to its roots, there are principles that guide your opinions they are usually non -reconciliable with someone else's opinion and we preserve harmony by keeping everyone ignorant of their colleagues political opinions. It's not a bad system, but it's one that requires anonymity
Or, to post on a political forum you must have an ID. You can have and post from multiple accounts, but your id and all associated accounts can be penalized for bad behavior.
The algorithm powering the trending section, which rewards angry replies and accusatory quote-tweets is at least a good a candidate as a source of harm to political discourse than anonymity.
Take it a step forward, ban Engagement based algorithmic feeds. I've said this and I'll continue to say this type of behavioral science was designed at FB by a small group of people and needs to be outlawed. It never should have been allowed to take over the new age monetization economy. There's so much human potential with the internet and its absolutely trainwrecked atm b.c of Facebook.
I think this is a partial attribution error; the goal is to make money by capturing attention and selling it to advertisers. The fact that strife is one of the most effective ways to do so, and the companies appear utterly unconcerned about the resulting damage to society makes it look like strife is the end goal, but it is merely a means to make money.
They would change their algorithms immediately if large advertisers applied financial incentives. We've seen some of this with Youtube's policies leading to videos with censored profanity where its use was previously normal and neologisms like "unalived" to mean killed.
Musk's Twitter may be a partial exception since it's decisions are now driven by a single man's preferences rather than an amoral mechanistic imperative to increase shareholder value. That doesn't seem to have improved things.
> the goal is to make money by capturing attention and selling it to advertisers
I mean, how do you know that?
How do you know that the goal isn't actually to perform social engineering on a huge scale and that the advertising is just the way that goal is being funded?
I suppose I don't. It could be that Facebook, Twitter, Youtube, and TikTok are all actively trying to create chaos, but greed adequately explains their behavior. One thing that points more strongly to greed is that the companies, aside from Twitter post-Musk, rapidly change their behavior when it impacts their revenue.
With TikTok, there's some chance geopolitics is a factor as well.
My experience with propaganda bots is that the really nasty hate stuff will usually be posted by actual, real people (perhaps as a result of being prodded by bot-provided outrage), and bots will rather have all kinds of more subtle hinting and agenda-pushing - because bots are managed by semi-professionals who care about bots not being blocked and (often) don't really care about the agenda they're pushing, while there also is a substantial minority of semi-crazy people who just don't care and will escalate from zero to Hitler in a few minutes.
How many social media users who create accounts and "sign in" are "anonymous". How would targeted advertising work if the website did not "know" their ages and other demographic information about them. Are the social media companies lying to advertisers by telling them they can target persons in a certain age bracket.
> But the only way to do this is to require ID checks
COPPA has entered the building. If you're under 13 and a platform finds out, they'll usually ban you until you prove that you're not under 13 (via ID) or can provide signed forms from your parent / legal guardian.
I've seen dozens of people if not more over the years banned from various platforms over this. We're talking Reddit, Facebook, Discord and so on.
I get what you're saying, but it kind of is a thing already, all one has to do is raise the age limit from 13 to say... 16 and voila.
"Finds out" is the operative part. COPPA is not a proactive requirement; it's a reactive one. Proactive legislation is a newer harm that can't easily be predicted based on past experiences with reactive laws.
Indeed, nothing is stopping said companies from scanning and assessing age of a user uploading selfies though. This is allegedly something that TikTok does. My point being, the framework is there, and then people actually report minors, the companies have to take it seriously, or face serious legal consequences.
How do you know the selfie is from the "primary" user? And how do you know they're underage, versus being a chubby-faced 18 year old (like yours truly was?)
Aren't the really problematic social networks the ones where you've lost your privacy and anonymity long ago and are being tracked and mined like crazy?
> But the only way to do this is to require ID checks,
No, it isn't. Check out Yivi [1]. Its fundamental premise is to not reveal your attributes. It's based on academic work into (a.o.) attribute-based encryption. The professor then took this a step further and spun off a (no profit) foundation to expand and govern this idea.
>It's not that anyone wants kids to have easy access to this stuff, but that any of these laws will either be (a) unenforceable and useless, or (b) draconian and privacy-destroying.
Surely not.
Imagine: government sells proof of age cards. They contain your name, and a unique identifier.
Each time you sign up to a service, you enter your name and ID. The service can verify with the government that your age is what it needs to be for the service. There are laws that state that you can't store that ID or use it for any other purpose.
- Would only work if the government, does not have access to the reverse mapping. (otherwise law enforcement will eventually expand to get its hands on it)
- It will likely be phished very quickly (and you'd have no way of knowing since no one is storing it). (making it short lived, means u'd have to announce tot he goverment eveytime u want to watch porn)
- Eventually there will be dumps of ids, like there are dumps of premium porn accounts now
> effectively regulating and destroying the anonymous nature of the internet
The bulk of the internet has not been anonymous for a while. Facebook requires an id already, Google tracks you using Google and the OS, reddit is tightening to control bots, amazon requires a phone number.
Think about it. What portion of your activities day to day on the Internet are anonymous? Now try to do them anonymously. It isn't practical/possible anymore and the internet of yesteryear is gone.
I propose the Leisure Suit Larry method. Just make users answer some outdated trivia questions that only olds will know when they sign up for an account.
It is pretty hard to give access to youtube to your kid with an account where age is stated. Yes kids can open browser in private mode… but they rarely do because it is a friction. If every social media would be moved to adult category the current rules in operating systems would do a good job.
I am not sure about 16 years ( i would support it as a father )… but up to 13-14 feels appropriate, there is PG-13
Ah so be it. I don’t care much for the things that come from anonymous culture. I want gatekeepers. This tyranny of the stupid online is pretty tiresome.
"Unconstitutional" arguments only go so far. I am not America (I'm a proud Australian) so I can easily see the incredibly obvious and ridiculous destruction "freedom" in your country entails.
Anonymity services can still exist without fostering an environment to addict children and young adults to social media or a device... and without your precious "rights" being taken away.
People can post all kinds of illegal things online and no one is suggesting that content should be approved before it can be visible on the Internet. It doesn't have to be strictly enforced to act as a deterrent. How effective of a deterrent it would be has yet to be seen.
The definition of "social media" in this bill actually seems to exempt anonymous social networks since it requires the site "Allows an account holder to interact with or track other account holders".
The internet has not been anonymous in fact or theory for decades now, and if you think the government can't get your complete browsing history on a whim I'm guessing you haven't paid any attention to the news about NSA buying user data bundles from online brokers. That said, "muh freedoms" is hardly a quality argument in the face of the widely documented pervasive harms caused to children by exposure to social media. The logical extreme of your position would be to declare smoking in public a form of self-expression and then demand age limits be removed for the sale of tobacco products because First Amendment. :P
Ironically the "freedom crowd" are also statistically significantly more likely to get shot by their own toddlers accidentally so I'm not convinced they represent a pool of quality decision-making or grounded worldview. It's interesting how quickly any discussion of potential solutions to real-world problems gets chucked out the window the second someone says "freedom".
>But the only way to do this is to require ID checks, effectively regulating and destroying the anonymous nature of the internet
Ban portable electronics for children. Demand that law enforcement intervene any time it's spotted in the wild. If you still insist that children be allowed phones, dumb flip phones for them.
It could be done if there was the will to do it, it just won't be done.
"Regulating them properly" could mean a lot of things to a lot of people. Do you mean e.g. just not allowing porn on the internet or do you mean e.g. just not requiring identification verification? If neither, what way of regulation that allows distinction without banning content or identifying users?
Putting conditions on the company so that they do not even risk this in the first place, e.g. moderation, a demand to make tools to protect children, there are a lot of different things and prohibition is the least likely to work at any level. You can look at any issue in history with prohibition and see what that amounts to.
Government knows best when it comes to minors, right? And all of us need to have our government papers ready if we want to participate in the most important forum of communication of our time. Talk about power imbalance.
> who can’t even articulate the difference between man and woman
Can you articulate that difference? Personally, I'd expect a more complete definition from a kid today than I would from a conservative adult. For example, my dad might refer to DNA when explaining the difference between a man and a woman, and he would also confidently say he's a man (I mean, he is my dad), but since he's never had a DNA test, how can he be sure? It's obviously about more than DNA. My mom might say a woman is someone who can have children, but what about women who cannot have children, are they not women? Etc.
And what makes a site a social media site? Anywhere you can post interactive content?
You do realize that laws like this would apply to sites like HN, Reddit, the comment section of every blog, and every phpBB forum you ever used? It's not just Instagram and Tiktok.
Trying to force independently owned and operated forums to enforce laws that might not even be applicable in the country that the owners / admins live and work in is going to be about as effective as trying to force foreign VPS/server/hosting providers to delete copyrighted content from their server using laws that don't apply in their jurisdiction.
I think a perfectly clear line could be drawn that would separate out phpBB from TikTok very easily. I genuinely don't understand this comment, we shouldn't do it because it's hard or the results might be imperfect?
Kids want to communicate. Whether it's TikTok, Discord, phpBB, chatting in Roblox or Minecraft, they will if they can.
If we want to "ban social media" we'll need a consistent set of guidelines about what counts as social media and what doesn't, and what exactly the harms are so they can be avoided.
I think your comment would be much stronger if you laid out precisely what you think that line would be.
Laws do not have to be perfect to be good, but they do have to be workable. It's not clear that there's a working definition of "social media" that includes both TikTok and Reddit but doesn't include random forums.
This is not a charitable reading. Nobody is asking for a perfect solution; it is reasonable to demonstrate some prior consideration for the ways in which most solutions are dangerously imperfect.
To me the issue is it’s a waste of government and waste of time. Parental controls already exist on all devices. The answer to every problem can’t be “more government, more laws”.
You know, I'm not really sure that requiring IDs for access to porn / social media is a terrible idea. Sure it's been anonymous and free since the advent of the internet, but perhaps it's time to change that. After all, we don't allow a kid into a brothel or allow them to engage in prostitution (for good reasons), and porn is equally destructive.
But with the topic at hand being social media, I think a lot of the same issues and solutions apply. It's harmful to allow kids to interact with anyone and everyone at any given time. Boundaries are healthy.
Aaaaand, finally there's much less destruction of human livelihood by guns than both of the aforementioned topics if we measure "destruction" by "living a significantly impoverished life from the standard of emotional and mental wellbeing". I doubt we could even get hard numbers on the number of marriages destroyed by pornography, which yield broken households, which yield countless emotional and mental problems.
So, no, guns aren't something we should discuss first. Also, guns have utility including but not limited to defending yourself and your family. Porn has absolutely zero utility, and social media is pretty damn close, but not zero utility.
The biggest problem with this is how we would define "porn". Some states are currently redefining the existence of a transgender person in public as an inherently lewd act equivalent to indecent exposure.
I have no doubt that if your proposal were to pass that there would be significant efforts from extremist conservatives to censor LGBT+ communities online by labeling sex education or mere discussion of our lives as pornographic. How are LGBT+ people supposed to live if our very existence is considered impolite?
Nevermind the fact that the existence of a government database of all the (potentially weird) porn you look at is a gold mine for anyone who wants to blackmail or pressure you into silence.
The horrors and dangers of porn are squarely a domestic and family issue. The government does not need to come into my bedroom and look over my shoulder.
> The biggest problem with this is how we would define "porn". Some states are currently redefining the existence of a transgender person in public as an inherently lewd act equivalent to indecent exposure.
Agreed, it's just rhetoric. Same as all these claims of an ongoing 'trans genocide' in the USA. Absolute nonsense, but it gets the believers in this ideology all riled up, and so the purpose of this rhetoric is fulfilled.
> Nevermind the fact that the existence of a government database of all the (potentially weird) porn you look at is a gold mine for anyone who wants to blackmail or pressure you into silence.
If you don't want a record of you looking at it, then don't look at it. All you need to do is refrain from pornography consumption. It really is that easy and simple.
> The biggest problem with this is how we would define “porn”.
I wholeheartedly agree. And that’s a problem we should lean into and solve. Its difficulty doesn’t make it less worth of solving.
> The horrors and dangers of porn are squarely a domestic and family issue.
Therein lies the problem however. Every systemic issue in our world begins in a family or domestic situation of some form. While I am well aware and also concerned about the implications of government overreach here, I don’t think we can throw up our hands and say, “Meh”. At a minimum it can begin with education. We can teach people about the destructive nature of porn (and social media).
The fact that this impacts every family, domestic situation, and therefore indirectly or directly touches every single life in our society actually kinda makes it a great candidate for government oversight.
It's the same problem with requiring age verification for porn. It's not that anyone wants kids to have easy access to this stuff, but that any of these laws will either be (a) unenforceable and useless, or (b) draconian and privacy-destroying.
The government doesn't get to know or regulate the websites I'm visiting, nor should it. And "protecting the children" isn't a valid reason to remove constitutional rights from adults.
(And if it is, let's start talking about gun ownership first...)