It is quite clear which laws they have broken. They haven't ensured that underage users cannot access the material they shared.
I don't believe such laws are realistic in the age of the internet, it just isn't possible to keep teenagers or younger people to see explicit content, which they very likely do. It can be accessed anywhere and there is no solution aside from parents being involved in their media consumption. When kids turn to teenagers, there probably isn't any solution anymore. The tech-affine will have access to such content.
When used this way the law only serves a purpose of being a tool of oppression. On Twitter an underaged person can trivially find porn, that would still be the case if every single German resident posted using the NSFW filters, or not even posted at all, so:
- The law does not stop or even impede underaged children from accessing pornography, but
- the law is criminalising Germans and appears to be applied selectively
That doesn't sit right. If the German Government is truly interested in this initiative, they need another way to detect and block porn on computers used by children, and not by attempting the Sisyphean task of putting the world's pornography behind age verification systems.
What I find confusing is that the German Citizens are targeted. Twitter, TikTok, XHamster, etc.. are hosting the images. Why are they not fined for not providing a system to check that the user is above a certain age?
Or do these people not flagged their images as 18+/Offensive to children? Is that the problem here? But this isn’t possible on Twitter, which does not make such age-verification or age-checking tools available.
So, if they only post content on sites with age-restriction, they're fine?
TL;DR: This is not about erotic but actual porn, i.e. most NSFW posts are not affected by this at all.
The article is quite misleading.
For example the crack down on the "biggest porn website of the world" was because of hard core porn as well as not properly vetting the content and in turn having had frequent cases of child pornography or videos of drugged people being raped. This somewhat got better after US payment provider cracked down on them, too. There is also the thing that in Germany anything depicting children with sex is child porn, including cases of adult actors pretending to be children or animated/drawn children, this lead to there being a bunch of videos which in some countries do not count as CP but in Germany do. The most ridicules part that for a long time (not anymore) just asking the person for their age before showing any content without verifying it anyway further was "good enough" and they weren't even able to comply with that (they now somewhat do that, but now it's not enough anymore).
Similar Germany is much more relaxed as what counts as porn and differentiates legally erotic, porn and "illegal porn" (e.g. CP) this mean you might e.g. see a cover of an erotic magazine with a woman with exposed breast publicly sold in a train station in Germany visible to everyone including children. I.e. a lot of the NSFW twitter porn is actually legally seen not porn but erotica in Germany. Or in other words the person in question either uploaded actual porn to twitter, which is against twitters terms of service or linked to their own "hobby porn website" which didn't had an age verification system.
Also the age verification system just has to be "good enough" i.e. not perfect, which means that e.g. if you sell porn a verification through the payment provider can be "good enough".
And that a "good enough" age verification system is needed is something pretty much any German person on the internet should be aware of. What they might not have been aware of is that the legal requirements for such age verification have become stricter, i.e. in the past a "Select Age" banner checking your selected age implies 18+ was good enough. That not always the case anymore, through for soft porn you might still get away with it.
ID cards, Resistency cards and Bank cards in Germany (to some degree inter-compatible (partly) the EU) have a function which can be used to indicate if someone is an adult, without handing out the name, card id or anything like that (through potentially the full birthday).
Browsers could use that to provide an "is adult" (yes/no/unknown) API which doesn't provide any additional information (and should use need user permission for access).
Which would not be hack-proof, but would be more strict and privacy preserving.
Now AFIK such an approach would be a no-go for the US due to they having a very different situation around passports and similar.
But in Germany especially if it also works with resistency card, bank cards including many non German EU versions of those this is much less of an problem.
Now that I think about it you probably could make such an API work in a hackable but more strict and good enough way in most western countries. E.g. you could use other less privacy conversing ways once for the browser to know (e.g. based on credit card number) and then just cache this information. The age proving provider would _not_ know about the usage (where, when, if at all, how often, etc.) and the site using it would just know 18+ yes/no/unknown.
Through to be clear such a thing would only work if you want a "good enough but hackable" API. The moment you want to remove the "hackable" part things become a shot show involving certificates leaking hints about other private information, DRM, and other nonsense.
But then any "real world" age checking is fairly hack-able too so IMHO hackable should be fine.
6 comments
[ 2.7 ms ] story [ 19.9 ms ] threadI don't believe such laws are realistic in the age of the internet, it just isn't possible to keep teenagers or younger people to see explicit content, which they very likely do. It can be accessed anywhere and there is no solution aside from parents being involved in their media consumption. When kids turn to teenagers, there probably isn't any solution anymore. The tech-affine will have access to such content.
- The law does not stop or even impede underaged children from accessing pornography, but - the law is criminalising Germans and appears to be applied selectively
That doesn't sit right. If the German Government is truly interested in this initiative, they need another way to detect and block porn on computers used by children, and not by attempting the Sisyphean task of putting the world's pornography behind age verification systems.
Or do these people not flagged their images as 18+/Offensive to children? Is that the problem here? But this isn’t possible on Twitter, which does not make such age-verification or age-checking tools available.
So, if they only post content on sites with age-restriction, they're fine?
The article is quite misleading.
For example the crack down on the "biggest porn website of the world" was because of hard core porn as well as not properly vetting the content and in turn having had frequent cases of child pornography or videos of drugged people being raped. This somewhat got better after US payment provider cracked down on them, too. There is also the thing that in Germany anything depicting children with sex is child porn, including cases of adult actors pretending to be children or animated/drawn children, this lead to there being a bunch of videos which in some countries do not count as CP but in Germany do. The most ridicules part that for a long time (not anymore) just asking the person for their age before showing any content without verifying it anyway further was "good enough" and they weren't even able to comply with that (they now somewhat do that, but now it's not enough anymore).
Similar Germany is much more relaxed as what counts as porn and differentiates legally erotic, porn and "illegal porn" (e.g. CP) this mean you might e.g. see a cover of an erotic magazine with a woman with exposed breast publicly sold in a train station in Germany visible to everyone including children. I.e. a lot of the NSFW twitter porn is actually legally seen not porn but erotica in Germany. Or in other words the person in question either uploaded actual porn to twitter, which is against twitters terms of service or linked to their own "hobby porn website" which didn't had an age verification system.
Also the age verification system just has to be "good enough" i.e. not perfect, which means that e.g. if you sell porn a verification through the payment provider can be "good enough".
And that a "good enough" age verification system is needed is something pretty much any German person on the internet should be aware of. What they might not have been aware of is that the legal requirements for such age verification have become stricter, i.e. in the past a "Select Age" banner checking your selected age implies 18+ was good enough. That not always the case anymore, through for soft porn you might still get away with it.
ID cards, Resistency cards and Bank cards in Germany (to some degree inter-compatible (partly) the EU) have a function which can be used to indicate if someone is an adult, without handing out the name, card id or anything like that (through potentially the full birthday).
Browsers could use that to provide an "is adult" (yes/no/unknown) API which doesn't provide any additional information (and should use need user permission for access).
Which would not be hack-proof, but would be more strict and privacy preserving.
Now AFIK such an approach would be a no-go for the US due to they having a very different situation around passports and similar.
But in Germany especially if it also works with resistency card, bank cards including many non German EU versions of those this is much less of an problem.
Now that I think about it you probably could make such an API work in a hackable but more strict and good enough way in most western countries. E.g. you could use other less privacy conversing ways once for the browser to know (e.g. based on credit card number) and then just cache this information. The age proving provider would _not_ know about the usage (where, when, if at all, how often, etc.) and the site using it would just know 18+ yes/no/unknown.
Through to be clear such a thing would only work if you want a "good enough but hackable" API. The moment you want to remove the "hackable" part things become a shot show involving certificates leaking hints about other private information, DRM, and other nonsense.
But then any "real world" age checking is fairly hack-able too so IMHO hackable should be fine.