Don’t get me wrong, I’m all for privacy. But between setting up the birthdate when creating my children’s local account on their computers, and having to send a copy of their ID to every platform under the sun, I’d easily chose the former.
I’d even agree to a simple protocol (HTTP X-Over-18 / X-Over-21 headers?) to that.
for ex: if you let your kid look at porn, in the US, the parents are absolutely liable for various forms of “risk of injury to a child “ laws.
To bring charges under those sorts of laws there’s going to have to be some external evidence of harm. Either the kid is acting in a way that causes an agency sufficient concern that they investigate the family, or the government mandate much stricter monitoring of exactly who is doing what online. The former case is unlikely, but should probably be persued vigerously when it does hapoen, and the latter case is something I imagine we all very much want to avoid.
By providing a simple, privacy conscious, way of taking some of the burden of vigilence off of the parents (the child is less likely to stumble on inappropriate material) it makes it easier for them to provide actually beneficial guidance, and reduces the risk of law enforecement getting involved to investigate minor transgressions.
putting burden for safety on corps is not a healthy thing.
The burden is still on the parents, but this would actually provide a useful tool for them to address that burden.
have you seen any existing tools be so bulletproof that kids cant get around them?
No, and this wouldn’t be impossible to bypass either. I don’t think the aim is 100% perfection, so much as harm reduction, and I don’t think you’ll get more than that no matter how onerous the law becomes. Most kids, most of the time, are not going to be trying to circumvent it, and it would still be up to the parents to look out for cases where they were.
The current proposal requires storing and transmitting a flag that can take one of four values (under 13, 13-16, 16-18, 18+), and prohibits sites using other means of age verification. It’ll work adaquately to stop kids accidentally seeing pornography, and hopefully things like andrew tate, giving the parents some space to do their part to help their kids learn how to understand what they migjt be exposed to.
why are the harm reduction methods we have now not being used?
That’s a thorny question. The main ways we currently got either involve the sites in question collecting personally identifiable information, such as government issued ID, and making a determination as to what to serve based on the information that contains, or the sites adhereing to a voluntary code, such as RTA, to include an identifying header, and parents installing, configuring and maintaining the software or services to restrict access. The former method is obviously dangerous as it requires handing over your ID, and the latter is all voluntary and so there is little impetus to do it, and the complexity will also act as a deterent for parents. Turning it around and just having the computer send a flag for the age bracket gets rid of the need to transmit personally identifiable information and makes the parents’ setup job much easier with a one-shot, tick a box and carry on, process.
if they are claiming the new laws are for kid safety there must be existing already some external evidence of the need, no?
There’s fairly clear evidence at a societal level that access to, for instance, hardcore pornigraphic material is harmful to children, but that is very different to having evidence that a particular child is currently being exposed to it.
exactly. so why do we need more laws that also happen to provide massive leak able tracking to corporations and govs without warrants, etc?
I’m not sure what you mean by “massive leak able tracking” in this case. It’s literally a flag that indicates the user’s age bracket, and means sites don’t use the really invassive options.
setting that flag involves the leakable process.
Again, I’m only going by the Californian bill, but that one is pretty clear that the person setting up the account should either supply the user’s birth date, or the age bracket they are in. There is nothing indicating this should be validated in any way. I’d agree that, if the machine was compromised, and the user’s birth date was used, it would be possible to leak that data, but given those preconditions, it would be one of the least interesting things leaked. I’d certainly prefer to just store the age bracket, and have a way for the computer admin update it as the user grows towards their 18th birthday.