Comment by Nursie
12 hours ago
> You use law and regulation?
I mean, 'papers please' mechanisms are a type of law and regulation, we're arguing over what sort of law and regulation should be used, no?
In Australia, platforms are being regulated, the regulation says they must not allow under 16s to have accounts. How they achieve this is up to them to a large extent. "Papers-please" then is their doing. It's certainly not the only way things can be done - see anonymous credentials, verifiable credentials and other such schemes that don't involve showing your identification documents to everyone that asks.
> You mention nothing in your subsequent paragraphs that a "Papers, Please!" mechanism will prevent that a "Beefed-up and difficult-to-bypass Parent Controls" mechanism will not.
An arms race to work around the controls, which seems likely to me unless there is some sort of regulation on the service providers.
But either way, look at this! We're discussing how things might work, rather than dismissing things out of hand and impugning each others' motives. Going to the "Papers please" governments and parents in those populations, saying "Look, we understand there is concern and we think there's a better way", or even "We understand the concern but here's why acting on it in any way is a bad idea" is a lot better than "You're all evil and probably stupid".
> I mean, 'papers please' mechanisms are a type of law and regulation...
Yes, they are. I still have no idea how laws of the form "You must honor the signals you get from Beefed-Up Parental Controls and we fine or jail you if you do not" fails to constrain the behavior of US-based businesses. You seem to have an understanding of how it won't, so do let me know what I'm missing?
> An arms race to work around the controls,
Whether the arms race is server-side or client-side is irrelevant. If anything, I'd expect a client-side implementation to be far more robust... if for no other reason than because the private company that is contracted to implement and run a server-side implementation will cut every corner to improve their profit margins.
> In Australia...
Speaking from a civil-liberties perspective, Australia has been a shithole for a long time now. They can very safely be ignored by US parents and US lawmakers.
> "You're all evil and probably stupid".
The people who are pushing for these "Papers Please!" regs are evil. The lawmakers (and parents) who aren't asking "Wait, what about the existing Parental Controls mechanisms built into every major OS?" are stupid and -if that stupidity is willful- also evil. Those are plain facts. One is not obligated to be all niceys to people who are invested in tearing yet another chunk out of the vial organs of civic life.
> "You must honor the signals you get from Beefed-Up Parental Controls and we fine or jail you if you do not"
> If anything, I'd expect a client-side implementation to be far more robust...
You're not really describing a client-side solution, you're describing legislation of something like the old Do Not Track header, which is a server-side solution, and fines for services which don't respect it. In such a situation I would expect 'smart' firms like Meta to start finding just-this-side-of-legal ways to get kids hooked on their services. But I suppose the same is likely to happen with server-side-verified blocks on kids using services, Meta can spin up new services that don't quite meet the definition and try to work around it. I guess this is orthoganal to the method of blocking kids.
> from a civil-liberties perspective Australia has been a shithole for a long time now. They can very safely be ignored by US parents and US lawmakers.
Even though what they are doing is less "Papers please" and more "Services must verify, how it's done is up to you", which seems lower down your evil scale than the US states you're up in arms about?
Interesting take.
But again, this is fine, it's an exchange of ideas. You don't seem to be against age verification in principle, you're acknowledging that people want something done. The article and many commenters here are immediately writing off everything in this area as effectively a distraction from full monitoring of everything everyone does on the net.
So while we may disagree entirely on how to go about effecting any sort of solution, and we may not (honestly I'm not entirely averse to the parental controls idea), you're not dismissing the problem out of hand, and in general I have no quarrel with you or your approach.
> Even though what they are doing is...
I suppose you missed the part where I said
This "You must present ID to use a computer" shit is relatively new.
> You're not really describing a client-side solution, you're describing legislation of something like the old Do Not Track header, which is a server-side solution...
Mmm. No, there are three systems being described here.
1) "Beefed up Parental Controls", where all service-restriction information is entered and stored client-side and sent server-side as needed.
2) "Age Please!", where a "guardian account" associates the birthdate/year of one or more users to their respective accounts using the client device. This information is entered and stored client-side and is sent server-side as needed.
3) "Papers Please!" -which is what #2 will become-, where a user uses their client device to photograph their government-issued photo ID to be sent to a third-party and processed server-side.
Because we're talking about accessing an Internet-hosted service, your apparent confusion about the need to send some information to the services servers is -itself- confusing.
> You don't seem to be against age verification in principle...
I'm 100% against it. I'm 100% for guardian-controlled content-restriction policies. I'm also completely fine with a "How old is your cutie? What things do you want them to not see or do?" wizard that populates those policies with some defaults that the guardian can fine-tune if they wish to.
> It's not even about being "all niceys" it's about recognising that the concern people have is genuinely held, and addressing it.
An equally important skill is recognizing when those concerns are not genuinely held. Anyone who should know about "Parental Controls" and chooses "Papers Please!" or "Age Please!" is evil. Lawmakers and regulators pushing for this stuff are in this bucket. Anyone who -once introduced to the concept- claims to see no world in which "Parental Controls" can be beefed up and also claims that "Age Please!" or "Papers Please!" is the only viable option is -at minimum- unrecoverably stupid, and is probably also evil.
3 replies →