The problem is: you’re assuming they’re arguing in good faith when they say it’s about pRoTeCtInG tHe ChIlDrEn. It’s not. It’s a pretext for the data grab and mass surveillance of everyone. They will gladly take your argument, claim age verification is compatible with privacy and anonymity, and then introduce age verification systems that do implement mass surveillance. Don’t give them an inch.
Comment on Online age-verification tools spread across U.S. for child safety, but adults are being surveilled
Kraiden@piefed.social 3 weeks ago
I’m going to copy and paste a comment I made elsewhere:
The problem with age verification is VERY much in the implementation. It IS possible to do age verification without having to identify yourself to Meta/PornHub/Whoever. It IS possible to maintain privacy, AND restrict things like porn and social media to those who are of age. Look at how the Estonian system works, it’s brilliant. The problem isn’t age verification, it’s the blatant data grab that is currently trying to destroy your online anonymity…
IratePirate@feddit.org 3 weeks ago
Kraiden@piefed.social 3 weeks ago
No I’m not! I’m in 100% agreement with you that this has nothing to do with protecting children! Age verification, if done properly, is a good idea, that I’m completely for. But you’re right, this isn’t that. This is a smokescreen.
I just want to be sure that people understand that they ARE using a good idea as their cover here. It CAN be compatible with privacy and anonymity, and it is a good idea to stop young children engaging with the cess pit that is modern social media.
At some point, I sincerely hope that the current regime will end and be replaced by something more sane. At that point, I don’t want people to immediately think “age verification = bad”
lmmarsano@group.lt 2 weeks ago
Still unnecessary & less effective than less invasive alternatives that already exist & the government could promote. To quote another comment
Governments have commissioned enough studies to know that education, training, and parental controls filtering content at the receiving end are more effective & less infringing of civil rights than laws imposing restrictions & penalties on website operators to comply with online age verification. Laws could instead allocate resources to promote the former in a major way, setup independent evaluations reporting the effectiveness of child protection technologies to the public, promote standards & the development of better standards in the industry. Laws of the latter kind simply aren’t needed & also suffer technical defects.
The most fatal technical defect is they lack enforceability on websites outside their jurisdiction. They’re limited to HTTP (or successor). They practically rule out dynamic content (chat, fora) for minors unless that content is dynamically prescreened. Parental control filters lack all these defects, and they don’t adversely impact privacy, fundamental rights, and law enforcement.
Governments know better & choose worse, because it’s not about promoting the public good, it’s about imposing control.
Kraiden@piefed.social 2 weeks ago
As I’ve said elsewhere, yes in a perfect world it would be on the parents to enforce this, but that doesn’t mean we should do nothing on the social media side. It’s also the parents responsibility to prevent underage drinking and smoking, yet we still restrict those at the point of sale.
I’m for age restrictions on social media, and yes there are arguments against it, but I’m not really interested in having that conversation.
less invasive alternatives
This is exactly what I take issue with. It’s a false dilemma. The assertion that you can’t have age verification without the invasion of privacy and destroying online anonymity in the process IS FALSE. You CAN have both. THIS is the grift in my opinion.
Kraiden@piefed.social 3 weeks ago
And because someone will probably ask, this is my understanding of how it would work for age verification (I am not an expert):
There are 3 parties in this scenario. The Estonian state, Meta, and a 3rd party (which is currently a real 3rd party, but work is being done to allow this to be a digital wallet on your device, that you control)
The state issues your 3rd party a magic cryptographic cert that has all your personal data like dob
Meta issue an age challenge: Not “what’s your dob” but rather “Are you old enough to use this service?”
3rd party show you exactly what Meta are requesting and give you the option to approve or deny the request
If you approve, the 3rd party generate a new cert that JUST says “Yes I’m of age” and nothing else.
Because it’s been generated from the states magic cert it can be verified with their public key.
Meta don’t get more info than they need, the state can’t see that you’ve logged into Meta, but you’ve successfully proved you’re old enough to use the service.
The current weak point is that the 3rd party can absolutely see all of it, but there’s no reason the 3rd party has to be an external service. It could absolutely be an app on your device.
You still need to prove yourself to the state, but you’d have to do that to get an id card in the first place. It’s WAAAAY better than trusting all the different porn sites and social media services individually to not leak or misuse your data
anarchiddy@lemmy.dbzer0.com 3 weeks ago
The problem isnt just that the third party can abuse their access to your information, it’s that it is digitally stored and certifiable at all
The most secure data providers in the world have all basically had data breaches by now - including the IRS and US government. There is no party that can guarantee data security, even if they themselves are benevolent.
And for what purpose are we willing to gut privacy online? So it’s marginally more difficult for minors to obtain porn?
GTFO. De-anonymization has always been the goal, not ‘protecting the children’.
Kraiden@piefed.social 3 weeks ago
I fundamentally disagree with this. First off, that ship has sailed. Your data is already digitally stored. The problem is that it’s stored outside of your control and accessible without your consent. This system addresses those issues.
There is no technical reason your data ever needs to be on a device that is outside of your control. The 3rd party is just a local app, with local data storage. In other words there shouldn’t BE a massive database that can be breached. Sure, your device can still be breached, or stolen, but so can your physical wallet. Your device being stolen shouldn’t leak my data.
I’m not. I’m trying to explain that giving up privacy is NOT a requirement for age verification
I’m actually thinking about social media. There’s plenty of data to suggest that underage access causes severe harm, that can and has led to suicides. This is a problem with a body count.
100% agree. I just want people to understand that it IS a smokescreen. “Age verification” is a GOOD IDEA that is being used as a cover. Recognize the underlying threat, absolutely, but also recognize the good idea that’s being used to hide it.
anarchiddy@lemmy.dbzer0.com 3 weeks ago
Sorry, I just don’t agree with this, either. It isn’t just that it’s a third party, it’s that verification necessarily ties your device to your personal identity at all. No matter how you store the actual identity data, there needs to be an identifier associated with every device/account. I’d be fine if the OS just asked for my age and didn’t verify it with my state-issued ID - but if there’s any cross-checking involved that’s a dealbreaker.
If there were any possibility that a state actor had interest in identifying my personal identity of this account, and there was a record that pointed to my name, SSN, or other unique personal identifiers, i’d be absolutely fucked. There are really good reasons not to want social media accounts tied to real, verifiable identities - even if you think social media should be limited to adults (i’m not on willing to concede this, for what it’s worth).
It doesn’t matter if the data is stored on your local device - if it’s being verified by a state authority at all, that’s a huge problem.
Grandwolf319@sh.itjust.works 3 weeks ago
How about a system where I can go physically to a shop, show them my id, then the clerk allows me to buy a box of tokens that I picked up from the shelf.
I can pay with cash, the clerk just looks at my face and ID, nothing gets entered into the system.
Then I have a bag of tokens that could have various expire dates. Some could last years. They are not tied to any person in anyway but only adults could access them.
And yes, I can totally give it to some kids, but that’s no different than me buying kids alcohol.
Kraiden@piefed.social 3 weeks ago
I mean, yes, it’s the same process. It’s just moving the convenience store to your phone, and instead of being issued a physical ID by the dmv or whoever, you’re given a digital one. To be clear, that ID, and therefore your information is stored locally on your device, not in a server somewhere.
Grandwolf319@sh.itjust.works 3 weeks ago
While I would trust that for a FOSS app, it would be too easy for a proprietary app to just “backup” your data.
With the physical method, everyone can be sure they are anonymous through common sense.