54 comments

[ 3.3 ms ] story [ 52.4 ms ] thread
Might it be sufficient to dynamically block anyone that has a registered home address in Mississippi for their payment method? Most ISP's span multiple states.

Google have additional information about IP addresses that updates dynamically based on cell phone, wifi and other magic usage so maybe ask them if they have some javascript that queries their site for more specific city/state details. Also call Pornhub and ask how they were blocking specific states to meet legal requirements.

If I were in Dreamwidth's shoes, I'd be very much concerned with minimizing legal exposure, not number of users excluded. At 10k/user*day, it's a reasonable choice to block as broadly as makes sense.

Tough for the neighbors, but nitpicking "resident" is not a good choice here.

For the Bluesky ban, I'm not in Mississippi, but whatever IP Geolocation service they're use thinks I my home internet is in Mississippi. It's doubtless that lots of people inside Mississippi but near borders aren't being blocked, because that's just not a thing that's really possible.
Unlikely. You wouldn't have a payment method address for any free/non-paid/gifted account.
Definitely not because the law would apply e.g. to someone who lives in a different state, but loads the site while physically in Mississippi.
Clueless human, but what stops a company from ignoring these laws from certain states? How is this enforceable if a company doesn't have any infrastructure within that state?
If you're using a VPN while inside Missxi and access the site without age verification, would that cause the site to be in violation of the law?
Sometimes, often even, Dreamwidth can do the right thing like this. I fully support them in this fight and hope they win. But let's not pretend banning huge IP ranges for years at a time is new to them.

Dreamwidth has been at the forefront of banning large swaths of the internet. They started doing it years before anyone else. Before the for-profit corporate spidering of HTTP/S content even began causing issues. This is well trod territory and entirely familiar for them and their upstream network provider they like to blame their inability to fix it on.

How is this vaguely sufficient to meet the legal requirements of the law? They know geo-blocking is insufficient.
it is just a new better Internet era - everybody to use VPN. Thanks to the conservatives for facilitating such a progress.

For example, these days in Russia awareness and usage of VPN is well beyond any normal country. With Facebook and IG for example blocked for Meta being officially branded an "extremist organization" (by the way Taliban was taken off that list recently, so what do you guys in Menlo Park are cooking what is worse than Taliban? May be some freedom of speech? :) people in Russia of all strata is still using it, now through VPN, many from mobile devices. The thing of note from USSR/Russia here is that habitual violation of unreasonable laws breeds wide disrespect for the system of law as a whole, and it i very hard to reverse the flow.

Between this and the UK Online Safety Bill, how are people meant to keep track?

Launch a small website and commit a felony in 7 states and 13 countries.

I wouldn't have known about the Mississippi bill unless I'd read this. How are we have to know?

> how are people meant to keep track?

Individuals are not meant to keep track, they're meant to leave the ecosystem. These types of bills are the end product of the process of regulatory capture by the corpos.

Corpos create centralized watering holes that are magnets for social problems, offering low effort service and very little accountability for early users. Corpos then nurture these uses because they drive engagement, and at the early stage any usage is good usage. When the wider public catches on and starts complaining, corpos then cast it as outside meddling and reject addressing the problems they're facilitating, as curation at scale would cost too much. Corpos then become a straightforwardly legible target for politicians to assert control over, demanding some kind of regulation of the problem. Corpos then lobby to make sure such laws are compatible with their business - like simply having to hire more bureaucrats to do compliance (which is the sine-qua-non of a corpo, in the first place). The last few steps can repeat a few cycles as legislation fails to work. But however long it takes, independent individual hosters/users are always left out of those discussions - being shunned by the politicians (individuals are hard to regulate at scale) and the corpos (individuals turn into startups, ie competition). Rinse and repeat.

Eventually we're going to end up with freedom loving states and puritanical nanny states.
As an aside, it would be curious if deepening political polarization creates a trend of blocking IPs from specific states or regions for whatever reason... perhaps in such a scenario there would be interesting relations or comparisons between the digital and physical divides...
Is there even such a thing as a "Mississippi IP?"

I.E. Are US ISPs, particularly big ones like Comcast, required to geolocate ISPs to the state where the person is actually in? What about mobile ones?

Where I live (not US), it is extremely common to get an IP that Maxmind geolocates to a region far from where you actually live.

Since some idiotic courts have ruled a website’s Terms of Service to be legally binding, why can’t I just say no one from Mississippi is allowed to access my site and be done with it?

I’m not being glib. Honestly, why can’t I? There’s precedent for saying that’s unauthorized access, so the feds (not the state; “Interstate Commerce Clause” and all that) should prosecute the visitor for violating my ToS.

This is happening in Australia, and it's awful legislation.
>Unfortunately, the penalties for failing to comply with the Mississippi law are incredibly steep: fines of $10,000 per user from Mississippi who we don't have identity documents verifying age for, per incident -- which means every time someone from Mississippi loaded Dreamwidth, we'd potentially owe Mississippi $10,000. Even a single $10,000 fine would be rough for us, but the per-user, per-incident nature of the actual fine structure is an existential threat.

Reminds me of Silicon Valley. PiperChat has grossly violated COPPA as there was no parental consent form on the app leading to a 21 billion dollar fine: https://www.youtube.com/watch?v=N3zU7sV4bJE

Well, we can blame the voters of Mississippi for their ass-backware representatives, who they evidently like, for these ignorant laws.

Cut the ignoramuses from the US internet until they can learn to be decent people. Serves them right, and well, legally.

Surprising how quickly everyone is expected to comply with these laws - within a week you're supposed to block what could be a portion of your user base?

Most areas of governance usually give years of preparation ahead of anything actually being enforced. This is so short-sighted.

Why geoblock Mississippi but scramble to comply with California right to delete. Political favorites? Easier to implement? Something else?
Project 2025 at work
I guess the uk isn’t the only place with lawmakers that have no grasp on technical matters but yolo it anyway
Honestly this sort of thing seems to be popping up everywhere now. Almost feels like a co-ordinated effort.