Comment

Comment on System76 on Age Verification Laws

Ah, i think i see where the difference in opinion is, claiming this event leads directly to (as in the very next step is) AI/ID verification could be considered an unreasonable jump i suppose.

In my case i was interpreting the argument as this event will almost certainly lead to further encroachment events into privacy, one of which would probably be the AI/ID verification.

To me this is a reasonable assumption because it’s what has happened in pretty much all of the recent instances of similar event occurring and therefore not a slippery slope fallacy.

TL;DR

On further examination, the technical things you mention seem to be correct if you assume that this bill alone is the vector for privacy encroachment, but they don’t pan out at all if it is assumed that other steps will follow; which, given precedent, is highly likely to happen.

On the technical implementation:

The reason its a slippery slope fallacy is the assumption that this law is a direct attempt to implement those systems, in spite of the fact that AB1043 implements a system that would be redundant with AI or ID based methods,

As an aside i’m not sure anyone is claiming that this bill is a direct attempt at a hard AI/ID verification system, rather they are claiming that this another step in a series of encroachments that will lead to escalating requirements and enforcement, AI/ID verification being an obvious step in that series.

From a technical standpoint you are correct, it outright states that photo ID upload isn’t required, yet.

Opinion : A cynic might see this as indication that the politicians understand that political and public appetite for full photo id requirements is less than optimal, so this is just a small step in shifting the Overton window on this subject.

technically doesn’t offer any good way to transition into an AI or ID based system (since it all has to be done locally),

That is only correct in a very narrow set of circumstances, that local requirement isn’t set in stone at all.

All that needs to happen to go from this to full ID checks is to mandate they use a “trusted” service for verification. It wouldn’t need to be an always online thing either, think of how the bullshit online verification systems that already exist work, i.e. you need to go online every x days or your system/service/app will stop working.

opinion: I fully expect any “trusted” service they designate to be something that serves the governmental and corporate desire for as much data as they can get away with, this isn’t even a stretch, just look at the service discord was trying to implement, the one with deep ties to palantir

and legally, imposes additional data protection laws that are likely to interfere with AI-based age verification.

This isn’t wrong as much as it seems naive, we are talking about bills that change laws, any law introduced can be revoked, superseded or have “exceptions” carved out, such as the current favourite “think of the children” thin veneer they are using.

It wouldn’t take much to move from “all data is protected” to “all data is protected, unless we need it to protect the children”

That’s not even taking in to account that the laws are only as good as the system upholding them, the current US system is sketchy AF, other countries have similar issue with uneven application of laws.

Not to say we should throw out hands up, say “what’s the point?” and just do nothing, but pretending that these laws aren’t susceptible to the same issue affecting everything else doesn’t help anyone either.

The problem with AI and ID age verification isn’t the age verification. Its the data collection, limits on personal freedom, and to some, the inconvenience.

Agreed.

So far as I can tell, AB1043 doesn’t have a significant impact on data collection (it does add another metric that could be used for fingerprinting, but also adds stricter regulation on data collection when this flag is used,) or personal freedoms - esspecially not when compared to what is already the existing standard of asking the user for their age and/or if they’re over 18.

Mostly agreed.

the points i’d raise are that the whole idea of age verification is an encroachment upon personal freedoms for some, so there’s an aspect of subjectivity to that.

I addition, relying on data collection regulations at this point is almost dangerously naive, corporations and governments alike have shown that they will basically ignore them outright or make up some exception, this isn’t conjecture, this is something easily searchable, think flock, ring camera’s, stringray , PRISM, anything palantir is involved in, cambridge analytica, broad warrantless data requests etc.

There is absolutely no reason to give the benefit of the doubt to parties that have repeatedly proven to be doing sketchy shit.

source

Sort:hotnew top

PlzGivHugs@sh.itjust.works ⁨1⁩ ⁨week⁩ ago
But the sound of it, ghe disagreement is mostly in how direct an impact AB1043 will have on government plans for data collection and authoritarianism.

Like, as you said, laws can be changed or removed, but the fact that it would be necessary to do so to implement AI/ID suggests to me that this isn’t that, and is instead a disconnected route. On a legal level, having this does nothing but add a speedbump to future authoritarianism - one they are likely to cross, but it doesn’t advance their goals, legally.

Technically, I have no doubt that the government will continue to push for more data collection and more control, but it seems that a local value that the user can access/edit (even if they were to use a online-verification system, that issues tokens) isn’t going to be secure or enforceable enough to achive their goals. Anyone can copy, modify, share, reverse-engineer, ect.

Similarly with the Overton window, where it has been standard practice for over a decade to have a “are you at least 18?” popup, and for every single service to ask you your age, if not more. We absolutely need more data protections for systems such as this (ideally an outright ban on saving this information) but this doesn’t seem to make it worse.

Basically, from my understanding, this isn’t a step towards data collection or authoritarianism, and provides no significant benifit to either of those causes - its effectively a technical standard. Like, if this age-verification flag was proposed by the Linux Foundation, and agreed to by others, would the backlash be this big? Similarly, I don’t see any contradition between wanting a ban on storage/sharing of user data, and the implementation of a flag like this - even if we are able to ban all storage of user data, this law would be unaffected. That’s what I’m trying to figure out - how do people think that this leads towards those end goals? How would blocking it improve anything?

Is it just a difference in opinion about the signicance of the Overton window?

Is there a technical aspect I’m missing?

Is there some legal advantage this provides to survailance that I’ve missed?

Right now, it seems like everyone is arguing against a strawman, implying that I support the idea of government/corporate surveillance and censorship, but given how unanimous it is, I’m guessing I’m missing something?

source
- Senal@programming.dev ⁨1⁩ ⁨week⁩ ago
  
  By the sound of it, the disagreement is mostly in how direct an impact AB1043 will have on government plans for data collection and authoritarianism.
  
  That’s not really the original disagreement i was referencing, nor is it a position i’ve taken, we agree that the local only bill isn’t the big bad.
  
  You twice referenced the slippery slope fallacy when replying to comments clearly describing future actions, i was pointing out that it doesn’t meet that criteria because there is a reasonable assumption that the described escalation will occur.
  
  Your original responses to which i was referring:
  
  This is a slippery slope falicy. Just because the option is provided to self-identify age, doesn’t mean that it will be replaced with more complex and direct data collection (which I am against, if it wasn’t clear) later
  
  You’re again relying on slipery slope falacy to say that because I’m okay with this one specific form of age gating, I’m okay with every other one, which I have repeatedly made clear is not true.
  
  The first one is the main issue i was pointing out, the second one isn’t how the fallacy is applied at all.
  
  As no one is taking the position that AB1043 is the actual danger most of what you are arguing doesn’t really apply.
  
  Similarly with the Overton window, where it has been standard practice for over a decade to have a “are you at least 18?” popup, and for every single service to ask you your age, if not more. We absolutely need more data protections for systems such as this (ideally an outright ban on saving this information) but this doesn’t seem to make it worse.
  
  Emphasis mine.
  
  Hard disagree, moving the responsibility of this from individual websites to the OS is a big jump in scope.
  
  The same kind of jump as making it the ISP’s responsibility if they serve illegal content from individual websites ( as has been suggested ).
  
  Aside from that it centralises the surface area for future changes and enforcement.
  
  Basically, from my understanding, this isn’t a step towards data collection or authoritarianism, and provides no significant benifit to either of those causes - its effectively a technical standard.
  
  This is the disagreement, i (and obviously many others) are pointing at the long and comprehensive list of similar initiatives, both recent and historic, that were stepping stones to further encroachment and saying “oh look another small step in the continued and provable encroachment upon privacy” and you seem to be advocating for the benefit of the doubt.
  
  Like, if this age-verification flag was proposed by the Linux Foundation, and agreed to by others, would the backlash be this big?
  
  If the linux foundation had the same history of shenanigans, then yes.
  
  Similarly, I don’t see any contradition between wanting a ban on storage/sharing of user data, and the implementation of a flag like this - even if we are able to ban all storage of user data, this law would be unaffected. That’s what I’m trying to figure out - how do people think that this leads towards those end goals? How would blocking it improve anything?
  
  Ignore the technical implementation of this one step, nobody is saying this is the endgame big bad.
  
  Think of it as a prevention measure, a single ant in the kitchen isn’t a problem in and of itself, but it’s almost certainly an indication of a larger potential future problem.
  
  You are arguing it’s not a problem because the ant only has 5 legs, everyone else is saying the leg count doesn’t matter it’s still an ant.
  
  Is it just a difference in opinion about the signicance of the Overton window?
  
  See above
  
  Is there a technical aspect I’m missing?
  
  Not necessarily , it’s just that you are arguing a single technical issue in a conversation about perceived intentionality.
  
  Is there some legal advantage this provides to survailance that I’ve missed?
  
  See above
  
  Right now, it seems like everyone is arguing against a strawman, implying that I support the idea of government/corporate surveillance and censorship, that I don’t expect that they’ll continue to be evil, or they’re simply saying its bad because its cosmetically similar to laws that do impede on freedoms. Given how unanimous the backlash is, I must be missing something?
  
  That you are using a point nobody disagrees with to imply correctness in a context where said point doesn’t really apply makes it seem like you are coming at this in bad faith.
  
  When bad faith is assumed, people look for underlying reasons.
  
  source