← Back to context

Comment by Bender

3 months ago

Youtube has been repeatedly told about videos that are abusive towards children and they do nothing about it. They're not interested in effective solutions

Youtube is user-generated content which is precisely why I would prefer they add an RTA header. Random people uploading videos can claim to be kid friendly when they are not. Take that responsibility away from the uploaders and away from Youtube and hand it to the parents. Less work, liability and cost for Youtube should be a nifty incentive at the risk of blocking some advertising to children which is another loaded topic all together.

4 comments

Bender

Reply
zahlman  3 months ago

> Take that responsibility away from the uploaders and away from Youtube and hand it to the parents.

The system described still requires action by the webmaster. Their options are: deny the entire site to those sending an RTA header; evaluate the content themselves; or trust the uploader. (Or a combination: have uploaders opt-in to evaluation for a fee, with the content denied to kids by default.)

  • Bender  3 months ago

    The client does not send an RTA header. The RTA header is only sent by the server or load balancer by design. Absolutely no action required by web site operators and owners assuming they enabled the header on any URL that is either adult or user-generated content.

    It is up to the client what to do with the header which right now is nothing. A law would be required to get the snippet of code added to user agents. I estimate it would take an intern one afternoon to get it into the clients they support not counting dev/qa, management approval, etc...

    Challenge to FAANG: Show off your interns! There is no harm in adding the code required to detect this header. Example header to detect sent from NGinx. If you detect this header activate nanny controls. To be safe do a separate parental_build to get manager approval.

         add_header Rating 'RTA-5042-1996-1400-1577-RTA' always;

    All one need detect is: RTA-5042-1996-1400-1577-RTA

    For fun, search for this on Shodan.

    • zahlman  3 months ago

      > The RTA header is only sent by the server or load balancer by design. Absolutely no action required by web site operators and owners assuming they enabled the header on any URL that is either adult or user-generated content.

      The website owners and operators have to decide which URLs get the header. If the categorization is "either adult or user-generated content", then I already covered that for the case of YouTube: i.e., the entire site is denied to kids (whose parents opt in).

      1 reply →