63 comments

[ 3.7 ms ] story [ 65.1 ms ] thread
To the surprise of absolutely nobody.
> Social media company Discord announced plans in February to roll out mandatory age verification globally,

Discord’s age verification is optional and only required to disable the image content filter, join adult servers, and a couple other features. I’m not saying it’s a good decision, but I am getting tired of the repeated claim that it’s mandatory to go do age verification to use the service.

This lazy reporting is hurting the messaging because readers will believe that mandatory age verification was implemented and everything is fine, so new laws will not change anything for the worse. It needs to be clear that age verification laws would change the situation considerably, not be a nothingburger.

I don’t plan to do the Discord age verification and neither do most of the people I interact with on Discord. It’s not mandatory.

I don’t recommend anyone rush to do the Discord age verification unless you really need to for some reason. Don’t believe all of the lazy articles saying it’s mandatory.

>An FTC spokesperson told CNBC that companies must limit how collected information is used. [...] The agency pointed to existing rules requiring firms to retain personal information only as long as reasonably necessary and to safeguard its confidentiality and integrity.

the very same rules that have allowed literally every single piece of my data to be leaked several separate times, and now i have free credit monitoring instead of privacy? and all of those companies still operate normally, as if nothing ever happened? very neat.

>Discord said it is using the additional time this year to add more verification options, including credit cards, more transparency on vendors and technical detail of how age verification will work

and why didnt we start with credit cards? instead of facial recognition with peter thiel? (this is a rhetorical question)

I prefer facial recognition. Probably good that there isn't a popular face-spoofer app, since it would put attention to the efficiency of these verifications.

Credit card info is a bad solution. In many countries they still are rare and it would very likely exclude as much adults as children.

The real answer is that while we should expect children to be online, it is the responsibility of the parents to moderate their usage. Add a standard header to every http request to support filter solutions. That is the only viable solution that is of a technical nature.

The whole ZKP idea is futile, no model works if you also have connection information, which states tend to save too.

Anonymous internet usage is pretty awesome. For adults and kids for that matter. And that doesn't change because there are also bad advertisers that practically can identify and track you. If you want to protect kids, have those be imprisoned first. Strong opinion, I know, but also the correct one.

There's even precedent for credit cards! I remember my dad needing to make a small transaction to get me a nintendo online account back in the 3DS and Wii U era
The fact that these tools are 'active' centric, i.e : You must perform an action to validate you're NOT a child, these will never protect children. A predator simply needs not to verify anything and appear benign and ironically more anonymous than law abiding people.

I'm not saying the inverse is the answer either, just that if anyone without an agenda of surveillance looked at this for a second, the penny would have dropped. So I can only assume that this was the purpose the whole time.

is this the great innovation that the GDPR is stifling in Europe? (sorry for the snark)
It's curious why there are no reverse systems where, when accessing an adult resource, you have to prove that you are a child?
Never provide such information. Forge it if you must
The uncomfortable part is that they try to solve a real problem (protecting minors) by requiring universal identification. In practice this means every adult has to prove who they are just to access any part of the internet. Once that infrastructure exists, it’s hard to imagine it not expanding beyond its original purpose.
Discord specifically wanted to solve this by assuming everyone was a minor until they proved their age. Minors still have access to most spaces unless that space (or DMs with adults) was flagged / identified as adult-content.

This is a pretty clear counter example to your snowball fallacy.

Protecting children means protecting them from people who wish to harm them, that includes the government and platform owners, since these laws don't provide any actual protections to children from those two entities it's reasonable to assume that the law is trying to facilitate child exploitation rather than prevent it.

You have to keep in mind your idea of child protection is likely different from most of Americas'. The law makers' idea is to maximally enable them to perform (largely) uncompensated white collar work. Protected means that by the time they are 22 they have maximally warped their brain into an economically viable specialty and are in massive personal debt. If they make Roblox a $1M in the meantime of course that money won't go to their brainwashing, that would make them lazy.

no shit, this was obviously the point. the people who said so all along were correct, the people who insisted it wasn't were not speaking in good faith.

we, as a society, need to stop taking companies at their word when they say that the obvious harms that are right around the corner are overblown.

The EU is rolling out the EUDI system this year where citizens can verify their age (>16, >18, >21) without revealing any personal information. This is a solved problem over there.
Will this work without Google/Apple services shown down my throat?
This is probably fantastic news for the VPN providers. Lots of people who otherwise wouldn't have bothered are now likely incorporating VPN connectivity into their daily routine. This very obviously includes kids.

I also wouldn't be surprised if there were plenty of people only dimly aware of the idea of a VPN who are now sitting up and taking note.

I personally don’t use VPN’s except for work but I have multiple clients installed on my devices “just in case”.
My default reaction to the introduction of any age-verification for any service is the closing account. Goodbye Discord, account closed out of protest.

The second option is ignoring the verification request. Goodbye online-gaming-with-strangers on Xbox. (I see this as a positive). Same goes for Ubisoft who aggressively wanted my secret papers to verify my identity.

I've yet to come across anything I want or need outside banking or government use where age verification benefits me, or is so useful/important that I would willingly hand over critical secret documents. I've not even needed to use a VPN for anything. It doesn't mean it won't happen, but when it does, option #1 or #2 is going to cover everything.

Which circles back to the main point here - if I ignore it, then effectively I get identified as a non-adult. How does this protect anybody?

(UK-based, might not be the same everywhere)

Age verification inherently requires identity verification.

The UK's Online Safety Act originally had a proposal that would allow users to purchase an ID code anonymously in cash from a corner store, presenting only ID to the cashier the same way as buying alcohol. This was never implemented, because it's more useful for the government and corporations to link all online usage to a government ID.

> Age verification inherently requires identity verification.

Not necessarily. There are facial scan tools which make a guess based on visual appearance of the face. They aren’t perfect, but they might have error rates comparable to systems which require linking to government ID systems.

The entire point is to de-anonymise adults. Especially in countries that are escalating the policing of online speech.

If it was actually about kids, we'd have done it a long time ago. With more focus on things like porn and gambling (including 'loot box' gambling in games) rather than social media.

Man... How did yall white Westerners turn out to be the weakest people in the world?

You were supposed to be the bastions of freedom and justice, and the rest of the world begrudgingly admired you for that and were slowly improving to become like you, but ever since 9/11/2001 the rich old people that rule you have been feeding you boogeymen to make you their complacent b*tches and you lay down and crawl along and accept everything without even a whimper.

Now your countries are little different from Russia or China or Dubai etc where the old money cabals run everything, and it's not some third world backhole that was suffering already anyway, but you yourself that are the worst victims of all their laws and wars.

Water is wet.

All for making sites to send a header with restrictions as they apply in law (age rating per location for example -- so a site could send "US:16 US-TX:18 IE:14 GB:18 DE:16" etc), and even categorise as not required in law (category=gambling or category=healthcare)

That gives the browser/app/accessing device the power to display or not display

The second part of this is to empower parents -- let them choose the age rating which can only be changed with a parental code etc. Make this the law on all consumer commercial devices -- i.e phones, macbooks, windows.

This is trivial and worthwhile.

Yes some 15 year old will build something in python in a user session to work around it as they have a general purpose computer, that's a tiny amount of the problem. Solve the 90% problem first.

>put people into mandatory age verification

>most people will not verify their age

>can't be sure they're an adult so treat everyone like children just in case

>wait what? the trojan horse allows them to monitor and surveil them?

I'm shocked. Shocked! Well, not that shocked.

And you could relatively well determine the age of a person, by looking at the age of his social graph. No kids knows more then 5 adults, except over family groups.. thuse age identification should be viable via social login even without beeing bound to a passport.
> causing major headaches for social media companies attempting to strike a balance for users between legal compliance and privacy.

I can see how the problem is real. (Not sarcasm.)

In technical terms, "balance" is trivial. Put an air/security gap between information collected for age verification and the dossiers they have on users.

In business terms, conflict. They have relentless incentives and pressures to collect, collate and leverage every bit of information that can increase their return on users. Legal gray and black behaviors are rampant and tolerated where protectable. The number of paths to a creative interpretation of "balance" is unbounded. Right up to the c-suite.

It is sad, but self-aware, if they feel awkward trusting themselves with a mandated database full of tasty information they are not supposed to taste.

Well, that's shocking news...said no one ever.