I honestly think the pushback against the California law is a mistake. We are being presented with an increasing number of services demanding identity verification, in the form of ID verification and/or video verification. California is offering an alternative to that, an alternative that only requires you provide your age, without verifying it.
If the California law flops, the result isn't going to be no age verification. It's going to be increasing numbers of internet services requiring that you verify their identity with them through some shady third-party you have no control over, until you effectively can't use the internet without giving away your ID.
I'd prefer to have no age verification, but it's pretty clear that's not an option. People in power are using minors accessing porn and social media as a cover to push age verification, and it's believable enough that people are going along with it. Approaches where someone attests their age on an OS or account level are our best shot at disarming this push.
I’ve fallen prey to too many people at the top of slippery slopes offering “gentle pushes”. The end result is always the same. If I’m to go down one it will be kicking and screaming not silent as a lamb.
The thing is, I think these are distinctly different approaches. Mandating that OSes collect a provided age and that websites/software collect and use that is very different from making sites liable for providing various types of content to minors. The first one is basically standardizing parental controls. The second one is already happening and results in ID verification approaches. I really, really do not want the second one, and it is already happening.
Jurisdictions are already lining up to slide down the slope as fast as they can. New York intends to mandate real verification and anti-circumvention measures at the OS level. There is no room for compromise: any jurisdiction attempting to compel what must be included in an OS is batshit insane and normalizing this is going to very quickly lead to JesusTracker.exe being mandated by Texas and CrocCam.exe by Florida.
Contrary to your belief that if we just give them an inch they won't take the full mile, I think it is very important to get people rallied against OS modification altogether. If you take a murky position like "a little bit of age verification, as a treat", and sell people on voting for that / not protesting it, all you're doing is priming the average person for accepting age verification no matter how invasive. Average Joe isn't going to understand the nuances of when age verification may or may not be tolerable, nor is Average Joe going to understand the nuances of when compelled software inclusion may or may not be tolerable. If we want to get millions aligned in the same interest, the message needs to be extremely clear and straightforward, communicating exactly how bad of an idea it is to let each and every jurisdiction compel their own form of surveillance into your OS.
Average Joe thinks age verification is already palatable. Average Joe is happy to give away a photo of his ID. The alternative to OS age attestation isn't no age verification. It's almost every site, and every piece of internet-connected software, demanding your ID.
Putting your age into your user account is not the same thing.
> Average Joe is happy to give away a photo of his ID.
I don't think this is actually true. Discord walked back its implementation of global age verification for now because it was protested so heavily. Governments can get away with mandating ID for porn sites and Average Joe will not make a ruckus about it because it's a shameful/embarrassing topic they would rather sweep under the rug, but I don't think Average Joe is on board with ID verification to use their computer just yet.
Discord's still doing it, they just delayed it and will supposedly be offering other verification options. They still amount to identity verification, and the noose will be tightened over time.
Discord is going to try again later after waiting for the backlash to die down and seeing if they can massage the PR better, yes. The point is that Average Joe did not want it, so they have to take such measures. You asserted that Average Joe is happy to hand over his ID, but this seems clearly untrue. Even if Discord does do it later, I doubt it will go down happily.
I don't really want the free internet to be relegated to onion sites and a hypothetical mesh internet. As things stand, every service is going to either tightly control content or adopt age verification because the alternative is being taken down by governments.
Too bad, so sad. That's the entire reason onion exists. The public web is going to get increasing enshittified and you can either use Tor or get used to staying on Facebook with Grandma sharing cakes alongside 60 ads.
I do not want an "API" in my OS to reveal information about me. I do not want this to operate without my consent. I do not want to be limited from accessing certain sites because I refuse to implement this.
No age verification at the OS level. If Meta needs to verify ages for their _profitable_ business, that's entirely _their_ problem. Get your hands off my equipment.
It's not OS age verification. You put in an age. It does not check whether it's real. It does not ask for an ID. That will get provided to app stores and probably browsers. It should be possible to spoof, too.
The primary use case of this, in my mind, is so that a parent can give their kid a PC and set an age on the user account, and that will result in them being unable to access a variety of content. Same thing for phones.
You are already being limited from accessing certain sites, because those sites are going to ask you to provide an ID. This is an alternative. It frees sites from having to request an ID to verify ages, because the age signal from the OS is legally sufficient. If I'm remembering what I read, it actually bars them from trying to determine your age in other ways.
edit: also, the signal passed from OS to software isn't even your age, it's one of four age groups. three under-age groups, and one adult group. It's not even meaningfully de-anonymizing!
That's only going to apply to children, since there's only one age group for adults. There are definitely ways to solve that, too. It's not perfect, but I much prefer it to laws that force websites to ask for ID, or laws that do the same thing by making websites liable for children accessing them.
The law specifically says your OS has to implement this API. It burdens my OS vendor with adding this. In this case, that's me, since I roll my own linux.
> That will get provided to app stores and probably browsers.
And how will they behave when my *OS* decides not to provide that signal? Which is what's going to happen since there's no way in hell I'm playing along with this garbage.
> is so that a parent can give their kid a PC and set an age on the user account
You're telling me there isn't any software which does this already? That are no third party packages a parent can buy to achieve this? Aside from that you're missing the blindingly obvious, without an audit trail, none of this matters. The third party software can actually do that. This cockamamie nonsense can't.
> You are already being limited from accessing certain sites
Oh yea? Which ones? From my perspective this has never happened.
> because those sites are going to ask you to provide an ID.
That's on them. That's a choice they have to make in the market. Perhaps that will allow a competitor to provide the same service, with better safety, and no ID checks. I will refuse to use any service that requires this.
If you have to show your ID to enter, that's a seedy place, and no where children should even be near. Why does social media need the same restrictions as pornography, drugs and hard liqour? Why is facebook even trying to profit off of this gap?
> If I'm remembering what I read, it actually bars them from trying to determine your age in other ways.
I believe you have remembered incorrectly. Please show me where this is a part of actual law. Then please explain to me why this is a good thing.
> the signal passed from OS to software
That's the problem. I don't care what it conveys or of it's "de-anonymizing" or not. If the software wants to know it can ask me directly. I don't want a law that requires my OS to provide _any_ information about me. Full stop.
It's just not _meaningful_. It does nothing. It does not protect children. It lets seedy backalley social media networks to profit off of their corruption. This is morally bent.
social media is the root of most evil in the society at present, pornography is just a bunch of people fucking around. while neither is healthy, if you had to choose you are better off watching people fucking
these laws are feckless and unenforceable, maximal non-compliance will expose that
the destiny you're describing only happens if you willingly accept it
do not comply
do not pay the fine
idiot geriatric lawmakers have no power over what you do with your computer
If the California law flops, the result isn't going to be no age verification. It's going to be increasing numbers of internet services requiring that you verify their identity with them through some shady third-party you have no control over, until you effectively can't use the internet without giving away your ID.
I'd prefer to have no age verification, but it's pretty clear that's not an option. People in power are using minors accessing porn and social media as a cover to push age verification, and it's believable enough that people are going along with it. Approaches where someone attests their age on an OS or account level are our best shot at disarming this push.