Don’t get me wrong, I’m all for privacy. But between setting up the birthdate when creating my children’s local account on their computers, and having to send a copy of their ID to every platform under the sun, I’d easily chose the former.
I’d even agree to a simple protocol (HTTP X-Over-18 / X-Over-21 headers?) to that.
You must log in or # to comment.
If they say they’re doing something “to protect the children,” you know it’s some truly heinous shit.
Because it will only be a simple birthdate until they decide to use those laws to go even further.
While an international cabal of rich white men participate in a pedophile club run by america/israeli rich white other men, we need to ensure that the youth of today don’t prematurely access “racy” pictures. Make it make sense.
Yes.
My conspiracy theory is their end goal is a full database of everyone’s children’s photos and locations, to they can window shop which of our kids they want to grab and take to Epstein Island 2.0, next.
Because parents are responsible for stuff their off-spring does and the government should not be needed to do that.
At the very most, provide tools to help parents (e.g. on device filtering etc. or require companies to provide APIs to facilitate the same goal)Other than that: Fuck off of my phone.
How is your first reason an argument against OS-level check?
It’s not needed, thar’s the parents job. Not the OS’ job
People keep saying this. Is it not within an operating system’s purview to provide parents tools to configure what their kid can do with the system? Have parental controls been out-of-scope for all these OSes this whole time?
Whether it should be government-mandated is one question, but it seems more like this “it’s the parent’s job, not the OS’s” has become a tagline that people just repeat rather than really thinking through it.
Is your expectation then that parents should sit over their kids’ shoulder every moment that they access the internet? Are our tools not supposed to make that easier to handle?
At the very most, provide tools to help parents (e.g. on device filtering etc. or require companies to provide APIs to facilitate the same goal)
I thought that this is what you were getting at here, which is why I asked how this was an argument against values held locally on the device.
Whether it should be government-mandated is one question,
That:s my primary issue
Is your expectation then that parents should sit over their kids’ shoulder every moment that they access the internet? Are our tools not supposed to make that easier to handle?
In a perfect world, I would want APIs and other integrations be made available that will do that and the parent will only need to press a button to allow/deny it.
Not really government mandated but voluntarily by a group that executes the vision of a parent, requested by the government (due to requests by the parental society but not because corps deciding they need/want more controllable elements) and the technical parties (e.g. OS devs) that can integrate the wish.Unfortunately this will probably be a mandated integration requiring everyone, doesnt matter if a child is existing, to authenticate that they are truly legally able to access the device and/or ressource.
Great, now as a childless person I have to do those things because some were irresponsible and ruined it for everyone :/I hope I could communicate my issue.
Whether it should be government-mandated is one question, but it seems more like this “it’s the parent’s job, not the OS’s” has become a tagline that people just repeat rather than really thinking through it.
People usually repeat it for calls for checks on online platforms, not just within the scope of OS - but its primarily stated because people, quite fairly, don’t want to see websites having to shut down, or them losing access entirely, or losing access without handing over private data because of parents inability to control their childs access to the internet.
Sure. I think clearly this thread has been talking about the OS piece specifically. I wholly disagree with having some private company that collects IDs and makes the determination themselves. If instead your browser can just ask your device if you have parental controls enabled, then that removes the privacy concern entirely, as far as I know. Is there an extra data point for browser fingerprinting? Yeah, I guess. But I would also assume that anyone who cares to avoid this fingerprinting is going to not have parental controls enabled.
Essentially, I’m confused why the world gave up so quickly on parental controls (not really confused—the alternative provides more surveillance capability).
But even if it happened purely at the OS level, it would be laughably unenforceable at best.
Essentially, I’m confused why the world gave up so quickly on parental controls (not really confused—the alternative provides more surveillance capability).
I can easily imagine a piece of software parents can download, for free, that if installed would basically function akin to a virus on someone’s computer - it blacklists much of the internet and is updated and maintained by a company that updates the allowed sites and banned sites regularly. It could not be turned off. If it crashes, is ended by force, it automatically reloads - and any attempts to remove it sends emails or text messages to the owners (the parents) who would know something is up. It could be turned off only by the parent putting in a specific password to disable it, and if they forgot, they would have to phone the company to get it reset.
Any responsible parent would install this on the phones and computers of their kids and it would do everything they need.
One thing I said before is the question of what is the research on this, and how do we know child internet safety is actually a problem? I don’t know the statistics on this, and I haven’t done much studying on it yet. So I will admit that I have been operating under the premise that this is an issue to begin with. Someone mentioned routers with parental blocks. Aside from being able to easily disconnect from the network (inevitability for kids because it’s easy and they have plausible deniability, in my opinion), if child internet safety is currently an issue, then clearly there is something about it that isn’t working.
But even if it happened purely at the OS level, it would be laughably unenforceable at best.
Don’t get me wrong, it would still require another component whether that be a requirement for websites to query the OS via the browser, or a database of “bad” websites.
Now, if you want there to be an app that handles this, that’s your opinion and I respect that. Personally, I would rather it be built into the OS. Least of all because already-on-your-device is easier than something parents need to research and download on their kids’ devices. More significantly, if this kind of capability becomes an expectation for your general usage OSes to have, then that’s less incentive for some company to come in and try to capitalize off of it and charge $12.99 per month, and then still have incentive to collect and sell data on which sites are being visited. I mean, you can be reasonably sure that Microsoft is gonna do that too, but that would be another reason to switch to a Linux distro that doesn’t do that.
because its designed to feed surveillance data to Palintir, which allows governments all over the west to monitor any dissident movements, or relatives of “dissidents” against right wing governments. dont know of any computer system requiring your ID/ or birthday, you can always fake a birthday.
right now the biggest threat to conservative governments is anyone “left” of them.
Wrong technical solution to a made up problem.
Governments have commissioned enough studies to know that education, training, and parental controls filtering content at the receiving end are more effective & less infringing of civil rights than laws imposing restrictions & penalties on website operators to comply with online age verification. Laws could instead allocate resources to promote the former in a major way, setup independent evaluations reporting the effectiveness of child protection technologies to the public, promote standards & the development of better standards in the industry. Laws of the latter kind simply aren’t needed & also suffer technical defects.
The most fatal technical defect is they lack enforceability on websites outside their jurisdiction. They’re limited to HTTP (or successor). They practically rule out dynamic content (chat, fora) for minors unless that content is dynamically prescreened. Parental control filters lack all these defects, and they don’t adversely impact privacy, fundamental rights, and law enforcement.
Governments know better & choose worse, because it’s not about promoting the public good, it’s about imposing control.
The issue in general is that there is no organization that can be trusted to verify the age, but not find a way to leverage that into gathering some info about the child and selling it.
That aside. Age is mostly meaningless. Everyone matures at different rates. The difference in rate between girls and boys results in effectively several years meaningful difference. Like a 10 year old female muturity is more similar to a 13 years old boy than a 10 year old boy. And 18 is just an arbitrary number that happens to coincide with finishing high school. And has no actual association to maturity. This is why car rental places won’t rent to under 21s most of the time. Some hotels won’t let you have a room until 25. So trying to decide what content should be available based on age is pointless. And they know that. So they aren’t tryi g to protect anyone. They are trying to extract information they can sell.
Will you be allowed to lie about the age? If yes, then it’s a pointless law. If no, then whoever is checking needs to have more control over your device than you do, DRM style. That’s gives them an entry point through which they can put whatever they want without you being able to control it.
The Califirnia law, at least, states the age flag should be set when the account is created, presumably by the controller of the computer, and holds that controller responsible for setting it correctly, and the developer responsible for ensuring it’s set and works correctly, at least, that’s my reading of it. If it’s your computer, that makes you resoonsible for setting your age and that of accounts you create for your children.
So that means that kids can’t buy computers?
Can’t buy a cheap used raspberry pi or old laptop/desktop in order to set up as a server?I don’t think there would be any difficulty with a kid setting up a computer, as in most juristictions the parents are responsible for their childrens’ actions until they are adults themselves. So the oarents would still be responsible for what the kid did with the computer in the same way they often are now.
So then the law is pointless as implemented, since parents can already do this. Which leads to the conclusion that there must be some other motivation
So these “os reporting age bands” laws are useless then.
Cause either the parents are being responsible, at which point there are many parental tools for network and device control.
Or they aren’t being responsible, and the kid can easily bypass it or just buy their own device.These age band laws basically work in the opposite way to the usual parental controls. Rather than having to install and maintain the control software and having the filtering at the client end of the connection, parents need only set a flag and filtering will occur at the source end of the connection.
Will these laws provide perfect protection that eliminates the need for parental oversight of childrens’ internet access? No. Will they help stop kids accidentally stumbling into unsuitable content, reducing harm overall? Yes. As a parent, one of the things I worry about is my kids browsing sites such as youtube. Even if they’re using it for research for school projects, I can never be certain it wont prompt them to watch an unsuitable video. With a simple “this user is a child, don’t show them anything unsuitable” flag, I wouldn’t have to spend so much energy monitoring everything and could spend more energy talking to them about what they’re actually watching.
One of the key parts of the Californian law is that if the client machine sends the flag, the service must treat it as authoratative, and should not use other means of checking. That is good news, as it means there is no incentive for sites to integrate more intrusive measures such as third parties scanning givernment issued ID.
and to prove its not actually about safety and instead about control: parents are already responsible for what kids do online and could be charged using existing laws. but… where is the overreach in that?!
Just because they are responsible doesn’t mean the have the means to exert their responsibility. Demanding birth-date upon (local) account creation would allow them to better exert that responsiblity.
no it wont. kids get around shit easier than ever especially with luddite parents.
if the gov actually cared they’d take to charging using existing laws.
Parents of current 8-18 year olds are gen X and millenials, who every survey shows are (on average) significantly more tech literate than gen Z and Alpha.
correct. i am a gen x software engineer and I know for a fact my kid who is now 25 would always find ways around firewalls when he was 14 and horned up.
my point is that we have laws already that are perfectly appropriate to the “concern” stated, “child safety.”
any new laws will only give more access to important data to corporations who are known to do bad things with it.
that does not make it worth it. my opinion would change if there was a legit large inrush of charges using exiting laws that then did nothing to help, then one could argue we need more law. but thats just not the case today.
Whilst parents absolutely should be guiding and helping the kids determine where they go online, and what they look at, I’m trying to envision where, or how, parents would be liable for them looking at something inappropriately “adult”, barring actual child neglect.
A system like this would actually help parents be more confident that little Johnny wasn’t going to stumble across something in appropriate, because, yes, in a way this is about control. It’s about controlling what kids are exposed to before they are intellectually ready for it. Yes, there are potentially serious issues around that, such as limiting access to LGBTQ+ or other helpful material for young adults, but that should be a discussion around what information is needed at each age, rather than how to indicate that age.
Age gating on the open internet will happen, I don’t see any way that it wont, what matters is how it is implemented. We know that submitting government issued ID to every site with potentially contentious content is a terrible idea; this neatly sidesteps the need for that, and actually forbids it.
for ex: if you let your kid look at porn, in the US, the parents are absolutely liable for various forms of “risk of injury to a child “ laws.
To bring charges under those sorts of laws there’s going to have to be some external evidence of harm. Either the kid is acting in a way that causes an agency sufficient concern that they investigate the family, or the government mandate much stricter monitoring of exactly who is doing what online. The former case is unlikely, but should probably be persued vigerously when it does hapoen, and the latter case is something I imagine we all very much want to avoid.
By providing a simple, privacy conscious, way of taking some of the burden of vigilence off of the parents (the child is less likely to stumble on inappropriate material) it makes it easier for them to provide actually beneficial guidance, and reduces the risk of law enforecement getting involved to investigate minor transgressions.
if they are claiming the new laws are for kid safety there must be existing already some external evidence of the need, no?
There’s fairly clear evidence at a societal level that access to, for instance, hardcore pornigraphic material is harmful to children, but that is very different to having evidence that a particular child is currently being exposed to it.
putting burden for safety on corps is not a healthy thing.
The burden is still on the parents, but this would actually provide a useful tool for them to address that burden.
Right, so the law is pointless, since there is already a thousand different ways to control what children see on the Internet.
OS age verification would effectively make some, if not most, linux distributions (or other less-popular operating systems) illegal. Because many linux distributions are made by small team of volunteers. In some cases a linux distribution might be maintained by literally one person. So these people likely do not have the time or money to include something like age verification into the operating system.
That said, there are some technically possible ways where this could be done to reduce the load on developers (perhaps with access codes, and a government maintained database) but the way age verification had is being done right now (face scanning, etc) would be a real headache to implement and quite possibly cost or time prohibitive.
It would be a shame if age verification laws effectively made open source operating systems illegal. It would suck if these laws inadvertently made it legally required that we need to support big tech companies like Apple or Microsoft in order to use a computer.
Including an age flag field in user data on Linux is fairly trivial, and I’ve seen several proposals for it. Once that’s in place it’s up to browsers, “app stores”, or anything else that needs it to request the data and use it.
The effort from a Linux team here would amount to little more than a “are you 18 yes/no” and there’s no way that would be considered good enough down the line if not now.
Yet, with the way the California bill is written, so long as that data was collected at account creation, it would be adaquate.
Sure. For now. But in any case, aren’t they legally viable if someone complains?
Including an age flag field in user data on Linux is fairly trivial, and I’ve seen several proposals for it
What would these systems look like? Im curious.
My concern is that, even if these systems are technically possible, the law will settle on using lucky inefficient methods of age verification such as using AI to scan someone’s face.
It one of the reasons I like the way the California bill has been written, it’s very clear that you set the flag, or provide a date, and not only makes no mention of verifying it in any way, but also requires that anything using it trusts it and may not perform any other checking. A service using that data is also explicitly not liable if it’s wrong, so they have no insentive check any further.
It is, obviously, possibly that laws will change in future, but it seems to me that having something like this in place actually makes it harder to implement anything more intrusive later.
Yeah I’ve heard of similar systems in Europe. It’s similar to two factor authentication. Hopefully something like this could also screen out bots, making influence campaigns more difficult. But regardless, however its implemented I hope it will be easy for not-for-profit operating systems (such as linux distros) to operate
This is why I consider it regulatory capture in a trench coat.
On the one hand, it is a privacy nightmare.
On the other hand, those laws are so badly written, they will apply to things you would never consider an issue. E.g. a security camera, a router, a NAS. For each of them, the law applies, because they have an OS, they are attached to a network, and they have logins. Think about it, and it basically applies to any network enabled device.
Just because one option is better than another, doesn’t mean it’s good.
OS level age check applies to everyone, not just children. Some legislations require strong age checking, which means you need to send some identification to some service. You won’t be able to know how the information is handled, for how long it’s stored and for what purposes it’s used beside age checking. And because this applies to everyone, and is required to be able to use your computer, everything you do with your computer and phone is tied to your user account, and as such to you as an individual and identifiable human being.
Some of these legislations uses age ranges, and the OS is required to inform applications, and such, whether the user is, for example, below 13 years old, or 13 to 16 years old, etc. Consider this simple scenario: Some user uses some application, and the OS reports the user’s age as below 13. The user uses the same app the next day, but now the OS reports the user’s age as 13 to 16 years old. Can you figure out the user’s exact birthday and age? If that application is part of some kind of larger network of advertisers and whatnots, they will now forever know the user’s exact age without the OS reporting anything else.
These can also be used to make some software illegal, especially free and open source software. If you can replace Windows with Linux, Photoshop with Gimp, etc. it hurts the bottom line of those companies. Those companies can’t prevent you from using the open source alternative, but it would be in their interest if those pieces of software becomes illegal to use and distribute. If age checking functionality is added to some open source software, the age checking can simply be removed by the user. You only need to correctly form the age checking law and that entire software is now illegal, and must be removed from the internet.
While the intention of these laws might to be to protect children, they cause too much harm for little good. The age checking can be circumvented in some situations, meaning the children aren’t protected. And the entire thing is a huge privacy mess (data leaks, etc.) for every single computer user.
and to prove its not actually about safety and instead about control: parents are already responsible for what kids do online and could be charged using existing laws. but… where is the overreach in that?!
No. As soon as you’re sending in your official ID your entire online presence will be tracked to your ID by the government, Google, Meta and the likes. Privacy is totally gone by then…
The issue with “children” local accounts (assuming they ever remained 100% local anyway) is that for it to be effective, you would have to control who install the OS for it to be effective.
I have been managing my own OS install since I was a teen, so I could have just created an adult account for me. But, okay, you could say that you could just regularly check your child hasn’t reinstalled the machine.
Well, see, they could just install a Virtual Machine. There is plenty of Virtual Machine software out there, and then we’re back at whoever installs it being responsible for filling in that information. And Virtual Machines are very useful for a bunch of things: from running software not made for your hardware (see Android emulators, WSL), to being safer around dodgy software.
You could counter that by not letting them install things with your permissions… but there are portable versions of software that people make for a bunch of reasons which don’t recall an installation. And I am not talking about hypotheticals: back when I was in school people would carry portable versions of games in USB sticks to copy around school machines so they could play video games during IT class.
Never mind that it means that whenever they want to install something, they will poke you about it, and now you’re on the hook for reviewing that. Which you should already be doing because you care about what your child does and they don’t have the years of experience to not break their OS.
But if you are doing that, why not use proper parental control software that let’s you have much finer-grained control over what they can see or not online, along with other controls around how much time they can spend on the machine and a few nicer things?
Kids also get alcohol from their older siblings. It doesnt have to be 100% effective to still make a massive impact on children. Plus, kids these days could learn a thing or two about computers. Maybe byspassing restrictions will give them motivation to learn
What is a computer? My microwave has a computer in it. My car. My printer. My smartwatch. My TV. My treadmill. My security cameras. Many many things have little embedded systems running linux. Some are Internet connected, some aren’t. This feels terribly invasive for something that allegedly projects kids (doubtful). What if i don’t have any kids in my household? Would this have stopped Trump and his friends? How about the government focus on real problems instead of requiring cameras be installed on my toaster and a credit card to be able to watch TV.
the problem is that it’s not going to stop there. kids will obviously still get porn, and fascists will say “seeeeee!!??! we need even more personal data to protect the kids!!! OS age verification isn’t enough!!!”
steps in the wrong direction are exactly that, and exactly what this OS bullshit is. everyone having to pay the price for parents who can’t be assed to raise their own kids
remember the ridiculous percentage of 1/6 insurrectionists they rooted out, based on social media posts
To be fair, that was mostly because those people are absolute fucking morons who posted videos of themselves and their buddies involved in, or actually committing, crimes.
