[HN Gopher] Discord's face scanning age checks 'start of a bigge...
___________________________________________________________________
Discord's face scanning age checks 'start of a bigger shift'
Author : 1659447091
Score : 89 points
Date : 2025-04-17 12:34 UTC (10 hours ago)
(HTM) web link (www.bbc.com)
(TXT) w3m dump (www.bbc.com)
| jjice wrote:
| Aside from the privacy nightmare, what about someone who is 18
| and just doesn't have the traditional adult facial features? Same
| thing for someone who's 15 and hit puberty early? I can imagine
| that on the edges, it becomes really hard to discern.
|
| If they get it wrong, are you locked out? Do you have to send an
| image of your ID? So many questions. Not a huge fan of these
| recent UK changes (looking at the Apple E2E situation as well). I
| understand what they're going for, but I'm not sure this is the
| best course of action. What do I know though :shrug:.
| roenxi wrote:
| Also, key point in the framing, when was it decided that
| Discord supposed to be the one enforcing this? A pop-up saying
| "you really should be 18+" is one thing, but this sounds like a
| genuine effort to lock out young people. Neither Discord nor a
| government ratings agency should be taking final responsibility
| for how children get bought up, that seems like something
| parents should be responsible for.
|
| This is over-reach. Both in the UK and Australia.
| threeseed wrote:
| > This is over-reach. Both in the UK and Australia
|
| 2/3 of Australians support minimum age restrictions for
| social media [1] and it was in-particular popular amongst
| parents. Putting the responsibility solely on parents shows
| ignorance of the complexities of how children are growing up
| these days.
|
| Many parents have tried to ban social media only for those
| children to experience ostracisation amongst their peer group
| leading to poorer educational and social developmental
| outcomes at a critical time in their live.
|
| That's why you need governments and platform owners to be
| heavily involved.
|
| [1] https://www.theguardian.com/australia-
| news/article/2024/jun/...
| exe34 wrote:
| that sounds quite puritan. my god says I can't, is one
| thing. my god says you can't either, is very different.
|
| now replace god with parent.
| pjc50 wrote:
| It almost certainly is overreach, but locking young people
| out of porn is hardly a new concern. We have variants of this
| argument continuously for decades. I'm not sure there is a
| definitive answer.
| KaiserPro wrote:
| When a corner shop sells cigarettes to minors, who's breaking
| the law?
|
| When a TV channel broadcast porn, who gets fined?
|
| These are accepted laws that protect kids from "harm", which
| are relatively uncontroversial.
|
| Now, the privacy angle is very much the right question. But
| as Discord are the one that are going to get fined, they
| totally need to make sure kids aren't being exposed to shit
| they shouldn't be seeing until they are old enough. In the
| same way the corner shop needs to make sure they don't sell
| booze to 16 year olds.
|
| Now, what is the mechanism that Discord should/could use?
| that's the bigger question.
|
| Can government provide fool proof, secure, private and
| scalable proof of age services? How can private industry do
| it? (Hint: they wont because its a really good source of
| profile information for advertising.)
| EA-3167 wrote:
| Cigarettes are deadly
|
| Broadcasting porn isn't an age ID issue, it's public
| airwaves and they're regulated.
|
| These aren't primarily "think of the children" arguments,
| the former is a major public health issue that's taken
| decades to begin to address, and the latter is about
| ownership.
|
| I don't think that chat rooms are in the same category as
| either public airwaves or drugs. Besides what's the
| realistic outcome here? Under 18's aren't stupid, what
| would you have done as a kid if Discord was suddenly
| blocked off? Shrug and not talk to your friends again?
|
| Or would you figure out how to bypass the checks, use a
| different service, or just use IRC? Telegram chats?
| Something even less moderated and far more open to abuse,
| because that's what can slip under the radar.
|
| So no I don't think this is about protecting kids, I think
| it's about normalizing the loss of anonymity online.
| Symbiote wrote:
| You can swap cigarettes with another age restricted
| product, like pornography or 18-rated DVDs if you prefer.
|
| The UK also has rules on what can be broadcast on TV
| depending on the time of day.
| KaiserPro wrote:
| > These aren't primarily "think of the children"
| arguments
|
| Are you kidding me? v-chip, mary whitehouse, Sex on TV
| are _all_ the result of "think of the children" moral
| panics. Its fuck all to do with ownership.
|
| > I don't think that chat rooms are in the same category
| as either public airwaves
|
| Discord are making cash from underage kids, in the same
| way that meta and google are, in the same way that disney
| and netflix offering kids channels.
|
| Look I'm not saying that discord should be banned for
| kids, but I really do think that there is a better option
| than the binary "Ban it all"/"fuck it, let them eat porn"
|
| Kids need to be able to talk to each other, but they also
| should be able to do that without being either preyed
| upon by nonces, extremists, state actors and more likely
| bored trolls.
|
| Its totally possible to provide anonymous age gating, but
| its almost certainly going to be provided by an adtech
| company unless we, the community provide something
| cheaper and better.
| jkaplowitz wrote:
| At least the ways that a corner shop verifies age don't
| have the same downsides as typical online age verifiers.
| They just look at an ID document; verify that it's on the
| official list of acceptable ID documents, seems to be
| genuine and valid and unexpired, appears to relate to the
| person buying the product, and shows an old enough age; and
| hand the document back.
|
| The corner shop has far fewer false negatives, far lower
| data privacy risk, and clear rules that if applied
| precisely won't add any prejudice about things like skin
| color or country of origin to whatever prejudice already
| exists in the person doing the verification.
| nonchalantsui wrote:
| That's exactly how a digital ID system would work, and
| yet people argue against those all the time as well.
|
| Additionally, the corner shop does not have far lower
| data privacy risks - actually it's quite worse. They have
| you on camera and have a witness who can corroborate you
| are that person on camera, alongside a paper trail for
| your order. There is no privacy there, only the illusion
| of such.
| jkaplowitz wrote:
| By data privacy risks I meant the risk of a breach,
| compromise, or other leak of the database of verified
| IDs. No information about the IDs are generally collected
| in a corner shop, at least when there's no suspicion of
| fraud; they're just viewed temporarily and returned. Not
| only do online service providers retain a lot of
| information about their required verifications, they do
| so for hugely more people than a typical corner shop.
|
| Also, corner shop cameras don't generally retain data for
| nearly as long as typical online age verification laws
| would require. Depending on the country and the technical
| configuration, physical surveillance cameras retain data
| for anywhere from 48 hours to 1 year. Are you really
| saying that most online age verification laws worldwide
| require or allow comparably short retention periods?
| (This might actually be the case for the UK law, if I'm
| correctly reading Ofcom's corresponding guidance, but I
| doubt that's true for most of the similar US state laws.)
| leotravis10 wrote:
| There's a SCOTUS case in FSC v. Paxton that could very well
| decide if age verification is enforced in the US as well so
| sadly this is just the beginning.
| daveoc64 wrote:
| It says in the article - you can send them a scan or photo of
| your ID if the face check doesn't work (or if you don't want to
| do the face scan).
| p_ing wrote:
| Discord also has a manual review process.
|
| https://support.discord.com/hc/en-
| us/articles/30326565624343...
| mezzie2 wrote:
| It's not even edge cases - I was a pretty young looking woman
| and was mistaken for a minor until I was about 24-25. My mother
| had her first child (me) at _27_ and tells me about how she and
| my father would get dirty looks because they assumed he was
| some dirty old man that had impregnated a teenager. (He was 3
| years older than her).
|
| I think, ironically, the best way to fight this would be to
| lean on identity politics: There are probably certain races
| that ping as older or younger. In addition, trans people who
| were on puberty blockers are in a situation where they might be
| 'of age' but not necessarily look like an automated system
| expects them to, and there might be discrepancies between their
| face as scanned and the face/information that's show on their
| ID. Discord has a large trans userbase. Nobody cares about
| privacy, but people make at least some show of caring about
| transphobia and racism.
|
| > So many questions.
|
| Do they keep a database of facial scans even though they say
| they don't? If not, what's to stop one older looking friend (or
| an older sibling/cousin/parent/etc.) from being the 'face' of
| everyone in a group of minors? Do they have a reliable way to
| ensure that a face being scanned isn't AI generated (or
| filtered) itself? What prevents someone from sending in their
| parent's/sibling's/a stolen ID?
|
| Seems like security theater more than anything else.
| nemomarx wrote:
| I don't think they make much of a show of caring about trans
| rights in the UK right about now, unfortunately. In the US
| you can make a strong case that a big database of faces and
| IDs could be really dangerous though I think
| tbrownaw wrote:
| > _In the US you can make a strong case that a big database
| of faces and IDs could be really dangerous though I think_
|
| The government already has this from RealID.
| nemomarx wrote:
| Right but only your photo taken for the Id, not up to
| date face scans that discord is requesting
|
| it seems to me like I'd be more hesitant to go get a govt
| photo taken right now at least.
| mezzie2 wrote:
| It's mostly about the service's audience. Discord is a huge
| trans/queer/etc. hub. If Discord were X or Instagram etc.
| it wouldn't matter. Users of Discord are, as a group, more
| likely to be antagonistic to anything that could be
| transphobic or racist than the general populace. (Whereas
| they don't care about disability rights, which is why
| people with medically delayed puberty aren't a concern.)
|
| A tactical observation more than anything else.
| StefanBatory wrote:
| I had a colleague, that when going out with her boyfriend,
| police was called on him as someone believed he is a
| pedophile.
|
| She was 26. She just was that young looking.
|
| :/
| candiddevmike wrote:
| The right thing to do here is for Discord to ignore the UK laws
| and see what happens, IMO.
|
| Is there a market for leaked facial scans?
| doublerabbit wrote:
| With the UK currently battling Apple, Discord has no chance
| of not getting a lawsuit.
|
| Ofcom is a serious contender in ruling their rules especially
| where Discord is multi-national that even "normies" know and
| use.
|
| And if they got a slap of "we will let you off this time"
| they would still have to create some sort of verification
| service to please the next time.
|
| You might as well piss off your consumers, loose them
| whatever and still hold the centre stage than fight the case
| for not. Nothing is stopping Ofcom from launching another
| lawsuit there after.
|
| > Is there a market for leaked facial scans?
|
| There's a market for everything. Fake driver licenses with
| fake pictures have been around for decades, that would be no
| different.
| 9283409232 wrote:
| Didn't Australia ban porn with women who have A cups under the
| justification of pedos like them?
|
| Edit: This isn't how it played out. See the comment below.
| threeseed wrote:
| No it's just nonsense you invented because you were unwilling
| to do any research.
|
| The actual situation was that the board refused
| classification where an adult was intentionally pretending to
| be an underage child not that they looked like one.
| 9283409232 wrote:
| I added an edit to correct myself however this was not
| something I invented. This story goes back to 09 - 2010. I
| will confess I didn't do any research to confirm though and
| that was my bad.
| neilv wrote:
| FWIW, I can confirm that user 9283409232 didn't make that
| up. I heard that multiple reputable places, years ago.
|
| And it was believable, given a history of genuine but
| inept attempts by some to address real societal problems.
| (As well as given the history of fake attempts to solve
| problems for political points for "doing something". And
| also given the history of "won't someone think of the
| children" disingenuous pretexts often used by others to
| advance unrelated goals.) Basically, no one is surprised
| when many governments do something that seems
| nonsensical.
|
| So, accusing someone of making up a story of a government
| doing something odd in this space might be hasty.
|
| I suspect better would be to give a quick check and then
| "I couldn't find a reference to that; do you have a
| link?"
| zehaeva wrote:
| It's a good thing to think about. I knew a guy in high school
| who had male pattern baldness that started at 13 or 14. Full
| blown by the time he was 16. Dude looked like one of the
| teachers.
| MisterTea wrote:
| Same in my drivers ed at 16, guy had a mans face, large
| stocky build, and thick full beard. I once was talking to a
| tall pretty woman who turned out to be a 12 year old girl.
| And I have a friend who for most of his 20's could pass for
| 13-14 and had a hell of a time getting into bars.
|
| This facial thing feel like a loaded attempt to both check a
| box and get more of that sweet, sweet data to mine. Massive
| privacy invasion and exploitation of children dressed as
| security theater.
| red-iron-pine wrote:
| i went to school with a guy who had serious facial hair at
| like 14. dude was rocking 5 oclock shadows by the end of the
| school day
| AStonesThrow wrote:
| Was your school located at 21 Jump Street?
|
| https://en.wikipedia.org/wiki/21_Jump_Street
|
| Was it Steve Buscemi toting a skateboard?
|
| https://knowyourmeme.com/memes/how-do-you-do-fellow-kids
| joeyh wrote:
| Wise (nee Transferwise) requires a passport style photo taken
| by a webapp for KYC when transferring money. I was recently
| unable to complete that process over a dozen tries, because the
| image processing didn't like something about my face. (Photos
| met all criteria.)
|
| On contacting their support, I learned that they refused to use
| any other process. Also it became apparent that they had
| outsourced it to some other company and had no insight into the
| process and so no way to help. Apparently closing one's account
| will cause an escalation to a team who determines where to send
| the money, which would presumably put some human flexability
| back into the process.
|
| (In the end I was able to get their web app to work by trying
| several other devices, one had a camera that for whatever
| reason satisfied their checks that my face was within the
| required oval etc.)
| brundolf wrote:
| Devil's advocate: couldn't this be better for privacy than
| other age checks because it doesn't require actual
| identification?
| paulryanrogers wrote:
| Considering the ubiquity of facial recognition tech, I
| imagine it could very quickly be abused to identify people
| pdpi wrote:
| > what about someone who is 18 and just doesn't have the
| traditional adult facial features?
|
| This can be challenging even with humans. My ex got carded when
| buying alcohol well into her mid thirties, and staff at the
| schools she taught at mistook her for a student all the time.
| smegger001 wrote:
| I grew a beard when I was younger because I was tired of
| being mistaken for a highschooler its quite annoying to have
| people assume you are 15 when your 20. still regularly carded
| in my 30s
| MisterTea wrote:
| It's interesting how the "features" which many claim IRC is
| missing turn out to be a huge liability. Adult content is applied
| via image hosting, video/audio chat, etc. All things IRC lacks.
| spacebanana7 wrote:
| There is a definitely a textual privilege in media. You can
| write things in books that would never be allowed to be
| depicted in video. Even in Game of Thrones, Ramsay's sadism had
| to be sanitised a little for live action.
|
| This is doubly so if your book is historic in some sense. Still
| find it crazy that Marquis de Sade's stuff is legal.
| doublerabbit wrote:
| > All things IRC lacks.
|
| IRC gives you all the features of a normal client but you've
| got to create them yourself which itself is a dark-art that's
| been squandered by today's gimmicky services.
|
| Just because it doesn't have a fancy UI to present the media
| doesn't mean it can't.
|
| Encode to base64 and post in channel. Decode it back to normal
| format... IRC is excellent for large amounts of stringed text.
|
| You could even stream the movie in base64 and have a client
| that captures the data stream and decodes.
|
| The only thing that IRC lacks is a feature to recall
| conversations where if someone isn't present. But if you're
| someone who needs that host a bouncer or something.
|
| I personally enjoy entering a blank slate.
| blibble wrote:
| sending any reasonably sized jpeg as base64 text will take
| you several minutes with typical server flood protection
| doublerabbit wrote:
| You could chunk it, compress it with gzip. Usenet uses
| yENC.
|
| Public servers sure, may have protections in place but your
| own server and with IRCd's being easy configurable makes it
| non-trivial.
| spacebanana7 wrote:
| I suspect the endgame of this campaign is to have mandatory ID
| checks for social media. Police would have access to these upon
| court orders etc and be able to easily prosecute anyone who posts
| 'harmful' content online.
| lanfeust6 wrote:
| Which would kill social media. The cherry-picked tech giant
| iterations anyway.
| ChocolateGod wrote:
| Exactly, targeting children with their parents credit cards
| is a profitable business.
| samlinnfer wrote:
| They already have this in China and Korea. Hasn't stopped
| people from using social media.
| lanfeust6 wrote:
| The West isn't China and Korea. They can't opt out of
| authoritarian-state surveillance and great firewall,
| whereas we have options more amenable to privacy, even if
| you want to quibble that they aren't perfect.
|
| Also the fact that UK and Australia are kind of backwards
| on online privacy.
|
| That aside, this is targeted. The fediverse and vbulletin
| forums of old, even reddit, are all social media but will
| never require facial recognition. If they do, then far
| worse things are happening to freedom.
| numpad0 wrote:
| Korea is a democratic Western nation, they host US
| military bases and fly F-35. Korean made phones are
| trusted enough that American special forces use it for
| some parachute jumpings.
| like_any_other wrote:
| > The West isn't China and Korea.
|
| They have this in _South_ Korea:
| https://news.ycombinator.com/item?id=43716932
| lanfeust6 wrote:
| This law was struck down for violating the constitution.
| spacebanana7 wrote:
| I don't think it would kill social media, but it'd make it
| more similar to Chinese social media. Essentially impossible
| to use for protests or criticism of things the government
| doesn't critiques on.
| numpad0 wrote:
| It ties real world ultraviolence with social media. It won't
| kill social media, just make it materially toxic. IIUC South
| Korea in 2000s had exactly this, online dispute stories
| coming from there were much worse than anything I had heard
| locally.
| charlie90 wrote:
| Why? People make social media accounts with their real name
| and face already. I doubt it would have any effect.
| pjc50 wrote:
| See e.g. "Ohio social media parental notification act"
|
| (mind you, ID/age requirements for access to adult content go
| way, way back in all countries)
| woodrowbarlow wrote:
| <tin-foil-hat> ultimately, i think the endgame is to require
| government ID in order to access internet services in general,
| a la ender's game. </tin-foil-hat>
| raspyberr wrote:
| Please walk me from scratch how you would access the internet
| on your own right now without any form of Government ID
| squigz wrote:
| ???
|
| I'd walk to a local library and use their wifi. Or walk to
| a local McDonalds and use their wifi. Or walk to a
| friend's/family's house and use their wifi. Or...
| bitmasher9 wrote:
| I know right. There are entire business models where
| "comfortable place to connect to WiFi" is an important
| part of the strategy.
| toast0 wrote:
| I'm in the US. I do have government ID, but I don't recall
| showing it to my network providers. Certainly, some telcos
| want a social security number to run credit; but that's
| often avoidable. I'm pretty sure could also wander down to
| an electronics store (maybe a grocery/drug store too) and
| pick up a prepaid cell phone with internet access, pay for
| it with cash, and get that going without government id in
| the US. It's a bit of a hike to get to the electronics
| store from where I live, but I can get part of the way
| there with the bus that takes cash too.
| zeta0134 wrote:
| Walk into a coffee shop. Look at the wifi password, usually
| a sign near the register. Log onto the wifi network using
| the wifi password. Browse in peace.
|
| Is this sort of flow normal elsewhere? It's certainly
| normal where I live.
| whoopdedo wrote:
| Prepaid 5G phone bought with cash and activated by dialing
| 611.
| Symbiote wrote:
| Prepaid SIM from one of the EU countries that still has
| them, such as Denmark. Purchase in cash from a kiosk.
| like_any_other wrote:
| Many countries (including in the EU) already required ID to
| use a SIM card: https://forestvpn.com/blog/news/countries-
| sim-card-registrat...
|
| Funnily enough, when the Philippines did this, it was decried
| as a violation of human rights [1]. But usually, media are so
| silent on such things I'd call them complicit. One already
| cannot so much as rent a hotel room anywhere in the EU
| without showing government ID.
|
| [1] https://en.wikipedia.org/wiki/SIM_Registration_Act
| woodrowbarlow wrote:
| yup, and this gives the ability to look up per-citizen
| location data.
|
| sidebar: i've been trying to raise awareness about "joint
| communications and sensing" wherever i can lately; many
| companies involved in 6G standardization (esp. nokia) want
| the 6G network to use mmWave radio to create realtime 3d
| environment mappings, aka a "digital twin" of the physical
| world, aka a surveillance state's wet dream.
|
| https://www.nokia.com/blog/building-a-network-with-a-
| sixth-s...
| miohtama wrote:
| Not only rent, but in Spain there is a central database
| where your details are sucked in real time when you rent a
| room or a car, and no oversight how this data is used.
| xvokcarts wrote:
| You can buy (and top up) a SIM card without an ID in the
| EU.
| Muromec wrote:
| That depends on a country and for once there is no
| visible pattern or usual suspects in who requires it or
| not
| 2OEH8eoCRo0 wrote:
| Good!
|
| Why is the Internet any different than say, a porn or liquor
| store? Why are we so fuckin allergic to verification? I'll tell
| ya why- money. Don't pretend it's privacy.
| spacebanana7 wrote:
| It's about power not money. The Chinese social media
| companies who do this are plenty profitable.
| squigz wrote:
| How about we don't pretend there's only 1 single facet to
| this issue, no matter which you think it is?
| woodrowbarlow wrote:
| there two false equivalencies in your argument, as presented
| in response to GP:
|
| 1. ID checks are not the same as age verification.
|
| 2. a social media website is not the same as a porn website.
|
| if you take the stance that social media sites should require
| ID verification, then i would furthermore point out that this
| is likely to impact any website that has a space for users to
| add public feedback, even forums and blogs.
| throwaway875847 wrote:
| Money? Every big ad tech company would love to be provided
| with all that juicy verification data.
| 2OEH8eoCRo0 wrote:
| If they could make more money with verification than
| without then we would already have it.
| like_any_other wrote:
| That would not be unprecedented: _The first major change by the
| Lee Myung-bak government was to require websites with over
| 100,000 daily visitors to make their users register their real
| name and social security numbers._ -
| https://en.wikipedia.org/wiki/Internet_censorship_in_South_K...
| nitwit005 wrote:
| I'm afraid the endgame is, all this activity tied to real
| identities will be repeatedly leaked, get used for blackmail,
| and by foreign intelligence agencies.
|
| Followed by governments basically shrugging.
| miohtama wrote:
| You need to ask what would Trump do. Court order probably
| skipped, or from a friendly judge.
| KaiserPro wrote:
| They already have access to this.
|
| If you run a social media site, then you have an API that
| allows government access to your data.
| ajsnigrutin wrote:
| I think regulation could be done better...
|
| Let's assign one or ideally two adults to each underage child,
| who are aware of the childs real age and can intervene and
| prevent the child from installing discord (and any other social
| media) in the first place or confiscate the equipment if the
| child breaks the rules. They could also regulate many other thing
| in the childs life, not just social network use.
| jasonlotito wrote:
| > confiscate the equipment if the child breaks the rules.
|
| Even you acknowledge this plan is flawed and that the child can
| break the rules. And it's not that difficult. After all,
| confiscating the equipment assumes that they know about the
| equipment and that they can legally seize the equipment. Third
| parties are involved, and doing what you suggests would land
| these adults in prison.
|
| I know you thought you were being smart with your suggestion
| that maybe parents should be parents, but really you just
| highlighted your ignorance.
|
| The goal of these laws are to prevent children from accessing
| content. If some adults get caught in the crossfire, they don't
| care.
|
| Now, I'm not defending these laws or saying anything about
| them. What I am saying is that your "suggestion" is flawed from
| the point of view of those proposing these laws.
| ajsnigrutin wrote:
| These are not 20 something college students with jobs and
| rented apartments, doing stuff without their parents knowing.
|
| These are kids younger than 13, they don't have jobs, they
| live with their parents, no internet/data planes outside of
| control of their parents, no nothing.
|
| The goal of these laws is to get ID checks on social networks
| for everyone, so the governments know who the "loud ones"
| (against whatever political cause) are. Using small kids as a
| reason to do so is a typical modus operandi to achieve that.
|
| Yes, those "one or two adults" I meantioned should be the
| parents, and yes, parents can legally confiscate their kids
| phones if they're doing something stupid online. They can
| also check what the kid is doing online.
|
| If a 12yo kid (or younger) can somehow obtain money and a
| phone and keep it hidden from their parents, that kid will
| also be able to avoid such checks by vpn-ing (or using a
| proxy) to some non-UK country, where those checks won't be
| mandatory. This again is solved by the parents actually
| parenting, again... it's kids younger than 13, at that age,
| parents can and should have total control of their child.
| fkyoureadthedoc wrote:
| It has to be acknowledged that some things, like social
| media and pornography, are harmful to children. "Maintain
| the status quo" isn't an attractive response to that. ID
| laws are not a perfect solution, maybe not even a good one.
|
| You undermine your whole point by pretending VPNs are going
| to make the whole thing moot. Why do you care when you
| won't be affected because you can just use a VPN? Why does
| pornhub make such a fuss when their users can just use a
| VPN? Because in reality, introducing that much friction
| will stop a lot of people.
| ajsnigrutin wrote:
| ID laws are the end goal, the children and porn are just
| an excuse to get ID laws, which would give the
| governments a lot more control over the internet and
| social networks. Just imagin someone like Trump/Ursula
| requesting full list of names of everyone criticizing
| them on eg reddit (because reddit has porn, and you'd
| have to show your ID to be able to use reddit, because of
| your reasons). This is objectively bad for the people and
| for the internet.
|
| Parenting is a good solution, not just giving the kids
| tablets so they stay quiet. Yes, kids are curious, kids
| will still find porn, ID laws or not, but parents should
| teach them and limit their access, not IDs on discord.
|
| And of course porhub is making a fuss, are you, an
| (assuming an) adult going to go to your telco with your
| ID and say "hi, i'm John, i want to watch porn and jerk
| off, but you need to see my ID first"? Or will you find
| some other alternatives, where pornhub doesn't earn that
| money?
| fkyoureadthedoc wrote:
| > Parenting is a good solution
|
| Yes, to most of society's problems. Yet they persist.
| alexey-salmin wrote:
| So? They equally persist in the face of endless laws, I
| don't see how it follows that piling more laws on top is
| a better idea than deferring this to parents.
| fkyoureadthedoc wrote:
| Parenting was the answer to kids not wearing their
| seatbelt, and getting maimed and killed by very
| survivable accidents. Simply teach your kids to wear
| their seatbelt. Yet seatbelt laws reduced fatality (8%)
| and serious injury (9%) in kids. It follows that "piling"
| such a law "on top", one that people decried as
| unconstitutional, was a better idea than deferring to the
| parents.
|
| https://www.nber.org/system/files/working_papers/w13408/w
| 134...
| Hizonner wrote:
| > It has to be acknowledged that some things, like social
| media and pornography, are harmful to children.
|
| It only "has to be acknowledged" if it's true. The
| "evidence" for either of those, but especially social
| media (as if that were even a single well defined thing
| to begin with) is pretty damned shakey. Nobody "has to
| acknowledge" your personal prejudices.
| fkyoureadthedoc wrote:
| You've convinced me that pornography is, in fact,
| beneficial to children. What was I thinking? Thank you
| for your reply.
| Hizonner wrote:
| Nice try, but the burden of proof for your assertion is
| still on you.
| KaiserPro wrote:
| > The goal of these laws is to get ID checks on social
| networks for everyone
|
| The UK government is nowhere near competent enough to be
| that stealthy.
|
| Also, it already has this ability already. Identifying a
| person on social media is pretty simple, All it takes is a
| request to the media company, and to the ISP/phone
| provider.
|
| > If a 12yo kid (or younger) can somehow obtain money and a
| phone and keep it hidden from their parents,
|
| Then you have bigger fucking problems. If a 12yo can do
| that, in your home and not let on, then you've raised a
| fucking super spy.
|
| > parents can and should have total control of their child.
|
| Like how? constantly check their phones? that's just
| invasion of privacy, your kid's never going to trust you.
| Does the average parent know how to do that, will they
| enforce non-disappearing messages?
|
| Allowing kids to be social, safe and not utter little shits
| online is fucking hard. I'm really not sure how we can make
| sure kids aren't being manipulated by fucking tiktok rage
| bait. (I mean adults are too, but thats a different
| problem)
| alexey-salmin wrote:
| You keep saying it's flawed but I don't see how or why.
|
| What exactly is wrong with the idea that parents should look
| after their kids?
| zevv wrote:
| So, what will be the proper technology to apply here? I have no
| problem with verification of my age (not the date of birth, just
| the boolean, >18yo), but I _do_ have a problem with sending any
| party a picture of my face or my passport.
| hedora wrote:
| Parents?
| londons_explore wrote:
| Maybe someone like apple will make a "verify user looks over
| 18" neural net model they can run in the secure enclave of
| iphones, which sends some kind of "age verified by apple" token
| to websites without disclosing your identity outside your own
| device?
|
| Having said that, I bet such a mechanism will prove easy to
| fake (if only by pointing the phone at grandad), and therefore
| be disallowed by governments in short order in favour of
| something that doesn't protect the user as much.
| miki123211 wrote:
| Apple lets you add IDs to your wallet in some jurisdictions.
| I wouldn't be surprised if they eventually introduce a
| system-wide age verification service and let developers
| piggyback on it with safe, privacy-preserving assertions.
| threeseed wrote:
| Variation of PassKeys could work well.
|
| Especially if it was tightly integrated into the OS so that
| parents could issue an AgeKey to each of their children which
| sites would ask for.
| 1659447091 wrote:
| OIDC4VCI(OpenID for Verifiable Credential Issuance)[0] is what
| I think has the most promise.
|
| My understanding is that an issuer can issue a Credential that
| asserts the claims (eg, you are over 18) that you make to
| another entity/website and that entity can verify those claims
| you present to them (Verifiable Credentials).
|
| For example, if we can get banks - who already know our full
| identity - to become Credential Issuers, then we can use bank
| provided Credentials (that assert we are over 18) to present to
| websites and services that require age verification WITHOUT
| having to give them all of our personal information. As long
| the site or service trust that Issuer.
|
| [0] https://openid.net/specs/openid-4-verifiable-credential-
| issu...
| Hizonner wrote:
| You mean without giving them any personal information other
| than _where to find your bank account_.
| 1659447091 wrote:
| It doesn't have to be your bank if you don't want, have the
| DMV be an issuer or your car insurance, or health insurance
| or cell phone service etc.
|
| You choose which one you want you want to have assert your
| claim. They already know you. It's a better option than
| giving every random website or service all of your info and
| biometric data so you can 'like' memes or bother random
| people with DM's or whatever people do on those types of
| social media platforms
| Hizonner wrote:
| > It doesn't have to be your bank if you don't want,
|
| "If I don't want"? _I_ would get no choice at all about
| who it would be, because in practice the Web site (or
| whoever could put pressure on the Web site) would have
| all of the control over which issuers were or were not
| acceptable. Don 't pretend that actual users would have
| any meaningful control over anything.
|
| The sites, even as a (almost certainly captured and
| corrupt) consortium, wouldn't do the work to accept just
| any potentially trustworthy issuer. In fact they probably
| wouldn't even do the work to keep track of all the
| _national governments_ that might issue such credentials.
| Nor would you get all national governments, all banks,
| all insurance companies, all cell phone carriers, all
| neighborhood busibodies, or all of _any_ sufficiently
| large class of potentially "trustable" issuers to agree
| to _become_ issuers. At least not without their attaching
| a whole bunch of unacceptable strings to the deal. What
| 's in it for them, exactly?
|
| Coordinating on certifying authorities is the fatal
| adoption problem for all systems like that. Even the
| X.509 CA infrastructure we have only exists because (a)
| it was set up when there were a lot fewer vested
| interests, and (b) it's very low effort, because it
| doesn't actually verify any facts at all about the
| certificate holder. The idea that you could get around
| that adoption problem while simultaneously preserving
| anything like _privacy_ is just silly.
|
| Furthermore, unless you use an attestation protocol
| that's zero-knowledge in the _identity of the certifier_
| , which OpenID is unlikely ever to specify, nor are
| either issuers or relying parties going to adopt this
| side of the heat death of the Universe, you as a user are
| _still_ always giving up _some_ information about your
| association with _something_.
|
| Worse, even if you could in fact get such a system
| adopted, it would be _a bad thing_. Even if it worked.
| Even if it were totally zero-knowledge. Infrastructure
| built for "of adult age" verification _will_ get applied
| to services that actively _should not have_ such
| verification. Even more certainly, it _will_ extended and
| used to discriminate on plenty of other characteristics.
| That discrimination _will_ be imposed on services by
| governments and other pressuring entities, regardless of
| their own views about who they _want_ to exclude.
|
| And some of it _will_ be discrimination you will think is
| wrong.
|
| It's not a good idea to go around building infrastructure
| like that even if you _can_ get it adopted and even if it
| 's done "right". Which again no non-zero-knowledge system
| can claim to be anyway.
|
| Counterproposal: "those types of social media platforms"
| get zero information about me other than the username I
| use to log in, which may or may not resemble the username
| I use anywhere else. Same for every other user. The false
| "need" to do age verification gets thrown on the trash
| heap where it belongs.
| 1659447091 wrote:
| > Don't pretend that actual users would have any
| meaningful control over anything.
|
| You do have control, you just don't like the option of
| control you have which is to forgo those social/porn
| sites altogether. You want to dictate to businesses and
| the government how to run their business or country laws
| that you want to use. And you can sometimes, if you get a
| large enough group to forgo their services over their
| policies, or to vote in the right people for your cause.
| You can also wail about it til the cows come home, or you
| can try and find working solutions that will BOTH guard
| privacy and allows a business to keep providing services
| by complying with laws that allow them to be in business
| in the first place. It's not black & white and it's not
| instant, it's incremental steps and it's slow and
| sometimes requires minor compromise that comes with being
| an Adult and finding Adult solutions. I'm not interested
| in dreaming about some fantasy of a libertarian
| Seasteading world. Been there done that got the t-shirt.
| I prefer finding solutions in the real world now.
|
| > The false "need" to do age verification gets thrown on
| the trash heap where it belongs.
|
| This is something you should send to your government that
| makes those rules. The businesses (that want to stay in
| compliance) follow the government rules given to them.
| The ones that ask for more are not forcing you against
| your will to be a part of it.
|
| I get you don't like it, I don't care for it either; but
| again, you can throw a fit and pout about it - or try
| tofind workable solutions. This is what I choose to do
| even though I made the choice long ago to not use social
| media (except for this site and GitHub for work if you
| want to count those) porn sites or gambling or other
| nonsense. So all these things don't affect me since I
| don't go around signing up for or caring for all the time
| wasting brain rot(imo) things. But I am interested in
| solutions because I care about data privacy
| Hizonner wrote:
| Those businesses also have control. They just don't like
| the option of control they have, which is to stay out of
| those countries altogether.
|
| > This is something you should send to your government
| that makes those rules.
|
| My government hasn't made those rules, at least not yet.
| Last time they tried, I joined the crowd yelling at them
| about it. It's easier to do that if people aren't giving
| them technology they can pretend solves the fundamental
| problems with what they're doing.
|
| Any more bright ideas?
| 1659447091 wrote:
| > Those businesses also have control. They just don't
| like the option of control they have, which is to stay
| out of those countries altogether.
|
| Yes. ?
|
| Apparently they don't want to leave and are happy staying
| there and complying. If you don't like a businesses
| practice, don't use them. . .
|
| > Last time they tried, I joined the crowd yelling at
| them about it.
|
| Good. I hope more people that feel as strongly about the
| subject as you will follow your lead.
|
| > It's easier to do that if people aren't giving them
| technology they can pretend solves the fundamental
| problems with what they're doing.
|
| No one is "giving" them technology that pretends
| anything. There is a community effort to come up with
| privacy focused, secure solutions. If you noticed the
| OIDC4VC protocols are still in the draft phase. If it's
| fubar no one will use it. Worse than that is, if nothing
| comes of any proposed solutions, the state won't just say
| oh well you tried.
|
| Either we will continue to deal with the current solution
| of businesses collecting our ids and biometrics and each
| one having a db of this info to sell/have stolen, or,
| some consultant that golfs with some gov official will
| tell them the tech industry can't figure it out but they
| have a magic solution that's even better and will build a
| system (using tax dollars) that uses government IDs with
| the added bonus of tracking and then all of our internet
| usage can be tracked by the government.
|
| Wantonly dismissing any effort to make things better in
| an acceptable way is not going to make it magically go
| away forever. That ship has sailed. You can resist
| efforts to find a privacy focused solution and get stuck
| with an even worse one from the state, or, get your crowd
| yelling hat back on and help make sure data and privacy
| protections are solidly baked into these solutions the
| tech community is trying to build.
| LinuxBender wrote:
| I think the post office could suffice in most countries
| for this.
|
| Or server operators could just implement RTA headers and
| put the liability on apps/devices to look for the header.
| someNameIG wrote:
| Discord got me to do this about 2 weeks ago (I'm Australian so
| they seem to be rolling this out here too), at least for the
| face scan the privacy policy said it occurred on device, so if
| you believe that you're not sending anyone images of your face.
| kelseyfrog wrote:
| This is a social problem and as such cannot be solved with
| technology. You would have to make social media so uncool that
| young people didn't use it. One of the easiest ways of doing
| this is associating it with old people. Therefore the fastest
| way to get young people _off_ discord is to get geriatric _on_
| discord and en-mass.
| KaiserPro wrote:
| Underage drinking is a social problem.
|
| The issue isn't social media is bad, the issue is that social
| media has no effective moderation. If an adult is hanging out
| at the park talking to minors, thats easy to spot and
| correct. there is a strong social pressure to not let that
| happen.
|
| The problem is when moving to chat, not only is a mobile
| private to the child, there are no safe mechanisms to allow
| parents to "spot the nonce". Moreover the kid has no real way
| of knowing they are adults until it's too late.
|
| Its a difficult problem, doing nothing is going to ruin a
| generation (or already has), doing it half arsed is going to
| undermine privacy and not solve the problem.
| Hizonner wrote:
| The ophidian lubricant has entered the chat.
| jimbob45 wrote:
| This is how you lose your comfortable market monopoly like Skype
| did. Recall that Skype had better P2P tech than Discord did and
| would still be the market leader if MS had chosen to update
| anything at all besides the logo bi-yearly.
| x187463 wrote:
| I see a lot of comments here arguing age requirements are
| overreach and these decisions should be left to the parents. To
| those presenting such arguments, do you think that applies to
| other activities as well? What about smoking/drinking/firearms?
| Pornography? Driving?
|
| I haven't researched the topic of social media's effect on young
| people, but the common sentiment I encounter is that it's
| generally harmful, or at least capable of harm in a way that is
| difficult to isolate and manage as a parent.
|
| The people closest to this issue, that is parents, school
| faculty, and those who study the psychology and health of
| children/teens, seem to be the most alarmed about the effects of
| social media.
|
| If that's true, I can understand the need to, as a society, agree
| we would like to implement some barrier between kids/teens and
| the social media companies. How that is practically done seems to
| be the challenge. Clicking a box that say's, in effect, "I
| totally promise I am old enough." is completely useless for
| anything other than a thin legal shield.
| squigz wrote:
| The difference is that requiring ID for those activities
| doesn't generally drastically erode the privacy of other
| people.
|
| Instead of destroying the concept of privacy and anonymity on
| the Internet... how about we just stop these companies from
| being as harmful as they are, regardless of your age?
| bitmasher9 wrote:
| > To those presenting such arguments, do you think that applies
| to other activities as well?
|
| You're acting like it's not normal for parents to decide which
| activities a child can do, cannot do, and must do, and to make
| these decisions with appropriate ages in mind. I tend to lean
| towards allowing parents a long leash in their own home and
| other private places but to regulate behavior in schools and
| public places.
| linuxftw wrote:
| > I see a lot of comments here arguing age requirements are
| overreach and these decisions should be left to the parents.
|
| No you don't. The bulk of the comments at this point in time
| don't mention things being left to parents at all.
| hedora wrote:
| > I see a lot of comments here arguing age requirements are
| overreach and these decisions should be left to the parents. To
| those presenting such arguments, do you think that applies to
| other activities as well? What about smoking/drinking/firearms?
| Pornography? Driving?
|
| All of the things on your list are primarily enforced by
| parents already.
|
| This law is regulatory capture that's going to strengthen the
| monopolies of the exact social media sites that you allude to.
| It makes it harder for smaller, focused sites to exist. Instead
| the only option will be sites with algorithmic feeds that
| currently push right-wing nazi propaganda, anti-vaxxers, flat
| earthers, nihilist school shooting clubs for teenagers, or
| whatever fresh hell the internet came up with this morning.
|
| If you think age verification is going to fix these problems on
| the big sites, I suggest watching YouTube Kids. Actually,
| don't. I wouldn't wish that trauma on anyone. Seriously.
| plsbenice34 wrote:
| >I see a lot of comments here arguing age requirements are
| overreach and these decisions should be left to the parents. To
| those presenting such arguments, do you think that applies to
| other activities as well? What about smoking/drinking/firearms?
| Pornography? Driving?
|
| Yes. The state has far, far too much involvement in everybody's
| lives.
| kelseyfrog wrote:
| This is a great stance to have if consequences have zero
| value.
|
| Every time we shrug and say "let the parents decide," we
| gamble with the most vulnerable: the kids who don't yet know
| how to refuse a cigarette, who don't yet grasp the weight of
| a loaded weapon, who don't yet understand that porn isn't a
| harmless curiosity. We gamble with the soul of childhood--and
| when we lose, those children don't get a second chance. They
| leave behind empty chairs at dinner tables, empty beds in
| houses that echo with what might have been. That's the true
| cost of unfettered "parental freedom," and it's a price
| that's easy to pay with someone else's life. But hey, Fuck
| those kids, right?
| Marsymars wrote:
| > I see a lot of comments here arguing age requirements are
| overreach and these decisions should be left to the parents. To
| those presenting such arguments, do you think that applies to
| other activities as well? What about smoking/drinking/firearms?
| Pornography? Driving?
|
| My gut feel here mostly has to do with how I view the activity
| overall. Smoking I see as a social ill that both adults and
| children would be better off without, so I don't particularly
| mind an ID check that inconveniences adults, and that can be
| opted-out from by simply not smoking. (Social media I see as
| pretty akin to smoking.)
|
| Inconveniencing adults with ID checks is probably not actually
| a good way to create incentives though.
|
| (Driving is a special case due to negative externalities and
| danger you cause to others.)
| hedora wrote:
| Like many other people here, I'm wondering what we'll end up
| having to do at work do deal with this. We don't have the
| resources to put a full time person on this, and the UK's not a
| huge market.
|
| For unrelated reasons, we already have to implement geoblocking,
| and we're also intentionally VPN friendly. I suspect most
| services are that way, so the easy way out is to add "UK" to the
| same list as North Korea and Iran.
|
| Anyway, if enough services implement this that way, I'd expect
| the UK to start repealing laws like this (or to start seeing
| China-level adoption of VPN services). That limits the blast
| radius to services actually based in the UK. Those are already
| dropping like flies, sadly.
|
| I hope the rest of the international tech community applies this
| sort of pressure. Strength in numbers is about all we have left
| these days.
| fny wrote:
| You'll likely end up paying someone else to do it for you.
| hedora wrote:
| I'm reasonably sure we will not. Dealing with an integration
| like that means not shipping some other feature to the rest
| of the planet. The marginal gain of accepting UK users is
| lower than the marginal gain of increasing addressable market
| everywhere else.
| fkyoureadthedoc wrote:
| > I suspect most services are that way
|
| I don't know actual numbers, but I gave up using VPN by default
| because in my experience they definitely are not.
| acureau wrote:
| Maybe the start of a bigger shift to another platform. I'd wager
| a large portion of the Discord user-base is underage, and they've
| got nothing but time.
| josefritzishere wrote:
| This is a privacy nightmare. Mandatory biometrics are pure
| insanity.
| miohtama wrote:
| A book recommendation on the topic:
|
| > This is the first book to examine the growth and phenomenon of
| a securitized and criminalized compliance society which relies
| increasingly on intelligence-led and predictive technologies to
| control future risks, crimes, and security threats. It
| articulates the emergence of a 'compliance-industrial complex'
| that synthesizes regulatory capitalism and surveillance
| capitalism to impose new regimes of power and control, as well as
| new forms of subjectivity subservient to the 'operating system'
| of a pre-crime society.
|
| https://www.amazon.com/Compliance-Industrial-Complex-Operati...
| nyanpasu64 wrote:
| Frankly I'm scared by governments and corporations going "papers,
| please" for people to be allowed to access the Internet. On top
| of endangering privacy by tying pseudonymous online interactions
| to real-life ID and biometrics, attempts to block under-18 people
| from finding information or interacting online will only amplify
| how society regards them as not having rights. This will isolate
| people (especially gay and trans teens) living with abusive
| parents from finding support networks, and prevent them from
| _learning_ (by talking to friends in different situations) that
| being beaten or emotionally put down by parents is abusive and
| traumatizing.
|
| I know all too well that when you grow up you're psychologically
| wired to _assume_ that the way the parents treated you is normal,
| and if they harmed you then you deserve to be hurt. I 've made
| friends with and assisted many teens and young adults in unsafe
| living situations (and talked to people who grew up in
| fundamentalist religions and cults), and they're dependent on
| online support networks to recognize and cope with abuse, get
| advice, and seek help in dangerous situations.
| nicbou wrote:
| To add to this, some people might be left out because companies
| are not financially incentivised to verify them.
|
| In Germany, immigrants struggle to open a bank account because
| the banks require documents that they don't have (and that they
| can hardly get with a bank account). Russian, Iranian and
| Syrian citizens have a particularly hard time finding a bank
| that works for them. The most common video document
| verification system does not support some Indian passports,
| among others.
|
| To banks, leaving these people out is a rational business
| decision. The same thing will happen to those deemed too risky
| or too much hassle by the internet's gatekeepers, but at a much
| bigger scale.
| exe34 wrote:
| > prevent them from learning (by talking to friends in
| different situations) that being beaten or emotionally put down
| by parents is abusive and traumatizing.
|
| parents didn't know I'm gay, but they did control all flow of
| information (before social media) by controlling all movements
| outside school.
|
| it took me until my thirties to realise how deeply abusive my
| childhood was. the only hints I had, in hindsight, was the
| first Christmas at uni, everybody was excited to go home and I
| couldn't fathom why on earth anybody would want to. I dismissed
| it as an oddity at the time.
| 1970-01-01 wrote:
| thispersondoesnotexist.com
|
| Now off ya go, little rascals.
| MiddleEndian wrote:
| Fuck this, need a law to explicitly ban face scanning
| aucisson_masque wrote:
| They will do just enough so that they comply with the law while
| kids will be able to easily bypass it.
|
| Where there is a will, there is mean and teenager looking for
| porn... That's a big willpower.
| nubinetwork wrote:
| The day discord asks me for a picture, is the day I close my
| account
| hightrix wrote:
| I thought the same at first. But I imagine it'd be relatively
| trivial to generate a fake ID to upload that would suffice.
| gertrunde wrote:
| I would like to think there there is a solution that can be
| engineered, in which a service is able to verify that a user is
| above an appropriate age threshold, while maintaining privacy
| safeguards, including, where relevant, for the age-protected
| service not to be privy to the identity of the user, and for the
| age verification service to not be privy to the nature of the
| age-protected service being accessed.
|
| In this day and age, of crypto, and certificates, and sso, and
| all that gubbins, it's surely only a matter of deciding that this
| is a problem that needs solving.
|
| (Unless the problem really isn't the age of the user at all, but
| harvesting information...)
| paxys wrote:
| Transferring your age and a way to verify it to any third party
| is by definition a privacy violation. Doing so in a safe way is
| literally impossible since I _don 't want to share that
| information_ in the first place.
| packetlost wrote:
| I feel like you could, theoretically, have a service that has
| an ID (as drivers license ID), perhaps operated by your
| government, that has an API and a notion of an ephemeral
| identifier that can be used to provide a digital attestation
| of some property without exposing that property or the exact
| identity of the person. It would require that the attestation
| system is trusted by all parties though, which is I think the
| core problem.
| brian-armstrong wrote:
| Wouldn't this require the API provider to know that tbe
| citizen is connecting to the app? Grindr users might be
| squeamish about letting the current US admin know about
| that.
| nonchalantsui wrote:
| Do you feel this way when you enter credit card information
| when making a purchase online?
| Aurornis wrote:
| Crypto comes up every time this topic is discussed but it
| misses the point.
|
| The hard part is identifying with reasonable accuracy that the
| person sitting in front of the device is who they say they are,
| or a certain age.
|
| Offloading everything to crypto primitive moves the problem
| into a different domain where the check is verifying you have
| access to some crypto primitive, not that it's actually you or
| yours.
|
| Any fully privacy-preserving crypto solution would have the
| flaw that verifications could be sold online. Someone turns 21
| (or other age) and begins selling verifications with their ID
| because there is no attachment back to them, and therefore no
| consequences. So people then start imaging extra layers that
| would protect against this, which start eroding the privacy
| because you're returning back to central verification of
| something.
| Edmond wrote:
| There is a solution and I am the developer:
|
| https://news.ycombinator.com/item?id=40298552#40298804
|
| Talking about it or explaining it is like pulling teeth;
| generally just a thorough misunderstanding of the
| notion....even though cryptographic certificates make the
| modern internet possible.
| whall6 wrote:
| How are the certificates issued?
| Edmond wrote:
| https://certisfy.com/partnership/
|
| Any number of entities can be certificate issuers, as long
| as they can be deemed sufficiently trustworthy. Schools,
| places of worship, police, notary, employers...they can all
| play the role of trust anchor.
| blibble wrote:
| interesting idea...
|
| how do you handle revocation when people inevitably start
| certifying false information?
| femiagbabiaka wrote:
| The U.S., at least, needs a national ID. That, and a verification
| system for businesses to use, would solve so many of these
| issues.
___________________________________________________________________
(page generated 2025-04-17 23:00 UTC)