To be honest, I worry that the framing of this legislation and ZKP generally presents a false dichotomy, where second-option bias[1] prevails because of the draconian first option.
There's always another option: don't implement age verification laws at all.
App and website developers shouldn't be burdened with extra costly liability to make sure someone's kids don't read a curse word, parents can use the plethora of parental controls on the market if they're that worried.
[1] https://rationalwiki.org/wiki/Appeal_to_the_minority#Second-...
Why not? Physical businesses have liability if they provide age restricted items to children. As far as I know, strip clubs are liable for who enters. Selling alcohol to a child carries personal criminal liability for store clerks. Assuming society decides to restrict something from children, why should online businesses be exempt?
On who should be responsible, parents or businesses, historically the answer has been both. Parents have decision making authority. Businesses must not undermine that by providing service to minors.
This implies the creation of an infrastructure for the total surveillance of citizens, unlike age verification by physical businesses.
How do you reconcile porn sites as a line in the sand with things like banking or online real estate transactions or applying for an apartment already performing ID checks? The verification infrastructure is already in place. It's mundane. In fact the apartment one is probably more offensive because they'll likely make you do their online thing even if you could just walk in and show ID.
I mean, we're talking about age verification in the OS itself in some of these laws, so tell me how it doesn't.
Quantity is a quality. We're not just seeing it for porn, it's moving to social media in general. Politicians are already talking about it for all sites that allow posts, that would include this site.
So you tell me.
California is also stupid for creating liability for service/app providers that don't even deal in age restricted apps, like calculators or maps. It's playing right into the "this affects the whole Internet/all of computing" narrative when in fact it's really a small set of businesses that are causing issues and should be subject to regulation.
There is also the problem of mission creep. Once the infrastructure is in place, to control access to age-restricted content, other services might become out of reach. In particular, anonymous usage of online forums might no longer be possible.
OS-level ability to verify the age of the person using it absolutely provides infrastructure for the OS to verify all sorts of other things. Citizenship, identity, you name it. When it's at the OS level there's no way to do anything privately on that machine ever again.
Ok, suppose the strip club is the website, and the club's door is the OS.
Would you fine the door's manufacturer for teens getting into the strip club?
How do we fight? It seems like agree or disagree, this isn't going to stop. There's so much money behind it in a time where the have nots can barely survive as is.
These are often clear cut. They're physical controlled items. Tobacco, alcohol, guns, physical porn, and sometimes things like spray paint.
The internet is not. There are people who believe discussions about human sexuality (ie "how do I know if I'm gay?") should be age restricted. There are people who believe any discussion about the human form should be age restricted. What about discussions of other forms of government? Plenty would prefer their children not be able to learn about communism from anywhere other than the Victims of Communism Memorial Foundation.
The landscape of age restricting information is infinitely more complex than age restricting physical items. This complexity enables certain actors to censor wide swaths of information due to a provider's fear of liability.
This is closer to a law that says "if a store sells an item that is used to damage property whatsoever, they are liable", so now the store owner must fear the full can of soda could be used to break a window.
So again, assuming we have decided to restrict something (and there are clear lines online too like commercial porn sites, or sites that sell alcohol (which already comes with an ID check!)), why isn't liability for online providers the obvious conclusion?
The crux is we cannot decide what is protected speech, and even things that are protected speech are still considered adult content.
> why isn't liability for online providers the obvious conclusion?
We tried. The providers with power and money(Meta) are funding these bills. They want to avoid all liability while continuing to design platforms that degrade society.
This may be a little tin-foil hat of me, but I don't think these bills are about porn at all. They're about how the last few years people were able to see all the gory details of the conflict in Gaza.
The US stopped letting a majority of journalists embed with the military. In the last few decades it's been easier for journalists to embed with the Taliban than the US Military.
The US Gov learned from Vietnam that showing people what they're doing cuts the domestic support. I've seen people suggesting it's bad for Bellingcat to report on the US strike of the girls school because it would hurt morale at home.
The end goal is labeling content covering wars/conflicts as "adult content". Removing any teenagers from the material reality of international affairs, while also creating a barrier for adults to see this content. Those who pass the barrier will then be more accurately tracked via these measures.
Anatomical reference material for artists with real nude models?
What about Sexual education materials? Medical textbooks?
Women baring their breasts in NYC where it's legal?
Where is the clear cut line of Pornography? At what point do we say any depiction of a human body is pornographic?
Plenty of people would prefer that children not learn about scientology from pro-scientology cultists too. It's not that they can't know about scientology (they probably should, in fact, because knowledge can have an immunizing effect against cults)...
And it's not that they can't know about communism (they probably should, in fact, because knowledge can have an immunizing effect against cults)...
This is a comment section about large corporations lobbying against our ability to freely use computers and you break out the 80's cold war propaganda edition of understanding a complicated economic system that intertwines with methodology for historical analysis with various levels of implementations from a governmental level.
You're either a mark or trying to find a mark.
Physical businesses nominally aren't selling their items to people across state or country borders.
Of course, we threw that out when we decided people could buy things online. How'd that tax loophole turn out?
It turned out we pretty much closed the tax loophole. I don't remember an online purchase with no sales tax since the mid 00s.
App and website operators should add one static header. [1] That's it, nothing more. Site operators could do this in their sleep.
User-agents must look for said header [1] and activate parental controls if they were enabled on the device by a parent. That's it, nothing more. No signalling to a website, no leaking data, no tracking, no identifying. A junior developer could do this in their sleep.
None of this will happen of course as bribery (lobbying) is involved.
The real answer to the problem is for websites/appstores to publish tags that are legally binding assertions of age appropriateness, and then browsers/systems can be configured to use those tags to only show appropriate content to their intended user.
This also gives parents the ability to additionally decide other types of websites are not suitable for their children, rather than trusting websites themselves to make that decision within the context of their regulatory capture. For example imagine a Facebook4Kidz website that vets posts as being age appropriate, but does nothing to alleviate the dopamine drip mechanics.
There has been a market failure here, so it wouldn't be unreasonable for legislation to dictate that large websites must implement these tags (over a certain number of users), and that popular mobile operating systems / browsers implement the parental controls functionality. But there would be no need to cover all websites and operating systems - untagged websites fail as unavailable in the kid-appropriate browsers, and parents would only give devices with parental controls enabled to their kids.
Agreed, recycling a comment: on reasons for it to be that way:
___________
1. Most of the dollar costs of making it all happen will be paid by the people who actually need/use the feature.
2. No toxic Orwellian panopticon.
3. Key enforcement falls into a realm non-technical parents can actually observe and act upon: What device is little Timmy holding?
4. Every site in the world will not need a monthly update to handle Elbonia's rite of manhood on the 17th lunar year to make it permitted to see bare ankles. Instead, parents of that region/religion can download their own damn plugin.
To expand on your #3, it also gives parents a way to have different policies on different devices for the same child. Perhaps absolutely no social media on their phone (which is always drawing them, and can be used in private when they're supposed to be doing something else), but allowing it on a desktop computer in an observable area (ie accountability).
The way the proposed legislation is made, once companies have cleared the hurdle of what the law requires, parents are then left up to the mercy of whatever the companies deem appropriate for their kids. Which isn't terribly surprising for regulatory capture legislation! But since it's branded with protecting kids and helping parents, we need to be shouting about all the ways it actually undermines those goals.
Where do you go to vote for this option?
Surely you can find a rationalwiki article for your fallacy too.
In fact, I suspect adults, and not just children, would also appreciate it if the pervasive surveillance was simply banned, instead of trying to age gate it. Why should bad actors be allowed to prey on adults?
The 2 billion dollars are the one twisting it.
Also, I heard the same thing about video games, TV shows, D&D, texting and even youth novels. It's yet another moral panic.
From the Guardian[1]:
> Social media time does not increase teenagers’ mental health problems – study
> Research finds no evidence heavier social media use or more gaming increases symptoms of anxiety or depression
> Screen time spent gaming or on social media does not cause mental health problems in teenagers, according to a large-scale study.
> With ministers in the UK considering whether to follow Australia’s example by banning social media use for under-16s, the findings challenge concerns that long periods spent gaming or scrolling TikTok or Instagram are driving an increase in teenagers’ depression, anxiety and other mental health conditions.
> Researchers at the University of Manchester followed 25,000 11- to 14-year-olds over three school years, tracking their self-reported social media habits, gaming frequency and emotional difficulties to find out whether technology use genuinely predicted later mental health difficulties.
From Nature[2]:
> Time spent on social media among the least influential factors in adolescent mental health
From the Atlantic[3] with citations in the article:
> The Panic Over Smartphones Doesn’t Help Teens, It may only make things worse.
> I am a developmental psychologist[4], and for the past 20 years, I have worked to identify how children develop mental illnesses. Since 2008, I have studied 10-to-15-year-olds using their mobile phones, with the goal of testing how a wide range of their daily experiences, including their digital-technology use, influences their mental health. My colleagues and I have repeatedly failed to find[5] compelling support for the claim that digital-technology use is a major contributor to adolescent depression and other mental-health symptoms.
> Many other researchers have found the same[6]. In fact, a recent[6] study and a review of research[7] on social media and depression concluded that social media is one of the least influential factors in predicting adolescents’ mental health. The most influential factors include a family history of mental disorder; early exposure to adversity, such as violence and discrimination; and school- and family-related stressors, among others. At the end of last year, the National Academies of Sciences, Engineering, and Medicine released a report[8] concluding, “Available research that links social media to health shows small effects and weak associations, which may be influenced by a combination of good and bad experiences. Contrary to the current cultural narrative that social media is universally harmful to adolescents, the reality is more complicated.”
[1] https://www.theguardian.com/media/2026/jan/14/social-media-t...
[2] https://www.nature.com/articles/s44220-023-00063-7
[3] https://www.theatlantic.com/technology/archive/2024/05/candi...
[5] https://pubmed.ncbi.nlm.nih.gov/31929951/
[6] https://www.nature.com/articles/s44220-023-00063-7#:~:text=G...
[7] https://pubmed.ncbi.nlm.nih.gov/32734903/
[8] https://nap.nationalacademies.org/resource/27396/Highlights_...
Recent posters here are clear that porn sites are setting every available signal that they are serving adult-only content.
According to them, you are targeting the wrong audience.
Facebook/Instagram studying how to get young users addicted should be of greater concern. I have my doubts about the effectiveness of age-based blocking there, though.
Yeah quite the opposite. Once they have that formalized attestation they will move in like sharks.
> give parents the ABILITY to advertise the users age to browsers, apps and everything in between.
Accounts and Applications to services that provide countent are set to a country-specific age rating restrictions (PG, 12+, 18+, whatever). That's it.
None of the things you mentioned have any point to concern themself with the age or age-bracket of the user in front of the device. This can and will be abused. This is very obvious. Think about it.
So on the Sony consoles I created an account for my child and guess what they have implemented some stuff to block children from adult content on some stuff.
So if Big Tech would actually want to prevent laws to be created could make it easy for a parent to setup the account for a child (most children this days have mobile stuff and consoles so they could start with those), we just need the browsers to read the age flag from the OS and put it in a header, then the websites owners can respect that flag.
I know that someone would say that some clever teen would crack their locked down windows/linux to change the flag but this is a super rare case, we should start with the 99% cases, mobile phones and consoles are already locked down so an OS API that tells the browser if this is an child account and a browser header would solve the issue, most porn websites or similar adult sites would have no reason not to respect this header , it would make their job easier then say Steam having to always popup a birth date thing when a game is mature.
Let's go back to parenting: yes, world is a scary place if you get into it unprepared.
Permission restricted registry entry (already exists) and a syscall that reads it (already exists) for windows and a file that requires sudo to edit (already exists) and a syscall to read it (already exists). Works on every distro automatically as well including android phones since they run the linux kernel anyway. Apple can figure it out and they already have appleid.
Responsibility should be on the website to not provide the content if the header is sent with an inappropriate age, and for the parent to set it up on the device, or to not provide a child a device without child-safe restrictions.
It seems very obviously simple to me, and I don't see why any of these other systems have gained steam everywhere all of a sudden (apart from a desire to enhance tracking).
Morals like owning slaves, right?
A moral system that requires everyone to be white Christian males isn't a moral system, it's a theocracy.
Meh, I use it, but it's super annoying and I think that with my Daughter I'll take a different approach (but it will be some years before that is relevant).
On Android: The kid can easily go on Snapchat (after approval of install of course, and then you can just see their "friends") before Pokemon Go (just a pain to get working, it keeps presenting some borked version which led to a lot of confusion at first). I just lied about his age in a bunch of places at some point. Snapchat is horrible and sick from our experiences in the first week.
On Windows: It's a curated set of websites (and no FireFox) or access to everything. It's not even workable for just school. Granting kids access to our own minercraft servers: My god, I felt dirty about what the other parents had to go through to enable that.
This is a hobby horse of mine to the point that coworkers probably wish I'd just stfu about Minecraft - but holy shit is it crazy how many different things you need to get right to get kids playing together.
I genuinely have no idea how parents without years of "navigating technical bullshit" experience ever manage to make it happen. Juggling Microsoft accounts, Nintendo accounts, menu-diving through one of 37 different account details pages , Xbox accounts, GamePass subscriptions - it's just fucking crazy!
Getting an actual kids account to work online with minecraft involves setting the right permissions across 2-4 websites and 1-3 companies. I think it took me around 4 hours of trial and error to get it working.
I'm essentially the maintainer of a series of accounts for each kid, these days. Woe unto anyone without a password manager!
As a parent, sure, that is my stance as well. What... what other stances are there even? How would they work?
But the implementation matters, and almost all of these bills internationally are being done in bad faith by coordinated big-money groups against technologically illiterate and reactionary populist governments.
(if we really want to get into an argument, there's what the UK calls "Gillick competence": the ability of children to seek medical treatment without the knowledge and against the will of their parents)
I would personally favour allowing parents to buy drinks for children below the current limits (18 without a meal, 16 for wine, beer and cider with a meal).
The alternative to this is empowering parents by regulating SIM cards (child safe cards already exist) and allowing parents to control internet connectivity either through the ISP or at the router - far better than regulating general purpose devices. The devices come with sensible defaults that parents can change.
Maybe a majority of people today agree with that, but I know I don't and I never hear that assumption debated directly.
The idea of the "nanny state" has been debated a lot, and this seems like a very literal example of that. But once some status quo is firmly entrenched, debate about it tends to die down because the majority of people no longer care enough about it.
TBH many parents done exactly that by giving phones/tablet already to kids in strollers
"You‘re reading about evolution! Not in my house"
Examples: most children believe in the same religion as their parents, and can visit friends and places only if/when allowed by their parents.
This is simply extending the same level of control to the internet.
Government-mandated restrictions are completely another level.
Who controls your age if you want to see an R-rated movie?
This is simply extending the same level of control to the internet.
More control for parents is a completely different level.
They rarely enforce it, but if it gets out of hand, the city will start getting on your case about it.
Does the US have a zero-knowledge proof system that is mentioned in the discussion?
> Having said that, open-source zero-knowledge proofs are infinitely less evil (I refuse to say "better") than commercial cloud-based age monitoring baked into every OS
Parent prefers more control by parents over zero-knowledge proof
I do think parental controls can be and are abused for evil, but they're still better than the alternative. Zero-knowledge proof is not an alternative, and to suggest that it is is misunderstanding the situation. These laws are proposed and funded by people who want complete surveillance of the population. Zero-knowledge proof is, therefore, explicitly contrary to the goal and will never be implemented under any circumstances. Suggesting that it can be muddies the issue and tricks people into supporting legislation that exists only to be used against them.
In a benevolent dictatorship, sure, go for a zero-knowledge proof verification as your solution. In the reality of democracy, where politicians are corporate puppets who cloak surveillance laws in "think of the children" to rally support from the masses, we need to convince people to see through the lie and reject the proposals outright while reassuring them that they can protect the children themselves via parental controls. You will never be able to sufficiently inform 50.1% of the population of any country of what zero-knowledge proof even means, let alone convince them to support age verification laws but strictly conditional on ZKP requirements. That level of nuance is far too much to ask of millions of people who are not technically-informed, and idealism needs to give way to pragmatism if we wish to avoid the worst-case scenario.
Imho there is a place for regulation in that, actually. Devices that parents are managing as child devices could include an OS API and browser HTTP header for "hey is this a child?" These devices are functionally adminned by the parent so the owner of the device is still in control, just not the user.
Just like the cookie thing - these things should all be HTTP headers.
"This site is requesting your something, do you want to send it?
Y/N [X] remember my choice."
Do that for GPS, browser fingerprint, off-domain tracking cookies (not the stupid cookie banner), adulthood information, etc.
It would be perfectly reasonable for the EU to legislate that. "OS and browsers are required to offer an API to expose age verification status of the client, and the device is required to let an administrative user set it, and provide instructions to parents on how to lock down a device such that their child user's device will be marked as a child without the ability for the child to change it".
Either way, though, I'm far more worried about children being radicalized online by political extremists than I am about them occasionally seeing a penis. And a lot of radicalizing content is not considered "adult".
I owe everything about who I am today to learning how to circumvent firewalls and other forms of restriction. I would almost certainly be dead if I hadn't learned to socialize and program on the web despite it being strictly forbidden at home. Most of my interests, politics and personality were forged at 2am, as quiet as possible, browsing the web on live discs. I now support myself through those interests.
We're so quick to forget that kids are people, too. And today, they often know how to safely navigate the internet better than their aging caretakers who have allowed editorial "news" and social media to warp their minds.
Even for people who think they're really doing a good thing by supporting these kinds of insane laws that are designed to restrict our 1A rights: the road to hell is paved with good intentions.