I stand by my repeated statements of how this could have been solved simply using an RTA header [1] on the server side and require the most common user agents to look for that header putting the onus on parents where it currently legally resides. It's not perfect, nothing is nor ever will be but using the header solution is entirely private, does not store or leak data and puts the decision into the device owners rather than creating perverse incentives to track everyone. It may actually protect most small children whereas today teens quickly find a work-around and then teach smaller children how to work around these centralized gate-keepers. The current solutions are just about tracking people by real identity and incentivizing teens to commit identity crimes.
None of these laws are actually about protecting children. That's not the real goal. The real goal is the complete elimination of anonymity on the web, where both private companies and the state can keep tabs on everything you do.
Not being able to be at least pseudo-anonymous has a real chilling effect on speech and expression. Even if there are laws in place protecting such rights, people will self-censor when knowing they are being watched.
It's how freedom of speech and expression dies without actually scratching that part off of the bill of rights.
It's a mix. I'm sure there are some people really trying to protect kids. There are other people that just want all porn off the Internet. And there are bad actors that want total surveillance. And they are all on the same side of this issue.
Yea. People which cured their children with lobotomy also thought that they we're doing something good. These usefull idiots are in some sense worse than the perpetuators it self because they are primarly the enablers of such behaviot simply because of their naivety or worse, ignorance.
Not idiots necessarily, sometimes just long-time observers who have finally become cynical. People that were pro-guns for decades may watch several years of failure to adopt basic and uncontroversial gun-control regulation, then eventually become anti-gun. People that were in favor of regulating it once may suddenly become fearful for their safety, and want no regulations at all in case that regulation puts them out in the cold. Since both PR campaigns and any action on policy tends to cater to extremes, there's always pressure that is shrinking the middle
The comment "useful idiots" is more a play on the russian KGB strategy.
They use assets to influence people and achieve certain goals. In this case
here, terrorism or child pornography is used as cop-out rationale for censorship,
surveillance and so forth. It's never about those topics really, perhaps 5% at best,
the rest is just sugar-coated decoy to restrict people and keep them as slaves and pets.
> Since both PR campaigns and any action on policy tends to cater to extremes, there's always pressure that is shrinking the middle
This only works on people who are susceptible to this. I understand how propaganda works so I am never fooled by "this is because of terrorists". This is also why I am for 100% transparency at all times.
see, when you cut out the part about "because of terrorists" that sounds like a patently laughable claim. I would tend to agree with the poster on the strength that some propaganda is very, very easily spotted:
- anything that mentions "terrorists" (or the nouveau "narco-terrorists")
- "think of the children" / "we must protect the children"
- "we need to create jobs" / "job creators"
- "they're turning the frogs gay"
- "we need to protect America"
tbh if you're fooled by any of that (and there's no delicate way to say this) you're dumb. Even a cursory glance at history would reveal the obvious deception and it's on you that you haven't bothered.
> The comment "useful idiots" is more a play on the russian KGB strategy.
Oh, I'm familiar with the phrase, but I'm specifically disputing how applicable it really is to people that are self-aware about the situation they are facing. Useful idiots are ones that are tricked, especially ones that are evangelical about tricking others. People forced to choose between 2 extremes where both choices are very bad are called.. normal citizens participating in the democratic process.
> This only works on people who are susceptible to this. I understand how propaganda works
What? You can see through propaganda, but you can't just pencil in your own policy options. Unfortunately and by design, the things you can ultimately vote for are "all or nothing" flavored. Censor everything, censor nothing. Track everybody, track nobody. Tons of parents who totally understand the surveillance state probably got flipped by meta's memo about chatbots being "sensual" with children. They'd rather vote to force corporations to be good citizens, but they can't. So they'll vote for an age-gated internet as the best of the bad options. I wouldn't assume all those people are naive, confused, or duped.. they've simply switched from a principled/abstract stance to a convenience-based calculus after they were forced into it. Meta wins either way, as planned. Either they get to build a more addictive platform, or they track more info about more people
People forced to choose between 2 extreme evils, one (debatably) lesser, are not called "normal", they are called unfree.
The process of making sure people are always in one such situation or another is not called "governance", it's called driving insane.
>I wouldn't assume all those people are naive, confused, or duped.. they've simply switched from a principled/abstract stance to a convenience-based calculus after they were forced into it.
Forced into it under threat of violence, or under threat of denied sustenance and shelter, or "forced" by catering to their naivete, by confusing and duping them, by silently extorting them by enclosure of the commons?
Switching from "principle-based stance" to "convenience-based stance" is not called "being sensible", it's called... cowardice.
>Unfortunately and by design, the things you can ultimately vote for are "all or nothing" flavored. Censor everything, censor nothing. Track everybody, track nobody.
If voting changed anything they'd ban it.
>Tons of parents who totally understand the surveillance state
If you truly understood how the surveillance state feeds on human life, you would deny it sustenance by - yes: - refusing to breed in captivity.
That's one of the few meaningful political actions available to the individual. At least until advances in reproductive medicine get turned on us, same way it happened with the mind-bicycles. A society with the technical capacity to go Gattaca might rather go all-in on Plato's Republic.
Type of beat like yall can have the world to yourselves if yall want it that bad, but believe me, you will choke on it.
I think in this case many of these people are "useful idiots" in the sense that they lack a strong technical understanding of how the internet and www are architected. This can cause them to accept erroneous concepts like "tracking the identity of all internet users is the only way to protect the children" while alternatives like the one proposed at the beginning of this thread can be easily glossed over as some techno mumble jumble.
> The U.K. Online Safety Act was (avowedly, as revealed in a recent High Court case) “not primarily aimed at protecting children” but at regulating “services that have a significant influence over public discourse.”
Thanks, this was good info.
As an aside, I read the original source. I found the writing completely impenetrable and realized I know nothing about the British legislative process.
But this did, nonetheless, convince me that british legislators are interested in using this bill to regulate the internet.
> It genuinely doesn't seem like any more of a threat than age-gating Playboy at the bookstore
If it was really like that, I would have no problem. Simple ID check, in-person only, that's never stored anywhere.
I've proposed this several times. Age-gated websites (social media, random forums, adult websites) should require a one-time use code or token that expires once a year. The token should only be available for purchase at liquor stores or tobacco stores - someplace they check your ID on pain of losing their license. It should be reasonably priced.
Sometimes someone might resell a token they purchased to a minor. Those people should be actively hunted with sting operations and prosecuted.
There's no good reason to make age verification on the Internet more stringent than age verification to buy alcohol or tobacco. Alcohol and tobacco kill far more people.
I've never had my ID scanned. The sales clerk glances at it. These days they don't even ask :-D
If they scan your ID for alcohol or tobacco purchases where you live it might be time to fix that with legislation too. Insurance companies would love that data.
I went to check my Social Security administration account like 4 years ago - I forget why. To access it, I have to have an actual video face to face conversation with people from some Real ID company.
I'll never look at that account again in my ficking life.
I don't understand the downvotes. If you have this question then so do others and it ought to be part of the discourse. Anyhow...
From what I've seen, the current wave of ID-gating the internet is a wedge for opening the door to much broader censorship. Specifically, some jurisdictions (Wisconsin, Minnnesota, and the UK) are using recently-passed legislation to argue that we need to make VPNs illegal [0 1 2].
Speaking for my own beliefs, banning the use of VPNs is a huge problem, and it seems like basically anybody who understands the technology would be against it.
I have no problem with banning or age gating pornography at all. Personally it seems weird to me that that's the red line for people.
But this is a good point, which is that lawmakers who don't have a clue what they're regulating will see VPNs as undermining the laws they've made. Thanks for this
> Not idiots necessarily, sometimes just long-time observers who have finally become cynical.
This doesn't explain why they would support privacy-invasive ID requirements instead of the RTA header.
> People that were pro-guns for decades may watch several years of failure to adopt basic and uncontroversial gun-control regulation, then eventually become anti-gun.
I want to call this a bad example because the only people who call the rules that don't pass "basic and uncontroversial" are the people who were on the other side to begin with, but maybe it's a good example because the analogy lines up so well with exactly the same scenario:
People who are anti-X propose rules with low effectiveness against actual harms but that impose significant burdens on innocent people who are pro-X, persistently insist that their proposal is fine and supported by everyone even as it demonstrably lacks enough support to pass and then point to the period of nothing being done to try to garner enough support from independents to squeak over the line instead of considering less burdensome alternatives, because burdening the pro-X people is the point. And then the people who fall for it are the useful idiots.
Unfortunatwly "keeping kids and teenagers off of algorithmic social media" is one of the most worthy goals one can pursue right now; so is keeping them off infinite porn.
No, I believe the term is "parents don't want 8 year olds getting access to tits, violence and gore"
Given that kids need a device for school in a lot of areas (mine included) and the tools for stopping kids getting either access or bombarded by such stuff are either shit, require deep technical knowledge, or predatory, I can see why people are asking for it.
I presently hate the current system of handing over biometric data in exchange for tits. I don't want some shading startup having my biometrics so that when they go bust, pivot or get hacked, can be used to steal my stuff.
The middle ground is a system that _normal_ people can us to make sure kids who have access to devices can't easily access nefarious shit.
None of that is useful idiots.
When it get fun is the all or nothing crowd. The internet is going to be age gated, whether you like it or not. If you continue to go "INTERNET MUST BE FREEEEEEEE" without accepting that the tools that the populace _want_ don't exist means you get porn bans, or worse.
I think there's probably a middle way without going as far as "biometric data in exchange for tits"
I'm in the UK and so far the only thing I've noticed age wise is Reddit asked me for a webcam selfie, which could easily have been faked by a kid with an accomplice but if the aim of this is to stop actual vulnerable kids that kind of thing is maybe enough. If they are with it enough to use VPNs and stuff they are probably old enough to see porn etc.
Like in the old days people used to avoid the kids looking at porn by putting the porno mags on a high shelf so they couldn't reach them. I don't think you need passport control level ID for this kind of thing.
> I don't think you need passport control level ID for this kind of thing.
I 100% whole heartedly agree.
For uk mobile ISPs there is already a system that stopped most of the nasty stuff from getting past. It was pretty difficult to circumvent, hence why I turned it off for me. If that could have been rolled out wider, with an account password for turning it off, that would have been more than enough.
Can you explain to me what is being exploited here? I had to do KYC for Hetzner, for anything crypto related in the last decade, and a number of other things.
Age-gating porn doesnt seem problematic to at all. In fact it's far less worrisome than any of the former, which are kind of important for commerce. What am I missing?
Once there is a record of what porn you looked at, people, government, employeers won't hire you. could be based on that you looked at all, or that you looked at the wrong kind. Wrong = whatever fetish you're into and your employeer/government/health-ins doesn't like.
Lets just hope there's no government that wants to incriminate certain sexuality and gender, then all these logged KYC for every little social thing will be very dangerous.
But personally, I'm much more concerned about it in regular commerce.
A huge swath of the population thinks that porn is inherently harmful. An even bigger swath thinks that it should be completely separated from both. I agree with both of these things.
I'm also strongly against censorship, so I'm trying to figure out how people are worried this is being used. I do not, at all, consider age-gating Playboy at the gas station to be censorship.
If you think your porn habits are not already being logged and tracked by intelligence agencies, I think you are fully delusional.
The issue isn't age-gating Playboy, but to begin censoring requires a line to be drawn, and there's no guarantee that educational material regarding LGTBQ topics wont be considered "adult" or "pornographic".
The whole "know it when you see it" doesn't work when there's a significant group out there who would love to see queer people at large go away from society. With this, you now have teenagers being blocked from actual educational material because Carol from the "burn everyone but me" church down the street believes anything regarding sexuality is "adult" material.
The thing with the porn habits being logged by intelligence agencies, is that data has a large risk-reward for actually being used. They wouldn't burn the secret of their capabilities for something small. Most of the metadata wouldn't be admissible in court assuming courts don't go full kangaroo. The usage of the metadata is general intelligence to point investigations, or parallel reconstruction to get warrants for someone they don't actually have anything on, but want to search.
Doing KYC American style for porn/adult content means mass data leaks are a matter of "when", because there's no consumer protection and this data will be retained indefinitely because ads make money. The leak means real people are put in real danger.
I believe the term for them is evangelicals. I'm going to guess that a venn diagram of deeply religious people and people pushing for "protecting" the kids is just a circle.
"useful idiots" was a Stalinist term for people willing to cover up for the murder of millions on the grounds that communism was good and would never do the holodomor.
I really don’t care about what’s on the internet, until my kids get exposed to it. How grownups talk to other grownups in private isn’t my concern.
But when kids - and I mean my kids - enter the loop it becomes my business, and ideological concerns go out the window.
I’ve ranted and raved about how terrible filtering software is, and how school provided computers contain massive workarounds.
The real concern isn’t porn sites — the real concern is poorly moderated social media sites. Ones where kids post things other kids see. And guess what the kids post?
But a lot of the nasty content shared in these poorly moderated sites gets it start elsewhere.
I’m cynical about any law, but my bias toward legal action is only increasing as the online situation is only getting worse.
Can't you do mac filtering on your router at the very least?
Why not install root certs on all your kids' devices and then force them through your home proxy so you can run content classification and proactively block and get reports of what you've blocked? A little privacy-invasive, but if your kids are young enough, it makes sense to get alerts when they've attempted to access boobs or gore so you can have a convo about it.
The easiest route here in my opinion aside from DNS services that claim to block adult content would be to use a Squid SSL Bump proxy. It's along the lines of what you are suggesting and requires installing a self signed CA cert on the client but gives you centralized management of what domains, URLs, file types, times of day, URL patterns are allowed/permitted as well as a memory and disk cache to reduce bandwidth. This [1] is a really old example based on Squid 3.x but this concept has improved a lot in Squid 6.x. Sites that still do public key pinning there are a handful will have to be added to Squid's SSL BUMP exclusion. Ignore the term SSL, it's TLS but they kept the term the same.
Given the negative responses, I'd like to strengthen the position against positive rights by stating that positive rights require slavery the extreme whereas negative rights do not.
If the government guarantees food for children (or anyone), the government must provide it. If nobody is willing to be a farmer at any rate the private or public sector affords, the government must force someone to be a farmer to produce food to fulfill their positive right grant.
You induce people to do things with payments, not slavery. Or you ask for a volunteer corps. Or you have the army do it if all else fails. I presume you are opposed to the existence of standing armies if you are opposed to slavery in all forms as well as wage slavery.
I'm less opposed to standing armies because a voluntary contract is entered by both parties. I am not a fan of the draft or compulsory service.
My example was an edge case. I expect the government could find a price that someone would take long before they required slavery. But it still stands that it is a potential. I prefer all transactions are voluntary, even if that means you lose your country because nobody is willing to sign up for it's defense.
Claiming support from "the vast majority" is clearly nonsense. There is little support for getting rid of social security, Medicare or Medicaid, or several other current wealth transfrr programs.
The goal was to put Company A in between you and the web. Collecting data and selling it for profit. It’s never about what they say it’s about. Lobbyists have bought every aspect.
> None of these laws are actually about protecting children. That's not the real goal.
I fear that for 90% of the supporters of such laws (just like with chat control) this statement is wrong, and they truly do want to protect minors from harm. But that only makes it worse, because this type of argument completely misses the mark while the other 10% get to laugh up their sleeves while continuing to manipulate public opinion.
Technical people have been gleefully eliminating anonymity on the web for the last 20 years. Progressives should be the party on the side of maximal freedom but really in the US we have one neo-liberal party wearing two different disguises.
The problem is normies don't operate under assumed anonymity. So when the hordes of unwashed regular people joined the internet they wanted their face everywhere. People were shamed out of their handles. Some people gave up their anonymity to make yet another faceless bullshit blog-as-a-resume. Look at most of the top karma farmers on HN. Most of them post their personal information in the their bio. Pathetic.
> people will self-censor when knowing they are being watched.
This has been happening both in public and on the internet for over a decade now.
> Not being able to be at least pseudo-anonymous has a real chilling effect on speech and expression.
The normies would argue you have nothing to hide if you aren't doing anything wrong. The average voter, regardless of party, will happily surrender every ounce of freedom for the thought of security. Hell, I remember sometime around 2007 DEFCON became a first-name-basis conference!
> bill of rights
It's more of a bill of privileges given NGOs and PACs are regularly paying to erode the core rights granted to citizens. Either through lawfare by circumventing the courts and suing companies into bankruptcy, or by directly purchasing congressmen via donation.
What I have found in general is people who cry and complain about this kind of thing were, at one point, happy to have it happen to their political enemies. The laws that are paving the way for age-gated deanonymized internet were at one point used as a cudgel to beat their political enemies down. When the tables finally turn after the Nth "protect the children" bill, it's the other people left crying and now suddenly its a "problem".
You may not be old enough to remember Edward Snowden or Mark Klein (who went unnoticed), but there never was anonymity.
My pet theory is that this requirement is part of a mob war and porn and whatever else the MindGeek people are involved with is being attacked for the much of the same reasons Ukraine attacks Russian oil refineries.
> The real goal is the complete elimination of anonymity on the web...
I'm ok with running this experiment (not sure how it really turns out) BUT only if everyone participates. Governments and businesses get to watch me... I get to watch them. If the death if anonymity is inevitable, as unpleasant as that sounds, the goal to shoot for then is universal application
>Not being able to be at least pseudo-anonymous has a real chilling effect on speech and expression. Even if there are laws in place protecting such rights, people will self-censor when knowing they are being watched.
This supposed golden era of communication lasted for a very short period. Why is is so important that freedom of speech also be anonymous? What you're asking for is the right to talk to anyone with all societal, cultural, and interpersonal contexts removed.
It is not only freedom of speech, but freedom of association that would also be jeopardized.
People long ago used to have to hide that they're gay, not only because they could be ostracized, but that people they associate with could also be under scrutiny.
Being able to track one's movements, or who they associate with, could reveal information that said person would want kept secret.
There was a podcast episode I listened to once, probably Darknet Diaries but maybe some other tech one, where the person being interviewed was an active community member in some bbs back in the day. Everyone decided to meet up to play dnd, and he showed up as a 13 year old kid when everyone else was 20+. They let him stay after cleaning it with his mom.
This is one type of connection that would be unlikely to form if superficial anonymity is lost. That kid probably would be off in some "safe" walled garden.
This doesn't even touch on more obvious forms of discrimination like gender, religion, etc.
And political affiliation / speech isn't protected in the US, so an employer could term you anytime for policy disagreement. Such a policy would destroy the exploration of ideas overnight, as outrage mobs would try to get any dissident sacked.
If those are your concerns, then why is it so important that this freedom of anonymous expression only happens on the internet? I think what you are really asking for is private, encrypted comms but only to a certain subset of people. Otherwise, you should also argue for freedom of anonymous expression over any other medium.
And of course freedom of speech has practical limits. It's that very tempering that stops non-virtual discourse from turning into a cesspool. I worked for a company that permitted anonymous comments to the leadership team, which they would then review in front of the company. It was a total shit show, and I attached my name to any comments I made.
If you are not happy filling in your workplace questionnaire unless it's anonymous, then something needs to change about your company (and something that probably can't be fixed with anonymous comments).
I'm not asking for anything, I was merely pointing out the advantages of anonymity. You don't need to consider a decision the best one to see its upsides.
I don't really get the rest of that argument. What other mediums are legally deanonimised? Privacy in mail and telephone was a commonly supported right, Watergate was a scandal for a reason.
>If you are not happy filling in your workplace questionnaire unless it's anonymous, then something needs to change
That's the point I was trying to make, that it is a shortcut, but an improvement. Preaching a 'good option' that doesn't survive the real world is a common failure of justice systems.
Example: 'Anonymous tip off for sexual abuse' is a very flawed system. Tell the victims 'no, see, what you need is proper handling of abuse by authorities'. Is that useful when we know for a fact that alternative never worked?
Shortcuts should only be removed _after_ the proper alternative is in place and working. Otherwise, you're just making people lives worse.
> It's that very tempering that stops non-virtual discourse from turning into a cesspool.
Agreed, anonimity introduces many problems we haven't been able to solve properly yet. It can platform abusers. It can empower legitimately wrong behavior. It can make people less willing to take ownership of their actions, or less empathic.
Those are all legitimate points to consider and balance, I'm just not ok with pretending it's a no-brainer.
>I'm not asking for anything, I was merely pointing out the advantages of anonymity. You don't need to consider a decision the best one to see its upsides.
You haven't given any yet. You've pointed out that anonymous messages in some circumstances can be beneficial (which they can), but haven't given any advantages for a widespread, anonymous communications network with open access.
>Privacy in mail and telephone was a commonly supported right
It really wasn't. I don't know of any time or place where mail and wire tapping wasn't legal and/or practiced.
Agreed, to recycle a past comment on the benefits:
____________
We never needed everyone to filter, just parents busy lobbying the government to impose crap onto every possible service and website across the entire world.
Instead, they should purchase devices for their kids that have a child-lock and client-side filters. All sites have to do is add an HTTP header loosely characterizing it's content.
1. Most of the dollar costs of making it all happen will be paid by the people who actually need/use the feature.
2. No toxic Orwellian panopticon.
3. Key enforcement falls into a realm non-technical parents can actually observe and act upon: What device is little Timmy holding?
4. Every site in the world will not need a monthly update to handle Elbonia's rite of manhood on the 17th lunar year to make it permitted to see bare ankles. Instead, parents of that region/religion can download their own damn plugin.
This is society though, hence it is an issue of law and people trying to tell other people what to do.
The Elbonia rite crowd don't just want this for themselves. They want to ensure that their vision of "what is right" is put onto everybody. And the AnkleShowers want their vision of "what is right" put onto everybody. And everyone else has their opinion too.
And the shit-shouting continues until finally someone says "But we can ALLLLLL agree that we want to protect our children yes?"
The issue has never been technical. It is how society has it's debates. Things like each issue becoming a two party extreme. Things like media rules that "both sides get equal airtime" even if one is a tinfoil hat wearing idiot.
As a society, we won't get properly better until we debate better and can accept middle grounds.
I understand the rationale - I am still against that. To me it is censorship.
Making it more sophisticated does not change this problem.
The problem is that some want to control other people. I am against this. For
similar reasons I stopped using reddit - I finally had enough of random moderators
censoring me and others.
I'm starting to see platevoltage's point. Yes it's additional information, but it is an indirect form of censorship.
Remove one more f-bomb and we'll give you that PG-13 rating you're wanting.
Food labels are easier to justify because they have a very tangible effect on one's health. But even those can be misleading in the end.
I say keep the food labels, but reconsider the movie ratings system. What if it went away? The studios and exhibitors would have to *tell us* who the movie is intended for. What's so hard about that? What is this magic benefit we're getting from a rating system?
On the planet I’m from, the pedophile in chief is already intentionally miscategorizing information so it can be censored using mechanisms like this, and is implementing a public playbook explaining how this is one pillar of a platform to force his particular brand of right wing christian “morality” on the rest of the population.
At best, you’re defending coordinated disinformation campaigns, though the article is about attempts to make compliance with the propaganda mandatory.
If you are a small child it is indeed up to your parents to censor adult content and I am all for that. Kids will be upset but that is part of growing up. When the parents believe the kids are emotionally ready for adult content then I am sure they will get parental controls disabled. Even if that should not come to pass the kids once they are teens will bypass it anyway.
If you are an adult and your followers are adults then this does not really apply to you or your device. This would only hurt groomers, most of whom use video games for that purpose.
I don't think we're talking about whether it's appropriate for kids to see the stuff. I think we're talking about who gets to decide to *mandate* an RTA header on a website. (They can already add it voluntarily so we are talking about a hypothetical mandate.)
Let's say your website mentions the MLK assassination. Or maybe the 9/11 attacks. Just a mention; no disturbing details. Is some government entity now going to force the RTA label? Who gets to decide? An RTA label would be a death sentence to educational sites.
Each site operator would have to decide what level of legal risk is appropriate based on content rating and that would likely come from their legal team.
An RTA label would be a death sentence to educational sites.
Maybe but not likely. Adult content for the purposes of education used to be protected but that was a grey area and was abused heavily by some art sites such as Deviant art and then social media. CIPA was passed in 2000/2001 and updated in 2011 to provide guidance on content viewed by children. [1] This is of course up to the parents to decide as has been the case for sex education throughout the history of the USA. If a school was going to view content that would be in conflict with CIPA then I would expect they could get parents to sign a permission slip meaning they have adult consent from the parent of each child. Either way I would expect a school to curate content that is appropriate for children and cache/print it locally.
If RTA is not an option then the alternative will likely be to have parents log into a 3rd party site to prove their identiy for each student via some proxy auth site to give the child permission while also sharing personal details of the parent and child to said third party. More laws get involved when logging the child's personal details with a 3rd party but I am thankfully not a lawyer. Here [2] are some more laws specific to states. Laws will vary wildly by country and province or state.
> The current solutions are just about tracking people by real identity and incentivizing teens to commit identity crimes
Not all of them.
The solution currently undergoing large scale field testing in the EU uses cryptography (specifically zero-knowledge proofs) to allow you to anonymously prove to a site that your government issued ID shows you are above the site's minimum age, without the site getting any information about your real identity.
I've seen articles on that. What I do not like about that is one has to trust that is really the way the system works and that special people do not have a special API key to get their own hash from the adult site related to a user ID and then submit that has to a special API end-point to reverse or undo the anonymization. Having been a liaison to law enforcement I just assume that is a thing but I am also fine with people saying I am paranoid. A header does not require this level of trust nor a dependency on a third party see recent Cloudflare outage.
Youtube has been repeatedly told about videos that are abusive towards children and they do nothing about it. They're not interested in effective solutions
Youtube has been repeatedly told about videos that are abusive towards children and they do nothing about it. They're not interested in effective solutions
Youtube is user-generated content which is precisely why I would prefer they add an RTA header. Random people uploading videos can claim to be kid friendly when they are not. Take that responsibility away from the uploaders and away from Youtube and hand it to the parents. Less work, liability and cost for Youtube should be a nifty incentive at the risk of blocking some advertising to children which is another loaded topic all together.
> Take that responsibility away from the uploaders and away from Youtube and hand it to the parents.
The system described still requires action by the webmaster. Their options are: deny the entire site to those sending an RTA header; evaluate the content themselves; or trust the uploader. (Or a combination: have uploaders opt-in to evaluation for a fee, with the content denied to kids by default.)
The client does not send an RTA header. The RTA header is only sent by the server or load balancer by design. Absolutely no action required by web site operators and owners assuming they enabled the header on any URL that is either adult or user-generated content.
It is up to the client what to do with the header which right now is nothing. A law would be required to get the snippet of code added to user agents. I estimate it would take an intern one afternoon to get it into the clients they support not counting dev/qa, management approval, etc...
Challenge to FAANG: Show off your interns! There is no harm in adding the code required to detect this header. Example header to detect sent from NGinx. If you detect this header activate nanny controls. To be safe do a separate parental_build to get manager approval.
> The RTA header is only sent by the server or load balancer by design. Absolutely no action required by web site operators and owners assuming they enabled the header on any URL that is either adult or user-generated content.
The website owners and operators have to decide which URLs get the header. If the categorization is "either adult or user-generated content", then I already covered that for the case of YouTube: i.e., the entire site is denied to kids (whose parents opt in).
I also covered that here [1]. Indeed if parents do not enable all of Youtube or Youtube does not move most adult content into a unique URL or their server does not send the header for anything flagged as adult the kids will not be advertised to. They would have to go to a kid friendly site that moderates before a video is viewable or Youtube would have to change moderation tactics. Kids need not visit Youtube. There are kid friendly sites.
I mean they have invested a ton into their kid-friendly mode and there have been quite a number of “adpocalips” where ad revenue for many content creators was dramatically slashed due to YouTube’s over-zealous moderation.
It is a serious business concern, there are occasional panics triggered by consumers complaining that a brand ad is shown next to and benefits from the attention of some distasteful content, and they start to bleed important advertisers on mass. YouTube then proceeds to get defensive and demonetizes (removes all ads from) or tags as adult-only any video that may be concerning, where avoiding false negatives takes much more precedence over avoiding false positives.
Of course this is not directly tied to protecting children, but this incentive structure is partly aligned and it is a strong one.
Out of curiosity, who would YouTube implement an RTA header?
Their app developers unless it is set globally and in that case their network engineering team.
Which resources would have the header and which wouldn’t?
If the app developers send the header on any video flagged as adult then just specific videos. If they created a unique URL that all adult content would reside under then it could potentially be the network engineers. It really depends on how much work they put into it so that more people could view the content assuming user agents become legislated to check for the header.
Bold of you to assume that legislators know how any kind of implementation works. They just propose general rules like "kids underage can not access this content" and the technical implementation doesn't matter to them.
I think this is the reasons we should vote more technical competent people into politics.
How would this work where children are hell bent on bypassing this control? Won't they be able to install browser plugins which will remove this header similar to how they are using free VPNs to bypass age checks?
Children who are hell bent on bypassing controls will always find a way. It helps them not just stumble on it though when they're not ready. If they really want to access it, they already know about it and what it is
I can't believe in 2025, nearly 2026, that anyone would seriously suggest a header as a valid way of doing anything like this. Headers can be spoofed, modified along the way, or flat out ignored. DNT header is the obvious go to example here.
An aspiring teen could set up an RPi that modifies headers for all traffic on the network that the parental units never even know about. I'd venture there would be plenty of YT, TikTok, Discord threads, etc that would provide a step-by-step set of instructions to do it. Probably just point to an image to download to copy to your SD and voila.
This would require SSL interception, which requires a custom certificate on the end device.
If your kid can figure out how to install a custom certificate on their device and MITM SSL to evade filters, (a) you never secured the device (b) you already lost long ago and (c) let’s get that kid a job or a scholarship.
how many of those of us reading this right now would have been able to do this? how many of us reading this right now had parents that would had a clue about any of this to question it?
True hacker kids will figure it out no matter what. If the phone is restricted they will jailbreak it or beg an old one from a friend. If the network is locked down they will crack the password for the neighbor’s wifi. If the clearnet is locked down due to authoritarian laws, they will end up on incredibly sketchy sites on the dark web. If you block all escape outlets they will do really stupid things in nihilistic protest like huff cans of whipped cream or scam money from crypto. The power of bored youth springs eternal.
What I’m saying is you can set rules, you can try your best, but under no circumstances can you build an impenetrable wall for determined kids. Things like this header solution or better controls on the end device would make things safe for the vast majority of kids. So don’t ruin the internet for adults because of a handful of unruly kids who are going to get in trouble no matter what.
Walls don't deny access, they change traffic patterns. A header can be honored on a phone designed for a child and ignored by my phone. Can some kids get through, sure. But not the vast majority. If people were honestly doing this for kids, this would be the solution being pushed. This has nothing to do with kids, hence other types of solutions being pushed. Don't trust what people say, observe what they do.
I remember when I was around 11-12 years old, my father got me a computer given to him for free. It had only a console and a black screen, and I figured out by myself how to open, edit files, lock them, navigate the file system, run programs like a calculator and more, with no manual, no internet, and I didn't even know english good enough.
1-2 years later, the teacher at school showed us how to program the turtle program, and I got it stuck in an infinite loop in 10 minutes. The teacher started swearing "Your chair is smashing the ethernet cable. The program is good and you fucked it up."
Around that time, I remember going to a barber shop for a haircut and stealing his nude/porn magazines. Even younger, I used to sneak up to my uncle's bedroom where he hid alcohol, and drunk half a bottle of whisky in an hour, and getting knocked out every time.
I used to get involved in fights all the time, since 8 years old, and my favorite activity at that age, was to climb to roofs of abandoned houses at night, and wander around inside of them.
My parents regularly tried to talk some sense into me, and I was beaten up by my father for all the stuff I did.
When I was sixteen, I managed to steal a car by myself, I drove it around for 1-2 hours and I didn't know how to drive, I figured it out at that moment. After that I returned the car where it was at the start, I didn't do anything with it, but when driving it I managed to flat the tire somehow.
When I was at the university, at some point around 20 years old, I downloaded Kevin Mitnick's book from torrents, I read it, and I got inspired to phone to my university, pretend I am a professor and I want pass a student (me) for 2 courses. I passed the courses without even taking the exam.
It was around that time, a friend of mine, while he was playing the guitar at his house, he looked at me at the eyes and said dead serious: "Man, if you go on like this, you will end up in jail." It was actually earth shattering! First time someone talk some sense into me. I thought, this cannot continue, he is right.
DNT is a client header that failed to get traction and never did anything useful. RTA is a server header and small children will not be doing this for the most part and parents can of course disable parental controls assuming one day they are enabled by default for child accounts. Like I said, it's not perfect. Teens can of course bypass this a million different ways. For every 100 million dollars a company spends to lock teens out of something is just an extra 5 lines of python or 15 seconds of their time on AI if that. Currently many teens watch pirated movies and porn together in VR and assorted games that allow placing a media player in G-rated world building games.
It's probably worth noting that if teens can not view porn, they will likely produce porn making an entirely new tax free underground market on Tor or other networks.
This is just for keeping small children out. Nobody in the history or future of earth have ever or will ever locked teens out of a thing. Archive this comment so we can review it at a later time.
> An aspiring teen could set up an RPi that modifies headers for all traffic on the network that the parental units never even know about
An aspiring teen could just have sex with another aspiring teen...
You won't stop teenagers from finding a way to be teenagers. Part of being a teenager is learning how to subvert the rules set by adults to fulfil one's hormonal imperative.
If your goal is to make something teenager proof, you have already failed before you started. Many teenagers have the intellectual capacity of full grown adults, it is their emotional intelligence and life experience that is lacking. Doing any more than putting a simple padlock on the door will not stop them, the same way a determined adult couldn't really be stopped, and teenagers are determined in most everything they try by default.
> An aspiring teen could set up an RPi that modifies headers for all traffic on the network that the parental units never even know about.
Who cares? Why is this an issue? An aspiring teen can (and will) do many things their parents don't know about. It's part of growing up. Making air tight surveillance systems to prevent teens from talking to friends or looking at boobies is many a bridge too far.
If circumventing a measure requires setting up a RPi and modifying headers, I would call it widely successful, that would be less than a thousandth of kids.
[1] - https://www.rtalabel.org/page.php