462 comments

[ 3.4 ms ] story [ 341 ms ] thread
But https://github.com/yt-dlp/yt-dlp (fork of youtube-dl) can, so it shouldn't be a problem forever for youtube-dl either?
I don't see a mention of yt-dlp in the yt-dl issue tracker, so why is this? Does dlp autocorrect videos to the youtube-nocookie.com embed (as stated https://news.ycombinator.com/item?id=27354423) ?
Nope. There's two issues being talked about here. If you are in the EU then you have to provide cookies from an age-verified account. Otherwise, the age-gate bypass still works afaik. But the latter is broken in the current youtube-dl release (fixed in yt-dlp).

Also, yt-dl doesn't like yt-dlp to be mentioned on their issue tracker from what I hear.

yt-dlp actually does have the same issue (at least when connecting from the US):

./yt-dlp.sh "https://www.youtube.com/watch?v=rR8s72aouNE"

[youtube] rR8s72aouNE: Downloading webpage

[youtube] rR8s72aouNE: Refetching age-gated info webpage

ERROR: Sign in to confirm your age

This video may be inappropriate for some users.

Seems to be video-dependent, tried the one you posted, and it seems to fail, but another one "https://www.youtube.com/watch?v=oY4Gz_Axpew" worked with yt-dlp but not youtube-dl. Guess it's the beginning of the end of watching youtube for me soon.

EDIT: From an EU ip.

from USA ip :

youtube-dl https://www.youtube.com/watch?v=oY4Gz_Axpew [youtube] oY4Gz_Axpew: Downloading webpage [youtube] oY4Gz_Axpew: Refetching age-gated info webpage WARNING: unable to download video info webpage: HTTP Error 404: Not Found Traceback (most recent call last): File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main "__main__", fname, loader, pkg_name) File "/usr/lib/python2.7/runpy.py", line 72, in _run_code exec code in run_globals File "/usr/local/bin/youtube-dl/__main__.py", line 19, in <module> File "/usr/local/bin/youtube-dl/youtube_dl/__init__.py", line 475, in main File "/usr/local/bin/youtube-dl/youtube_dl/__init__.py", line 465, in _real_main File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 2069, in download File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 808, in extract_info File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 815, in wrapper File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 836, in __extract_info File "/usr/local/bin/youtube-dl/youtube_dl/extractor/common.py", line 534, in extract File "/usr/local/bin/youtube-dl/youtube_dl/extractor/youtube.py", line 1502, in _real_extract File "/usr/local/bin/youtube-dl/youtube_dl/compat.py", line 2644, in compat_parse_qs File "/usr/local/bin/youtube-dl/youtube_dl/compat.py", line 2614, in _parse_qsl AttributeError: 'bool' object has no attribute 'split'

very interesting

It can't download the video in the same sense that I can't expect to point YouTube-dl at a Netflix URL and have it download that. You need to login.
Login alone does not help for age restricted videos.

First step towards automatically stop using youtube. It their choice really.

Yes, I should have added and verified your age. But none of that is a youtube-dl matter, there is no magic video download link hidden in the page source.
Of course this is a youtube-dl matter. It could easily circumvent this by pretending to embed the video.
No I've also had age restricted embedded links throw an error with something like "this video cannot be played here" and linking to non embedded player link.
You believe an appreciable number of people will stop using Youtube over this?
people wont complain imo, but a few will be lazy enough to not send their ID or put their card info
If they have to give over their CC number (which some people are reporting) maybe a significant numner will stop watching age restricted videos.
My issue is there is no alternative. I dont want to stop watching or hurt particular creators (not that one person would make much difference, but I enjoy their content) and Youtube is the only option. Even supporting them on Patreon the videos they share are still hosted on youtube... what am I to do about that? For a few (LTT for example has Floatplane) there are alternatives, but there is no app for it to allow me to cast to the TV... so either way I am screwed. The world desperately needs a YouTube competitor. I would be quite happy with a service like Floatplane where I can pick which creators to support, so long as there is a sort of 'preview tier' to help discover new creators which is add based and maybe even time limited.
The economics of it are not good. An ad-supported YouTube competitor won't be able to survive if early adopter ("techie" types) are all using adblockers.
I don't know how many, but I certainly will.
I remember http://nsfwyoutube.com/ hasn't been working for sometime. Maybe it is related. Is there still a way to anonymously watch restricted videos on youtube? I don't want to login to google to watch videos.
It works for me for maybe 2 out of 3 videos, then about half of those that don't work will work with their backup method (which I guess is maybe a download to their servers and then served from there).
(comment deleted)
I had this issue recently. The workaround was to use the embedded video link, e.g.:

  youtube-dl https://www.youtube-nocookie.com/embed/VIDEO_ID_HERE
Edit: It seems to have been patched. I can't seem to use this method anymore.
IME it depends on the video. I've encountered videos where the embed workaround didn't work, although I was using the youtube domain not the youtube-nocookie domain.
It seems they've plugged the workaround. I tried it again and it no longer works.
I am not sure if it's the video itself or if we as 'anonymous' users keep getting in and out of regional a/b testing at youtube.

As an anonymous user I keep seeing different behaviours with both 'forcing' embeddded links and also normal mobile links with latest ublock origin. (On Android with FF + ublock)

Patched indeed. I used this trick for ages, but it doesn't work for some time now.
Title seems misleading, it can download it as long as you provide logged in account info. I think the correct title is:

youtube-dl can no longer be used to bypass youtube's age verification checks

> Title seems misleading, it can download it as long as you provide logged in account info

... assuming that you have provided YouTube with a scan of your ID card to prove that you are 18+ ...

"assuming that you have provided YouTube with a scan of your ID card"

I expect that at some point you'll have to prove your identity to use youtube at all, because its in Google's interest to know as much as possible about its users.

Youtube will also probably turn in to a pay-to-view service at some point. They already dominate the video space, and their network effects are enormous, and a huge number of people will pay to continue to get access to that.

Google needs trust to be pay-to-view. These anti-user practices will further erode their trust, not increase it.
It's definitely not in Google's interest to require an action as awkward and engagement-killing as ID verification. They work very hard to not take such drastic steps.

Such requirements are being driven by governments who don't care at all about user convenience, only extending their control over people whilst blaming the private sector for "making" them do it.

...only in some jurisdictions where it's required by law.
It's not required in my country and I get the checks. This has nothing to do with legislation.
When you say "get the checks" do you mean YouTube is asking for a copy of your ID or that it's giving you the regular age gate check?
I can't confirm without knowing what country you live in. I understand essentially the whole EU requires this, and the US is one example where the checks aren't required.
How would you confirm though? So far I'm seeing a lot of rumors but no one seems have produced any actual legislation that I can see anyway.
Do you get the check that you need any account, or the check that you specifically need an account with ID verification?
Please say which country you're referring to when you say "in my country" on the internet. It allows others to contextualize and verify otherwise useless information.
From the thread, this appears to only apply to EU egress IP addressess, and you can pass in the session cookie of an account which has completed age verification.
I live in Canada and definitely have the same issue.
>From the thread, this appears to only apply to EU egress IP addressess

I tried with several north american VPN nodes and it's blocked as well.

A few days ago, I clicked an age restricted video on Youtube and usually I just state that I am above 18 but now they ask for a credit card number or an identity card to prove it.

I am not going to send this just to watch some random video clip that users have declared not appropriate to a young audience because it features a zombie. Seriously!

I had that too. A 14 year old account, with Google Cloud and Google One billing, plus many Google Store purchases and they still wanted me to prove my age. WTF?
That totally makes sense from a software engineering point of view. The age check was probably implemented as a "verified_age" column somewhere, and they didn't bother backfilling it with your existing google account info.
Absolutely, but for one of the largest sites on the web, served by one of the richest companies on the planet, being the one company knowing the most about me (and billions more) compared to other companies, and Youtube being probably one of the most profitable sites on the web too, I do expect better.
It's still shitty programming that inconveniences the user.
It doesn't make sense for a trillion-dollar company known for some of the best software engineering. There are remarkable lapses in UX with Google products.
Google is the new IBM. There are certainly amazing things being done but 90% of the employees are just doing boring CRUD and have never done anything special.
Someday I hope to read an article or watch a talk explaining Googles approach to UX.

The best UX in a Google apps seems to be Gmail, and that’s honestly not that good either.

Google is able to build insanely complicated infrastructure, design cool languages, they produced fantastic backend software and the they completely forget that people need to interact with it.

Gmail at some point had a good UX. Nowadays I've switched back to a local mail client because their webmail is weirdly sluggish for no reason.
The best UX is in products they killed, like Inbox or Play Music.
Best engineering? Ever tried hiring some of those ex Google contractors?

There is plenty of good engineers in Google and plenty of terrible engineers.

So their vaunted gruesome job interview process is no more effective than any other company's boring old normal one.
That's very convenient for them, if so, but I very much doubt that's the reason.
Any Googlers reading this discussion? Was there a valid reason for these decisions or did everyone just miss it?
Same situation here.

This, the 2/3 ads being forced down me which are of no interest at all and the constant upselling of YouTube music and the recent shoot down of ad blockers on the desktop browser front really makes it a hostile place to be a consumer of media. I have experimentally uninstalled the YT app off my phone and not used the web site and I haven’t missed it a bit.

> the recent shoot down of ad blockers on the desktop browser

Mobile browsers have been affected as well. uBlock Origin on Firefox for Android has been letting the ads through recently. Fortunately, NewPipe exists, but it depends on youtube-dl so, while it remains free of ads, it's also affected by this change surrounding age-restricted content.

Hopefully people start moving somewhere else within the next few years, maybe PeerTube. Admittedly, YouTube's network effects are disgustingly strong. I wonder what it would take to break them.

> I wonder what it would take to break them.

Having Android apps could help with people who use an Android device to watch videos on their TV. And if Google does not authorize these kinds of apps on the playstore I think it is more than time to start on an abuse of dominant position suit.

On Android there's Newpipe that's really good. But now they're gonna face the same problems as youtube-dl with age-gated videos.

The only real solution is to move out of the walled garden alltogether. Peertube, anyone?

The App experience just got worse and worse.

I deleted the app and now use Brave for YouTube watching on iOS. Clears most ads, and allows background playback if you full screen the video first.

AFAIK the age restriction credit card thing (inside the EU) is the result of some stupid law change (the Audiovisual Media Services Directive). Google probably doesn't want to validate users' age (because selling ads to impressionable kids is very lucrative) but they have to now.
> Google probably doesn't want to validate users' age (because selling ads to impressionable kids is very lucrative) but they have to now.

I mean, I hate this age validation as much as everyone else, curbing advertising to impressionable kids doesn't sound too stupid to me...

This is parents’ job, not Google’s.

If you legally require Google to act like a parent, they have to do it to everyone.

It _sounds_ like you're speaking in absolutes though, lacking nuance. If you are, my reply to absolutes would be that we should stop enforcing alcohol sales to minors, as it's the parent's job to ensure kids their don't drink.

Personally i think age verification is good. This implementation is moronic, though. And all around it's very, very difficult. So difficult that it may never be useful.

> my reply to absolutes would be that we should stop enforcing alcohol sales to minors

We absolutely should. Thankfully it is already not enforced in a lot of places (such as in greece).

I hope I won't be considered presumptuous, but I suspect you don't have children? It is simply impossible to monitor absolutely everything.
And you should not do so.
(comment deleted)
I would say YMMV. If you have a child in a problematic scenario, your opinion might change.
Cool, so don't let them freely browse the internet if you're that worried.
Sounds good. Say I'm a non-technical parent that wants to give my child access to YouTube but not allow them to watch content that they're not old enough to consume on their own. How should I do this? I want to give them the freedom to explore topics they're interested in so downloading some pre-approved videos isn't going to work. And my kid is smart and will realize that any account-specific setting can trivially be bypassed by logging out.

What should I do? Not allowing my kids access to the internet at all is a non-answer in 2020. Hell it was a non-answer in 1995.

This is a tough question and I share it, with two elementary-age kids myself who love youtube. I don't have a good answer either. We put time limits on youtube and require that the kids use common-area computers to access it, but it would be nice if I could feel more confident about the content they're allowed to be exposed to.
Even if you locked them down to YT for kids, do you honestly trust Google to accurately decide what is acceptable for kids? Yeah, no. I don't. (Remember when they had porn in there?)

So how does this help, anyway?

Lately, they have been good. I don't blame you for mistrusting them because it took at least 4 scandals (I lost track), but they seem to have sorted it out.
Still much worse than just letting parents create an allow-list of channels or videos from any part of YT, including the non-"YouTube Kids" part :-/

It'd be nice to be able to turn them loose on a YouTube that was just educational videos I've curated, no weird toy unboxing shit, without having to, like, maintain my own file server and streaming service.

> without having to, like, maintain my own file server and streaming service.

Why not? Doesn't take that much to downlod the videos and let them watch locally - we are in a thread about youtube-dl after all.

Sit down next to your kid.

Or anything else that doesn't fuck with my ability not to be tracked by google.

It really is the mission of every parent to ruin everything for everyone else (including their own kids).
There is kind of no reasonable way to do it. Because the content is classified into two groups: for kids and not for kids which is too rough.

And a lot of what they want to watch is formally not for kids and you will be absolutely ok with them seeing it. Especially non English content.

Say I'm a regular member of society and want to watch the trailer for a new Battlefield game. How should I do this? YouTube asks me to give them pictures of my ID for that. This is the mechanism that will be used for this right now.

And it's all in the name of "protecting" children. This isn't some future hypothetical - it has already happened. I've been barred from a whole slew of content on YouTube because of this.

Right now it's only used by Google. It's likely that in the future most websites will use this, because it's government regulation.

I mean this already existed prior to YouTube, it's just that before you couldn't access the 18+ trailer at all outside of an R rated movie theater or late night TV because it had to be made for prime time and print where content restrictions were enforced.

I don't see this as any different than a theater asking to see your ID before letting your buy an R rated movie ticket. I sympathize that it's annoying hell but you probably also don't want Google deciding for themselves what your age is.

The standard we're comparing this to is the past 30 years of Internet Freedom where these invasive nags were nowhere to be found. Nobody was excited about the MPAA in 1995. But we were all excited about the Internet. Now "The Web" has become the MPAA et al. Lame.

The real answer is the behemoths are going to become irrelevant, being inescapably bound to government control and surveillance capitalism. The more hoops and restrictions they add, the more tech people will move to decentralized solutions that don't suffer such bullshit, and eventually the normies will follow. It's just a tragic end to the past few decades of revolutionary energy, pointlessly wasted on centralized dead ends. And in the short term, it's fucking frustrating when trying to get anything done.

There is a real different between showing your ID to a person in front of you compared to uploaded a digitized image of it to the internet. The threat vector completely changes once you do that.
Yes, it existed before and it was moronic even then. But recent EU regulation pushes it onto streaming sites too and that's a different beast altogether considering the enormous amount of tracking that goes on.
If only real 18+ content was the only thing that was affected – unfortunately random other stuff which might at most warrant something like PG (if even that) currently shows up as age-restricted, e.g. the original Tetris God video or the official upload of the Scatmans World music video.
I grew up with libraries and video stores for access to analogous materials and didn't have regular internet access until 1999. I really don't see why it's reasonable to expect the internet to supplant parenting duties that would have been reasonably expected in the pre-Youtube state of affairs.

If you want to control what your kids see, don't let them have internet access. This is simply reality. I know that from the time I got internet access, I began to see things that would horrify my parents on a semi-regular basis that they didn't know about. (I had an SA forums account.)

This isn't supplanting parenting duties, it's giving parents the tools to actually parent. Without this your options are basically no YouTube access at all or full YouTube access with zero granularity in-between. The default for logged-out people has to be restrictive or else it's trivial to bypass. The current rules for porn, alcohol, and mature games are a joke and have been since their inception. Everyone being born on Jan 1 1901 is a meme at this point. It's checking a regulatory box without actually doing anything and if YouTube tried it they would be raked over the coals.

Libraries do restrict the materials that can be checked out by minors and I doubt that counted as supplanting parenting. How else could you give your kid any level of independence without the cooperation of other people?

The restriction previously happened at a device level, moving it to google seems like an elaborate justification to move the default to restrictive and break external video viewers and apps like yt-dl.

You should control your kids device and make restrictions there, not place them by default on the entire internet.

(comment deleted)
You should sit down with your kid and watch it watch the content until it's grown so far that you won't be able to keep it from finding the dirt on the net. By then you've hopefully educated it enough so you can be sure that no harm will come to it after it watched the adult stuff.

Because one thing is sure: your kid WILL see it all because it's 2021.

I mean seriously...you're not closing off all lakes because some kids could drown in them. You teach them how to swim.

Your argument doesn't make sense. There are a huge number of sites that host adult content that are easily accessible by a simple Google search. What can you do?

> What should I do? Not allowing my kids access to the internet at all is a non-answer in 2020. Hell it was a non-answer in 1995.

A non-answer is not allowing everyone else to surf the web without giving their credit card or ID to every website that hosts adult content. It would have a huge impact on privacy of the users and the freedom of the whole internet in general.

A parent should educate their children, but I know that is simpler to set a bunch of restriction, give to the children a computer, and let him sit hours in front of YouTube while you do something else.

If you're concerned about this, stop letting your kids use a computer unsupervised. This seems like a no-brainer to me.
I suggest that you have a talk with somebody who grew up as a kid with unrestricted Internet access. It might turn out that it's not actually a big problem after all.
Well then parents should apply legislative pressure, which should arrive at Google as "fix this or we legislate", and bingo, Google need to do something. That is parents doing parenting. Parenting happens through societal structures.
When parenting your own kids isn't enough, but you feel you need to parent everyone else's as well.
When you want to team up with other parents to make all of your lives easier.
"all your lives"? Or just the lives of a few, at the cost of the many?

Not all parents agree that this is the right thing to do.

Do you know _any_ parents that want their kids to consume ads?
The sane strategy is to simply avoid using an iPad as a babysitter rather than try to make everyone else’s life worse legislatively.
Right, and it's not the tobacco industry's fault that people die of lung cancer, people should just know better than to smoke in the first place.

And if you didn't know, children will eventually start using computers by themselves, probably before they are 12 (probably in first grade or kindergarten, I wouldn't be surprised). A huge portion of internet users are children. That's a fact. The reality is that a huge portion of children are online, and advertisers are specifically targeting children on youtube.

I have two kids. I don't actually mind when they see advertising because it has given me a great opportunity to explain the tricks being used to sell product. I think they are generally wary of advertising now because of this.
Hope you are happy with this the current situation then. I know that I am not because I do not wish to share my id with Google.
It's not exactly an age restriction, it's just getting permission from a parent. Either the parent puts in their ID information or they don't. Age restriction would be like movie theaters banning minors from certain movies.
Who cares about the age restriction? The issue here is obviously having to put in government ID to use the internet.
The same argument you are using is the justification for this. “It’s should be the parents decision to allow children to watch this content, not Google”
Parents' authority over their children does not extend to forcing random strangers to enter government ID to use the internet.
Well, the devil is in the details. In practice, making sure that kids can't see certain content or making sure that they never get advertised to often involves age validation.

There's some stuff we can do with content that is targeted at kids, I don't think those laws are inherently bad. Although... last time we tried to expand laws around advertising in content directed toward kids, that resulted in a huge number of game streamers and animators getting demonetized, to the point where Youtubers were doing wild things like swearing more in their videos so they could prove that they weren't targeted at kids. We seem to have a lot of difficulty articulating legally what the difference is between "kid appropriate" and "kid targeted" is, particularly when it comes to stuff like video games or "wholesome" (for lack of a better word) content.

To me, it's very much a "who's going to bell the cat" policy. I don't want kids to be subjected to so much advertising, it's a great policy. In theory. But I have not so far seen any practical implementations of age restrictions online that haven't either been completely worthless or really problematic for both privacy and free expression.

I would much rather allow kids to watch trailers of Battlefield than to have to give Google pictures of my ID/passport. But that ship has sailed now. This is the new reality and it'll probably be applied to more websites in the future.
Your kids?

Also, there’s much more content on YouTube that most parents would absolutely not want their kids seeing than a battlefield trailer.

If I had kids? Yes.

My exploration online was effectively unrestricted while I was growing up. The internet had far more objectionable content back then that was easily accessible. I don't feel that it had any real negative effect on me. Why would I worry myself sick over my kids seeing it?

Also, even if there is more objectionable content than a Battlefield trailer, the Battlefield trailer is restricted by the same rules. And if everyone else in your kids' friend group is talking about Battlefield then you'd be excluding your kid from it by limiting access to that. And if you don't limit access to it, then you get all the other 'objectionable' content too.

It makes total moral sense, but Google has proven that morality is not their top priority when money is at stake. That's why governments fine companies that do undesirable things; it forces shareholders to care about ethics.

And perhaps it shouldn't; America's prudeness around sex but glorification of violence has had an effect around the world through Hollywood for years. Adding that morality to the flow of information might not be what we want.

Apparently you'll need to scan an ID if you don't have a credit card, and I bet the EU has millions of young adults without a credit card. Either way, the end result is that you cannot use a video service without exposing your real identity to the service provider. And for what? Is there an epidemic of video clips wrecking children's minds I'm not aware of? Lacking that, this doesn't seem even remotely justified.

All this is either EU lifers keeping themselves busy to justify their existence to themselves, MEPs wanting something to grandstand on, or something equally vapid. A much better approach would have been to keep the age prompt and leave the rest up to the parents, ie, to do nothing.

> And for what? Is there an epidemic of video clips wrecking children's minds I'm not aware of?

I mean... maybe. I have young children and have no desire to have them anywhere near YouTube for essentially as long as possible _because_ of that very concern.

You can already restrict YouTube on any sort of computing device you might give kids. Parental controls are built in to Android and iOS. There's no need for every website to duplicate that. However, there's a great "need" for the EU to constantly generate massive floods of legislation because they have ~30,000 civil servants they "need" to keep employed, many of whom earn more than the British Prime Minister.

And unfortunately the EU loves coming up with reasons to fine tech firms because they managed to ensure there are none in Europe itself, so it looks a lot like free money, to an organization that's desperate for it (huge budget hole now UK has left + fines go straight into the EU spending pot).

> many of whom earn more than the British Prime Minister.

Is that the basic pay (£79,936; €92,584) or the basic+entitled pay (£155,376; €179,968)? (via https://assets.publishing.service.gov.uk/government/uploads/...)

https://eufactcheck.eu/factcheck/uncheckable-4000-eu-officia... suggests that only 3-4000 (10-13%, not exactly "many"?) are PG13 or above which would be €196,305 (£169,481) - above UKPM.

How is 4000 civil servants / 10% of the entire workforce earning more than the PM not many of them? What threshold of the workforce would need such compensation to be considered many, in your view?
> How is 4000 civil servants / 10% of the entire workforce [...] not many of them?

As a raw number, sure, 4000 is "many" but 10% is not really "many of whom" (which is what GP said) - for me, obviously; other people's interpretation may vary.

(e.g. If I said "there's some cats outside; many of them are blue" but only 10% are blue, I would expect people to query the "many".)

That's an interesting take on language. If you said many cats were blue, given that cats are never blue I'd certainly feel you were justified in saying many were if 10% of them were.

I tend to interpret many as a relative term, meaning "a high number relative to what you're probably expecting". The dictionary is no help here as it just defines many as "a lot", but that in turn is also a relative term.

I think if you want to argue with this point, a better tack would be to argue that the British PM is underpaid and EU staff are what "normal" compensation should look like. Quibbling over whether 10% of them being paid more qualifies as a lot isn't that worthwhile.

> argue that the British PM is underpaid

Being in the situation of currently enjoying* the UK PM's leadership, I'd be more inclined to argue the other way.

(Although, in a more serious tone, I would argue that long-term high level civil servants probably do deserve a higher wage than transients like PM, President, Cabinet Minister, etc.)

Well it should be your responsibility to control what your children see online, on the web there are things fare worse than the one you can see on YouTube.

I don't see why YouTube should ask your ID where most sites that host adult content doesn't.

The 100% adult content sites get blocked by school proxies or sometimes even ISPs. Because youtube is mixed content it has to implement access control on the site.
Are you specifically worried about the 18+ videos that youtube allows? I feel like even a perfect age check wouldn't do much to make youtube safer for young children.
> All this is either EU lifers keeping themselves busy to justify their existence to themselves, MEPs wanting something to grandstand on, or something equally vapid.

Or.. companies being obtuse with their implementation of the law, as they often are with the cookie/GDPR laws.

I'm so tired of tech people saying "it has to suck because the law requires it", when they clearly haven't read it. You hear it all the time when discussing tracking banners or ID verification. NO, the law does NOT require your implementation to suck, and most laws give you plenty of leeway in how you implement it. This is really not personal, but I HATE the argument.

Take this as an example. The AVMSD isn't new, it was codified in 2010. It has a website[1], and on that website you can read the rules (they even simplified them for us). The rules about minors are pretty relaxed[2]. For non-linear content (such as on-demand video) the law requires that content which "might seriously impair the physical, mental or moral development of minors" wont "normally" be seen/heard by kids. Nowhere does it say that YouTube has to require a National ID to show a video of a zombie. It's all interpretation, because that's how we do laws.

It's true that YouTube said that it's "in line with AVMSD"[3], but it's a lazy excuse to shove in a feature.

[1]: https://ec.europa.eu/archives/information_society/avpolicy/r... [2]: https://ec.europa.eu/archives/information_society/avpolicy/r... [3]: https://blog.youtube/news-and-events/using-technology-more-c...

It's possibly not how they wanted to interpret it (though I see how it helps their ad/tracking business). But it is probably how they have to interpret it because they might get sued if they didn't. At the very least it's an expensive court case to dismiss. All whilst eyeball-thirsty news agencies print articles such as "Google Refuses to Support EU Child-Protection Legislation", and Twitter-personas post tweets like "Uh Google - what about the kids?"
> NO, the law does NOT require your implementation to suck,

When the law is "you have to verify a meatspace user's age before showing them content that could arbitrarily be considered 'adult' by some group of lawmakers who most likely have different and more puritan values than you," yes, it does require your implementation to suck, because that law sucks by definition.

I'm glad YouTube implemented it this way, so that the pain of shitty laws can be felt instead of being allowed to proceed. Maybe people will actually try to push back against overzealous Internet regulation at some point.

> I'm so tired of tech people saying "it has to suck because the law requires it", when they clearly haven't read it. [..] The AVMSD isn't new, it was codified in 2010. It has a website[1]

You know, if you were going to rant about people not reading things, you probably should have first validated your own assumptions. AVMSD was just updated ( https://digital-strategy.ec.europa.eu/en/policies/revision-a... ) which just recently went into effect. The updated law requires online video platforms to age gate content for children. How, exactly, do you propose they do that with an implementation that doesn't suck?

> if you were going to rant about people not reading things, you probably should have first validated your own assumptions

I did, but I didn't stumble on this revision. Now that you linked it, I see hints everywhere that I should have noticed the first time around. Thanks for bringing it up. Although, I'm rather unhappy if my rant was taken to be about reading comprehension though. It really wasn't. I'm annoyed at people blaming laws for poor implementation.

To tackle the revision though, lets looks at the revised text. It's kind of hard to get a hold of, since the EU document database is apparently down, but i managed to find a copy[1]. The relevant text seems to be:

    establishing and operating age verification systems for users of video-sharing platforms with respect to content which may impair the physical, mental or moral development of minors;
Even here, it only calls for age verification. Again, there's no requirement for checking credit cards or passports. If we look at one of the drafts of the now enacted law[2], we see that they seem way more concerned with the differentiated moderation between platforms than the adequacy of the age verification process. We have to keep in mind that watershed (only showing adult content after a certain time) is considered an appropriate way of deterring minors from watching. The EU commission clearly don't think we should disallow children at any cost.

I don't think it's on my to find a better implementation for YouTube, but with all the smart engineers they have access to, I would think they could come up with something less intrusive.

[1]: https://www.europarl.europa.eu/doceo/document/TC1-COD-2016-0...

[2]: https://www.eu.dk/samling/20161/kommissionsforslag/kom(2016)... Page 20 around the middle of the page.

> I don't think it's on my to find a better implementation for YouTube, but with all the smart engineers they have access to, I would think they could come up with something less intrusive.

So you don't even have any idea what a better implementation might look like, not even a completely technically infeasible one? And the thousands of smart YouTube engineers, whose jobs revolve around making access to content frictionless to the point of being accused of making it addictive, just haven't thought "we should make this not suck?"

> I don't think it's on my to find a better implementation for YouTube, but with all the smart engineers they have access to, I would think they could come up with something less intrusive.

The sentiment behind this sentence is the driving motivation for almost every single bad tech law on the Internet. Programmers aren't magic, there are limits to what they can and can't do.

Almost every bad tech law starts out with someone saying, "I don't know how this is going to work, but you're required to make it work, and if it falls apart it's your fault." You see this show up in the encryption debates, in the copyright directives, in debates about moderating content and identifying abuse, in the debates about age restrictions. It's universal, it comes from this belief that if you just require things, they'll magically happen because people can "nerd harder".

It is, of course, usually very good for tech laws to legislate outcomes rather than methodology. However, that doesn't get rid of the obligation to determine whether the outcomes being legislated are actually possible.

> it comes from this belief that if you just require things, they'll magically happen

We should be somewhat sympathetic that non-experts may not know the difference between a possible and an impossible technical goal, and we have to accept that for a politician there isn't much electoral advantage to be gained from trying to explain the difference to their voters.

However, each time I hear an impossible goal proposed, I can't help imagining the politician saying "We managed to land people on the Moon and return them safely, so surely we can do the same with the Sun now."

They should just do it at night, duh.

(as it happens, that's the premise of a Soviet political joke from the Apollo era)

> Even here, it only calls for age verification. Again, there's no requirement for checking credit cards or passports.

Age verification offline has always been done by checking IDs. Why would you expect anything different by shifting to online? The law demands age verification, and youtube delivered the de facto standard for age verification in the form of ID checking. That seems to be extremely cause & effect of the most straightforward variety. There's no reasonable expectation for anything different to have occurred unless those creating the law also outlined how to do this in a more privacy-sensitive manner. But they almost certainly didn't, so obviously tech companies would go with what's well established practice instead of trying to skate on legally thin ice to create new precedents for age verification.

I doubt it. I've worked in a couple different social media companies and default age system is ml guessing unless you do something extreme like this. That gives you reasonable accuracy, but still very noticeable error that's a lot worse than id requirements. It's fairly hard to have confident age especially when a very high percent of people lie about there age if you just ask directly. I remember hearing a number like half of people underage just lie at work although unsure how serious that stat was. There were engineers that did spend projects on better age modeling as other ways just seemed unviable. If you make a legal requirement well enjoy id requirements.

The main path I can see around this is if the government/some company became accepted standard place for basic profile information. But that's just another id except a digital one. You can probably make a digital id system with good way of specifying which fields you grant to another company. The actual digital id when created will still need a physical id/government check though.

How do you even define content that "might" seriously impair the physical, mental, or moral development of minors. This is so subjective I don't see how you could get away with marking anything that wouldn't in the US be rated PG.

At that point in order to ensure that such content isn't shown to minors you have to require a credit card or an ID because any reasonably kid would figure out how to set his or her age to a reasonable age of majority to avoid being pigeonholed into kid stuff.

Can you give me an example of an alternative strategy that would be legal and more reasonable?

> NO, the law does NOT require your implementation to suck,

This is kind of an excuse though, because I have never seen an implementation of an age gate online that isn't kind of awful. You either make something that is trivial for kids to bypass, or you make something that is invasive, like Youtube's system.

So we get these laws that say, "solve the problem", and there isn't a way to solve the problem. But criticism of the law or criticism of the law's outcomes aren't allowed because the law doesn't technically require that your solution to be terrible. It just asks you to do something that's impossible to do well without violating someone's privacy.

In the US (at least for a while) this was solved by pretending that self-reported ages are an effective way to protect kids. And we pretended that would at least reduce exposure to this kind of content, even though in practice it has basically no impact at all. But if the law doesn't care about effectiveness, then why have the law in the first place? So we raise the standards a bit so that the law has some teeth. But again, nobody has ever in any context demonstrated a working age gate to me online that doesn't involve violating someone's privacy or collecting identifying information about them like a credit card or ID.

So it doesn't actually matter whether or not the law says the solution has to be terrible. The only outcomes that are possible from these laws are either ineffective solutions or invasive solutions. If there is only one method to accomplish an outcome, then requiring the outcome is effectively the same as requiring the method.

> So we get these laws that say, "solve the problem", and there isn't a way to solve the problem.

To give another obvious example of this pattern, there's "Make a crypto system which only lets the good guys in, not the bad guys".

In both cases, there's a "think of the children" imperative attached, but at least with laws about age restrictions there's more of a chance that the politicians' true goal isn't mass surveillance.

I'm not saying that the law requires that YouTube does this, all I'm saying is that this policy is the result of the AVMSD. Without the extensions to the AVMSD, Google would not have implemented this behaviour. You can argue that they've implemented an intentionally awful way to comply just to spite the politicians, or that they're overthinking the law, but there's still a direct relation between the update of the directive and the change in YouTube's policies.
Selling ads for non-kids stuff to impressionable kids is the opposite of lucrative. Advertisers generally don't want to waste their money on advertising to people who aren't buying.
I had this happen with the old "Ah fuck, I can't believe you've done this" video.

I'm not sure why exactly that has an age restriction, or why I'd give Google some ID to watch a vintage Youtube meme. I presume it's because their ML detected 'fuck' in the audio.

Note to Google: Ah fuck, I can't believe you've done this.

(comment deleted)
This encapsulates my feelings perfectly. My Gmail account is 17 years old, but I get a notification on my phone every hour or so, that I must verify my age with Google. Nevermind that I've bought plenty of things from them over the years and that all I want to do is watch a YouTube video they happily showed me many times before.

Now I'm shopping for some storage to keep seventeen years of emails etc. so I can do a quick Takeout so that I don't lose access to all my data when I inevitably get unfriended and blocked by them for not being sufficiently compliant.

Hearing the funny man say fuck now requires ID, wonderful.
You work so hard explaining to your friends good infosec practice like not just typing their credit card in because some site wants to "verify their age" and then Google and Apple just go and fuck around with stuff like this.

At this point the best advice you can give your friends is "stay the fuck away from computers unless you're willing to sit down and read a bunch of FOSSS manuals."

On one hand, people have given up their credit card for worse pre-Internet or outside of the Internet (like "free" or nearly free trials that turn into a subscription service).

On another, Google already has a lot of peoples' credit card numbers by way of Google Pay. Does this expose those people to any more risk?

Aren't there some credit cards that can create virtual numbers?

Just give them a virtual number and then disable it right after registering. Then have your free trial, and only if you decide to actually subscribe, change it to a credit card number that is active.

Businesses should not be unscrupulously trying to make money off people who forgot about the product during their free trial.

I use Privacy.com to make virtual cards for this purpose.
Does privacy.com still require a debit card? That was what put me off the last time I investigated their service.
It did the last time I looked into it.

I went to set up a privacy.com virtual card for a semi-sketchy site, only to have privacy deny the charge as it was for a "high risk" site.

Yeah, I KNOW, that's why I wanted to use a virtual card. That ended my brief foray into privacy.com

Yes, their business model is charging merchants at credit card rates (~3%), and billing you at debit card rates (~0.1%).
only work for US, alas
And for those who haven't given their credit card number, as a protection against abuse or "accidental" purchases (in-app, in-game, premium content, etc.), this looks like a suspiciously-convenient-to-Google mechanism for acquiring CC data.

We were previously told that it was advisable to use YouTube under an alias, and that other personal information such as phone numbers would be used only for account verification.

Those policies were rescinded or proved to be lies.

Google have no credibility here.

> this looks like a suspiciously-convenient-to-Google mechanism for acquiring CC data.

Actually wouldn't be surprised if the newly acquired CC number appeared right away as a new means of payment in Google Play.

The problem isn't that Google is going to do something bad with your credit card, it's that because it's Google, they are training people to be okay with it everywhere else. Like when my bank sends me an email with a link to an external domain because I have a "secure" message.
Actually Google is going to do something very bad with your credit card - link your online nym to your meatspace identity so they can better surveil you. That's much worse than having to deal with a few fraudulent charges, which at most requires mailing in an affidavit.
I don't know why this is down voted. Maybe because at this point creating a Google account now requires such a link?
It might not be that dangerous right now, but it sets a bad precedent. It gets users accustomed to that, and gives bad actors a cover for their activities: Look, Google does it!
It's really bad but seems to be some EU law, this isn't something Google ever wanted.

An alternative would be entering your passport or something which would be even crazier

In 2010, Google required your ID card if you enter a false birth date, and you are locked out of your account in the meantime. Happened to a colleague of mine because we were using Google Apps for Business. Because he didn’t want to give his real info to Google at work, he couldn’t work for 2 days and had to give Google his ID.
> In 2010, Google required your ID card if you enter a false birth date

How do they know it's false? And if they know it's false why do they ask for it, they already have the right one.

> if they know it's false why do they ask for it, they already have the right one

Great question. It seems like it's being used as authentication, rather than authorization, in that it's meant to prove that you are who you say you are.

It's not required by the EU. If not all the sites that have content not appropriate for children, such as porn sites, or Reddit, would need to implement this. And of course you wouldn't give your ID or credit card to a porn site.

Google is the only company that started to implement this. To me it's not required by law but they decided to do so to get more user data. Also because having a credit card doesn't confirm nothing about your age. I use a credit card to buy things online since I'm 13, you can have a credit card even if you are not 18, simply your parents need to sign for it, but then it can have your name on it.

Interesting, when does Apple ask for a cc for age verification? I don't think I've come across that UI.

Edit: Looks like it might be an EU thing?

I set my age to about 3 months old in Skype and got locked out. They need my CC to verify my age because of COPA (child online protection act in the US) or something.
But other websites don't do this, so I don't think it's a COPPA thing.
That would be COPPA.

> In 2019, the Government of the State of New York sued YouTube for violating COPPA by illegally retaining information related to children under 13 years of age. YouTube responded by dividing its content strictly into "for kids" and "not for kids". This has met with extremely harsh criticism from the YouTube community, especially from gamers, with many alleging that the FTC of the United States intends to fine content creators $42,530 for "each mislabeled video", possibly putting all users at risk.[58][59][60] However, some have expressed skepticism over this, feeling that the fines may actually be in reference to civil penalties, possibly intended for the site's operators and/or warranted by more serious of COPPA violations or specific cases of "mislabeling videos."[61][62][63] As of July 2020, nobody has got the $42k fine.[64]

https://en.m.wikipedia.org/wiki/Children's_Online_Privacy_Pr...

I had this happen on a gaming forum, they upgraded to new forum software and pushed users through a 'update your account' flow. I accidentally set my year to the wrong number and ended up locked out of what had been a long-term username.

It was bad, actually, because they had developed a system where your username on the system was tied to your in-game nickname as well so I ended up locked out of both and had to create a new username/nick.

The admin of the website literally said "there's nothing I can do". I'm sure this isn't to do with the law specifically but just some limitation of their tools.

> The admin of the website literally said "there's nothing I can do". I'm sure this isn't to do with the law specifically but just some limitation of their tools.

At the gaming forum I helped to run around 10 years ago we consulted a lawyer and this [asking for birthdate but not allowing birthdate changes] was the only way to keep out of serious trouble and to not need ID verification.

Hah, that probably explains all the age-disclaimers on dating sites. I had assumed it was just "login with Facebook" people not being allowed to change their birthdate by Facebook, but as it turns out that may have been unjust (though FB itself might also prevent bday changes for the same reason).
It is definitely that at least with Tinder.
Skype is not Apple though
Anything on an iphone is Apple. They dictate content, UI design, architecture and moderation policy for all the apps on the device.
No, Apple doesn't dictate credit card verification requirements. Actually they are quite opposed.
>No, Apple doesn't dictate credit card verification requirements.

that's the point parent was making; Apple made a decision about such things when allowing an app within their ecosystem that makes such choices (Skype, in this case).

Allowing something to happen isn’t dictating IMO.
It is when you're very strict about what you allow to happen. (which is the case with iOS apps.)
Apparently they have specifically allowed it in this case. Otherwise there would be no iOS Skype app.
tv.apple.com did for me when trying to play a video
What videos are free to watch on there?
I don't know, I have a free year of it. It plays in the app without asking, but not on the website.
Did you sign in on the website?
No, I already had an account but it doesn't have a credit card on file.
Must be.

On major mobile networks in the UK, SIM cards/data plans by default have an adult content internet filter enabled. Blocks stuff like pornography (obviously) and even some other various adult age-focused content like gaming websites. (I've seen the EA Battlefield/Call Of Duty websites blocked before)

Usually if you try to access, say, pornhub.com, it'll redirect (ala. WiFi captive portal style) to an internal network page and you have to enter a credit card to disable it on your account. A debit/bank card won't work. I'm over 18 now but at the time I came across this (also over 18) I didn't have a credit card but I ended up bypassing this with a Curve (Fintech 1->many card thing) card which seems to identify as a credit card on the network's system.

Alternatively, if you don't mind never seeing the assistant again (jk.), you can go into one of the network's shops and ask the assistant to turn it off by providing some ID like a passport/driving licence.

This only reinforces my image of the UK as a long since resigned totalitarian police state — that, along with the huge 1984-esque CCTV posters with giant eyes hanging watchfully over a dreary autumn midday in London.
It's hilarious. If this technology existed 50 years ago you can be sure they'd be filtering out any homosexual content. "We must protect the children from filth" after all. Good old nanny state.
The posters I referenced were from 2002 [0]... I can only imagine how much worse it's gotten since then.

> Attention Londoners: Big Bobby is watching. That's the message of posters plastered along London's bus routes earlier this week to assuage riders' crime fears.

> But the posters are having the opposite effect on privacy advocates, who say the artwork is creepily reminiscent of the all-seeing authority described in George Orwell's 1984.

> The posters show a red double-decker bus crossing a bridge as four floating eyes stare down from the sky. The eyes' pupils are the symbol of Transport For London, the city's mass-transit provider.

> "Secure beneath the watchful eyes," the poster says. "CCTV and Metropolitan Police on buses are just two ways we're making your journey more secure."

[0]: https://www.wired.com/2002/11/londons-privacy-falling-down/

The whole "asbo" thing that they had for a long time was also in a similar vein. And the ability of even fairly low ranking police commissioners to declare some area as having "high chance of violence" temporarily, which allows them to stop and search people without warrants or anything like that - basically like stop & frisk in NYC, but without the pushback.

On the upside, following UK police twitter accounts can be sorta hilarious in a sad way, because they regularly post stuff like this: https://twitter.com/MPSRegentsPark/status/974645778558980096...

All that said, it's not really totalitarian. A police state for sure, and an authoritarian uber nanny state, but totalitarianism is a whole different ballgame.

I see much of the hardline Islamic substrate in the UK as deeply totalitarian. See this BBC Panorama documentary on Sharia courts functioning as a separate legal system for an example of what I’m talking about: https://youtu.be/4gZCFdHkd4A.

If the all-powerful, authoritarian UK police and the (currently underground) Sharia courts ever collide or end up working together, that’s going to be one hell of a totalitarian trip. Not good at all.

Though France has similar religious demographics, I think France might at least stand a better chance of holding back the influence of Islam, given the country’s strong and storied secular tradition.

In all Western countries that I know of - including UK - those courts are effectively arbitration courts, so they're very limited wrt the kinds of rulings they can make, and even then both parties have to agree to abide. So they're not really a separate legal system.
Unfortunately, many of them hand down rulings which conflict with UK and other local laws. At the very least they are conflicting systems — to what degree is a point of contention among legal scholars in the UK, as outlined in the linked BBC documentary.
There's no real conflict there, because the proper courts always have priority, same as in any other arbitration arrangement when the parties don't agree to participate.
On the more humorous side they could have implemented an age check similar to the one from Leisure Suit Larry.

Although the questions were a lot harder back in 1991 when the Internet was not at your disposal.

http://www.classicgaming.cc/pc/leisure-suit-larry/age-quiz

Tbh I think this sort of thinng would be harder today, if you took away the internet "for a night", because pop culture is now much more fragmented than it was back then.
I had to solve these questions back in 95-96 (when I was 15) after buying these games used from a pawn shop. I used various sources from multiple BBS's and teachers at my high school.
Related anecdote: A few years ago, my father bought a android tablet to my grand parents (both 85+). After watching them use it for a few minutes, I realized how user hostile the technical world has become: tons of ads popping up and asking for your attention (“click me”, “download x”, “make your device run faster”, etc).

This and apps “redesigned” every few month, breaking the workflow they've struggled to learn (they usually needed to follow the hand-written note, they had taken when I showed them how to do).

They've used it a bit more than a year, with occasional breakage, and they now have stopped completely.

Root it, install a dns level adblocker (either for their network or just the tablet), install appropriate apps for them (preferring FOSS when possible via fdroid) and relock the tablet before giving it to them. Oh, and run a backup of the whole device first.
I can't believe it has to come to this to get a usable device for a growing segment of the population. Old people practically need their own IT department fighting for their best interests with how predatory tech companies have been towards them. They are SOL if their kid isn't a techie.
You should try using android trackphones. The instant it connects to a network it will download gigabytes of crap and launch it in the background. It doesn't matter what you're trying to do, whatever it is will get killed because all the malware needs more memory. Apps you want to install will be added to the end of the long queue. The (expensive!) cellular data will be instantly burned through by Facebook and friends.

It's incredible. Personal computing is well and truly dead for the "consumer."

The things that you complain about are the reasons why Apple has become the most valuable company in the world.
Apple has become the most valuable company in the world because they own everyone's computers so anyone that wants to publish commercial software has to bend over for them.

They're not valuable because of any service they provide.

By "computers" I assume you mean "phones and tablets", because Apple is still a small minority of the world's desktops and laptops.

Even then, ask yourself: Why do so many people pay $800 for an iPhone instead of $200 for some Android?

They didn't become #1 by selling $99 developer accounts.

> Even then, ask yourself: Why do so many people pay $800 for an iPhone instead of $200 for some Android?

Because Apple has managed to make their mass produced commodity products be a status symbol.

(comment deleted)
Why do so many people pay $800 for an Android instead of $200 for some iPhone?

I don't understand the comparison you're making, because both kinds of phone are available in a wide price range.

I think you misrepresent the human App Store reviewers as not being a service they provide to their users.
Or buy an ipad.
iOS ecosystem also has a problem with gratuitous UX changes. E.g. that physical Home button on early models was a godsend for non-tech users - if they found themselves somewhere unfamiliar, it was always there as an escape hatch, without doing anything non-obvious like swiping from the edge. And then Apple killed it.
Another frustrating thing on the notch devices is that they put the control center on top instead of the bottom. Years of muscle memory down the drain.
In fact I did exactly this to solve the ad issue, but they ended up stopping anyway because they couldn't cope with the constant UI change of their apps (Skype & TV replay apps). And there's nothing I could do about it.
(comment deleted)
> This and apps “redesigned” every few month

This is why my 90++ old completely non-technical mother has been using Linux since the 90s. I set up a very customized fvwm environment with mutt (also customized) and emacs (same) and helped her learn it. The beauty is that nothing has changed at all in over 25 years!

It's why Apple is the best at what they do. Their apps are consistent for years.
Blame Government not Google and Apple.

I hate both, but this is purely a function of terrible regulations

(comment deleted)
My favourite is how many sites want you to click on a link in a "verification email" to log in, especially if you take basic precautions like blocking scripts and trackers and deleting cookies periodically. All that work training people not to click links in unexpected emails, and these companies get a bright idea to require that to log in.
> now they ask for a credit card number or an identity card to prove it

Related, I can’t install my telco’s app because it’s region-locked to Australia and Google Play Store seems to think I’m in the USA—never mind that my account was created in Australia over fifteen years ago and it’s only been to America twice for a total of less than three months, and that my phone was bought in Australia and set up in Australia, as was my first phone. Seems like a case of an absurd and harmful default. Anyway, the only way to convince them I’m in Australia is to add a billing method. Nope. I’m not giving them billing details. (Now if only the telco would unlock it, as their support staff said they were working on, never mind that the whole process takes less than five minutes and I gave them the help page over a month ago. Or better still, if the telco would just provide a web interface like literally everyone else does, rather than just Apple and Google Android apps. Sigh. If only they weren’t the cheapest for my needs by a large margin.)

Also related to the whole age thing, I just started the Google Settings app half an hour ago for other reasons and it triggered a notification asking me to enter my birthday “to help us comply with the law”, expressed even more strongly on the page the notification takes you to as “Your date of birth is missing. This info is needed to comply with the law.”, with a “learn more about why Google asks for this info” link to https://support.google.com/accounts/answer/1733224?hl=en-GB, where the only sort of thing that they could conceivably be referring to as a legal compliance matter would be the minimum age of 13, and… I’ve been using that account for longer than that anyway.

Have you tried googling the app identifier (grab it from the google play url) to find an APK download?
Create a new account from an Australian IP, sign it in to your Android phone as a secondary account, and then switch to the new account in Play to install the app. (Once installed, use of the app is not tied to the secondary account in any way.)
Had a video come up as age restricted forcing me to sign into watch. It was a cooking video, they added some form of alcohol to the dish at one point..

I mean, I get it, but it still feels ridiculous.

Do debit cards work? If so, maybe get a prepaid debit card, buy stuff with it until it has a very low balance, and from then on use it for age verification.
This is clearly Google pushing $12/month youtube red.
redtube you say? redtube.com is a porn site.

Its a poor product naming with google. I'd imagine that's going to make for some consternation.

I think the name is now "YouTube Premium"
A credit card seems like a reasonable way to verify age. Can you think of a better way? Or do you think no content should be age restricted?
And if I have no credit card?

(I have no credit card. I approach 6 decades in age.)

Don't debit cards work as well?

If you have no debit or credit card, why would any for-profit enterprise want to interact with you in the first place?

Debit cards work if they're Visa or MasterCard, probably. Many countries have national card schemes for debit cards that do not work.
I doubt it has anything to do with verifying age though. More likely they know people are hesitant to sign up and pay for youtube, but if they can get your credit card in other ways, then later it easier to get you to pay for something because then you just have to press "ok" since your details are already entered.

Plus this gives them your identity, which is relevant because their business model nowadays is based around tracking people.

eIDAS + smart card reader. :)

But I guess, google still wants to make the check passable.

That’s interesting because I had a credit card at 16 (it was on my parent’s account).
I had a debit at 12 (Visa Electron), my own account but approved at the bank by mom.
toto444 perhaps you have the link to the video your interested in?
i get, from USA :

from YT: An error occurred. Please try again later. (Playback ID: 5sTGvTkd9YkomV3x) Learn More

from YT-DL:

$ youtube-dl https://youtu.be/ZIrmxOBnKcs [youtube] ZIrmxOBnKcs: Downloading webpage [youtube] ZIrmxOBnKcs: Refetching age-gated info webpage WARNING: unable to download video info webpage: HTTP Error 404: Not Found Traceback (most recent call last): File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main "__main__", fname, loader, pkg_name) File "/usr/lib/python2.7/runpy.py", line 72, in _run_code exec code in run_globals File "/usr/local/bin/youtube-dl/__main__.py", line 19, in <module> File "/usr/local/bin/youtube-dl/youtube_dl/__init__.py", line 475, in main File "/usr/local/bin/youtube-dl/youtube_dl/__init__.py", line 465, in _real_main File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 2069, in download File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 808, in extract_info File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 815, in wrapper File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 836, in __extract_info File "/usr/local/bin/youtube-dl/youtube_dl/extractor/common.py", line 534, in extract File "/usr/local/bin/youtube-dl/youtube_dl/extractor/youtube.py", line 1502, in _real_extract File "/usr/local/bin/youtube-dl/youtube_dl/compat.py", line 2644, in compat_parse_qs File "/usr/local/bin/youtube-dl/youtube_dl/compat.py", line 2614, in _parse_qsl AttributeError: 'bool' object has no attribute 'split'

the 404 looks like a take down? or a hug of death?

In that case YT is asking me my details so that I can see that the video has been removed..
A friend of mine had trouble with his young kid - he used a youtube video to walk himself through getting a credit card with grandma's birthday money. (I assume the prepaid cards you can get in the grocery store)

They found out when they found a nintendo portable full of games in his closet.

He was about 12.

How did everything end up shaking out? Were the parents on the hook for the credit card bill, or was the credit card company on the hook for issuing a card to Santos L. Helpar?
I think it was a prepaid card.
So then what's the issue here? Honest question. He got birthday money and spent it on things. That's how it's supposed to work. If he then finds that he cannot purchase something else that he wanted because he blew his budget on video games, that's a valuable lesson that everyone needs to learn at some point.
The point is that a credit card is not a proxy for age.
Isn't "prepaid credit card" an oxymoron?
I wonder if I could just wait a year and pass the filter on virtue of gmail-account being 18 years old...
That’s on the EU, not Youtube.

EU citizens needs to convince their government(s) that these age restrictions are not acceptable or live with the status quo.

> now they ask for a credit card number or an identity card to prove it

I got the same thing and it left a bad taste in my mouth -- it felt to me that it was just Google's excuse to hoover up more information about me.

No, Google, I am not going to give you my credit card of government issued ID.

Yep, this happened to me a few weeks ago (even commented about it on a HN thread). I've had this youtube account since about a year after youtube came out and the google account its attached to since about 2005. To not be under 18, I'd have had to be be rather young when I created those accounts.

With all the privacy-invading data google and youtube collect on me, surely they know that I'm old enough to watch whatever I like on youtube. But there's no way I am using either of the available methods to verify my age. I'd rather just not watch stuff on youtube.

I just get a sign in to confirm age. Are you absolutely certain you weren't on a third party site?
This is how youtube and other SV websites will blackhole the undesirable channels and creators, mark my words.
I am not going to send my ID card to Google period. Neither will I give them a credit card # unless I'm ... you know ... paying for one of their services. Which isn't likely to happen either.

Edit: especially since it's US age ratings which have no connection to EU age ratings. I ran into it while trying to view some collection of every time Samuel L Jackson says "motherfucker" in a movie. For example Pulp Fiction - which is one of the movies - is rated 18 in the US but ... 12 to 16 in various EU countries?

I noticed this yesterday and now I am wondering what to do. Especially when more and more videos are getting flagged.

ID is out of the question, credit card seems more plausible. However, i wonder what happens when you give the number. I don't want that it sticks after validation...

Would it be worth it to just get a credit card for the sole purpose of youtube-dl? Maybe put some kind of limit on it, if possible?
Long time ago I remember reading about some service, that allows using single use credit cards. Last year I was looking for it, as many services cannot ne trusted with this information. But I could nothing like it. Maybe I was just dreaming...

Getting a legit card like that could be possible, but I don't think its worth of hassle and possible costs. Some companies practically throw these cards on you, but usually there is a catch.

Capital One has an app called Eno which generates alternate card numbers, but they are still tied to the same account and identity.
My capital one card has virtual cards, and I’ve seen it other places. The only issue is that it’s done by a browser add on that has incredibly high permissions. I handle it by using a separate Firefox profile for the rare occasions I need to use them. I start Firefox with that profile, use it, then go back into my normal profile.
I’d use a temp card from privacy.com or something.
That's naive, they will eventually block those kind of virtual cards just like they block virtual phone numbers. The point is to tie the account to a real identity.
It's not about the limit, but about the tying of identity. If you enter a CC number, Google will then be able to know exactly who viewed the video. If you use youtube-dl, or even ad-blocking, who knows if that violates some T&C, and they could then shut down all accounts connected to you...
According to google ID cards are deleted after age has been proven, but for some reason they might keep credit card information.

>Important: If you enter your credit card info for age verification, Google will retain this data as necessary to meet legal and regulatory requirements.

Must be because of audit laws relating to processing credit cards.

https://support.google.com/accounts/answer/10071085?p=age-ve...

The only possibility is to get out of Youtube (and other walled gardens) as soon as possible. Talk to your favorite content producers about Peertube, maybe setup an instance with some friends if you're sure you can handle that for the coming decade and not close down in 6 months time.

Both viewers and producers are heavily dissatisfied with Youtube. Time to move on.

If you allow adult videos without age verification you'll get shut down.

YouTube actually allowing adult videos is not something to diss. The fact that they need age verification is the price for it, the alternative is removing all those videos.

Am I the only one who didn't even know that youtube had age-restricted videos? Somehow I have managed to watch it for years without ever getting prompted for age confirmation!
It depends on what your needs/interests are.

For example I've worked in medical devices, I had to watch a lot of different types of surgical procedures for a specific application.

A lot of surgical content gets tagged as 'adult' even though it has nothing inappropriate as such.

YouTube had to crack down on all kinds of videos because of some laws that congress passed under the pretense of "protecting children". For many content creators it's easier to mark your video as age-restricted than to try and comply with child-friendly guidelines. This is also why so many videos now disable the comments section.
Seeing the incredibly inappropriate content the algorithm (tm) starts suggesting to actual children (I see you like numberblocks, maybe you'll enjoy this fake video of numberblocks killing each other and swearing or this extremely repetitive and epilepsy-inducing flashing video with a couple of numberblocks characters) it’s clear to me they don’t give a crap and just do the bare minimum to tick some legalese checkbox in some compliance form somewhere.
That sounds fine to me; child friendly should mean 'beneficial to children' or at least designed for children and not 'no searching nor nudity [nor extreme violence]'.
Yeah this definitely a government overreach thing rather than google's fault. Their implementation of the policy is kind of awful I suppose though.
I've watched a few channels on retro-gaming where the authors intentionally marked the video as "age-resticted" with the usual disclaimer "the video might contain images that can be disturbing to some people". As in, 8bit gore.

Sadly, the authors need to do this preemptively to avoid getting flagged and potentially taken down.

Needless to say, I was using ytdl to bypass the limit, and I won't be able to watch these videos anymore. I'm not going to log in or give my ID to google.

Google got a pretty big fine in US due to not properly gating things for minors on YouTube (based on COPPA law). I guess this is now the result.
Fuck American hypocritical Hollywood, puritanical bullshit. Their kids are already watching gay horse sex and sheep bondage by the time they're 10.
I wonder how this is going to affect NewPipe.
Just checked the video in the issue, it doesn't work in newpipe.
I confirm I've been experiencing "age related" issues in videos this week on newpipe
Who cares? Time to go to tick tack.
Just from YouTube it looks like because YouTube-dl works on pornhub and other XXX sites too.
I've found YouTube increasingly unusable in general over the last few months. It seems to be pushing absolute rubbish at me. There's a gap in the market for a music-only video service.
>music-only video service

I'm not sure how that isn't soundcloud/spotify.

Soundcloud and Spotify don't have any video.
Spotify has video for some titles, particularly pop.
Usually its like a 30 second loop vs an actual music video.
We're rapidly approaching 30 seconds as the "standard" length for pop music.
tiktokization of pop music /s
It's actually the spotifization of pop music- spotify pays per song not per minute, so artists are incentivized to make shorter songs.
I'd argue it's actually just part of a very long trend.
Compared to classical music certainly, but between the 60s and the 90s the average song length did increase again: https://www.vox.com/2014/8/18/6003271/why-are-songs-3-minute...
Almost certainly in large part due to "Stairway to Heaven" and "American Pie."
:-) Depending how they used the Music Brainz data could be – there are enough longer songs around on albums at least. (Though American Pie was actually published as a double-sided single, interesting)

While this is admittedly rather handwawy, even outside of this I have the impression that there must have been some lengthening: It feels like basically every Rock & Roll song from the 50s/early 60s mostly is around the two minute mark and very rarely even approaches three minutes. Afterwards however, three or four minutes doesn't seem that unusual to encounter, never mind those really long songs, too.

Given the glut of music streaming services, it seems unlikely to me someone could make money trying to compete with all of those and YouTube simultaneously.
I honestly believe that there's a market for people who want to watch a series of related music videos, and not have "A Vocal Coach Reacts to Silk Sonic!" pushed onto them.
YouTube itself has this. music.youtube.com

Not sure how it is implemented. It seems to just identify and catalog all of the videos uploaded to normal YouTube where the audio track consists of a single continuous musical track. It's not official music videos.

Thanks for the link. I gave it a try. Even songs which do have videos appear not to have videos on that service, oddly.
All the videos start in potato quality for me now. What is going on? Surely they can afford the bandwidth of all services?
Are you, by chance, using Brave? I've noticed that recently with Brave as well. Didn't seem to happen in Chrome even when viewing the same videos on the same machine.
Firefox. Dark pattern to get people to use Chrome?
I've had the same experience on Safari—in addition to the issue with Find no longer working in Google Docs (https://news.ycombinator.com/item?id=27351855).

I strongly suspect that at least part of the reason for these is to discourage people from using Google's properties with browsers other than Chrome (whether it was the reason for creating them, or just noted as a benefit for refusing to fix them once they were identified).

I suspect this is the real cause. They did it with search, makes sense they would do it with other areas as well.
I've also been seeing this in Firefox for the past couple weeks or so.

The video quality will default to "Auto-1080p" or similar but it will be visibly much worse than 1080p quality. Switching to 1080p manually seems to be the only way to get good quality.

This has been the case for as far back as I can remember.
Most frustrating is the YouTube video quality with Chromecast. I can get some 4K to my tiny cellphone, but Chromecast projected to 190" picture on the wall is locked to some unknown SD that is compressed to smithereens making it completely unwatchable.
They did reduce default quality for corona reasons before, might be the same thing?
It just started happening so I doubt it.
If you mean a low resolution, you can use any of several browser extensions (I like Iridium) to automatically "manually" select the resolution right when the page loads for every video, and this will also increase your maximum buffer from 20 seconds (?) to 2 minutes, which is nice if you're on wifi. If you mean on high resolutions the videos still look terrible, that's because the av1 versions of many videos look very bad above 720p on purpose if they're mostly watched in certain countries (can't find the source now, so treat as hearsay) where most viewers are on smartphones. You can mitigate this by going to settings > playback and performance and select "Prefer AV1 for SD."
Thanks for the tips. Will give the AV1 setting a shot. By Iridium do you mean "Iridium for Youtube"? It seems it's not maintained anymore? TBH this functionality was default working on Youtube for me until recently and suddenly stopped. I'm on a 4g based wifi at home (long story) so maybe this is the issue but it 1) only just started happening in the past 2 weeks and 2) really shouldn't be an issue as the speeds are pretty good. Everytime I switch to 1080 or higher even there is no buffering issue at all.
YouTube is finally at the point where it has grown into the only and largest video sharing service in the world. All that growth cost them a lot of money, and now they are pushing to turn that growth into profit. They'll slowly ratchet down the quality of videos, then add "original quality / high quality" video viewing to YouTube Premium.

Pretty soon, youtube-dl won't work at all

Apple TV/Music has music videos too, but it's a different kind of lock in with them.
This, and increasing tendency to suggest the same kind of stuff I've already seen, aka feeding the echo chamber. Also quite a bit of stuff that I've actually _have_ seen.
I use medici.tv for Western classical music.
Another great Internet snafu brought to you by over reaching EU technocrats.
It's pretty infurating that I've had a Youtube account since 2006 (15 years ago), and now they're asking me whether i'm over 18. A basic calculation on their end could filter the accounts based on age, given the TOS of when they were created (e.g. if the TOS specified that I must be over 13, a 2006 account would mean I'm at least 28, therefore automatically verified).
So you didn't create your Google account at age 3? That's impossible!
the 100th toddler theory:

given enough time and sufficient numbers of toddlers chewing on keyboards one of them will out of chance alone create a google account

well I did somehow manage to screw up my dad's linux box like that so anything's possible. (although I suspect it was because I liked to be an asshole and shut his computer off using the power button)
Well, if a 3-year old toddler watches age-restricted videos on his mother's verified account, is that against child protection laws?
There's such clause in TOS and I think that's how it worked, unlike Twitter which locked out every account when they added the TOS clause for needing to be over 13 when the account was created.
> A basic calculation on their end could filter the accounts based on age, given the TOS of when they were created

I assumed it was a legal requirement, and basic intuition and common sense aren't relevant. Much like the immigration form that says "Are you a terrorist".

I literally pay a monthly subscription to Google and they still wanted me to pay $0 once to show that I had a card.
This problem may be surmountable, but eventually it seems likely that youtube will be closed to hackers and freeloaders. It's sad in the general sense -- but of course Google is free to modify their services however they like. Hosting all that video is not free and currently they support it via advertising.

This means that any consumer of Youtube should expect that eventually Youtube may stop working for them -- and perhaps all the content they love on Youtube will eventually become unavailable.

If there's anyone running a YouTube channel getting hit by the age restrictions, consider running a PeerTube: https://joinpeertube.org/
But the age restriction is due to EU regulation. It's only a matter of time until it filters elsewhere. Switching from YouTube isn't going to make a difference.
Any source for that? A few people have claimed legislation to be a reason but I'm not aware of any such rules.

Actually I'd be very, very surprised if this was even in the jurisdiction of the EU.

It's literally discussed and linked at the top of this thread.
Umm, no. The start of this thread just a link to joinpeertube and the top comment has no source or link of any kind.

So I gather you don't have any source either then.

He means the discussion of the article. The change is due to new EU legislation, links are provided elsewhere in the (whole) thread.
It's this thing that's at fault: https://digital-strategy.ec.europa.eu/en/policies/revision-a...

Google even says so: https://support.google.com/youtube/answer/10070779?hl=en

>The Audiovisual Media Services Directive (AVMSD) is an EU-wide coordination of national legislation on audiovisual media – both traditional TV broadcasts and on-demand services. Recently, AVMSD was revised to extend certain rules to video sharing platforms (VSPs).

>In line with AVMSD, you may be asked to re-verify your date of birth when watching age-restricted videos. Follow the prompts to submit an image of a valid ID or credit card.

Google are operating in EU, not so for Peertube. I am able to make Peertube instance and tell EU for to pound sand, it is distributed.
Last time I took a look at peertube it was tiny numbers of views and a lot of porn, which is fine but not my platform of choice.
Peertube is a federated platform... running your own instance or using an existing open instance that has some content restrictions would solve the mature content issue.

As far as 'views', in reality the vast majority of Youtube channels also get very few views. You can advertise/promote the Peertube instance just like you would promote a Youtube channel.

Another alternative is to just have Peertube mirror your YouTube channel and link to the instance in every video.

It really depends on the type of content you produce and how your content is 'discovered' but unless you are on the winning side of the Youtube algorithm, peertube isn't that worse.

Hmm, it's such a shame that we have a single point of failure for so much of internet culture, not to mention people's actual creative lives.

This is one of the reasons I started using youtube-dl. I wanted to create an independent backup of all my favorite creators and contributors in the event that they have to leave or delete their channels.

This content should belong to everyone. I wish I could trust that all my favorite videos will be there forever, but this is just not the case. Removing the comments on music videos already hurt a lot.

> Hmm, it's such a shame that we have a single point of failure

You should consider using PeerTube instead, which is federated.

Sorry I have the opposite perspectives as you:

I don’t want to visit independent creators’ websites to find their content - all with different UIs, etc. YouTube gives me a clean, centralized way to access content where I know I will be able to stream 4K and view content offline. This feels massively more convenient to me than having to maintain a catalog of offline videos…

While I think we all agree that centralization of control isn’t great, the consumer gets tremendous value from centralization and this value doesn’t get talked about enough.

Finally your assertion of “this content should belong to everyone” is idealistic. Who is going to pay to store and stream this content? What about the copyright of the actual content creators?

> all with different UIs, etc.

Let me introduce you to the concept of RSS and news/feed readers: https://aboutfeeds.com/

That's fine for discovering that an artist has put out a new video, not necessarily great for actually visiting their site and figuring out how to play it.
RSS seems to have worked out quite well for audio content, viz. podcasts; there doesn't seem to be any technical reason why it wouldn't work equally well for video media.
I personally use it for video media as well. One hit on my keyboard and the RSS item opens up mpv with the video playing. Computers are built to parse text, no reason to do it by hand sifting through websites with your mouse.
Figuring out how to play (or download) a video from a website URL is exactly what youtube-dl does.
And they are saying when your clean centralized way to access content begins restricting and deleting that content, you no longer have access to it. With youtube-dl you can maintain that footage regardless. Sure it's a pain to catalog and store video files, but trusting YouTube is a naive long term plan because I've seen entire channels with hundreds of videos wiped clean with no way to find them again.

YouTube is supposed to be free content so it should belong and be available to everyone, I don't think that's idealistic I think that was it's entire purpose...you pay with screen time and ads. I don't think Google is having any funding issues.

I found the parent comment to be passive and agreeable. Not sure how you came away from it with so many things to disagree about.

> Finally your assertion of “this content should belong to everyone” is idealistic. Who is going to pay to store and stream this content? What about the copyright of the actual content creators?

That’s ironic because YouTube beat Viacom in 2013 because “this content should belong to everyone” not us so you can’t sue YouTube go sue the users.

I think you make a good point that centralization provides a lot of value today. However, if the protocols that youtube used where open-source then it would be easier to create generic user interfaces open to all content makers. Similar to what another poster said about RSS feeds.

I think one of the deeper critiques you and several others have made is that someone still has to pay for storage and streaming. Today I am paying. I bought the additional hard disk to store this on. In addition to my time and effort to collect the files. In the future I would pay some amount each month to stream what I have if it gave me access to everyone else's (essentially staking my video files).

I don't mind paying for a good peer-to-peer service. In fact I feel that I am losing a lot more by staying with a legacy system. Hence backing up the videos I like even though I have no method of distributing them.

In my dream world where I have the energy (and time) to devote to writing software outside of work I would love to build something that satisfies this need. p2p creative content sharing which is user friendly so people can just run it and start sharing their work while also helping to distribute the work of others
Well maybe. But the YouTube "protocol" keeps changing. The problems yt-dl has are related to trying to keep up with the protocol's enormous surface area and, as we can see here, sometimes changes have to be made quickly in response to legislation.
You can't produce value around content without artificial scarcity. In this case, Google/YT centralizes distribution and access, so that in order to consume content you must pay a fee (watch ads, provide personality data, etc.)

This has both good and bad sides to it. On the good side, it means people can make money as YouTube creators. This subsidizes the enormous volume of content that makes the creators no money.

On the bad side, you have a SPOF, and those failure modes can be many and varied. In this case its unwarranted age restrictions, but more usually its fraudulent DMCA take downs, various algorithmic shenanigans, and of course censorship (which can be good or bad, actually).

But you can't have one property (value producing artificial scarcity) without the other (a central point of failure).

The real question is: can content creators host their own content such that they can derive value from it? Will users consume that content, and pay for it, somehow? Theoretically it's possible, but the technical barriers are quite high. YT has capitalized on massive economies of scale to reduce the technical barriers to hosting and monetizing content to zero. This same pattern is repeated again and again: connect computer to the internet, then specialize that computer's software to do one thing really well, attract users/makers, use your control of the platform to extract value from users (inject ads, membership fees, data brokers, etc), profit. The hope is that the value to society outweighs the cost, and honestly I think that's actually the case! I just hope more people get clear-eyed about the trade-offs for-profit internet services make to be viable.

> You can't produce value around content without artificial scarcity.

Patronage or crowdfunding can work even if the content is released publically.

I suppose the next step will be to turn on DRM for age-protected videos, which few will even notice since Widevine is installed everywhere.

Soon after they'll turn it on for all videos, making it nearly impossible for normal people to save any videos and making it illegal to do so in the US.

If there's anything you care about seeing in the future, proactively download it now at the highest quality while it's still possible to do so.

I found a way to download one through some proxy thing

can't remember which

Recently, my 15 year old Google account started to nag me for my birthday. If Google was smart, they could have worked out that I'm old enough by now! (The account is older than 13 so definitely not a kid behind it, lol)
Ditto. Good thing the only product I use is Chat and can afford to lose it.
But maybe your parents created the account for you, when you were not born yet?
(comment deleted)
I'm over 13, which is the law that they're concerned with
True, but are you 18?
I have already added multiple credit cards to the account over the years.
The whole method that YouTube have used to set this up is worrying to me. In the space that the video is supposed to show there is simply a link to a website that you use to upload your details. It's a phisherman's dream.
So they're phisherman's phriends?
I have a credit card linked to my account with Google Pay, and yet they want me to provide it again. That makes no sense. They already have the information.
I noticed this. My android phone is also harassing me for proof of birth date ("to help comply with the law"). I previously just signed out of google, but a couple of weeks ago i signed in for some reason, and can no longer find the way to sign out again. Android is the last google thing I use... looks like it's time to finalise the elimination of google. edit: ah, i think i do a remote sing-out from another device.
Leineage and Grapheneos are good alternatives to stock android.

F-droid and Aurora (oss google play store client) have most of the apps you'd need, and most work well enough w/o google play services.

Really seems like the place to implement this functionality is in the browser, the thing that actually does the fetching and displaying of video.