The problem isnt the idea of preventing people under 16 from getting on social media, but how you enforce that.
The only real way is to make every user submit a government ID, which becomes a massive privacy AND security issue with how often every online service gets compromised or leaks user data
If a banks suddenly and frequently lost data on all their users people wouldn’t be screaming that banks should be completely anonymous. The banks would have fines and need to meet high standards to keep doing business
We have lots of societal issues that are made worse with the internet being a wild west and founding logical arguments on the premise that it is insecure also has issues. If a website is so questionable it might leak, it probably shouldn’t be in common use
Cybersecurity: where defenders have to win every day and attackers only have to win once.
Anything like age verification should probably be handled with absolute minimum identifiable information (i.e. you’re older than X true / false) from an authoritative source like say the people who give out IDs (because if they’re broken into everyone’s screwed anyway). Instead OzGov has dumped it in the laps of the corpos, who will hoover up pictures of IDs or faces instead. As of a couple of days beforehand there’s still no actual information on these age verification protocols to my knowledge, very untransparent, very disturbing. Corpos being required to moderate their platforms would be good, this is not that.
Yeah and when your government is experiencing some troubles themselves the whole shit comes down. We’ve experienced a little downtime here for regional government and it lasted quite a while.
Centralisation introduces its own weaknesses. Additionally, at some point, we could address this by just having parents accountable in this specific use case.
Wtf do we need a technological solution to address parenting? This small subset thereof.
I’ll also add that, contrary to shop surveillance, parents have physical control of their kids devices to a large extent. And most OSes comes with features allowing parental controls. So yeah we have the tools for enforcing our accountability as parent on the internet.
I trust that parents are the first line of defence for those as well. Then education. Then store controls indeed but it doesn’t involve the mass surveillance implementation required for the web. And the risks are also absolutely not the same; physical check are not leading to increased risks of leakage. Or reuse for not necessarily compatible purposes. It’s also not systematic ; as soon as you vaguely looks out of your teens you’re never asked ID anymore for either…
Yeah, agreed that every government that makes decisions like this (I think porn restrictions and UK age verification has come up) should be offering a government API to tie into. Governments need to have this data to function and have the resources to handle this (but not a great track record).
I just don’t think essentially making the argument “there are all these problems but that’s the way it’s always been” gets us to a better future. And I think most improvements are iterative and need to start somewhere. I’m also not expecting this to be a slam dunk but I do think some countries need to try this and other tech company restrictions to find out what will make a better future.
Yeah, it was a bit ill thought out but I’d argue its more idealistically unrealistic
We could live in a world something along the lines of websites sending HTTPS certs based on users location with the cert granted by those governments and if you sell or store customers data then you need a security audit for the code.
That would obviously need tweaking and is a long way away from where the world is today, but a world where any website could be malicious is about as necessary as a country where walking into any restaurant has a probable chance of you being shot. A nice part of that analogy is that the main thing holding both together is strong trustworthy institutions. But the web is that way more from history rather than a deep technical issue that forces the internet to be that way. Also probably time, that sort of audit is probably prohibitively expensive, but that could be considered part of the true cost to society that we’re ignoring
The problem isnt the idea of preventing people under 16 from getting on social media, but how you enforce that.
The only real way is to make every user submit a government ID, which becomes a massive privacy AND security issue with how often every online service gets compromised or leaks user data
If a banks suddenly and frequently lost data on all their users people wouldn’t be screaming that banks should be completely anonymous. The banks would have fines and need to meet high standards to keep doing business
We have lots of societal issues that are made worse with the internet being a wild west and founding logical arguments on the premise that it is insecure also has issues. If a website is so questionable it might leak, it probably shouldn’t be in common use
Cybersecurity: where defenders have to win every day and attackers only have to win once.
Anything like age verification should probably be handled with absolute minimum identifiable information (i.e. you’re older than X true / false) from an authoritative source like say the people who give out IDs (because if they’re broken into everyone’s screwed anyway). Instead OzGov has dumped it in the laps of the corpos, who will hoover up pictures of IDs or faces instead. As of a couple of days beforehand there’s still no actual information on these age verification protocols to my knowledge, very untransparent, very disturbing. Corpos being required to moderate their platforms would be good, this is not that.
Ahh… thats not age verification. And yes verification is one of the hard parts with problems but this isn’t even an attempt at age verification
Oh, you’re not saying the user answers this question. You’re saying someone like the Department of Licensing does?
Pretty much that government API you mentioned, rather than the platform self regulating. Fox guarding the hen house and all…
Yeah and when your government is experiencing some troubles themselves the whole shit comes down. We’ve experienced a little downtime here for regional government and it lasted quite a while. Centralisation introduces its own weaknesses. Additionally, at some point, we could address this by just having parents accountable in this specific use case. Wtf do we need a technological solution to address parenting? This small subset thereof.
Exactly! Parents should be in charge of child not smoking or drinking! What sort of countries would also hold stores accountable… wait up…
I’ll also add that, contrary to shop surveillance, parents have physical control of their kids devices to a large extent. And most OSes comes with features allowing parental controls. So yeah we have the tools for enforcing our accountability as parent on the internet.
I trust that parents are the first line of defence for those as well. Then education. Then store controls indeed but it doesn’t involve the mass surveillance implementation required for the web. And the risks are also absolutely not the same; physical check are not leading to increased risks of leakage. Or reuse for not necessarily compatible purposes. It’s also not systematic ; as soon as you vaguely looks out of your teens you’re never asked ID anymore for either…
Yeah, agreed that every government that makes decisions like this (I think porn restrictions and UK age verification has come up) should be offering a government API to tie into. Governments need to have this data to function and have the resources to handle this (but not a great track record).
I just don’t think essentially making the argument “there are all these problems but that’s the way it’s always been” gets us to a better future. And I think most improvements are iterative and need to start somewhere. I’m also not expecting this to be a slam dunk but I do think some countries need to try this and other tech company restrictions to find out what will make a better future.
Tell me you know nothing about software without telling me you know nothing about software.
Yeah, it was a bit ill thought out but I’d argue its more idealistically unrealistic
We could live in a world something along the lines of websites sending HTTPS certs based on users location with the cert granted by those governments and if you sell or store customers data then you need a security audit for the code.
That would obviously need tweaking and is a long way away from where the world is today, but a world where any website could be malicious is about as necessary as a country where walking into any restaurant has a probable chance of you being shot. A nice part of that analogy is that the main thing holding both together is strong trustworthy institutions. But the web is that way more from history rather than a deep technical issue that forces the internet to be that way. Also probably time, that sort of audit is probably prohibitively expensive, but that could be considered part of the true cost to society that we’re ignoring
deleted by creator