- cross-posted to:
- technology@beehaw.org
- cross-posted to:
- technology@beehaw.org
The UN Convention on the Rights of the Child clearly expresses that minors have rights to freedom of expression and access to information online, as well as the right to privacy.
These rights would be steamrolled by age verification requirements.
If it is about protecting children, just create age based VPNs and whitelist the services with appropriate content.
This must be used above all to track the activity of every adult among all popular services. Having to proof adultness cannot be done without creating a link between the identify of the adult and the account at the service.
In theory, it’s possible, if the age verification authority keeps the link secret. But that’s impossible to uphold.
What are the elites planning to do that requires this huge amount of surveillance? The article says that they need it already in the second quarter of 2025. We will find out soon.
It can be done.
Do you really have no other complaints?
How can it be done?
You connect to an age-gated site.
Your browser receives an age verification request that does not contain information about the site.
It would contain the time, a random number, and the query: Is user over 18/16/14/whatever?
You identify yourself to that service in some way. The service could also be a program on your own device that uses a chip on your ID-card. If the service confirms the age, it digitally signs the request.
The site checks if the signature is valid and done. There’s never any connection between the age verification service and the site. If the request is more than a few seconds old, then it will be rejected to prevent sharing.
Of course, this assumes that sites will cooperate and implement such schemes at their own expense. Obviously(?) that will only be done by the larger sites, so it will be quite pointless. I don’t know why that is not a consideration. Understanding that doesn’t actually require any deep technical knowledge. But that’s typical for EU tech regulation.
How do you prevent people from selling access to children by calling the age verification service for them?
Btw,
Which other complaints could I have?
The high volume of requests would be detected pretty quickly. The verification service would not know what sites you visit, but it would know that you are making requests.
To succeed, that would need a fairly large number of stolen or fake identities. There’s really no point when you can just sell adult products, including pirated media, directly.
Which other complaints could I have?
I can think of a number, besides the one in the OP.
You could worry about freedom of information also for adults. Such systems interfere, by design, with receiving and imparting information. It also creates a system that can be easily abused for political censorship. Me, I worry a lot about the direction Europe is taking.
You could also worry about privacy in other definitions. Europeans, or Germans anyway, usually equate privacy with data protection, which is not actually correct. One American definition of privacy is as “the right to be let alone”. You’re certainly not being let alone with such a system. You might feel that it forces you and your family to abide by moral values that you may not share.
Then there’s the economic aspect. The people in a country with such laws will have to do extra work and use extra resources to implement and enforce this.
I don’t fully get the part about selling adult products directly.
The verification service doesn’t need stolen accounts.
There is a maximum number of unsuspiciously requestable tokens and people can sell their unrequested ones. There will be a black market and no ability to investigate unless privacy is lifted.
It’s still inhibiting children, but so does telling them not to do it.
Since foreign services do not need to comply, porn will still be available. So a firewall is needed. But then, why not give children an age appropriate vpn for their devices and accounts and leave the internet to itself?
Such a thing would work as with credit cards. An unusual pattern of use would flag the card as potentially compromised and cause it to be blocked, not the volume of requests in itself. It wouldn’t be quite so easy to avoid detection.
Making porn, alcohol, or other such things available to minors is a criminal offense. Being flagged multiple times would probably be enough for a conviction if one couldn’t provide an explanation.
An age verification service would need to determine your age. It’s not strictly necessary for them to keep your identity on file, but I think the likelihood is that it would be required precisely to prevent such abuse.
Such a service would be illegal in itself. It would have to exist on the darknet beside offers for mail-order drugs, stolen passwords, and so on. Might as well offer mail-order alcohol or adult media downloads with no questions asked.
Good question. Part of the answer is that law-makers in Europe have no idea what they are doing. Why there is no one capable of giving them technical advice is something I simply don’t know. Some tech regulations are so absurd that you’d never believe me they are real.