[HN Gopher] Will California Eliminate Anonymous Web Browsing? (C...
___________________________________________________________________
Will California Eliminate Anonymous Web Browsing? (Comments on CA
AB 2273)
Author : dane-pgp
Score : 174 points
Date : 2022-08-31 19:15 UTC (3 hours ago)
(HTM) web link (blog.ericgoldman.org)
(TXT) w3m dump (blog.ericgoldman.org)
| waynesonfire wrote:
| This is all great. I havn't read the entire thing but it's
| basically saying that if your website is likely to be visited by
| a child, you have to provide the highest level of privacy.
|
| > require a business that provides an online service, product, or
| feature likely to be accessed by children to comply with
| specified requirements, including configuring a requirement to
| configure all default privacy settings offered by the online
| service, product, or feature to the settings that offer a high
| level of privacy
|
| I'll take that as an adult. I hate having to go through the
| settings of a newly installed application to disable all privacy
| violating settings.
|
| Also, if someone can point it out, where does it say that it'll
| require every website to authenticate the users age?
| [deleted]
| keneda7 wrote:
| Here is the text of the bill:
| https://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...
|
| Section 1-5: (5) Children should be afforded protections not
| only by online products and services specifically directed at
| them, but by all online products and services they are likely
| to access. In order to help support the design of online
| products, services, and features, businesses should take into
| account the unique needs of different age ranges, including the
| following developmental stages: 0 to 5 years of age or
| "preliterate and early literacy"; 6 to 9 years of age or "core
| primary school years"; 10 to 12 years of age or "transition
| years"; 13 to 15 years of age or "early teens"; and 16 to 17
| years of age or "approaching adulthood". adulthood."
|
| I don't know if I fully agree with it being required on every
| website but the arguments claiming that typically seem to say:
| Who gets to define "likely access"? If a website link gets
| posted on a kids forum or social media does that not mean the
| site will likely be accessed by children?
| saurik wrote:
| The bill (now) has a section defining "likely to be accessed
| by children" that provides 5 ways for that to be satisfied:
| 1) it is directed at children as defined by some other law
| (which I haven't looked up but I believe is why YouTube now
| asks you constantly if your content is directed at children
| and then limits certain player features if it is), 2) someone
| does research showing it to be true (which is probably the
| most important one as it isn't clear how this state gets
| tripped in a way which notifies the business), 3) there are
| ads on the site clearly marketing towards children (which
| might be weird if you are an ad marketplace), 4) your website
| is similar in scope to a website someone already did the
| research for (in #2) to show that it is being used by
| children, or 5) if the company internally keeps statistics
| and realizes "oh no it is being accessed by children" (which
| to me is an argument to not keep statistics).
|
| I don't like this bill and think it is at best an example of
| the politicians' syllogism and at worst a trash fire of
| regulatory inefficiency, but it would be good to analyze and
| complain about the actual indicators mentioned in the bill
| now that they exist as otherwise the people working on this
| bill can (and in my experience will) discount your complaint
| as "we already fixed that".
| Jevon23 wrote:
| Have your website block visitors from California. Problem solved.
| golemotron wrote:
| SCOTUS is going to smack down California eventually on the extra-
| territorial impact of its laws.
|
| There's a case pending about the impact of their recent
| legislation on humane livestock handling for meat sold in
| California. Regardless, of how people feel about the livestock
| issue, single states should not be able create legislation that
| forces entire national and international industries to re-tool.
|
| If you want to do that you should be a country, not a state.
| idontpost wrote:
| Funny how fascists only care about this when it's California
| doing it, and not Texas.
| golemotron wrote:
| It's bad regardless of who does it.
| Bud wrote:
| Nobody is "forcing" anything, here. Obviously.
|
| California has substantial market power. It is entirely within
| its rights to dictate how things will be done within
| California. If that means that some companies then feel some
| financial inventive to do it that way in general because it's
| easier, then that's just too bad.
| golemotron wrote:
| Brush up on the history of the Commerce Clause in the
| Constitution. It's likely that it will be in the news when
| SCOTUS considers the pork case next year.
| Bud wrote:
| Brush up on California's emission standards for cars. And
| the history of its standards for gasoline. BTW, arguing
| that the current joke of a SCOTUS might rule against
| California isn't a real argument.
| golemotron wrote:
| Be careful what you wish for. Extra-territoriality is a
| useful concept for Blue states defending themselves from
| commercial effects of laws passed in Red states too. You
| can have federalism while being a good neighbor.
| srvmshr wrote:
| I hope, this Bill would, in some way reduce or eliminate
| clickbaity & provocative images in internet ads, instead of
| adding one more GDPR type banner. As a adult of young parent age,
| I see racy ads as a prime driver of children getting funneled to
| adult & graphic content.
|
| A superficial understanding of current adtech points that Ad
| companies increasingly use IP to show the type of ads - and that
| has a potential to misidentify who's on the user end: a grown
| adult looking for some intimate connections or an underage child
| who shouldn't be exposed to gambling, betting, pornography and
| the likes.
| scarface74 wrote:
| It amazes me how often the HN crowd calls for the government to
| regulate the Internet and then every time that a law is proposed
| to pass regulation on the internet it is universally derided.
|
| But still somehow, there is this feeling that giving the
| government more power is good.
| warkdarrior wrote:
| "They are not blocking/regulating the right websites [i.e., the
| websites I do not like]."
| KerrAvon wrote:
| https://www.techdirt.com/2022/08/29/age-verification-provide...
| johndhi wrote:
| Umm wait lol this blog is from June. This bill passed yesterday.
| It's the law now.
| hnburnsy wrote:
| here is the update...
|
| https://blog.ericgoldman.org/archives/2022/08/op-ed-the-plan...
| c0decracker wrote:
| Not to be pedantic, but it still needs to be rubber stamped by
| Newsom. I am sorry did I say rubber stampted? I meant signed
| with a significant amount of internal deliberation of the
| effect of this bill on wellbeing of California as a state.
| jeffbee wrote:
| Newsom vetoed 66 bills last year, 56 of which had passed the
| legislature with "veto-proof" majorities.
| c0decracker wrote:
| Thanks for the clarification jeffbee. My sarcasm was
| unwarranted. I just dislike our governor, even though he
| does, sometimes, make the call that is more aligned with my
| values.
| [deleted]
| MomoXenosaga wrote:
| Something I've observed is outrage over China only to see it in
| my Western society some years later.
|
| I suppose that the love/anxiety for children is the same
| everywhere. For example many parents are currently concerned with
| "screen time".
| LinuxBender wrote:
| Has anyone figured out if this will literally impact the entire
| internet, or will it only impact people in the US or just people
| hosting servers in California? If hosting in California is it
| enough to not utilize a hosting providers presence in California,
| or must everyone migrate to providers that do not have a presence
| in California?
| ransom1538 wrote:
| Eh. If this passed, most internet based firms will just bail on
| California. That legalese will invite thousands of law suites.
| mistrial9 wrote:
| AFAIK in all of California there are only two real upstream
| providers for "residential Internet" and every - single -
| subscriber must pass through their gates. Think of the airport
| or a modern busy toll bridge in California.. you will be
| tagged, watched and recorded.. some people really believe this
| is the way society ought to be run.
|
| To respond to the question: yes, it will.. it will polarize and
| strengthen the darknet, first. Your ordinary Calif. consumer
| will have to buy more things, second. Fines and lengthy,
| pointless court action, third.
| stickfigure wrote:
| Authors will just move content out of jurisdiction and stop
| caring. It's really hard to imagine that (say) France will
| extradite someone to _California_ because their website didn 't
| check your ID.
|
| See also: GDPR compliance by US websites.
| hot_gril wrote:
| Well GDPR did succeed in making most US websites badger me
| about cookies.
| shadowgovt wrote:
| Does the GDPR only impact people hosting in Europe?
| tgv wrote:
| For some websites, yes, but on one hand the EU is a lot
| bigger, while on the other hand California is home to Google
| and facebook.
| judge2020 wrote:
| > Existing law, the Parent's Accountability and Child
| Protection Act, requires a person or business that conducts
| business in California and that seeks to sell specified
| products or services to take reasonable steps to ensure that
| the purchaser is of legal age at the time of purchase or
| delivery, including verifying the age of the purchaser.
|
| My understanding is that the bill applies to the same
| businesses that the mentioned law does. Considering California
| has 40M people, that's not a cohort businesses can shut off
| from the internet.
| GekkePrutser wrote:
| 40M is not a lot on a global scale actually. For many
| websites that target a global audience that would not be a
| big number to lose out.
|
| Many US websites now block Europeans because they don't want
| to bother with the GDPR and I would not be surprised if the
| opposite starts happening too.
| r00fus wrote:
| LOL. California is the 5th largest market in the world. Let
| sites decide they don't want to be browsed from CA -
| nothing of value would be lost.
| adventured wrote:
| California nearly has the GDP of Germany and among the
| highest GDP per capita figures for any major population
| (~$85,000 - just below Switzerland). That's the difference.
|
| "For many websites that target a global audience that would
| not be a big number to lose out."
|
| Now replace that with India, Germany, Japan, France, or
| Britain; because California is in the same economic tier as
| those countries.
| Buttons840 wrote:
| The GP argues that people are willing to cut off all of
| Europe. You try to refute their claim by saying that
| California is smaller than Europe. I don't understand
| your logic and am not persuaded. Did I miss something?
| phoe-krk wrote:
| _> Considering California has 40M people, that 's not a
| cohort businesses can shut off from the internet._
|
| As someone who lives in a 447-million European Union and who
| keeps on getting HTTP 451 responses from various US-based
| services and websites after GDPR has gone into effect, I
| can't help but chuckle at your comment.
| tschwimmer wrote:
| The most common users of "We're sorry but we can't be
| bothered to figure out how to comply with GDPR" notices
| I've seen are for smaller US-based media organizations. The
| newspapers like the Ft. Worth Star Telegram or the St.
| Louis Post Dispatch (random examples, not sure if they
| actually block EU traffic) have (probably correctly IMO)
| concluded that the cost to comply with GDPR is likely to be
| more the than the revenue that could be gained by allowing
| the occasional EU reader and so have concluded that the
| most rational choice of action is to block access from the
| EU.
|
| This is a very different proposition than saying that Tik
| Tok, Youtube and Facebook would block CA-based users. In
| addition to the obvious fact that they all have hundreds or
| thousands of employees in CA, they would be forgoing one of
| their most important markets in terms of advertising.
| Furthermore, a lot of the top creators on these platforms
| live in greater LA.
|
| It's a non-starter. If you're doing anything social for
| anything that's not an domestic only market (e.g.
| VKontakte, WeChat) then you need California.
| macrolime wrote:
| A lot of the time the choice is
|
| A: follow Californian law to get ads and income, even though
| you're in some other part of the world, or
|
| B: Don't follow Californian law,get no ads, thus no income
| and no site.
|
| The reason for this is that the companies that can give you
| ads on your website are mostly in California and needs to
| follow Californian law. If you want their ads, you'll need to
| follow Californian law too.
| w4ffl35 wrote:
| A popup on the homepage that says "are you over the age of
| 21?" for every site should work then, right? Or at least if
| you detect that the traffic is coming from California.
| pwg wrote:
| Based on many of the "unknown reach" statements the author
| identified, it is impossible to say.
|
| One potential outcome, at least for US businesses where their
| legal teams believe they have some nexus to California, will be
| either:
|
| 1) apply these rules to any incoming California IP address;
|
| or
|
| 2) apply these rules to everyone, no matter where they are
| located.
|
| Naturally, the easier route above is to just do #2, which means
| these changes could, much like the EU's GDPR resulted in
| paranoid legal teams adding "cookie banners" everywhere, impact
| all sites that have any US presence at all.
| r3trohack3r wrote:
| (1) is tricky.
|
| Laws like this do not apply to IP addresses AFAICT, they
| apply to people. Someone CA law applies to can access your
| server using a non-CA IP address and someone not restricted
| by this law can access your server using a CA address. I'd be
| surprised if you'd be "off the hook" for a child covered
| under this law accessing your service via a VPN. And, as a
| user, I'd be upset if I couldn't access your site using
| mullvad.
|
| I wonder if banning CA users in your ToS is sufficient for
| passing the burden of this law down to CA residents?
| nilespotter wrote:
| > much like the EU's GDPR resulted in paranoid legal teams
| adding "cookie banners" everywhere
|
| Shoutout to this [1] firefox plugin that I rely on daily
|
| [1] https://github.com/jannisch/cookie-popup-blocker
| trasz wrote:
| tl;dr making it harder to exploit your users can lower the
| (already absurdly high) profits
|
| Of course because this doesn't profit companies like Google or
| Facebook, they'll do anything they can to promote voices opposed
| to it. And because they control what most people are shown as
| "the Internet", they might succeed.
|
| A properly working, democratic government is the only thing that
| can protect the society from corporations. If you trust the
| government less than corporations, it's probably because your
| government is shit.
| nickpp wrote:
| Why would a government be non-shit?
|
| Corporations need to make something useful to _someone_ to get
| their profits and they are also kept in check by their
| competitors (unless they have a government-granted monopoly, of
| course).
|
| Governments only need to fool enough voters to get re-elected.
| That is easily done these days with media, propaganda, and
| plenty of populism (vote me and I'll steal from creators and
| throw some your way). Most governments on the planet are shit,
| both historically and presently.
| trasz wrote:
| The fact that corporation does something useful for _someone_
| doesn't mean they don't do it by exploiting everyone else.
| And in many markets monopolies form naturally, eg due to
| network effect. Facebook is a good example.
| nickpp wrote:
| Eagerly awaiting for some examples of corporations
| exploiting everyone without alternatives. Meanwhile my
| government is taking 50% of my monthly income giving me in
| return the shittiest services, services I would gladly buy
| from the free market instead.
|
| Facebook is indeed an excellent example of an often
| vilified corporation which is:
|
| 1. not a monopoly (plenty of competition around, from
| twitter to tiktok and even this very site)
|
| 2. providing its services to users happy to give their
| attention and privacy in return
|
| 3. easily replaced - my kids don't even use it and escaping
| it is simply... not using it really
| averysmallbird wrote:
| > Will California Eliminate Anonymous Web Browsing?
|
| tldr; no.
| swader999 wrote:
| Society needs anonymous dissent. This is basic.
| tgv wrote:
| Needs? As in: twitter and facebook fucked up social structures
| and we need it?
| swader999 wrote:
| As in this forum for example.
| r00fus wrote:
| HN is not anonymous. It's pseudonymous at best.
| pessimizer wrote:
| The two don't oppose each other. Throwaway accounts are
| plentiful for those who want to use them, people who want
| to stick with a name can do that, and those who want to
| use (or otherwise make clear) their real name can do
| that.
| Bud wrote:
| Anonymous dissent does not, of course, require anonymous
| comment directly on any and all websites. There are many other
| venues for dissent. Most of those aren't run by or paid by
| other people.
|
| This bill sucks, but it's no real threat to "anonymous
| dissent".
| arcticbull wrote:
| While I do personally believe this, society having anonymous
| dissent is quite a new concept.
| collegeburner wrote:
| Anonymous pamphlets and the like were a tool in motivating
| support for the Revolutionary War.
| cal5k wrote:
| Not that it was "dissent", per se, but The Federalist Papers
| were published under the pseudonym "Publius", and I'd say
| there has been a long tradition of anonymous or pseudonymous
| dissent.
| swader999 wrote:
| I meant ideas that diverge from the norm. If you fear
| cancelling, lowering your social credit score, risking
| employment you probably won't publish ideas that stray.
| ok_dad wrote:
| "Publius" [0] might have something to say about that.
|
| [0]: https://en.wikipedia.org/wiki/The_Federalist_Papers
| pessimizer wrote:
| > society having anonymous dissent is quite a new concept.
|
| Quite the opposite. Most dissent since the time of print has
| been anonymous, and plenty before then. Society feeling that
| every utterance or bit of expression has to be assigned to a
| specific identity is quite a new concept, especially because
| it's only begun to become technically feasible.
| anigbrowl wrote:
| Are you sure about that
| https://en.wikipedia.org/wiki/Roman_graffiti
| gadflyinyoureye wrote:
| Depends on how you define new. The Federalist and Anti-
| Federalist were anonymous. Rosicrucianism And other such
| philosophies come from anonymous sources (they dissented to
| the religious norms of their time). Basically since the
| printing press Western societies have had anonymous dissent.
| seti0Cha wrote:
| Not really. Publishing anonymously goes way back. Thomas
| Paine's Common Sense was published anonymously.
| BitwiseFool wrote:
| I'm not sure about that, I think the main difference is that
| in the past the concept of identity was not as rigid and
| well-documented as it is today. Additionally there were way
| fewer ways to identify someone, either in real life or
| through their writing. I don't quite want to say 'security
| through obscurity', though.
| [deleted]
| api wrote:
| The problem with anonymous dissent is that it's cheap and easy
| to DDOS into irrelevance with the "firehose of falsehood." Just
| spam the public square with endless amounts of anonymous
| bullshit and no anonymous comment will be believed. Since it's
| anonymous there is no way to verify its provenance.
|
| AI is automating this process at scale.
|
| You can do this with non-anonymous discourse too but anonymity
| just makes it easier.
|
| The future is private forums, channels, Discord/Slack
| instances, invite-only private networks, etc. The public web
| and public social media are entering their twilight.
| rank0 wrote:
| Insanity. It's shocking to see so much support here ITT.
|
| Nobody should have to fork over biometrics and government IDs to
| get on the web.
| AlanYx wrote:
| The linked page doesn't mention it, but the author of this
| article (Goldman) is a professor of law at Santa Clara University
| law school. So his reading of the text of the law and its likely
| interpretation is probably somewhat accurate (or at least more
| likely to be accurate than someone with no background in tech
| law).
| sonicrocketman wrote:
| Am I missing something? Services are allowed to collect the data
| they need to perform their essential function right? (my reading
| says yes)
|
| This just says: don't collect info on children you don't need and
| assume people are protected unless you verify otherwise.
|
| Just don't collect the info you don't need. Seems straight-
| forward to me.
| SalimoS wrote:
| yeah but how they prove you aren't a child, for a child safe
| default internet ???
| paxys wrote:
| The bill says that if the site can't prove that their user is
| an adult then they apply the same safety standards to
| everyone.
| sonicrocketman wrote:
| If I read this correctly: if you aren't collecting the info
| (for ads, etc) you don't need to verify anything. A non-
| tracking, non-data surveillance website is fine.
| coding123 wrote:
| The fun thing about California laws is that the people that pass
| them really don't fucking care about dissent to their goals. left
| or right
| paxys wrote:
| https://en.wikipedia.org/wiki/Betteridge%27s_law_of_headline...
|
| The author is right that:
|
| 1. Every single website and app regardless of whether it is
| specifically built for kids or not is covered by this bill, and
|
| 2. It is virtually impossible to identify and segment your user
| base and apply the bill's protections to only those you can 100%
| confirm are under 18.
|
| So, the likely outcome is that this bill becomes an enhanced CCPA
| and something businesses have to generally comply with for every
| user.
|
| Looking at the actual contents of the bill though, my response to
| that is - great! I do want to be treated like a child online. I
| want sites to present terms of service in a language I can
| understand. I want them to set my account's privacy settings to
| the highest offered by default. I want apps to remove dark
| patterns that get me to spend money. I don't want them to store
| my data unless using it to provide a service. I want them to tell
| me up front if my browsing is being monitored by someone else. I
| want actual consequences if a company decides to leak all my
| personal data. (All of these are provisions that will be
| enforced).
|
| The author is critical of the bill as a whole but I don't see any
| argument against any of the individual provisions. I also don't
| get where the "eliminate anonymous web browsing" in the title
| comes from. If anything it will make it less likely for sites to
| track you.
| k1t wrote:
| > I also don't get where the "eliminate anonymous web browsing"
| in the title comes from. If anything it will make it less
| likely for sites to track you.
|
| Presumably the author is assuming that websites would prefer to
| offer no functionality at all to age-unverified visitors than
| to offer the child experience. In such a world, every website
| would presumably require you to login (to prove your age)
| before offering even basic functionality.
|
| With such a system, private/incognito browsing would be
| obsolete.
| paxys wrote:
| Which is a weird thought process. Would a site rather get rid
| of 99% of its user base overnight (by making them go through
| identity/age verification) or change some basic privacy
| policies to be compliant with the law?
| VLM wrote:
| In the usual submarine fashion the actual text of the bill
| includes "privacy, safety, and well-being". So its rather
| unlikely that political censorship will be enforced via the
| privacy clause, but everyone wants to "save the children"
| so there will be massive government censorship via the
| "safety and well-being" clause.
| svnt wrote:
| I think I'd really enjoy competing with those who force
| logging in for viewing a website.
| ryandrake wrote:
| We had the same complaints when GDPR was starting to gain
| steam: "Surely websites would rather just 'go Galt' and
| shut down than lift a finger to comply with any
| regulation!" In fact, that's a pretty standard (and IMO
| ridiculous) talking point from all kinds of businesses when
| it comes to regulation. We'd rather stop making money than
| comply with new laws!
|
| I mean, 1. if respecting user privacy means you actually
| have to shut your doors, well... bye. The web is probably a
| better place without such a site. And, 2. that's almost
| never the case. As soon as the regulation takes effect,
| companies all of a sudden find ways to comply and go about
| their business making money. It's all knee-jerk
| complaining.
| collegeburner wrote:
| This has been california's strategy for about the past 30
| years, trying to write laws so it is too onerous for businesses
| to only comply with them in CA. It's a violation of the
| principles of federalism and should be smacked down, and
| california should be harshly penalized for doing so.
| hirundo wrote:
| > It's a violation of the principles of federalism and should
| be smacked down
|
| I see your point, but smacking down a state for having
| different principles is a violation of the principles of
| federalism. If federalism means anything, it includes the
| freedom for a state to make its own experiments in democracy
| as long as they don't cross enumerated federal powers.
|
| If this bill treats people from different states differently
| then it is vulnerable to the commerce clause, but that isn't
| clearly the case.
| collegeburner wrote:
| Right, but a state can't e.g. cut off a river to do
| something with the water then be like "lmao it's an
| experiment in democracy, cry about it". The internet is an
| interstate "thing" where we can't even 100% say who is
| where so this kind of regulation absolutely violates
| federalist principles.
| hirundo wrote:
| > The internet is an interstate "thing" where we can't
| even 100% say who is where so this kind of regulation
| absolutely violates federalist principles.
|
| California regulation has affected people outside of the
| state since long before the internet. If that's enough to
| toss out federalist principles and to handcuff a state
| beyond constitutional justification, then federalism is
| quite weak.
|
| Your argument seems to be that federalism should be
| ignored here in order to protect the integrity of
| federalism. I'm not understanding how that works.
|
| BTW, I very much disagree with California's direction
| here. I moved out of the state after growing up and
| living there for 37 years because of this kind of policy
| making. But as a federalist I value their independence
| more than their correctness.
| paxys wrote:
| > It's a violation of the principles of federalism
|
| Quite the opposite. This is exactly the definition of
| federalism.
| cryptonector wrote:
| There is a tension between a State government's right to
| regulate activity within the state, and the Federal
| government's right to regulate activity between States.
|
| Here the key question regarding interstate commerce
| _should_ be about who must comply with this law (if it
| becomes law). California wants it to be "businesses" with
| a "nexus" in California, but that seems like rather
| expansive. But finding a more limited way to specify
| "California businesses" that isn't also de-fanged is very
| difficult in today's world.
|
| Still, now, suppose that Texas or Florida had conflicting
| laws? Then what?
| Robotbeat wrote:
| This impacts the entire world. Commerce clause is
| applicable here.
| [deleted]
| guywithahat wrote:
| But the result of this is only big companies will be able to
| comply, in which case you'll be faced with a worse privacy
| future than if this bill had never passed
| paxys wrote:
| That argument is used for every new law that is ever
| considered. Did GDPR kill startups? Did CCPA? COPPA? They
| will survive this one as well.
| Robotbeat wrote:
| GDPR made the web noticeably worse than Before.
| veilrap wrote:
| They all certainly made the web a worse experience for
| those using it. Wether that was avoidable or not is moot
| compared to what happened in practice.
| guywithahat wrote:
| Well that's because it's the trade off for new regulation;
| the bar of entry will be raised ever so slightly, and a
| small percentage of struggling/hobby companies will not be
| able to compete. Eventually with enough regulation the
| regulated industry becomes effectively an oligopoly. I mean
| this bill is being pushed in the home state of Facebook,
| Apple, and other tech giants where they donate the most
| money. This is not in spite of them but because of them
| that a bill like this is being pushed through, and I bet if
| you checked up on who's donated to 5rights or the bills
| authors you'd see people bought with big tech money https:/
| /leginfo.legislature.ca.gov/faces/billTextClient.xhtm...
| mgraczyk wrote:
| Just want to chime in that ads-based network effects are a huge
| boon to the economy and ability to be innovating and build
| business on the internet. It's important to recognize that with
| "privacy" regulation like this will likely come an unexpected
| chilling of the online economy. I wouldn't be surprised if
| regulation like this reduced PPP growth for Americans by around
| 1-2% on average in the long term.
| sillystuff wrote:
| If the choice were really all ads going away and all ad
| supported websites going with them, or pervasive tracking,
| I'd gladly give up the minority of ad supported sites that
| provide value to rid the Internet of the scourge of the
| remaining ad supported trash.
|
| The truth is that there is no such dichotomy. Ads do not need
| tracking/"personalization", and if tracking/data collection
| were made illegal, there would be no commercial advantage for
| the scummiest "ad tech" company.
|
| (I'm not commenting on the California legislation, but just
| generally in response to parent)
| StanislavPetrov wrote:
| >I do want to be treated like a child online.
|
| Many of us don't want to be treated like children, much less
| have the government mandate that we treat everyone has
| children. We already have a mechanism for protecting children
| and filtering what they are exposed to, this mechanism is
| called parents. If this mechanism is broken, then we should
| work on ways to fix the mechanism instead of deciding that we
| will simply treat everyone as children and absolve parents from
| their parental responsibilities.
| zepppotemkin wrote:
| reading the bill it seems fairly pro-privacy and generally
| contains things I'd imagine most folks want like limitations on
| collection childrens data, notifications if you're use is being
| monitored and controls over how childrens information is stored
| orangeoxidation wrote:
| The article makes a decent point: Websites will have an
| incentive to prove their visitors are not children.
|
| > It is virtually impossible to identify and segment your user
| base and apply the bill's protections to only those you can
| 100% confirm are under 18.
|
| Doing this might be(come) possible by completely destroying
| anonymous web browsing.
|
| How? Idk and it wasn't mentioned, but you could imagine Credit
| card checking, Electronic IDs, post-ident maybe backed into the
| browser for a one-click identification.
|
| Though it's all a hypothetical on unwanted side-effects. I
| don't think it too concerning as people value random websites
| less than their personal data and I'd expect websites using the
| "everyone is a child" approach to have the advantage.
| drozycki wrote:
| > people value random websites less than their personal data
|
| That's debatable. People would balk at the friction and
| invasiveness of typing in their cc details on every search
| result, but an automatic tool integrated into a browser could
| see wide adoption. Virtually everyone just accepts whatever
| privacy policy and cookie notice is blocking the content on
| random websites.
| api wrote:
| It could be done by requiring client side certificates and
| creating issuing authorities for them.
| bloppe wrote:
| This is a fascinating idea. The only way to preserve a
| modicum of privacy would be if the certificates are issued
| by a privacy-regulated authority, are not directly attached
| to your identity, and are trivial to renew / replace, but
| seems doable
| tragictrash wrote:
| Yeah I agree, but doubt the senate's ability to
| understand the concept, much less draft regulations that
| enact it.
| happyopossum wrote:
| The _how_ isn't the point - the point is that the _what_
| means the end of anonymous casual web browsing.
|
| No more firing up incognito mode to view some YouTube video
| you'd rather not feed your algorithm. No more browsing the
| 'other side' on twitter privately. No googling for
| information about embarrassing rashes without Google and
| webmd knowing exactly who you are.
|
| This is not cool.
| beebmam wrote:
| In my humble opinion, children should be prevented from
| browsing much of the horrific content and/or pornographic
| content on the internet, and I think it is worth thinking
| about how to prevent it.
| thebigjewbowski wrote:
| > No more firing up incognito mode to view some YouTube
| video you'd rather not feed your algorithm. No more
| browsing the 'other side' on twitter privately. No
| googling for information about embarrassing rashes
| without Google and webmd knowing exactly who you are.
|
| I agree with you on principal and don't mean to sound
| dismissive but they're all doing this already.
|
| When I'm trying to look at anything on Twitter it shortly
| launches a full screen thing demanding I login (I refuse
| to sign up).
|
| YouTube requires sign-in for age restricted content.
|
| Google, most annoyingly, makes me complete several
| captchas for using incognito+private relay
|
| Instagram won't open in safari with incognito+private
| relay; I have a throwaway account for just looking at the
| odd link someone sends me in a meme group-chat; I have to
| use another browser.
|
| I often have to replace "www.whatever.reddit" to
| "old.reddit" on my phone to be able to see an "age
| restricted" post, most of the time they aren't anything a
| kid shouldn't be see either, not sure how they're
| determining that.
| bashinator wrote:
| It could also be done by requiring you to submit a
| photograph of yourself and your state-issued ID with intact
| image metadata. I wonder which would be less expensive to
| implement, and which would be simpler for a customer base
| to adopt.
| cryptonector wrote:
| > ...great! I do want to be treated like a child online. I want
| sites to present terms of service in a language I can
| understand. I want ...
|
| That's what you want, but you may not get it.
|
| What you might get instead is: - no service
| unless you "prove" you're over 18
|
| then, to add insult to injury: - privacy-
| invasive age proof
|
| Also, you might instead get: - no service at
| all if you're in CA
|
| Being cynical for a moment, I'd say: you'll never get what you
| want.
| godelski wrote:
| It's worth mentioning that there was also a very
| controversial post on HN about Chinese game companies having
| to do exactly this. There were discussions about things like
| using cameras and machine learning to verify someone's age
| but that also is putting a camera into the room of a child
| (nothing can go wrong here...). There are people condoning as
| well as advocating for these systems. But I think we're
| coming to a turning point in our society where we are going
| to either abandon privacy all together or shift away from
| surveillance capitalism. Either option will have dramatic
| changes on our society.
|
| https://news.ycombinator.com/item?id=28356141
| paxys wrote:
| If a service wants to place these restrictions then sure, a
| competing one will pop up to take its place the next day. I
| will happily build one myself.
| nomel wrote:
| This becomes an issue when ad companies put unverified
| users on a lower tier.
|
| And, the user experience will be restricted (no commenting,
| video uploads, and who knows what "safe" means).
| cryptonector wrote:
| I admire your optimism.
| gernb wrote:
| > I don't want them to store my data unless using it to provide
| a service
|
| Isn't providing a server you can access "providing a service"?
| Alupis wrote:
| The collection of identifying information for every user on
| your website is antithetical to the goals of CCPA and anyone
| that values any resemblance of privacy.
|
| Further, business do not want to be in charge of validating PII
| information, nor do they want to place roadblocks to casual
| users. The darn cookies and GDPR popups are already annoying
| enough. Are we trying to make the web unusable?
|
| This is just insanity, and will lead to a bunch of ecommerce
| businesses and website companies leaving CA. ie, no one will
| comply unless they have absolutely zero other choices.
| zepppotemkin wrote:
| Where is the need to do that specified in the actual bill? ht
| tps://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...
|
| the majority of the bill is restrictions on collecting
| personal information in general
|
| I'm not sure most ecommerce sites would meet the criteria as
| something marketed and targeted at children
|
| I agree that 'likely visited by children' is nebulous but
| this seems to be heavily aimed at live streaming/recording
| services(twitch, tiktok .. etc), large public social forums
| (discord) and things like youtube kids
| Alupis wrote:
| It's spelled out everywhere in the bill. They make it so
| scary to serve content to children (knowingly or not, since
| it's so vaguely defined) that you'll either have to A)
| Verify age (which requires identity) or B) Lock it down for
| everyone.
|
| Making a person/business predict someone's age over the
| internet is just absurd... and fallible... so you will have
| verify identity.
| sidewndr46 wrote:
| Is it correct to say that even my personal blog is covered by
| this?
| Goronmon wrote:
| Does your personal blog collect information about users? If
| so, then maybe?
| Robotbeat wrote:
| Personal information like IP address, that is used to
| enforce troll bans?
| waynesonfire wrote:
| and, do you have settings that limit such collection that
| you have enabled by default?
| polski-g wrote:
| Only if you have a nexus in California.
| paxys wrote:
| If you are collecting and storing personal identifying
| information about users (who may happen to be under 18) then
| yes.
| Alupis wrote:
| Here's who it applies to directly from the bill[1]:
| A business that provides an online service, product, or
| feature likely to be accessed by children.
|
| Child is being defined as[1]: "Child" or
| "children," unless otherwise specified, means a consumer or
| consumers who is are under 18 years of age.
|
| Meaning all websites, including your blog. No one will be
| capable of making a bullet-proof argument their site is
| unlikely to be accessed by a child.
|
| [1] https://leginfo.legislature.ca.gov/faces/billTextClient.x
| htm...
| nimih wrote:
| You should also quote the following section:
| (4) "Likely to be accessed by children" means it is
| reasonable to expect, based on the following indicators,
| that the online service, product, or feature would be
| accessed by children: (A) The online service,
| product, or feature is directed to children as defined by
| the Children's Online Privacy Protection Act (15 U.S.C.
| Sec. 6501 et seq.). (B) The online service,
| product, or feature is determined, based on competent and
| reliable evidence regarding audience composition, to be
| routinely accessed by a significant number of children.
| (C) An online service, product, or feature with
| advertisements marketed to children. (D) An online
| service, product, or feature that is substantially similar
| or the same as an online service, product, or feature
| subject to subparagraph (B). (E) An online service,
| product, or feature that has design elements that are known
| to be of interest to children, including, but not limited
| to, games, cartoons, music, and celebrities who appeal to
| children. (F) A significant amount of the audience
| of the online service, product, or feature is determined,
| based on internal company research, to be children.
|
| I can't speak for the GP poster, but my own personal blog
| meets none of these criteria.
| Alupis wrote:
| I didn't quote it because I provided the direct link to
| the original bill, and felt it would be too messy to
| quote directly.
|
| None-the-less, the above applies to all websites unless
| you want to chance being a test case (and no one does).
| Child is defined as anyone from 0-18 years old, which is
| an incredibly broad category.
|
| Ever once talk about music on your blog? Talk about food?
| Cars? Games? Math? School? Clothing? Programming? TV
| Shows? Upcoming movies? Flying airplanes?
|
| All of these things are of interest to folks 18 and under
| too... you don't have to have a blog about Blue's Clues
| to fall under this deliberately vague, ultra-wide net.
| nimih wrote:
| It's very unclear to me which specific paragraph A-E
| would be triggered by the act of publishing writing about
| food or music on a personal blog. Perhaps if I kept
| detailed metrics about my users and discovered a
| significant number were children, it would be different,
| but I certainly don't do that. Based on that data, I'm
| pretty comfortable not changing any piece of my own
| personal website in response to this legislation.
|
| Don't get me wrong, this looks like a garbage law and I
| truly hope every California resident is writing or
| calling their elected representatives to complain about
| it in specific and excruciating detail, but acting like
| every nerd's low traffic weblog is putting them at risk
| of civil action from the State of California strikes me
| as somewhat hyperbolic and misleading.
| Alupis wrote:
| C, D, and E are killers. (C) An online
| service, product, or feature with advertisements marketed
| to children.
|
| Run ads on your site? Dead... (D) An
| online service, product, or feature that is substantially
| similar or the same as an online service, product, or
| feature subject to subparagraph (B).
|
| Have some element on you site that is similar to any
| other site that might target children? Dead...
| (E) An online service, product, or feature that has
| design elements that are known to be of interest to
| children, including, but not limited to, games, cartoons,
| music, and celebrities who appeal to children.
|
| This literally covers anything in the world you might
| talk about. Remember, "Child" is defined as someone 18 or
| younger... which is a _huge_ and broad category that
| encompasses all interests and topics.
|
| Take a look at Michael Dominick's SE blog:
| https://dominickm.com/
|
| The home page alone violates all of the above.
|
| Lastly, "Business" is not defined here, which is odd
| since these consumer protection laws always define
| explicitly who they apply to.
|
| I have extensive experience with P65 and ADA compliance -
| so vague laws like this one really scare me. The only
| saving grace here is there is no Citizen Enforcement
| provision - ie. the AG has to bring suit. Which also
| means voluntary compliance will be low until the AG makes
| an example of a few unlucky website operators...
| shadowgovt wrote:
| I think it's unclear from the text of this bill whether
| your own personal blog continues to meet none of these
| criteria if you become a schoolyard meme and children
| flock to your site of their own volition.
| AnimalMuppet wrote:
| You're going to fall under (B), if nothing else.
|
| Kids are curious. They go places to see what's there.
| Kids visit your blog, whether you intend for them to or
| not. (They may not come back for a second visit, but a
| number have come for a first...)
| defen wrote:
| > An online service, product, or feature that has design
| elements that are known to be of interest to children,
| including, but not limited to, games, cartoons, music,
| and celebrities who appeal to children.
|
| So if you write an extremely technical blog that happens
| to include a cartoon avatar, is your blog directed at
| children? Example: everything on this blog
| https://gankra.github.io/blah/deinitialize-me-maybe/
| nimih wrote:
| Yeah, maybe. I certainly hope that, given how great
| Gankra's writing is, the business that is running their
| blog does not end up fined many thousands of dollars due
| to some stupid California law.
| r00fus wrote:
| I'm not an content segmentation expert, but this does not
| look like it's child-related content at all. The
| legislation clauses may seem fuzzy but if this were my
| blog I wouldn't be worried.
| defen wrote:
| > does not look like it's child-related content at all
|
| If you're defining "child" to mean 5 year olds, I
| completely agree. But I'm almost certain that there are
| 17 year olds out there who are world-class Rust
| programmers who are reading that blog.
| TulliusCicero wrote:
| > "A business that provides an online service, product, or
| feature likely to be accessed by children"
|
| This seems stupidly vague.
| Alupis wrote:
| As with many of these types of laws in California, I
| suspect they are deliberately vague.
|
| If people/businesses have to guess at what's compliant,
| then they will often choose the most restrictive form of
| compliance out of an abundance of legal caution.
| dane-pgp wrote:
| Possibly even unconstitutionally vague.[0] If a law
| requires someone to accurately predict the future actions
| of large numbers of people they've never met, then that
| seems (to my non-expert understanding) like an
| unreasonable burden on citizens.
|
| [0] https://en.wikipedia.org/wiki/Vagueness_doctrine
| Alupis wrote:
| Frankly put, and regardless of your personal views on the
| subject - if the California Pro-2nd Amendment folks
| haven't been able to get anywhere with this "Vagueness
| Doctrine", then neither will website operators.
| tshaddox wrote:
| I'm not personally a business, so a plain reading of the
| line you posted pretty clearly wouldn't cover my blog if I
| had one.
| Alupis wrote:
| Also of note is "Business" is not defined here, which is
| odd since these types of laws always do.
|
| Deliberately vague...
| gfodor wrote:
| Any legislation that is known up-front to affect all websites
| on the Internet associated with any business is, to me, bad
| legislation. I'm surprised you can support any kind of
| regulation that is consistent with your #1. Fundamentally any
| kind of regulation of internet websites ought to be at least
| partially directed by the counterfactuals. In other words, big
| sites and small sites are different things, and should be
| regulated differently in almost all cases. Otherwise you will
| eventually stop having small sites, since the regulated
| _needed_ for big sites will be imposed on them too, until it is
| too burdensome for them to exist. This would effectively kill
| the Internet /WWW as it is today.
| Robotbeat wrote:
| Yeah, I think people underestimate that risk and what it
| means long-term. Do we want to solidify the web as purely
| just an access point for one of a dozen huge platforms?
|
| There are several web forums I've visited that allow
| anonymous accounts to be created and allow commenting. They
| are well-moderated. Some were also very niche and run by like
| one person. Making a law like this is a one-way street that
| could potentially destroy that capability, some of the best
| parts of the web.
| pascalxus wrote:
| This will force you to log into every single web site that has
| commenting. So much for privacy. Privacy will go out the
| window. Discussion and commenting will go out the window. This
| bill is deeply undemocratic and very much against a free and
| open society.
|
| I hope your comment was just being sarcastic.
| dfxm12 wrote:
| Can you qualify _any_ part of your statement? I 'm trying to
| understand where you're coming from, but none of it follows
| at face value.
| paxys wrote:
| > This will force you to log into every single web site that
| has commenting
|
| Says who? You just made up a random scenario.
| shadowgovt wrote:
| That's the sense of the bill, essentially. If sites are
| required to confirm you aren't children before you're
| allowed into adult conversations, they have to be able to
| authenticate and authorize you.
| svnt wrote:
| What is the practical implication of this anywhere beside eg
| 4chan? Almost every place with any quality of discussion
| requires logging in.
|
| In theory anonymous and instantaneous commenting is an ideal
| of free speech. In practice it repeatably seems to just
| become wasteland.
| tomatotomato37 wrote:
| Actually this won't really affect 4chan either; while it's
| speculated the servers reside in California there's no
| critical dependency that they actually stay there, and once
| the physical servers leave all ties are severed with the
| state and California looses any reasonable way to enforce
| the new law.
|
| It's kinda the same reason the site is accessible in
| Germany/UK/whatever despite violating every hate speech law
| in there jurisdiction
| anotherrandom wrote:
| Are you suggesting the lack of it is a preferable
| alternative?
| idontpost wrote:
| I'm suggesting that it's utterly irrelevant.
| nomel wrote:
| Logging in and verifying age are very different. See the
| new account creation process for the comment you typed, as
| an example.
| waynesonfire wrote:
| > This will force you to log into every single web site that
| has commenting.
|
| which website doesn't? I can only imagine the high quality
| discussions that such a site encourages.
| tshaddox wrote:
| How many different websites is any one person really
| commenting on these days anyway? It's not like 1)
| independent blogs and forums are really a thing any more,
| 2) the blogs and forums that do barely exist have comments
| any more, 3) the major news and media companies have
| comments on their websites any more, or 4) you'd ever want
| to read them even if they did (let alone post your own!).
| KerrAvon wrote:
| You're literally on one. Do you want to upload your
| driver's license to Hacker News? Does Hacker News want to
| be in the business of storing those driver's licenses
| securely?
| waynesonfire wrote:
| I wouldn't use hackernews if they required that. So,
| maybe they shouldn't store my IP address and location by
| default.
| shadowgovt wrote:
| If this bill passes it will be illegal for Hacker News to
| not do that.
| [deleted]
| [deleted]
| idontpost wrote:
| This fear is completely disconnected from reality.
|
| Privacy already doesn't exist online. And discussion and
| commenting (anonymous or otherwise) have been absolute net
| negatives for "free and open" society.
| seti0Cha wrote:
| I guess you never consume content that is considered adult. I
| suspect those who do will feel differently about the issue.
| Goronmon wrote:
| _I guess you never consume content that is considered adult._
|
| This law doesn't appear to cover content, just what
| information you are supposed to collect about your users.
| LinuxBender wrote:
| Does this include collecting or displaying their real name?
| Is that considered PII as it pertains to this law? I ask
| because if I run a forum it will be difficult to force
| people to use fake names unless I generate names for them.
| Some people would be upset if I force them to use a
| randomly generated name, though some would be happy to be
| anonymous.
| seti0Cha wrote:
| I guess I made a leap in assuming that if a site assumed
| for data collection purposes, that a person was a minor,
| they'd have trouble justifying showing adult content to
| that person. Looking back on the article, I see I read
| something into it that was not there. Ironically, I posted
| another comment pointing out that a poster had missed
| something in the article. Guess I better remove the mote
| from my eye before I post more such comments!
| VLM wrote:
| Unfortunately your list of benefits is not in the bill, and the
| bill uses language like "safety, and well-being" in section
| 1798.99.29
|
| I suspect this will be used for selective political censorship.
| midhhhthrow wrote:
| I wish people would stop asking the government to raise their
| children. I am a parent. If you are a parent, start acting like
| one and watch your kids a lot more closely. Or better yet,
| actually spend time with them and stop using iPads as a baby
| sitter. I know this is harsh and may get downvoted but pared
| really need to start taking more responsibility on these matters
| swatcoder wrote:
| I'd wager that most support for bills like these doesn't come
| from people worrying for their own kids so much as wanting to
| have control over how other people's kids are parented.
|
| Charitably, they want to protect neglected kids. Uncharitably,
| they think they know what's right for everyone and want to
| institutionalize it.
|
| But most of supporters probably either have no kids, adult
| kids, or kids who they think they parent well enough to not be
| in danger.
| folkhack wrote:
| I understand your ideals... but in-practice many many children
| don't have engaged, or even present parents. The older I get
| the more I believe people conflate having kids as raising kids.
|
| I don't believe we're on a path for this to get better either.
|
| This is why I'm generally in support over codified + regulated
| child protection acts, especially the online ones.
| svnt wrote:
| I really like the idea of significant mandatory family
| education prior to a marriage license being issued.
|
| We need to move beyond the "it's a melting pot, everyone has
| their own way" and realize that people are making babies with
| little understanding of how to do more than keep them alive.
|
| There is a whole field of early childhood development and
| another in early childhood education and none of it is taught
| except to specialists.
|
| edit: I realize this is imperfect but I believe it is better
| than doing nothing or regulating actual reproduction (however
| you propose to do that).
| rockemsockem wrote:
| Am I correct to say that you're literally advocating for a
| nanny-state then? A state that is charged entirely with
| taking care of children (and by extension adults)?
| folkhack wrote:
| You're being hyperbolic.
|
| I said "This is why I'm generally in support over codified
| + regulated child protection acts, especially the online
| ones." This is clearly not advocating for a "nanny-state."
| I'll rephrase in case I was misunderstood: I am generally
| in support of online child protection acts.
|
| > Am I correct to say
|
| I think it's clear you've already made your mind up by
| pushing what I said to such extreme examples: "nanny-
| state," and claiming I'm advocating for the government to
| fully take care of children/adults.
| bee_rider wrote:
| That's quite an extension.
| [deleted]
| ars wrote:
| Unless I'm reading this wrong - this bills attempts to give
| children privacy _from_ their parents?
|
| "Provide an "obvious signal" if parents can monitor their kids'
| activities online. How does this intersect with COPPA?"
|
| Are they saying they are going to warn the kids that their
| parents can check up on them?
|
| Are they utterly insane, or did I read this wrong?
| nineplay wrote:
| No one in the history of the internet has ever gotten downvoted
| for criticizing modern parenting.
|
| I do not, in any way, support this bill. It's idiotic. I do,
| however, have some sympathy for parent who are not technically
| savvy, do not know how to block unpleasant content from the
| internet, and do not watch their kids all the time. If they did
| watch their kids all the time they'd be called helicopter
| parents so there's really no winning.
| akira2501 wrote:
| > I do, however, have some sympathy for parent who are not
| technically savvy, do not know how to block unpleasant
| content from the internet, and do not watch their kids all
| the time.
|
| The parent ostensibly purchased that device from a business.
| That's where you apply the fix, not to the internet in
| general. This is like trying to put the cat back in the bag
| by legislative fiat.. I expect the same results.
| midhhhthrow wrote:
| When my daughter watches stuff online. I watch with her so we
| can discuss and interact with each other, aka quality time.
| That's not helicopter parenting
| earleybird wrote:
| You're quite right. There's a huge difference between
| coddling and teaching valuable life skills (like critical
| thought).
| nineplay wrote:
| You watch everything she watches and then discuss
| everything she watches? Sheesh, if I was your kid I'd find
| that pretty overbearing. How about letting her have her own
| headspace?
|
| I'd be more motivated to sneak around my internet activity
| just so I could watch something embarrassing like Smurf
| cartoons.
| midhhhthrow wrote:
| At age 7 you should be watching everything with your kid.
| If that's too much then they're watching too much video
| content.
| nineplay wrote:
| You've mentioned two extremes - 7 year olds should be
| completely supervised, 14/15 year olds can make their own
| decisions.
|
| Do you think there ages between 7 and 14 when kids should
| be allowed to watch videos unsupervised and kids should
| have some form of filtering they don't see inappropriate
| content? If so, who will provide that filtering? You
| probably can because you post to HN but not every parent
| will have that skillset
| warkdarrior wrote:
| When your daughter is 14 or 15 years old, are you still
| going to watch all her online stuff with her? Or are you
| going to give her some privacy? And are you confident
| she'll be mature enough at 14 to handle all online content?
| midhhhthrow wrote:
| At a certain point you'll have to trust your youngster to
| make their own decisions on online content , mid teens
| seems like A good time to do that
| trasz wrote:
| So you'd be fine with a shop set up next to your kids' school
| specifically to sell alcohol to them? Because that's
| essentially how social media works right now.
| butUhmErm wrote:
| ok_dad wrote:
| The problem is, that in today's world, more and more time has
| been taken away from people because they have to work much more
| in order to survive the same way. Putting a kid on an iPad or
| the TV for an hour while you have a meeting is almost
| necessary. Not as many people live in a close-knit
| neighborhood, either, so help is non-existent for many. I know
| my wife and I struggle to find time to spend with our son since
| we both have to work. The only good thing for us is we both
| work from home, so we don't have an additional requirement to
| commute for several more hours or have to find a sitter or
| daycare too often. We still sometimes have to hire help to
| watch him when we both have busy days/weeks.
|
| You folks (not specific to the OP here) have to stop assuming
| everyone has the same amount of free time as you do, or perhaps
| some of you folks don't have kids and don't realize just how
| much time and effort they are!
| midhhhthrow wrote:
| Yeah but why do kids need to be online at all? For millions
| of years kids never had computers and they grew up just fine.
| In fact they grew up with fewer cases of depression etc. I've
| got a kid and I don't let them online unless I'm there
| interacting with them, doing stuff together. Maybe I'll let
| them watch for 15min for a job well done but not for hours on
| end
| wizofaus wrote:
| Kids need to be doing what other kids the same age are
| doing. What that is has obviously changed throughout
| history with technology etc. Which doesn't mean I think
| it's perfectly fine to let them spend hours online or doing
| anything sedentary (even reading books) for extended
| periods every day, but stopping your kids from taking part
| in activities all their friends/classmates do isn't likely
| to be good for them either.
| ok_dad wrote:
| I hear you, when I was a kid I was outside a ton.
|
| Here's what I think, but every parent needs to decide for
| themselves: like it or not, the Internet is an integral
| part to socializing today. Not allowing your children to
| socialize this way will hinder their social development,
| especially when you have no control over them in 0-18 years
| from now. They need to be able to learn about how to behave
| on the 'net from a young age, with good supervision and
| guidance. Sometimes it's good to prevent a child from doing
| something harmful, and perhaps limiting their screen time
| in certain ways is necessary, however an extreme version of
| what you say (15 minutes) is definitely going to hobble
| their social lives at some point.
| warkdarrior wrote:
| > For millions of years kids never had computers and they
| grew up just fine. In fact they grew up with fewer cases of
| depression etc. I've got a kid and I don't let them online
| unless I'm there interacting with them, doing stuff
| together. Maybe I'll let them watch for 15min for a job
| well done but not for hours on end
|
| For millions of years kids never had running water in the
| home and they grew up just fine. In fact they grew up with
| fewer cases of depression etc. I've got a kid and I don't
| let them use a sink, bathtub, or toilet unless I'm there
| interacting with them, doing stuff together. Maybe I'll let
| them watch for 15min for a job well done but not for hours
| on end.
| [deleted]
| helen___keller wrote:
| That sounds like a fairly mainstream opinion, particularly on
| this website
| gadflyinyoureye wrote:
| This site loves authoritarianism. Look at how quickly
| comments get flagged if they go against _popular thing_. Heck
| this comment, if not already shadow banned, will be removed
| within 3 hours of its posting, provided your comment rises
| high enough.
| bee_rider wrote:
| You aren't shadowbanned yet at least.
|
| I think shadow bans are applied to accounts rather than
| comments on this site.
|
| TBH "this site loves authoritarianism" seems a bit over-
| dramatic. But I guess we'll see what happens...
| failuser wrote:
| There are parental control options on about every popular
| platform. There is no water in the "protect the kids" argument
| here, all that can be done on the client side for parents that
| want to limit what their kids see.
| chlodwig wrote:
| As a parent and also a startup guy and big fan of the anonymous
| web, my preferred solution would be a requirement for major
| operating system and browser makers to allow me to set an age
| linked to my child's account that gets sent as an HTTP header on
| every web request. That way the provider does not have to force
| adults to login or reveal their identity to access unmoderated
| content, the provider just needs to be legally required to not
| serve minors certain content if they see the HTTP header.
| salawat wrote:
| You have just handed every website operator the capability to
| home in on your child's birth date. Age, combined with sampling
| over time, leaks birth date. If you add an X-jurisdiction-
| advise header (presumably so we can do lookups to figure out
| what laws are in force that we'd have to respect), you'd leak
| uour zipcode eventually. Creating a bunch of sites to do
| marketing shenanigans and demographic analysis via matching
| your traffic with other fingerprint data leaks, can lead to a
| reasonable approximation of gender over time.
|
| Congratulations, you've now managed to leak enough datapoints
| to be deanonymized.
|
| Do not do this.
|
| It is also a _super terrible_ user experience, since now,
| changing the driver of the web browser requires what amounts to
| a login.
|
| _I repeat, do not go down this road, there are bad things
| there_.
| xtracto wrote:
| I would do it the other way around:
|
| Create a standard header with a "Parental Advisory" PG kind of
| label. Then let the consumer decide what to do with it. The web
| is "content", and it is up to the parents to decide how to
| police their kid's content consumption (same as with music,
| video, etc).
|
| Then we can start talking about Operating Systems, Browsers or
| Access points features allowing parents to block pages with
| specific PG ratings.
| wpietri wrote:
| Ooh, that's good. I'd be most helpful if there were
| standardized content warnings so that parents could select
| what they're ok with. E.g., here's one list:
| https://thetvdb.com/taxonomy/movie/22
|
| Also interesting is this site: https://www.doesthedogdie.com/
|
| Maybe this could go beyond parents. There are whole classes
| of image that I'd like to have to choose to see. E.g., if I'm
| eating breakfast and scrolling through Twitter, I don't need
| to see, say, mangled flesh in an accident photo. If there
| were standardized content tags, then parents could tell
| browsers to block outright and adults could make it click-to-
| view.
| easrng wrote:
| That would also likely be better from a fingerprinting
| perspective.
| chlodwig wrote:
| Hmm, that would work too. Under this kind of system, the laws
| protecting children wouldn't ban serving possibly-adult
| content, or require age checking, but would mandate that you
| must label certain content with the correct and appropriate
| age label.
| mjevans wrote:
| No.
|
| Lack of label should be equated to UNRATED, just like for
| movies. By _default_ the Internet should be for Adults who
| have their own right to choose what they see or don't see.
|
| Let the OS / browser / etc WHITELIST things based on a
| claim something is safe for children, or rated in an
| academic context (E.G. Wikipedia / medical / etc).
| autoexec wrote:
| That's a good solution for data that is being sent to users,
| but doesn't help when it comes to data being collected by
| sites and services.
| kube-system wrote:
| Require sites that collect data to announce an adults-only
| rating of sorts?
| sandworm101 wrote:
| How can it be anonymous if the "major operating system and
| browser makers" manage an account tied to a paticular person?
| My OS (linux) never asks me for such, and certainly not my
| browsers. Safety and anonymity require that corporations and
| governments be kept as blind as possible.
| StanislavPetrov wrote:
| As a non-parent and a tech guy who believes in freedom, my
| preferred solution is parents doing their jobs properly and
| restricting their children's access to devices and content that
| is harmful and not meant for children. If the burden of
| responsible parenthood is too much for someone to handle, they
| don't have to have children. It shouldn't be incumbent on the
| rest of us to childproof the world because parents are
| unwilling or unable to monitor and control their children.
| tharne wrote:
| > As a non-parents and a tech guy who believes in freedom, my
| preferred solution is parents doing their jobs properly and
| restricting their children's access to devices and content
| that is harmful and not meant for children.
|
| As a parent, I wholeheartedly agree. It's not the
| government's job, or anyone else's job besides mine, to
| determine what content my children see or do not see.
| Ferrotin wrote:
| This would create an impossible moderation burden on any
| website with user-posted content.
| kube-system wrote:
| If a site cannot moderate their content to a level that is
| appropriate for children, it is not appropriate for children.
|
| Sites for children typically have strict moderation, or more
| often, do not have user-generated content.
| chlodwig wrote:
| Any site that is used by children and has user-posted content
| should spend enough on moderation to keep that user-posted
| content safe, and they should charge whatever they need to
| charge to be able to afford the moderation. Children don't
| need access to unmoderated, advertising supported forums. If
| I really trusted my teenager to be able to handle unmoderated
| user-posted content, I, the parent, could remove the age
| restrictions on their accounts myself.
| ipnon wrote:
| Every website is used by children. Law of large numbers,
| Murphy's law means if any website is accessible online and
| children have internet access, eventually a child will
| visit it.
|
| I don't think we should have books moderate their content
| for children. The library, parents, teachers and everyone
| else responsible for children should take the
| responsibility to restrict these children's access to
| material deemed inappropriate. This is how things have
| worked for countless years, and worked reasonably well. I
| don't think controversial shoehorn legislation is going to
| work any better, but it will come with some downsides.
| r00fus wrote:
| This seems relevant - very specific clauses that identify
| what is children content:
| https://news.ycombinator.com/item?id=32667665
| chlodwig wrote:
| _This is how things have worked for countless years, and
| worked reasonably well._
|
| Things have never worked that way for any other medium.
| Mass internet access has only been around 15 to 30 years,
| depending on how you count it and arguably it has had
| disastrous impact on the well-being and mental health of
| children.
|
| Yes, parents shouldn't be leaving their kids alone with
| the internet, but:
|
| 1. Many parents are going to a bad job at monitoring
| their kid's internet and if we can create rules that will
| leave their children less messed up, we should do so. We
| all pay a price when parents raise messed up kids.
|
| 2. Even for strict parents and well meaning children, it
| is so, so much easier to access poisonous things on the
| internet than on other mediums. It is hard to keep it out
| 24/7, it needs to be harder to access bad things.
|
| 3. As a strict parent, it sucks being stricter than all
| the other parents, sucks having to battle with kids about
| why their peers can do something they can't. Without
| common norms and common rules, their is an incentive for
| parents to defect by being the "cool" parent. And the
| reality of life is that no matter what parents do,
| teenagers are in large part "raised" by their peers.
| Teenagers view their peers as a source of authority
| because they have to live with their peers of the rest of
| their lives, peers represent the new generation. So what
| indulgent parents allow their children to do matters for
| my ability to parent my own child.
| autoexec wrote:
| > Things have never worked that way for any other medium.
|
| they've been working that way for every other medium.
| Some movies are good for kids, some are full of sex and
| gore. Parents have the responsibility to keep their kids
| from watching movies with content they don't want their
| kids to see. It's the same with TV shows and video games
| and books and music and plays and puppet shows. All of
| those mediums exist, and some content will be good for
| kids and other content is not intended for them. It has
| always been the job of parents to make sure they aren't
| sitting in their kids in front of things they don't want
| them to see/hear.
|
| >Many parents are going to a bad job at monitoring their
| kid's internet... As a strict parent, it sucks being
| stricter than all the other parents,
|
| "Being a parent is hard and some people do it better than
| others" is not a valid reason to censor content for
| everyone regardless of their age, or for forcing everyone
| to hand over personal information and identify themselves
| to access uncensored content.
| kube-system wrote:
| All of your examples are situations where the law in many
| countries _does_ require content providers to safeguard
| children from consuming adult content regardless of the
| intervention of their parents.
| autoexec wrote:
| I can't speak to non-US countries, but there is no law in
| the US that requires a bookstore, a used video game
| store, or a cable TV provider to prevent children from
| seeing things their parents don't want them exposed to.
|
| Neither Comcast or HBO are going around checking IDs
| before airing Game of Thrones. I'm curious about which
| countries would require such a thing.
| kube-system wrote:
| V-CHIP and ratings information in broadcasts are required
| by law. Comcast and HBO refuse to sell their services to
| minors, and their products all support parental controls.
| Brick and mortar stores open to children do not display
| pornography, and those that do, prohibit entry to
| children. Providing this material to them is a crime.
| Some places in the US did have laws regarding ESRB
| ratings on video games until SCOTUS recently overturned
| them. etc.
| autoexec wrote:
| > V-CHIP and ratings information in broadcasts are
| required by law.
|
| Ratings and V-chip use aren't enforced by law however.
| Ratings are intended to help parents decide what to allow
| their kids to watch, not to make the choice for adults or
| require adults to prove they are over a certain age to
| access content. V-chips give parents a tool to help block
| some things when and if they decide to, but most people
| never use it.
|
| > Comcast and HBO refuse to sell their services to minors
|
| ISPs don't sell their services to minors either. Adults
| sign up for services and it's their job to decide what
| their own children see on those services.
|
| > Brick and mortar stores open to children do not display
| pornography
|
| They do in the US. Any child can walk into Barnes & Noble
| and see porn on the shelves for sale, or open a book and
| read graphic descriptions of any number of sexual and
| violent acts. At the Barnes & Noble near me, porn is kept
| closer to the children's books than bibles are. Actually,
| any kid can walk into the store and open a bible and read
| descriptions of sexual and violent acts.
|
| Libraries also do not police what content children can
| access within their walls.
|
| > Providing this material to them is a crime.
|
| Not at all, as shown above.
|
| > Some places in the US did have laws regarding ESRB
| ratings on video games until SCOTUS recently overturned
| them. etc.
|
| Another example of an overbroad and dangerous California
| law designed to "protect the children" and it's a damn
| good thing it was struck down by the courts. The
| government has no business policing what media I can see
| as an adult or in policing what media I can show to my
| own children.
| kube-system wrote:
| My claim was simply that some safeguards exist by law,
| which is the case.
|
| https://www.fcc.gov/consumers/guides/v-chip-putting-
| restrict...
|
| https://www.fcc.gov/consumers/guides/obscene-indecent-
| and-pr...
|
| https://www.law.cornell.edu/uscode/text/18/1470
| yamtaddle wrote:
| > they've been working that way for every other medium.
| Some movies are good, some are full of sex and gore.
| Parents have the responsibility to keep their kids from
| watching movies with content they don't want their kids
| to see.
|
| Movie theaters and video rental places tend to refuse to
| serve minors for X or R material, and (if they look
| _quite_ young) even PG-13 films. Stores may and often do
| refuse to sell R-rated films to minors. It may require
| active parental assistance for a minor to see those kinds
| of things (before the Internet, anyway--which is kinda
| the point of this whole discussion) and, even if
| enforcement is imperfect, surely serves to limit how much
| of that material even a very motivated kid can
| practically see (again, _pre_ Internet, I mean). Also,
| kids have to _get to_ those kinds of places, which can be
| pretty damn hard for them to do without a parent at least
| knowing they 're out doing something, if not specifically
| _what_.
|
| Broadcast TV stations risk FCC action if they show
| anything too outrageous when kids may be around, and have
| further restrictions even in night-time hours.
|
| These behaviors are due to a combination of actual
| government regulation, and ongoing or historical
| _credible threats_ of regulation if these industries didn
| 't police themselves well-enough, which prompted the
| creation and enforcement of things like the MPAA's rating
| system (plus some now-defunct frameworks like the Comic
| Books Code or the Hays Code, both of which were much
| stricter than anything we'd likely accept these days--but
| for the "what's historically been within the Overton
| window of the freedom-loving United States?" perspective,
| those aren't _that_ old and _did_ co-exist with and apply
| to modern mass media, so still have some relevance).
|
| The closest analog we have that I can think of is cable
| TV, since it's in the home and offers a whole lot of
| content, and _even that_ tends to self-censor to a
| substantial degree and doesn 't offer many of the worst
| things the Internet does _at all_ --even on premium
| channels, which are another thing an adult has to
| actively work to bring into their house, totally
| separable from the rest of what cable offers.
|
| Libraries are less-restricted and librarians seem to
| enjoy providing things a _bit_ subversive (which is
| great) but I bet even lots of librarians would ask to
| talk to a parent before lending out certain books, let
| alone R-rated films, to young kids.
|
| Support from outside entities--including, and _largely_ ,
| due to government action or threat of same--for parents
| to control what their kids see and hear is, as far as I
| can tell, the _norm_ since fairly early in the days of
| modern mass media.
|
| It's the Internet's model that's an aberration, requiring
| parents to take active steps to keep _prevent_ kids from
| seeing hardcore porn or extreme violence or whatever on
| the same device they have to use to do homework, rather
| than having to take active steps to _enable_ seeing those
| things, as they 'd have to in most other contexts. Isn't
| it? Which doesn't _necessarily_ mean these kinds of
| measures are a good idea, but I don 't think "parents
| have always had to actively work to keep their kids from
| being exposed to awful stuff without substantial help
| from government and the private sector" really holds up,
| unless I'm missing something.
|
| The Internet's unprecedented in its reach and being
| something that's basically required in a modern
| household, and _required_ to allow kids some access to
| (again, it 's not really optional for school anymore),
| but even other _far less necessary_ media have had
| effective, if not perfectly iron-clad and universal, age
| restrictions imposed by businesses and the government.
| Right?
| autoexec wrote:
| > Movie theaters and video rental places tend to refuse
| to serve minors for X or R material, and (if they look
| quite young) even PG-13 films.
|
| that isn't a law, movie ratings are a voluntary system
| designed to help parents make smarter choices about what
| they will allow their kids to see. It is not intended to
| police the actions of adults so that parents don't have
| to do their job. That's the extent of "Support from
| outside entities" that exists in all other mediums (with
| the exception of FCC regulations on broadcast TV and
| radio which were themselves commonly seen as a mistake
| which is why we didn't see them applied to cable TV,
| satellite TV/radio, or the internet)
|
| > t's the Internet's model that's an aberration,
| requiring parents to take active steps to keep prevent
| kids from seeing hardcore porn or extreme violence or
| whatever on the same device they have to use to do
| homework, rather than having to take active steps to
| enable seeing those things, as they'd have to in most
| other contexts. Isn't it?
|
| Nope. The same TV that shows sesame street shows porn,
| HBO shows both kid's movies and Game of Thrones, the same
| theater that shows G rated movies shows R rated movies,
| the same car radio that plays disney songs plays howard
| stern. It has always been the job of parents to monitor
| how children consume media. Always.
|
| > I don't think "parents have always had to actively work
| to keep their kids from being exposed to awful stuff
| without substantial help from government and the private
| sector" really holds up, unless I'm missing something.
|
| Having "help from government and the private sector"
| isn't the problem. There are lots of things the
| government and the private sector can do to help parents
| which would be perfectly acceptable. The rating system on
| movies is a good example. Requiring adults to scan their
| faces every time they want to access a website isn't one
| of them. Requiring adults to scan their IDs to every
| website they visit isn't either.
| yamtaddle wrote:
| > that isn't a law, movie ratings are a voluntary system
| designed to help parents make smarter choices about what
| they will allow their kids to see.
|
| As I covered, most (all?) "voluntary" mass media industry
| regulation schemes have been much more of an outcome of
| "sort your shit out to our satisfaction or we'll regulate
| you into the Earth's core" grumbling from government,
| than _actually_ voluntary.
|
| Part of the trouble here is there's just nothing
| comparable to the Internet. The default before was
| "parents will have to work to _enable_ their kids to
| access questionable material ", not "parents will have to
| work (really, really hard) to _keep_ their kids from
| accessing questionable material, including possibly by
| accident, and maybe stuff pushed on them by some god-
| awful 'algorithm' trying to radicalize them or push them
| into some other harmful rabbit-hole because it helps with
| 'engagement' or some other dumb-assed metric".
|
| Again, the closest thing I can think of is cable, and
| that had a _much_ more limited set of content and kept
| the adult stuff mostly opt-in (so, again, active effort
| required to _enable_ it), plus cable TV was never 1% as
| valuable for getting by in modern society as Internet
| access is--the easy answer of "just don't pay for cable"
| doesn't apply to the Internet, and hasn't for more than a
| decade.
|
| However, _even with media that are far easier to keep out
| of the home_ , government pushes for regulation, and
| effective imposition of such regulation-- _de jure_ or,
| in fear of what _de jure_ might look like, _de facto_
| --has been the norm. Much of this _absolutely_ applied to
| what adults could access (see, again, the Hays or CCA
| regulatory regimes). As for "scanning their face every
| time they access a website"--in earlier situations in
| which a kid might access some piece of media a parent
| hadn't deliberately invited into their home, and in which
| some business was involved, everyone _did_ get a face-
| scan, by the flesh-and-blood clerk, and since 1990 or so
| those situations almost certainly also involve being
| recorded on multiple CCTV cameras (and these days, having
| all that uploaded to god-knows-where and maybe even
| having face recognition applied to it--ugh, the Internet
| was such a bad idea)
|
| Again, part of the trouble with these analogies is
| there's nothing comparable to the Internet. How do you
| have a clerk judge whether a person's face looks old
| enough, at "web scale" and before your web server sends a
| 200 response? You can't, really, but that _doesn 't mean_
| something of that sort isn't typical practically
| everywhere but the Internet. The closest thing you can
| realistically do is automate that process, instead, to
| bring it back into something _resembling_ the past norms.
|
| This is, I repeat, not necessarily a defense of this kind
| of legislation as a good idea-I just don't think it
| actually _is_ a deviation from what was the overwhelming
| norm for how society operated in most of the 20th
| century. The Internet free-for-all model is what 's the
| odd-man-out.
| autoexec wrote:
| > Again, part of the trouble with these analogies is
| there's nothing comparable to the Internet.
|
| I'll agree that the internet comes with it's own set of
| challenges, however computers enable unique sets of
| solutions. There is parental control software you can
| install, logging you can put in place, you can even
| screen-record and keylog everything that takes place on a
| device. Access can be restricted with passwords and
| automatically disconnect the internet at certain times.
| It takes some work to set those kinds of things up, but
| parenting has always required work. The internet has a
| ton of free resources to assist them in that work.
| Nothing is perfect, but thankfully no kid ever died from
| seeing a boob either so mostly things tend to work out.
| My generation was online long before any parental control
| software or porn filers existed and we survived.
| akira2501 wrote:
| > Many parents are going to a bad job at monitoring their
| kid's internet and if we can create rules that will leave
| their children less messed up, we should do so.
|
| Then we should make a law that holds parents responsible
| for poor decision making. It's not incumbent on anyone
| else to make the world a "less messed up" place for them,
| I had zero say in whether you got to have children or
| not.. you just decided to do it one day.
|
| Further, most of us don't believe that this law as
| written or any law in general stands a chance at actually
| addressing your claim. This law does a really good job of
| protecting entrenched entrants and denying new startups
| access to the internet by creating unnecessary technical
| barriers that cost a lot to erect but don't actually
| protect children.
|
| It's the worst of all outcomes, if you actually care
| about "messed up" children.
|
| > it is so, so much easier to access poisonous things on
| the internet than on other mediums
|
| Is "two children talking to each other" a medium or not?
| If so, I don't think the internet holds a candle to this.
|
| > it sucks being stricter than all the other parents,
| sucks having to battle with kids about why their peers
| can do something they can't.
|
| So.. because some parents find it hard to be strict, we
| have to force all parents to be strict. And if they
| aren't? Should we take their children away? I mean, if
| they're too tempted to be "cool" then we shouldn't even
| allow that to occur under any circumstance, should we?
| hgsgm wrote:
| srvmshr wrote:
| Technologically, why should that be a big challenge? In the
| simplest model, the HTML would require a privacy tag/flag
| that would need to be matched against an incoming HTTPS
| request's attribute.
|
| If done right, it might actually be seamless, much unlike the
| GDPR pop-up which needs to be manually cleared.
| wpietri wrote:
| Why would it be impossible? Twitter for years has allowed
| people to mark content, including their whole account, with a
| content warning. Current categories are: Nudity, Violence,
| Sensitive
|
| That puts most of the burden on the poster, and checking the
| occasional box is not much of a burden. And these days it
| also acts as a great tagging system for automated ML filters.
| Combine that with good tools for users to report violations,
| and the burden seems pretty manageable.
|
| And honestly, it might lower site burdens. If people only see
| what they want to see, it could reduce user friction and
| incoming reports.
| hgsgm wrote:
| pitched wrote:
| I would default to calling all content adult-only, to be safe
| legally. Then, the moderation burden is deciding which ones
| are child-safe, which is probably a lower hurdle. But still,
| to be on the safe side legally, I wouldn't want to mark any
| user content child-safe. And so we'd end up with the same
| system we have today.
| godelski wrote:
| Doesn't this just end up putting your children in a vulnerable
| position? You're specifically announcing that they are a child.
| I mean there have been tons of issues with Reddit's r/teenagers
| and predators specifically targeting that subreddit (and some
| laughable/revealing moments when other subs tried to ban
| underage users from their own subreddits and so blocked anyone
| participating in r/teenagers).
| ParksNet wrote:
| California is following the WEF Agenda on Digital Identity:
|
| https://www.weforum.org/agenda/digital-identity/
|
| The goal is to de-anonymize all dissent, and unperson anyone who
| dares criticize the regime. See: Canadian truckers, Australian
| anti-lockdowns moms, etc.
|
| If you want to protect children from adult content, just require
| ISPs to block a list of explicit websites unless the service
| owner opts-in.
| EGreg wrote:
| Didn't Britain recently pass a similar law? What was the name?
| seti0Cha wrote:
| It's mentioned in the article, along with why that should not
| be a model for California.
| jacooper wrote:
| AFAIK it didn't pass, it was still in the planning phase, and
| then because of the governmental mess they have, it still yet
| to pass.
| geoelectric wrote:
| The Clinton admin tried an "ID everyone to access the site" law
| federally back in the 90s as part of Clinton/Gore's attempt to
| censor the internet and it got knocked down for constitutionality
| concerns.
|
| Is CA just relying on the crunchy state politics plus the right-
| biased SCOTUS to pass this with no challenge?
|
| https://en.wikipedia.org/wiki/Child_Online_Protection_Act
| [deleted]
| cryptonector wrote:
| Why wouldn't a left-biased SCOTUS also bless things a left-
| biased legislature wants? I'm inclined to believe that the
| makeup of the SCOTUS wouldn't make that much difference in a
| case about this.
| pessimizer wrote:
| Scalia, while genuinely a bad person, would never have gone
| for this, and he was certainly on the right.
| cryptonector wrote:
| That's almost certainly true of _Scalia_. He who
| spearheaded the "federalism revolution" right up until a
| case about drugs came up, then he did an abrupt 180 on that
| in Raich.
|
| But it's likely not true of Thomas. Is it true of the rest?
| Who knows. The liberals might well side with California's
| liberal government. Hard to say. Even if that would
| surprise you, Scalia's turn in Raich surprised many. It's
| hard to predict the SCOTUS' decisions.
| MomoXenosaga wrote:
| You can't really compare the 90s to today. Kids weren't online
| 24/7 through smartphones. Cyber bullying and sexting were
| unknowns.
| tharne wrote:
| If you're betting on California doing something stupid, you
| always want to go long.
| [deleted]
| karaterobot wrote:
| This legislation does seem rather poorly written, at least in the
| excerpted sections. By poorly written, I mean vague and easily
| misinterpreted.
|
| With GDPR, one consequence of the vagueness is the current
| hellscape of ubiquitous cookie popups on the web, most of which
| don't actually comply with the regulation, and most of which have
| not actually empowered consumers in any way.
| [deleted]
| reillyse wrote:
| The answer to any question posed in a title is no.
|
| Try it sometime. If you see a title question mentally just say
| "no".
|
| The reasons for this law of media are manifold but boil down to
| 1) if there was evidence that the thing would happen they would
| state it. I.e. this title would read California will eliminate..
|
| 2) there is no 2
|
| What's left is for you the reader to try and figure out why the
| author is trying to scare people by posing a question even they
| know can only be answered in the negative.
| pessimizer wrote:
| https://hn.algolia.com/?dateRange=all&page=10&prefix=false&q...
|
| "tome's law: In any discussion about an article whose title is
| a question, Betteridge's law is mentioned with probability 1."
|
| https://news.ycombinator.com/item?id=9077549
| [deleted]
| [deleted]
| amanaplanacanal wrote:
| This seems universally good. If you can't determine that your
| user is an adult, don't collect or store personal information on
| them beyond what is necessary to provide the service.
| AbrahamParangi wrote:
| As universally good as GDPR maybe, where the actual results
| will be largely worse for everyone.
| trasz wrote:
| If you mean the cookie banners, it's the result of GDPR not
| being enforced strictly enough, so companies can use the
| banner to pretend they're not breaking the law.
| bogomipz wrote:
| This has been driving me nuts. So what's going on is bad
| actors just continue to violate the GDPR but throw up
| cookie banners purely as a formality?
|
| I suppose this raises the question how will California
| enforce this?
| OkayPhysicist wrote:
| Frankly, rather than wrapping this in child protection rhetoric,
| this should have just been a universal privacy protection law. If
| they had skipped all this "Think of the Kids!" nonsense, and just
| banned the utterly abominable data gathering rampant on the
| internet today, this kind of negative side effect could be
| completely avoided.
|
| What we need is basic, common sense legislation that says:
|
| - Gather no more data than you need for business purposes.
| Persist even less. If you can't express a specific business
| purpose for the data, you can't gather it.
|
| - Share no more data than you need to for business purposes, and
| with as few parties as possible.
|
| - Publicize those specific business purposes paired with what
| categories of data you collect, and who you share it with. This
| should be a table, with 4 columns: "category", "justification",
| and "Shared With", "Duration".
|
| - Whatever data you do gather, you're liable for, with good-faith
| attempts at following industry best security practices being an
| mitigating factor but not a complete defense in civil suites
| following a data breach.
|
| The GDPR didn't go far enough: the law should be explicit in
| stating that the user CANNOT consent to data being gathered about
| them in excess of what a service they are actively engaging with
| needs for legitimate business purposes. The less wiggle room you
| give, the less ridiculous, user-hostile attempts to circumvent
| the law you'll have.
| smm11 wrote:
| The more that breaks the internet as we know it, the better.
| aaaddaaaaa1112 wrote:
| beardyw wrote:
| With disparate laws in every legislation, it will I think become
| increasingly burdensome to own a website. If you can't reliably
| determine where your user is, you must satisfy all of the laws
| simultaneously - until even that becomes impossible.
| chmod775 wrote:
| Only if you do business in that jurisdiction.
|
| I'm pretty sure some of the websites I'm running are breaking
| laws in about fifty countries, but I don't care because I don't
| live or do business there.
| [deleted]
| WaxProlix wrote:
| I have a website to host some basic static content and maybe a
| few pieces of text. I don't feel like this makes my life any
| more burdensome. Do you maybe mean that it will become
| increasingly burdensome to own a website that collects
| analytics on users, or something similar?
| Robotbeat wrote:
| An enthusiast web forum that captures IP address, often used
| for helping to enforce troll bans.
| WaxProlix wrote:
| They're also not businesses, usually. I didn't read the
| entirety of the bill, but does an IP address alone
| constitute PII here?
| judge2020 wrote:
| Yes, IPs are PII given they can be linked across
| websites. In addition, many ISPs in the US do dynamic IP
| assignment but will let you keep your ipv4 for years if
| you don't go offline for too long (i've gone 24 hours
| without the router connected to the internet on ATT
| without losing my IP).
|
| And the 'business' requirement is more about "doing
| business" in the state and not "the service provider is a
| legally registered business", so individuals also must
| comply.
| [deleted]
| autoexec wrote:
| It does look like you'd be required to perform a data
| protection impact assessment every two years and submit a
| report on it. Likely your report won't be complicated because
| there will be very little impact, but you'll still have to
| file the paperwork and maintain records to be able to prove
| that you did the work and that the required updates were
| performed on schedule without fail.
| bhelkey wrote:
| > Do you maybe mean that it will become increasingly
| burdensome to own a website that collects analytics on users,
| or something similar?
|
| I think you are underestimating the impact. Anything that
| stores account names or emails (forms, comment sections,
| commerce sites, ...) is a very broad list.
|
| Even if none of this is true and you ONLY serve static
| content without analytics delivered to the user you are not
| guaranteed to be safe. Apache by default logs IP addresses
| [1].
|
| [1] https://www.ptr.co.uk/blog/which-ip-addresses-have-
| accessed-...
| hot_gril wrote:
| Does your static webserver log IP addresses of requests? Most
| do by default.
| pclmulqdq wrote:
| My static site sits behind cloudflare and logs to
| /dev/null. It's possible (actually pretty easy) to
| configure things like this.
| sdfjkl wrote:
| At some point it'll be easier to run it as TOR hidden service,
| on Freenet or I2P and stop caring about the bullshit
| legislation.
| dane-pgp wrote:
| Shortly thereafter (if not before), governments will make it
| illegal to go online with a device that doesn't do a remote
| attestation with Secure Boot, and they'll require that the OS
| has a system like Gatekeeper[0] which checks a centrally-
| managed blacklist every time you try to run an application.
|
| [0] https://www.howtogeek.com/701176/does-apple-track-every-
| mac-...
| jwiley wrote:
| This reminds me of a conversation I had with an owner of a bbq
| restaurant who said he was struggling to meet new laws required
| stainless steel tables for food preparation, which was going to
| cost him $25,000 to install. This legislation, according to
| him, was heavily pushed by McDonalds corporation with the
| intention of driving out small business competition.
|
| Whether this is accurate or not, I think it's clear the deluge
| of privacy legislation will have the opposite of the intended
| effect in terms of empowering the facebooks, googles, etc who
| can afford an army of lawyers, privacy engineers, privacy ops
| people, etc.
| adventured wrote:
| The technocrat champions of wrapping the Internet up in the
| nanny state and its regulatory requirements, will inevitably be
| the ones lamenting the burden in 10-15 years as the Internet
| (as we used to know it) is fully choked off. To be clear, the
| Internet barely exists as it is, the Western Europeans (along
| with China and Russia) are way out in front when it comes to
| destroying it - however the US, starting primarily from
| California, will mimic their authoritarian spirit as always.
|
| But but but, we gotta protect the children.
|
| But but but, we gotta stop people from saying bad things that
| could hurt the feelings. Free speech bad. Must regulate speech.
|
| Cycle forward a decade: the government is going too far! This
| is outrageous! Too much surveillance! Muh privacy. Who gave
| them all of this power?!?
|
| Yeah, gee, who indeed.
| adrr wrote:
| Have you built a website lately? Forget an alt tag on some
| graphic on your homepage that has nothing to do with your
| content like to some stock photos. You're going to get an
| accessibility lawsuit threat. Page could be simple one pager of
| your restaurant with all the important content in text like
| location and hours but forget one alt tag on a photo of you
| restaurant.
|
| Not to mention all the patent trolls. Have login functionality,
| there's another lawsuit threat you're going to have to settle
| for $10k.
| tshaddox wrote:
| My gut reaction is that this should be up to each country to
| enforce in its borders. If someone in CountryA wants to send a
| request to my web server in CountryB, in some sense that's
| similar to someone buying something in CountryB and bringing it
| into CountryA. That's obviously up to CountryA's customs
| authority to enforce, not whatever shop in CountryB the item
| was purchased from.
|
| But at the same time I'm very much not into great firewalls.
| r3trohack3r wrote:
| I've never heard someone argue that a packet crossing a
| border is considered an "import" but it makes a lot of sense
| to me!
| pclmulqdq wrote:
| I have a solution for my websites: I don't track people. They
| are just platforms for text and links. The desire to do tons of
| invasive tracking is what got us into this situation in the
| first place, and states like California (and the EU for that
| matter) want to throw the baby out with the bathwater. There's
| a lot of bathwater, so I can't say I blame them.
___________________________________________________________________
(page generated 2022-08-31 23:01 UTC)