There are a lot of GOP-controller legislatures in the USA pushing through so-called “child protection” laws, but there’s a toll in the form of impacting people’s rights and data privacy. Most of these bills involve requiring adults to upload a copy of their photo ID.
How? As a user I want to have total control over my browser and Internet is an open platform - any browser should be able to view any website even though google is trying to change that with their DRM.
I don’t know exactly but the two big things I’ve seen, and again I’m not the engineer of it or anything, but
Know that yes this is a limitation of a browser, and that’s why it’s viewed as a compromise, a word that a lot of people have forgotten. None of us really want to have to prove it, but if there is a need to prevent children from accessing content (and tbh there is a need), then I’d rather have it be done in a privacy focused way.
So it’s not your browser that checks your age but a third party. This raises a few questions:
Yea, no. I decide, not the browser.
Again, 2 huge points I pointed out, I am not the developer or the privacy focused engineers who are putting forward these ideas, and again, compromise. The option of “I don’t want to do it” may not be on the table anymore. If it’s going to happen, it would be better to compromise and instead push a privacy focused approach.
For this to be on the table you need to convince all the browser manufacturers to implement it and close the sources so it cannot be undone by the users or forked. And remove all the earlier copies and sources Next you need to ban tools like curl or wget because they can pretend to be browsers. If you want something that can’t be removed in reasonable time realistically you have to demand full web drm a-la Google but this means a bunch of older computers needs to be thrown away just because they can’t use newer browsers and/or newer OS.
Now that we figured out what needs to be done on the client site - let’s talk about server side. You need to convince every porn site out there to perform this check. A few more interesting things to think about - how many porn sites are out there? What to do with those that won’t follow your proposal?
In short - from technical point of view if you really want to achieve “enforced age verification” - internet must become a very different, much more closed system.
I mean they’re already doing that, there’s already a handful of states that require porn sites check a user’s ID before granting access, that’s why I keep reiterating compromise, because it’s already happening. And the version they’re pushing is we hand over our ID to ever site which then of course would be subpoenable. So, again, I don’t know why you’re thinking these solutions are the bad ones, the bad ones are already in place and being used, they’re just trying to roll it out nationwide now.
And again, I really feel like I keep repeating the same point over and over and over and over and over again, if it’s going to happen, which they’re really trying to push through and looks like they are going to, a compromise would be to at least have a privacy focused approach.
A handful of states can require that, sure, but requiring is not enough. All the browsers and all the porn sites need to follow that and this is not going to happen
If the goal is to make sure there’s age verification for users of some porn sites with some web browsers - yea, you can totally achieve that. A workaround is a) switch the website or b) switch the browser. That’s security theater though. Wastes time and money, fails to achieve the goal. If the goal is to make sure age is tested for users of all the porn sites for users of all browsers - this goal cannot be achieved without massive effort.
They have internet with porn in it in other nations :)