92 comments

[ 24.1 ms ] story [ 2303 ms ] thread
This guy is reading my mind ...
It doesn't help that it feels like poorly veiled information mining, not genuine policy.
This is exactly what I am feeling (the title, didn't read). I can't see why I would give a copy of my official id card or a picture of my face to a basic service on the Internet. Seriously ? They do not deserve it. Even my phone number is too much but well Google has it now.
The problem for me is not services where the content is online, you can just avoid those, but cases where access to scarce real resources is controlled through online verification. E.g. renting recording studios, background checks for job applications, things like this. Often there is no route that does not go through a third-party verification service.
I was sitting in a room the other day with a young adult, we were searching for additional algorithm learning materials. They searched in Google, and accept the cookies. They clicked on a website, and accepted those cookies too. They then started entering their email address to access another service. I was completely taken aback.

I'm the sort of person that either rejects the cookies, or will use another site entirely to avoid some weird dark-pattern cookie trickery. I don't like the idea of any particular service getting more information than they should.

Siting there I realized, we were not the real target. It is the young people that are growing up conditioned to press accept, enter any details asked of them, and to not value their personal data. Sadly, the damage is already done.

I’m 26, probably terminally online and a professional software engineer too and I just accept cookies every single time because it’s the lowest friction path to just get the banner out of the way. Too bad for those sites tho, because I use uBlock origin on the browser, whitelist cookies by site (all cookies are otherwise always blocked everywhere) and use an always-on VPN to route all my network traffic to my PiHole DNS server.

Maybe it’s a little bit overkill but I set it all up once and only have to whitelist sites every once in a while so it’s not really an annoyance. Besides, I’m not 100% sure now but I’d say that just using uBlock is enough (if properly configured) to prevent cookie-based tracking so my setup is definitely over-engineered.

"Siting[sic] there I realized, we were not the real target. It is the young people that are growing up conditioned to press accept, enter any details asked of them, and to not value their personal data."

I have seen (young) parents who are more addicted to this sort of careless internet use than their kids

It will take some years before the cycle is broken

Future generations will not be conditioned the same as prior ones

Perhaps "age verification" as a wake-up call could mark the beginning of the transition

A bit late but in my recollection, this pattern started with Windows Vista asking for admin permission to do anything, like changing your background. Which in turn was borrowed from the `sudo` pattern which had been pretty normalized in Linux land over doing everything as `root`. Of course, I remember kneejerk-sudo-ing a lot.
They will track you irregardless of your choice and then get fined 2% of their income from that tracking if caught. Most EU fines to big companies are still unpaid.

Either your trust website to not be shady, or not. That button click is not a formal agreement.

I often click accept, at least for site banners that get through ublock. But my browser blocks 3rd party cookies and then it clears all cookies on close (except for trusted sites). I also use private browsing for random sites where I dont bother rejecting cookies usually.

I really think this cookie consent concept should have been a browser functionality, so I can make my default choice for all sites and be done with it.

The whole process is a hassle.

I shouldn’t have to deal with leagal-ish agreements for every website I visit.

The entire regulation bureaucratic and nonsensical to individuals.

There are some services where it makes sense. E.g., submitting taxes with the government, logging into the banking website. Apart from that kind of service, yes I don't think I would want my identity or age verified on more or less any website.
yeah, but wait till you have to id yourself to use online governments service, or do a one hour drive to meet in person with officials. and then if you have to do this four times. i gave up and submited my face to save 8+ hours and inevitably most of people will do the same...
It’s a hand out to advertisers losing uuids.
Honestly seems like the moral panic of the day. I was just reading about some “red vs blue” school meme in London which led to a lot of hand wringing and parents keeping their kids at home. The kicker? There was no actually school battles, it was a viral meme (mostly consumed by adults) and the kids just thought it was a joke.

Pretty much sums up all modern discourse in banning social media and doing age checks. When I was growing up it was satanic symbols in the music I listened to.

I guess - wtf is wrong with adults? Why do they feel compelled to control the younger generation?

> I haven’t been asked to verify my age for a DVD purchase (online or offline) in a very long time.

Offline there is a reason for that, online are enough countries where it breaks the law if you sell without verification at least for NC-17 titles

I live in China, where every mobile game requires age verification. Teenagers can play for up to 1.5h/d on weekends. But as far as I can see, some parents will assist their children to unlock more time on purpose.
Enforcing laws against porn companies distributing porn to minors seems reasonable. It's already illegal many places, such as the US. It is then their responsibility to gate by age. It has always worked this way for liquor stores or basically anything else age-gated, including some online services like poker. If you dont want to provide age verification you don't have to.
I encountered my first run-in with an age verification prompt when I went to authenticate into the Claude iOS app. It asked me to use me iOS/iCloud account to confirm myage. It was quick and seamless enough, but even though I'm aware of this trend, it struck me as a bit jarring.
(comment deleted)
Steam was asking for your Age since day 1.

1 - 1 - 1970 is always mine - Unix zero

> I was pondering last night for which services I, personally, would actually be willing to verify my age or identity.

> And… the answer is “none”.

> At least, none that I can think of at the moment.

Think back to the recent pandemic.

Work? Online. School? Online. Recreational activities? Online. Talking to loved ones you don’t live with? Online. Birthday party? Online. Nonfood shopping? Online. Banking? Paying taxes and bills? Online. Job interview? Doctors appointment? Online. Dating? You guessed it, online.

The internet’s a big thing these days.

> Work? Online.

Presumably my place of employment would have already verified my identity when I started working for them.

> School? Online.

Ditto, and for kids enrolling during lockdown they wouldn't have any ID to hand over anyway.

> Recreational activities? Online.

> Talking to loved ones you don’t live with? Online.

> Birthday party? Online.

> Nonfood shopping? Online.

Doesn't need me to verify my identity.

> Banking?

Every bank I've ever interacted with has done this verification in-person.

> Paying taxes

The government already knows who I am and what I look like (by issuing the ID to me); this is fine.

> and bills?

Direct debit just has a sort code, account number, and name on the account. No verification of identity.

> Job interview?

I wouldn't think that a new employer would be verifying your identity until you actually get the job offer?

> Doctors appointment?

Doesn't need me to verify my identity to arrange it. I have to go there in person anyway, I can damn well show them my ID then.

> Dating? You guessed it, online.

Eh. This one is a grey area. I can see the desire to have members verify who they are. I've also seen how badly that can go wrong.

Related: this[1] current article/thread about privacy-preserving age verification.

The author here seems to be commenting specifically on the type of anonymity-breaking age assurance widely being utilized along with the vaguely justified social media bans. Given the right technology to prove an age threshold but while preserving anonymity I'd be curious how their thoughts would change.

For example, we've never seen people critiquing the naive kind of 'Are you over 18?' prompts seen on ye olde Reddit or adult sites, precisely because those weren't breaking anonymity or leaking any trackable identifiers.

[1] https://news.ycombinator.com/item?id=47229953

The problem for me is that the reason this is needed is that kids are permanently online, completely unprepared for the wild west that is the internet and increasingly effectively raised by the internet.

All this is to facilitate that lifestyle without any concerns that far more damage is likely to happen by allowing it to happen than insisting on adequate parenting

I use multiple "real" identities so I don't have my real name associated with certain open source projects that involve sensitive things like cryptography etc. This is a huge concern of mine.
I'm of the same mind as the author. I can't think of a single online service that would be worth the risk of exposing myself to age or identity verification.
Age and identity verification can and should be done at the country level.

France has an ID service to pay taxes, and they have a network of possible ID verification systems. Like, you can ID through the tax system, or through the healthcare system. It works fine.

Implementing an API that uses the same to provide age verification is not rocket science.

If you need age verification for a website, say "smedia.fr", then you go there, then it makes you get an age verification token to "franceid.gov.fr", that guy gives you back a token, you send the token to smedia.fr which checks the token with franceid.gov.fr

I don't understand how this is even an issue.

This stuff worries me as one needs to be a hard target when they reach their 80 and 90’s. People do not need personal info out there in the public domain.
Why does Claude require my phone number.

It's honestly a reason why I don't use the service.

I'm fine with providing my identity for online banking and other finance platforms for legal & taxation purposes.

I can't think of a single other use case in which I'd be willing to verify my identity. I'd rather go back to hosting email myself, and am fine with circumventing content access control for all other platforms for personal use.

We're seeing the world slide towards authoritarian strongmen, and we want to give them a massive index of who we are and what we do? I'd rather not.

See, I think, you're not supposed to continue using those services as before. They want them all gone, and so-called age verification is a means to chase away users that are less dedicated.

What I think must result is, a monotonic cultural erosion and deprecation of such platforms and regions implementing those restrictions, and continuous replacement with engineered and packaged foreign imports from venues and regions from psychological "upstream" where there aren't such restrictions. But I guess that's what they explicitly desire.