1. Require device manufacturers to allow the device owner (which covers parents of minors' devices) to set policy for the device, including allow/blocklist for apps and sites, and allow/blocklists for content categories.
2. Require browsers to respect the device's policy for site allow/blocklist
3. Require browsers to set a certain header for allow/blocklist of content categories
4. Require websites to respect that header.
No need for age verification, no need for the government to decide what is/isn't allowed and for free you allow gamblers to prevent gambling content being shown to them etc.
---
This AZ law is frustrating because by targeting the app store it's actually taking a step towards my vision... but in a way that multiplies the harm of age verification instead of diminishing it.
It's not implemented like that because the true goal of these laws has nothing to do with protecting children or age verification, and instead have everything to do with completely eliminating anonymity/pseudo-anonymity online.
They want to ID everyone, and have all user generated content attributed to a known, identified individual.
I think it's mostly easy to identify anyone if you actually want to - if you buy anything online you are 100% identifiable for example.
Given the pros/cons in context, I think I'm in favor of it for social media, at least. I'd actually argue you would want to go further and you should have your full address, employer, and more available online. LinkedIn is a cesspool of awful salespeople, but you know what it's not? A massive Russian/Chinese/Maga disinformation site. Maybe you should think twice before saying something online you wouldn't say while standing in front of your house or at work.
Anonymity on social media has brought a lot of problems and I'm not sure what the benefits are. Some point to a small percentage of folks who would be "outed" but, given that the alternative seems to be an emerging dystopia of bots, malicious actors, propaganda, and more, maybe actual transparency is better even taking into account potential harmful effects.
I'm open-minded on this and see pros/cons either way. Though I think if you find yourself worried about this stuff you can just delete your accounts and move on with your life. Trust me you aren't missing out on anything.
Fortunately your opinion doesn’t trump the Constitution or settled law. Anonymous (or at least pseudonymous) speech has been a feature of American discourse since before the Revolution.
Without anonymity, you lose whistleblowers, effective criticism of the powerful from the weak, and “public interest” leaks like the Snowden revelations. You lose outlets where the abused can ask for help and advice in escaping bad situations. You lose any/all criticism of employers current and past; who wants to hire a complainer? You silence people who are afraid to give their opinion because of their employer or parent.
> Fortunately your opinion doesn’t trump the Constitution or settled law.
Neither does yours? This is a nonsense claim.
> Anonymous (or at least pseudonymous) speech has been a feature of American discourse since before the Revolution.
You're just cherry-picking which ideas you like from the founders or early America. Slavery was also a feature of the United States. Whether we had something in the past or not isn't necessarily a good enough argument to keep doing it.
> Without anonymity, you lose whistleblowers,
We can figure out other ways to have whistleblowers without social media.
> effective criticism of the powerful from the weak, and “public interest” leaks like the Snowden revelations.
Snowden, who is living in Russia.
> You lose outlets where the abused can ask for help and advice in escaping bad situations.
The only way to do this is on social media, anonymously? If so, we have a much bigger problem. An emergency, even.
> You lose any/all criticism of employers current and past; who wants to hire a complainer?
I complain about past employers all the time. I don't think you lose this.
> You silence people who are afraid to give their opinion because of their employer or parent.
I don't think so. And both left and right political blocks have gotten plenty of people fired, even those who post anonymously.
> Slavery was also a feature of the United States.
Yes, and it required a Constitutional amendment to remove it. You’re welcome to try and push through an amendment to limit free speech rights, but it won’t pass!
> We can figure out other ways to have whistleblowers without social media.
I doubt it! The media is mostly dead or coopted, and the powerful won’t willingly set up a system where you can rat them out.
> Snowden, who is living in Russia.
Yes, to avoid retaliation. Your point?
> The only way to do this is on social media, anonymously? If so, we have a much bigger problem. An emergency, even.
Good, you’re getting it.
> I complain about past employers all the time. I don't think you lose this.
The popularity of anonymous outlets for this shows that most people don’t share your opinion. It would have a chilling effect.
> I don't think so. And both left and right political blocks have gotten plenty of people fired, even those who post anonymously.
Thanks for making my point for me. It’s even easier to target people when they are not anonymous. A number of left and right wing commentators are having to pay for private security because of threats. The ones who successfully remain anonymous don’t have to do this.
> Yes, and it required a Constitutional amendment to remove it.
Yea but I can think of lots of other examples. You are missing the point.
> You’re welcome to try and push through an amendment to limit free speech rights, but it won’t pass!
I'm in favor of free speech so I wouldn't want to limit it.
> I doubt it! The media is mostly dead or coopted, and the powerful won’t willingly set up a system where you can rat them out.
Sounds like defeatism.
> Yes, to avoid retaliation. Your point?
He's not just there in Russia because of that. My point is he is either an actual traitor, or someone who was duped into doing what he did.
> Good, you’re getting it.
Haha I think you missed the point, but I can explain it for you. If you are relying on social media for these things, you have already screwed up. Regulating them one way or another is immaterial, because the dependency is a far greater problem.
> The popularity of anonymous outlets for this shows that most people don’t share your opinion. It would have a chilling effect.
I don't think it'll have a chilling effect. People publicly complain about their employers all the time using their real information. The popularity of something isn't an acceptable argument to me.
> Thanks for making my point for me. It’s even easier to target people when they are not anonymous. A number of left and right wing commentators are having to pay for private security because of threats. The ones who successfully remain anonymous don’t have to do this.
Maybe you shouldn't say things that result in you needing private security? It's no different than walking down the street yelling vulgar or offensive things. You might get punched. I see much more harm done by anonymous broadcasting here than I see benefits. Plus you are never truly anonymous on these platforms. Sure it's slightly more difficult for someone to identify you, but if you make enough people mad you will be identified and no amount of "anonymity" will save you. If the government itself wanted to identify you it can do so at the snap of a finger.
> Maybe you shouldn't say things that result in you needing private security? It's no different than walking down the street yelling vulgar or offensive things. You might get punched.
Maybe you shouldn’t have spoken up. Maybe you shouldn’t have walked down that street. Maybe you shouldn’t have worn that dress.
This is one of those things that sounds really nice and makes you feel morally good/superior, but it misses the point and the analogy fails. Speaking up, isn't offensive. Walking down a street, isn't propaganda. Wearing a dress, is your right as a person and it doesn't offend anyone. This isn't what's being discussed.
But, let's say you are right and we should maintain anonymity on social media platforms.
I don't think that kid who was wearing a t-shirt or sign or whatever supporting ICE should have been punched or face any consequences whatsoever. He should be free to exercise is right to free speech and/or protest, face no repercussions in public or private life, and when he goes home he should be allowed to hop on TikTok or Facebook or whatever, and post the most vile, hate-filled stuff he can think of, anonymously.
That's the world we live in today, and the status quo you are advocating that we maintain. Don't you think that warrants further discussion? I do.
I do agree that most people are able to be easily identified, and that anonymity has created problems, but people should be able to both use the internet and remain anonymous as without the anonymous or pseudonymous transmission of information a democracy can't function and makes it trivally easy for the state to further limit the rights of an individual
No it wouldn't. Accounts would be identified right so you would know that some account is a China bot farm or Russian military or whatever. And then when Jane down the street starts talking about the need to kill "insert group here" well you know who they are and you can go down and have a talking to them or tell their employer, or whatever. If you say crazy stuff maybe there should be repercussions. Today there are none. It has a moderating effect when there are consequences.
> And then when Jane down the street starts talking about the need to kill "insert group here" well you know who they are and you can go down and have a talking to them or tell their employer, or whatever.
This works the other way too. You tell others online "hey maybe we should stop killing X people" or maybe expose that X people are being killed without the public knowing and the people in favor of killing X people can and will ruin your life.
We in fact saw more of this happening in the past few years than the opposite.
That's just the messy fundamentals of democracy. I think it comes down to perception of what the threat is. I think groups like white nationalists, Antifa, pro-Hamas, pro-Russia, &c. are a much greater threat now than the potential downside of supposedly silencing people who "speak up".
How valuable is speaking up anyway? It's all good to argue when you see the positive case or the one you agree with, but do you also give sympathy to folks who are "speaking up" about white replacement theory or "speaking up" about avoiding COVID-19 vaccines, or other such nonsense?
> You're supporting a systematic chilling effect on free speech.
No I'm not.
~~~~~~
There's no point in free speech if the only free speech is from bots and propagandists. Social media platforms aren't free speech platforms either, you're subject to their terms and conditions.
> There's no point in free speech if the only free speech is from bots and propagandists. Social media platforms aren't free speech platforms either, you're subject to their terms and conditions.
You're absolving the social media companies of why they continue choosing to amplify bots and extremist content in one big "community", rather than working towards creating smaller communities that can have social trust and social regulation.
That is the core perverse incentive here that actually needs to be addressed, and by sidestepping that you're then going off into the weeds with some mistaken idea that we can approach the problem by purifying who can use such websites.
I think we should just ban social media companies. If you want to create a small community walk outside and create one with your neighbors.
> and by sidestepping that you're then going off into the weeds with some mistaken idea that we can approach the problem by purifying who can use such websites.
On the other hand we have what we have today, propagandists, bots, hatred, &c.
It's like you're complaining about potential problems, but ignoring the current problems happening today are those potential problems.
I am also not "going off into the weeds" because I'm just responding to the OP.
> I think we should just ban social media companies.
Sure, great! Go right ahead! I honestly think sec 230 was a mistake. Not in that I want to see it reversed so the fascists currently in power can use the dynamic as a club to go after speech they don't like. But rather that I think the Internet would have developed healthier without it, and what it has enabled.
> On the other hand we have what we have today, propagandists, bots, hatred, &c.
You seem to be pigeonholing all of the problems into one bag. "Hatred" does not go away with real-name policies.
> It's like you're complaining about potential problems, but ignoring the current problems happening today are those potential problems.
No, I am pointing out that you're approaching this from the wrong angle. The core dynamic of the Internet has always been "don't trust what you read on the Internet". The lack of needing permission to communicate is precisely what has enabled so much innovation. Defining context is the responsibility of higher layers.
What changed from that core dynamic? The social media companies showed up, took unvetted and unfiltered streams of content, and presented them to the public as trustworthy finished products. "We'll figure out a better system than naive voting later". Well later never came, did it? At least Slashdot tried.
Facebook relies on real names, creating lists of bona fide friends, and can (could?) show you only posts from friends-of-friends, right? How does this differ from what you're proposing? If you're seeing Facebook posts from bots, you've either friended bots or Facebook is responsible for showing them to you, right?
> Facebook relies on real names, creating lists of bona fide friends, and can (could?) show you only posts from friends-of-friends, right? How does this differ from what you're proposing? If you're seeing Facebook posts from bots, you've either friended bots or Facebook is responsible for showing them to you, right?
I think I am just more aligned with, for example, the French president on his criticisms: https://archive.ph/JMrd4 (archive link to avoid Bloomberg paywall)
"“Having no clue about how their algorithm is made, how it’s tested, trained and where it will guide you — the democratic consequences of this bias could be huge,” Macron said Wednesday in New Delhi. “Some of them claim to be in favor of free speech — OK, we are in favor of free algorithms — totally transparent,” Macron said. “Free speech is pure bullshit if nobody knows how you are guided to this so-called free speech, especially when it is guided from one hate speech to another.”
I think this idea that social media companies are free speech platforms or should be treated as such, is incorrect and it's leading to bad outcomes. They are product companies selling you an experience of "being connected" and engaging with them is a matter of terms of service, not exercising a constitutional right.
> Sure, great! Go right ahead! I honestly think sec 230 was a mistake.
I would but it's not up to me. I am not sure Section 230 was a mistake, at least in principle. But if you think Sec 230 was a mistake what would social media companies do in response? Verify you. Which the government has access to...
> I think this idea that social media companies are free speech platforms or should be treated as such, is incorrect and it's leading to bad outcomes. They are product companies selling you an experience of "being connected" and engaging with them is a matter of terms of service
Yes I wholeheartedly agree with Macron's quote, and basically agree with your interpretation of it. Maybe you can see we have some common ground here and re-read what I wrote before? My critique isn't trying to reject that there is a problem. Rather I'd say my critique is that your proposed solution is specious and will enable worse things
> not exercising a constitutional right
Except individual users are also exercising a constitutional right. That's the problem - users' main modern ways of partaking in their constitutional rights are being modulated by corporations!
(Just to be clear though, I think the legal system's current framing of the owners/workers of Facebook having a "constitutional right" to control users' speech is utterly disingenuous)
> if you think Sec 230 was a mistake what would social media companies do in response? Verify you
Now that the situation has been set up, maybe, and maybe users would stand for this. But verification wouldn't actually resolve their problem when Joe Judgementproof posts fascist hate, they'd become jointly responsible for publishing it. The point is that the moral hazard created by sec 230 is precisely what has allowed the centralized social media industry to grow to the point it has.
>The point is that the moral hazard created by sec 230 is precisely what has allowed the centralized social media industry to grow to the point it has.
That's exactly the opposite of what Section 230 has done.
Section 230 doesn't stop anyone from suing folks who defame or otherwise break the law. Rather, it specifies that those who say such things are the proper target, not the platforms that host such third-party speech.
And that's the important point. Section 230 covers third-party speech. Because litigation is expensive. As such, it mostly protects the little guy who doesn't have the resources to fight tens, hundreds or thousands of lawsuits because some folks don't like the restaurant/movie reviews or opinions about the quality of book plots or political speech or the Epstein Files or a myriad of other things that folks don't like and wish people would shut up about.
Nothing stops an aggrieved part from suing an individual for the things that individual says. But Section 230 says you can't sue the platform (say the website, Matrix or XMPP server you personally host) for the speech of a third-party who uses that platform.
In the absence of Section 230, huge, deep-pocketed companies like Facebook, Google, Twitter, et. al can pay for legions of lawyers to fight such lawsuits.
Do you have such deep pockets? Not all Internet content exists on those huge, deep-pocketed platforms. Many useful and interesting sites hosted by individuals or small businesses exist, but would be put out of business in a week if Section 230 didn't exist.
Getting rid of Section 230 would only cement the huge platforms' dominance and make them more unaccountable and powerful. Is that your goal? Not saying it is, but it's important to think through the impact of Section 230 beyond the (false and misleading) pronouncements of those who want to control you, your speech and the means of disseminating that speech.
I agree that removing section 230 today would have an even more centralizing effect. We've already got huge tech companies that would happily shoulder such liability, and lots of small sites that would find themselves in an uncomfortable position.
My point was that if we never had section 230 to begin with, then we would have kept the strong incentive against setting up sites revolving around centralizing speech in the first place. There would have been more emphasis on protocols, and keeping communication under the control of the person speaking.
>My point was that if we never had section 230 to begin with, then we would have kept the strong incentive against setting up sites revolving around centralizing speech in the first place.
Where did you get that idea? Section 230 never provided any preference or privilege to large organizations over small ones.
In fact, it did exactly the opposite for reasons I discussed. You say that without Section 230:
...lots of small sites that would find themselves in an uncomfortable
position.
That doesn't even come close to covering it. Without Section 230, your aunt would take down her knitting pattern discussion website/chat room/mailing list/whatever within half a day, with whoever it was posting something objectionable (or just off topic) and when your aunt deletes it, file a lawsuit claiming censorship.
How long is your aunt going to keep the completely free and volunteer site up when she has to pay lawyers $5-10K every week? And if she doesn't delete it, continue to flood the site with garbage until it's unusable, turning a knitting discussion site into 4/8chan.
All while doing nothing to stop the big boys from creating a dystopian hellhole because they have legions of lawyers on staff.
In fact, without Section 230, $BigCorp and/or other bad actors wouldn't even need to buy out their competition or wage costly efforts to destroy them, just post oceans of objectionable/off topic stuff, sue if it's taken down or wait for it to go under because its awash in garbage they posted there to make it unusable.
If we never had, or got rid of Section 230, your preferred candidate or issue advocacy group could trivially be taken down through these tactics, stifling free expression. Think fake DMCA take downs, but without recourse except through $500/hour lawyers and the courts.
Not sure where you got the idea that Section 230 ever was some sort of "giveaway" to big companies to encourage centralization. It was not, and even today it primarily protects the little guy, just as it did 30 years ago.
Do you have your mind made up and no amount of actual evidence will change it?
> Without Section 230, your aunt would take down her knitting pattern discussion website/chat room/mailing list/whatever within half a day, with whoever it was posting something objectionable (or just off topic) and when your aunt deletes it, file a lawsuit claiming censorship.
I don't want "my aunt" to be running a knitting pattern discussion website. I want "my aunt" to only be publishing/hosting what she herself writes, while her discussion partners each publish/host what they themselves write. I then want all of these messages stitched together to form a cohesive presentation on each person's computer, by software that represents their interests.
There was the better part of the decade after the CDA passed that the tech community was still focused on protocols that worked this way. Section 230 immunity made sites that centralized user content feasible rather than legally radioactive. Centralized sites then took off because they were easier to develop, and investment-wise they caused Metcalfe's law power to accrue to the entity running the site rather than to an abstract protocol.
I do agree that in the current context, there is a strong path dependence here - neutering section 230 would not cause the clock to rewind. And the present political push is from a movement that wants to control speech even harder than corpos already currently do. I'm talking about what could have been.
The chilling effect you’re supporting leads exactly to thriving of bots and propagandists while suppressing dissenting voices of regular people. Just look at any country where it is already fully or partially implemented.
>This is the current state, today, with anonymity.
whatever the current state, removing anonymity will remove dissenting voices of regular people.
> Which ones?
Russia for example. The sites where verification is implemented has become pro-government bot cesspools.
Here you mentioned LinkedIn - it is where pro-Russian propaganda runs free (especially if compare to for example HN where people freely respond to it), and it is exactly where my even pretty mild response to it got me almost banned, and so I don’t engage it there anymore.
I wonder how do you square your de-anonymity of speech position with anonymity of voting, or do also think that voting should not be anonymous?
> whatever the current state, removing anonymity will remove dissenting voices of regular people.
I don't think so. It may moderate them, which given our political environment is likely to be a good thing.
> Here you mentioned LinkedIn - it is where pro-Russian propaganda runs free (especially if compare to for example HN where people freely respond to it), and it is exactly where my even pretty mild response to it got me almost banned, and so I don’t engage it there anymore.
Well I don't know what the specific example is. I've seen pro/anti all sorts of things on LinkedIn and when I do I unfollow or find another way to hide the content. But it's also not super engaging. Why is that? Because, well, firstly LinkedIn is a heaping pile of garbage, but also because money, careers, and more are at stake. If you find a pro/anti anything post and start saying really crazy stuff, yea someone might tell your employer about it. How LinkedIn moderates its discussions I think is a separate issue, and, frankly, is yet another demonstration that these platforms are simply not "free speech" and using them means you agree to the terms of service which allows them to moderate how they see fit.
When folks complain about these algorithms or the wrong group buying their favorite platform, there is a very easy and simple solution which is to just stop using them and delete your account. Then, nobody is policing your speech.
> I wonder how do you square your de-anonymity of speech position with anonymity of voting, or do also think that voting should not be anonymous?
I think voting should be anonymous, but you should have identification for voting issued by the state. It's an exercise of your constitutional right, and there are plenty of mechanical and morally good reasons for it. Yelling the most obscene shit imaginable on TikTok is not even in the same ballpark and is not exercising a Constitutional right.
The problem is that we'd all blocklist advertisers and then they'd all cry. It's like how most mobile distros don't allow you to control relative app volume - if it might hurt ad bucks it can't be allowed.
The ad industry underwrites the consumer tech market. That's why you can buy a SmartTV for like 100 bucks (or whatever, I haven't bought a tv in like 10 years knock-on-wood).
My plan to buy a TV is to get one that can be kept offline, or one that can be made able to stay offline through flashing or dismantling into its very core elements.
Dismantling it would probably ensure it's ugly af, but maybe if you try to go for one of those TV-in-a-frame things it might not look hideous.
Not sure how common it is now, but based on repair manuals my TV's wifi is provided by a standard m.2 wifi module and can be trivially removed. That wouldn't stop them from changing the TV's OS to nag or otherwise disable itself afterwards but the hardware change is about as trivial as it could be.
Now why the disable wifi option isn't available on the TV when it appears in the user manual is another matter...
Or you can either do what I do and buy an old TV. I have a nearly 20 year old plasma that looks great and isn't gonna listen in on me. If you absolutely need a higher resolution than 1080p or need an OLED display, you can buy them as "digital signage" (though, usually with a pretty high markup)
All the people with money would lobby against content categories because then large mixed category sites like Reddit or Twitter would have to either separate their app, or have the ability to send additional content headers based on content tags per piece of content.
Legally, since pornography still doesn't have a true definition in the US, someone would have to define the categories as well, and then the hundred million free speech fights would begin.
Your vision is the correct one, in my opinion, "adult content" headers would be an easy lift for web technology. But the ad agencies and information agencies (often the same) are spending all of the money to make sure nothing like that happens.
I've seen numerous apps that do already provide content categories without separating apps. NSFW/SFW is the most common, but I've also seen ones that allow you to opt-out of gambling or alcohol ads.
Heck no - I own a Samsung purely to continue to have access to Sound Assistant (to enable individual app volume control without rooting my device).
I just want everyone to be clear on why it isn't happening.
This is also the same reason why early versions of Android had incredibly fine-grained permission controls that was stripped out... can't have users blocking inter-app marketing key coordination after all.
They’ve proven themselves to be bad actors with no moral compass. No different than street drug dealers, casinos, traffickers, or any other predatory industry. They should’ve regulated as such.
I don’t have any problem with old-timey “Dishsoap Brand Dishsoap sponsored this content. They want you to know that a dish isn’t clean unless it’s Dishsoap clean!” Type ads. Much beyond that should no longer be tolerated.
> I don’t have any problem with old-timey “Dishsoap Brand Dishsoap sponsored this content. They want you to know that a dish isn’t clean unless it’s Dishsoap clean!” Type ads. Much beyond that should no longer be tolerated.
I think the only advertising I've knowingly listened to was a Privacy.com sponsorship on The Modern Rogue. Now been a paying customer for years and they have been mostly great. I think that sponsorship was back in, like, 2015 or 2016. Oh how times have changed.
(I'm sure there are thousands of subconscious influences that I have no idea about, though. Maybe a few radio ads put a brand in my mind for something so I didn't search for alternatives. I don't listen to broadcast radio anymore though.)
I think it's a great proposal if we add a slight alteration. Rather than requiring parents to maintain block/allow lists, the OS should allow the parent to lock in a birth-date, and that birth-date is used by the system to generate a user-age header, from there, websites can be legally required to respect the header and maintain whatever restrictions correspond to the applicable laws. This gives sites the ability to dynamically adapt to users, changing features and laws, as well as remove the burden from the parents of having to determine which sites are safe and not.
I'd really like to steer away from age entirely. This requires that we have universal rules about what content is appropriate for what age, which I don't think is necessary. For kids, why not let parents decide. And why not also use this infrastructure for adults. NSFW buttons are so common that it's clearly something that adults want too.
Second, all ISPs could offer in their basic service something like DNS4EU modes, just like they offered email and web space decades ago (optional, nobody was forced to use them).
Parents would only need to configure the account to "child". Laws could force companies to properly tag their pages and sites. And privacy would be preserved.
Instead we have to keep on fighting the Crypto Wars. The childs are just a decoy, the target is destroying basic rights.
This sounds more like the most reasonable solution.
Part of me has wondered if there could be a PAC that focuses on pushing for issues that "both sides" can agree on to politicians from both sides. The big thing is it has to be problems both sides agree are problems, and both sides agree on the solutions. The only problem I see is that there's an insane amount of contrarianism from both sides. I have seen both sides of the political aisle flip flop on issues because one side chose one solution this time around.
There are plenty of states including the one I live in where you are required to verify your age to visit porn sites.
If you add up all of the sites that are not hosted in the US and combine them with all of the sites that you can get around the age verification just by using a VPN, would you be surprised if I told you that the total is 100% with most just ignoring the law?
The goal of these laws isn't to protect children, they just want to further surveillance and control of the population. While there are better ways to handle the "think of the children" concerns being invoked to justify these kinds of laws none of them would satisfy the legislators pushing them.
i'm surprised to see this suggestion highly upvoted, because this is the solution that usually makes hacker news the angriest.
in reality this cannot be just a simple plain text header. that's way too easily forged and will not satisfy any of the parties pushing for age verification. the "device verifies your age" model means hardware attestation, so the source of that age verification can sign a cryptographically secure promise that the device software has not been modified in a way that would allow this header to be forged.
the app stores might be a less than ideal place to implement age verification, but it lets regulators sidestep all the messy issues around a distinction between device owner and device user.
I'm advocating for services being made to respect what the device owners decide, not that devices be made to request what the services decide.
Of course, you are probably correct about the political infeasability of what I want, and are correct that this can get twisted into the exact opposite of what a just law would do.
The biggest issue is, of course, (4) - how do you plan on enforcing that for sites that don't run out of your country of residence? Implicitly restrict access to only those sites in said country?
You don't enforce that, the owner (or the owner's parents, etc) of the device set that policy. MDMs can all already do this, there just needs to be a more user-friendly/consumer focused MDM to allow parents to control their kids devices. Just have it warn "Out of country sites may not follow your device policy, do you want to block them (Y/n)?"
Same way the US enforces any internet foreign policy. Make the credit card companies cut them off,make advertisers cut them off. US controls most of the ways they could make money.
Who said it’s about children?! It’s about mass surveillance and building the proper infrastructure using your tax money, both digitally and legally to expand it later with ease. They start usually in a “test bed” states (like Arizona) or countries (like Australia) and evaluate, before fully implementing it.
You've still got it a bit backwards. Websites should be the ones publishing content suitability headers. Those headers are then legally-significant assertions about the content on the site - the type of content, age/moderation policies, etc. Browsers then implement the device's configured policy based on what headers the site returns.
This requires locked down computing on the end device, but all of these proposals inherently do - otherwise a kid can always just install whatever software that sidesteps the restrictions, right? And leaving the responsibility on the device owners/makers only motivates secure boot, which is already pervasive on the most relevant devices - phones and tablets.
Your proposal puts liability directly onto websites themselves, regardless of the end user/device. This would push websites into demanding remote attestation, which is at the early days of being pushed (safetynet, wei, etc), and is the thing that is really primed to destroy general purpose computing. You know all those "verifying your device" followed by endless CAPTCHAs that are everywhere these days? Imagine that, on every site, and no way to get around it besides installing a genuine copy of either Windows 2028 or macOS 28 Pyongyang.
> Require browsers to respect the device's policy for site allow/blocklist
But then HN would still riot, because you would need to require all apps to be approved by a central authority (no unauthorized browsers) OR you need to lock down browser engines to those that respect the list somehow (maybe by killing JIT, limiting network connections).
I've learned long ago, as have politicians, there is zero solution that makes tech people happy... so move forward anyway, they'll always complain, you'll always complain, there is no tolerable solution but the status quo, which is also untenable.
> But then HN would still riot, because you would need to require all apps to be approved by a central authority (no unauthorized browsers) OR you need to lock down browser engines to those that respect the list somehow (maybe by killing JIT, limiting network connections).
The owner of a device could prevent the installation of third-party apps or app stores. That does not require having central approval.
> But then HN would still riot, because you would need to require all apps to be approved by a central authority (no unauthorized browsers) OR you need to lock down browser engines to those that respect the list somehow (maybe by killing JIT, limiting network connections).
I don't think you need to do that. You can pass a law without creating a technical mechanism that automatically enforces the law. The law doesn't even need to be perfect.
So what if you can still patch a browser yourself. Kids can steal cigarettes but laws against selling cigarettes to kids are still broadly effective.
So what if its technically possible for a vendor to ship a violating browser. Go after violaters with the legal system, not with the OS.
So what if there's a foreign vendor with a violating browser out of the reach of the law. You'd still have made the ecosystem vastly better even if there's gaps and loopholes.
Right, I assure you that no kid who wants to smoke weed or cigarette have any trouble finding it and isn’t saying “I was going to smoke weed/cigarettes but since it’s illegal, I guess I won’t”.
See also in the 1980s Nancy Reagan: “Don’t sniff glue to get high”, Kids: “You can sniff glue and get high!”
Funny that you understand what the problem would be, then you still insist that the authoritarian approach is the correct one. I’m sure people like you would gladly goose step into a 100% locked down surveillance hellscape, but the rest of us will keep working to ensure that this future never happens.
This is a bait-and-switch that will be used to roll in an internet ID for all people. I believe this is why M$ is trying to force people to log in to their local machines with a microsoft account.
I have been terminally online since the age of 7 and this would probably make me shut everything down and go outside. Maybe that'd be good for society, but I suspect most people will just shrug and go along with it.
Conceptually it’s difficult to explain to most people why this would not benefit them.
Like, I don’t maintain the delusion that I can’t be precisely identified by the apps I use. I just am vehemently opposed to it being tied to my government issued identity, which could be arbitrarily revoked and controlled by people who dont have pure profit as their motive. A lot of people probably find that overly paranoid.
I'm much more convinced Microsoft wants to do stuff like sell cloud subscriptions at the click of a button in the desktop than Microsoft gives a crap about those subscriptions being tied to a consistent account ID. The latter certainly sounds evil, but not in a way that particularly helps Microsoft over their competitors.
Uncle Bob probably would probably need to do a decent amount of work to figure out how to purchase a OneDrive subscription from having no account, particularly if they think "I've already got an account - that's how I log in!". If the PC forces Bob to walk through creating a cloud Microsoft account before he even sees the desktop then the only step remaining is to click to OneDrive (or whatever) sales notification and enter a credit card so his "important personal files stay backed up" (or however they pitch the service in the notifications).
> I'm much more convinced Microsoft wants to do stuff like sell cloud subscriptions at the click of a button in the desktop than Microsoft gives a crap about those subscriptions being tied to a consistent account ID. The latter certainly sounds evil, but not in a way that particularly helps Microsoft over their competitors.
Bless your cotton socks, you had it in the first part MS wants to sell stuff, but then you failed to realise that by tying people to a consistent account ID builds a profiling on them that lets MS serve targeted advertisements, through Edge.
Edge (and the entirety of ad tech for the last few decades) does this today without needing a Microsoft account at all, let alone your real legal identity.
In that case, we should build a new internet designed specifically to prevent this kind of behaviour and the slopification of the current internet. Let HTTP rot and build something a little less spartan than gemini but still resistant to slop. If anyone has the resources, my current idea is a p2p protocol for sharing some kind of markup that can do minimal styling and a client that doesn't need some kind of scripting language to do things like use buttons
http isn't the internet. al gore created a series of tubes, and other folks built protocols to share information through those tubes. http is one protocol
Serious question: why can't Meta, Google, and friends just decide not to serve Arizona? I get logistically it would be tough, but if they built that capability, they would have a very robust lever to pull anytime a government pulls this schtick.
I would imagine the backlash from the people would fix this pretty quickly.
This seems like one of those "the enemy of my enemy is my friend" situations. I'd fully support big tech saying, "Alright Arizona. Build your own technical infrastructure."
And letting the fools in government who don't understand how the world works figure it out the hard way.
What am I missing? (beyond perhaps being overly optimistic!)
I don't think Google considers such legislation to be their enemy. It would effectively kill F-Droid and other third-party app distribution methods, and would fully lock them in a place of high power over their platforms and pull the ladder up beneath them, and nobody would be able to blame Google for it. I mean, why would anybody submit their ID to a brand new unproven app store? Seems quite risky, better to just use Google Play
Laws as such favor big tech more than others, despite their proponent often selling them as "anti big tech." Big tech has more resource to comply with the said regulations than, say, some teenager with a Minecraft server in his basement. Big tech can also absorb the downsides of identity verification — if your choice is between giving out your ID or losing access to your entire gmail account forever, I imagine 95% of the people will just cave. So big tech does not lose much from complying either.
If big tech just withdraw from any market that tries to stop them, the logical conclusion is for these markets to seek alternative products. This gives the alternatives the investment and network effect they need to become more capable competitors of existing big tech products.
Not a good idea to enourage that sort of behavior though, because the same tools can embolden them and can be used to pull out of say California if it pushes for a strong pro consumer legislations.
Corporations don’t act on the moral principles regardless of what their PR/marketing department says. It is ultimately decided on how laws affect their bottomline.
They wouldn't pull out of California. It's 1/5 of the US economy and would leave a gaping opening for a competitor to gain a stronger foothold there. You're right it's about money not principles but that's exactly why the threat would be empty. They'd probably lobby congress to try and make it illegal for the states to enact the protection and do some performative annoyances instead.
They might try to make an example out of a smaller state, but since they aren't selling food or fuel or heart pills it isn't like the state is going to collapse without access to Meta properties.
Big tech are going to be the ones selling the verified ID solutions and the laws are going to effectively make it mandatory. There’s a potential future where we’ll all be paying for a subscription to a verified ID system that we don’t want.
Big tech is probably lobbying for it behind our backs.
what would those companies do with the infrastructure in AZ? serve clients in other states? I imagine the AZ legislature would have some levers they could pull to make those existing datacenters less effective or more costly to run.
Also because the companies are beholden to shareholders and their financial best interest. cutting off millions of clients to make a political statement is not in the companies best financial interest and would likely result in a shareholder lawsuit.
These companies can't just pull out of a state like Arizona very easily even if they wanted to. Many of the major tech players have a presence in Tempe or Scottsdale- not to mention the defense work that happens throughout the state. AZ is no California but it's silly to act like it's an economy tech is ready or able to easily write off.
Exactly, this will just lead to regulatory capture, where only the big platforms thrive and they are periodically “nudged” to push government supported viewpoints, like what happened to TikTok.
>Serious question: why can't Meta, Google, and friends just decide not to serve Arizona?
I'll answer your serious question with one of my own. What incentive would Meta, Google and friends have to "decide not to serve Arizona"?
What is the business model of these companies? To make you view ads and charge advertisers more for "targeted" ads. Having age (which ends up being ID) verification gives them more tools to "target" ads and thus can charge more for the ad space they sell.
I'd say that these folks would be among the last to fight against something like this.
And so I'll reiterate my question: What incentives do these corporations have for opposing such legislation?
I'd say zero. In fact, I'd argue that their business models incentivize them to support such legislation.
As wealth inequality and corruption based economic policies push people further and further into a corner the state will have a greater need to identify any nascent organization of political movements that threaten the status quo earlier so these can be strangled in their cribs.
As I recently observed [1], there is a lot more of this sort of coordination than people realize. I personally know of about three groups trying to get some cross-state initiatives implemented at the state level, and I'm not even particularly looking for such things.
It is not a coincidence. It means there is some organization out there pushing these. In general, "organization" here applies very broadly; there are some cases where it pretty much is just more-or-less normal people who organize to get something done. I wouldn't expect this particular thing is that for a second, of course. I'm just saying in general the term applies broadly. Someone is organized and trying to push this.
The rise of anti-Establishment politics led the Establishment to strike back, and they play for keeps.
That said I still expect mandatory age verification/ID for the internet to fail legal challenges in the US as there is broad precedent for both anonymous speech rights and children’s speech rights under the first amendment.
The anti-Establishment people that were only anti-Establishment until they had power, then they are very much pro-Establishment.
The writing has been on the wall for years with a desire among states to identify individuals using the internet. Whether or not we will continue to win the fight against it is up in the air.
Back in August SCOTUS declined to enjoin a similar law in Mississippi but for procedural reasons, and Kavanaugh wrote as part of the denial that he believed the law was probably unconstitutional. That makes me optimistic for the us on this matter tbh.
While this particular bill is all R sponsors, current censorship efforts are bipartisan inside the US and even international in scope. The one ray of hope is that left and right can’t agree on what should be censored or how, or even what constitutes “censorship.”
IMO when both-sides-ing a debate, it would be helpful to provide more specific examples to support the claim. Especially when your first few words acknowledge the apparent one-sided nature.
If you need examples for left wing censorship in the US: the federal government (primarily through CISA) worked for years through NGOs to pressure companies on moderation policy, going so far as to suggest particular accounts or individuals needed scrutiny. California is currently suing several website operators for offering blueprints for 3D printed guns. A few blue states are experimenting with hate speech bills again (typically focused on islamophobia or antisemitism), although they will likely face a successful 1A challenge if they pass.
Both Ds and Rs have been attacking Section 230; Mark Kelly wants to strip those protections when sites “amplify content that caused harm.” KOSA is a looming bipartisan threat.
Left radicals are as virulently against free speech as those on the right, often calling for allies to “shut down” or even physically harm opponents.
If you are left wing, you probably don’t think some of these are censorship, others do, that’s why I said it was a good thing that left and right disagree with each other here. In many ways they cancel each other out, although they do a lot of damage to free speech along the way.
It’s also true that currently in the US the primary threat comes from the right, as a consequence of the right being in power. Internationally it is reversed.
You weren’t around when Tipper Gore was raising the alarm about Ice T’s “Cop Killer” (now “ICE Killer” since he has been playing a cop on TV for a quarter century) or NWA and “F%%% the Police”
which 'wing' cheered loudly when every platform openly suppressed their political opponents during the last decade, and frothed in impotent rage when one of those platforms unexpectedly changed hands and ceased the censorship?
somehow, censorship is only bad when the wrong side does it. when the correct side does it, it's justified and necessary for your democracies to survive.
I sometimes wonder how serious these sorts of sentiments are. Like, when you claim something easily disproven and openly partisan, do you know that and do it anyway, or is your internal dialog one of righteous outrage?
for example, go ahead and easily disprove that Twitter, Google, and Facebook had banned the sitting president of the United States in January 2021, simultaneously and voluntarily.
So a couple platforms banning one guy from continuing to attempt an insurrection of the federal government counts as suppressing your political opponents?
Would you assert that politicians are by definition untouchable, no matter what they do? Literally. I know your man bragged about this, but was he joking or not?
I think it's questionable whether the censorship has ceased. It's just done less transparently and blamed on "the algorithm". There's an article about it now on the front page of HN.
Not disagreeing with the need of a reminder that there was censorship from the left though.
The days you move between categories can establish your birthdate, which is a lot of bits if you are doing this on an individual level (basically it's a great start at a supercookie).
It's good to take note of who exactly is pushing (and/or being bribed to push) the crazy. In the case of this monstrosity you can thank:
Rep. Michael Way [R]
Rep. Leo Biasiucci [R]
Rep. Selina Bliss [R]
Rep. Michael Carbone [R]
Rep. Neal Carter [R]
Rep. Lupe Diaz [R]
Rep. Lisa Fink [R]
Rep. Matt Gress [R]
Rep. Chris Lopez [R]
Rep. David Marshall [R]
Rep. Quang Nguyen [R]
Rep. James Taylor [R]
Could the unwritten motivation be to kill some of the internet and boost sales at local brick and mortar stores? trying to think like a state government critter... Privacy risks aside, people are averse to added friction.
Since I'm in AZ, I had to look about the sponsor. Here's what Michael Way has on his campaign website :
"Michael is NOT a politician. He has spent his career in business, not government. We need bold, conservative outsiders to shake up business-as-usual."
See https://en.wikipedia.org/wiki/Social_media_age_verification_... for a full picture of US states age verification laws, states in the article include:
Arkansas
California
Florida
Georgia
Louisiana
Mississippi
Nebraska
New York
Ohio
Tennessee
Texas
Utah
Shareholders happened and decided there was money in it, and now the government is using their failures and the irresponsibility of parents for mass surveillance
Can children buy guns in AZ? Look, I don't have an opinion here one way or the other, this almost certainly won't pass, but please at least try to argue in good faith.
Adults can buy a gun with no ID, no problem in AZ, fully legal. If you prefer that comparison, to an adult being carded to buy an app. I do feel I was making a good faith comment here.
--------- re: below due to throttling ---------------
>Adults can sell each other property with no ID and without the state getting involved, who knew.
Yes and it's legal. Should be for apps too. Headline says all apps.
--------------------------------------
>Is it legal to sell a gun to a child in Arizona? Or do you responsible for age verification? You continue to argue in bad faith.
It is legal to sell a gun to an adult in AZ without carding them and without doing "age verification" as described in the article. In comparison, this bill appears to make it illegal to sell an app to an adult without doing "age verification" as they've described. My comparison here is in good faith.
------------------------------------
>How do they pass the federal background check?
Easy, meet in parking lot, pay cash, buy gun, no background check needed and fully legal.
Yes private sales have no background check, obviously I was referring to the "correct" case since that is part of "all" sales and the headline here is "all" apps. Why would I be referring to the incorrect case?
If you want to force a condition in which I'm wrong, in bad faith, then I can play that fuck fuck game with you too. I can walk into a "regulated" store and buy a perfectly functional and accurate 1889 Schmidt–Rubin bolt action cartridge rifle with absolutely no background check no ID -- so *ha ha ha you are incorrect!*.
If you want to go down the bad faith rabbit hole I can play that fuck fuck game with you, then yes Midway USA will literally sell a gun to basically any child in the country in the country in two boxes, the first as a black powder revolver and the second as a cartridge replacement cylinder. Once both boxes are in proximity it legally becomes constructive possession of a firearm.
Of course in some states (I think North Dakota is one) there is no restriction on transferring a gun privately to a minor. So yeah in North Dakota you can straight up sell a gun to a kid.
But what I was referring to was that adults don't have to be carded or have age verification in AZ to privately buy a gun, not that it is legal to sell a gun to a child.
This whole pile of bullshit is just to end anonymity. Decentralizing things, including finances seems like the only real path forward to keep the world sane.
It's clear these "age verification" bills will just keep coming and it's a losing battle to try and oppose each individually.
Instead (or rather in addition to) activism we should go at it from the other end and request the introduction of a verifiably independent authority and zero knowledge protocol that will deliver a cryptographically secure boolean bit (isOver18) with no way to correlate from either end the ID or which website the bit is used for.
The alternative is IDs get collected by all these horrendous privacy fiends and sold / leaked / monetized across the board, which sounds like a dystopian nightmare.
Solutions based on zero-knowledge-proofs would solve the privacy aspect at the massive cost of killing general purpose computing as we know it today, by mandating the use of remote device attestation (as that is the only way to guarantee an otherwise fully anonymous token is not being sniffed and passed onto someone else). That would be in my opinion significantly more dystopian than every service having a copy of my ID, as it would lay the groundwork for corporations and governments to be able to dictate what you can and cannot do exactly with any internet-connected device.
It's not hard for instance to imagine that once every computing device available to the general public is locked down and cannot be jailbroken without also losing the ability to log into any online service, a law would be introduced requiring client-side scanning of all files to check for CSAM, evidence of political dissent or even just plain old movie piracy. The technology to implement this exists (see what Apple tried to do a few years ago) and the exact same legislation is currently being pushed in the 3D printing space, so these fears are not unfounded.
In the farthest along systems, such as the one the EU has been working on for a few years and is now field testing, you only need to have one secure device to store your digital ID, which in the first version will be a smart phone. If you want to use a site that requires proof of age from some other device like a desktop computer or a public computer in a library you can do the age verification on your phone.
I'm not an expert in this area, but I thought blockchain and things like zk-SNARKs solved this.
I agree that if remote device attestation comes bundled in, it's worse overall.
But are we just SOL then? How long before Cloudflare integrates, and then ISPs? What is left of the internet? Are we all going to run pirate LoRa nodes and other such things to get some free (as in freedom) internet?
> Are we all going to run pirate LoRa nodes and other such things to get some free (as in freedom) internet?
I will, if it comes down to it. I wouldn’t love to return to the 1980s with pirate BBSes and floppynet, but I already lived through it and survived. There would be a certain romance to it, like old hacker movies, maybe it would even make cyberpunk cool again.
(To be clear, it would still suck and we should fight this. But even if we lose a battle, the war is eternal.)
I would propose a variant of RFC 3514, where adult-related packets have a specified bit in the IP header. Simpler and you can filter it at the firewall.
In my ideal world a law would:
1. Require device manufacturers to allow the device owner (which covers parents of minors' devices) to set policy for the device, including allow/blocklist for apps and sites, and allow/blocklists for content categories.
2. Require browsers to respect the device's policy for site allow/blocklist
3. Require browsers to set a certain header for allow/blocklist of content categories
4. Require websites to respect that header.
No need for age verification, no need for the government to decide what is/isn't allowed and for free you allow gamblers to prevent gambling content being shown to them etc.
---
This AZ law is frustrating because by targeting the app store it's actually taking a step towards my vision... but in a way that multiplies the harm of age verification instead of diminishing it.
It's not implemented like that because the true goal of these laws has nothing to do with protecting children or age verification, and instead have everything to do with completely eliminating anonymity/pseudo-anonymity online.
They want to ID everyone, and have all user generated content attributed to a known, identified individual.
I think it's mostly easy to identify anyone if you actually want to - if you buy anything online you are 100% identifiable for example.
Given the pros/cons in context, I think I'm in favor of it for social media, at least. I'd actually argue you would want to go further and you should have your full address, employer, and more available online. LinkedIn is a cesspool of awful salespeople, but you know what it's not? A massive Russian/Chinese/Maga disinformation site. Maybe you should think twice before saying something online you wouldn't say while standing in front of your house or at work.
Anonymity on social media has brought a lot of problems and I'm not sure what the benefits are. Some point to a small percentage of folks who would be "outed" but, given that the alternative seems to be an emerging dystopia of bots, malicious actors, propaganda, and more, maybe actual transparency is better even taking into account potential harmful effects.
I'm open-minded on this and see pros/cons either way. Though I think if you find yourself worried about this stuff you can just delete your accounts and move on with your life. Trust me you aren't missing out on anything.
Fortunately your opinion doesn’t trump the Constitution or settled law. Anonymous (or at least pseudonymous) speech has been a feature of American discourse since before the Revolution.
Without anonymity, you lose whistleblowers, effective criticism of the powerful from the weak, and “public interest” leaks like the Snowden revelations. You lose outlets where the abused can ask for help and advice in escaping bad situations. You lose any/all criticism of employers current and past; who wants to hire a complainer? You silence people who are afraid to give their opinion because of their employer or parent.
So no thanks.
> Fortunately your opinion doesn’t trump the Constitution or settled law.
Neither does yours? This is a nonsense claim.
> Anonymous (or at least pseudonymous) speech has been a feature of American discourse since before the Revolution.
You're just cherry-picking which ideas you like from the founders or early America. Slavery was also a feature of the United States. Whether we had something in the past or not isn't necessarily a good enough argument to keep doing it.
> Without anonymity, you lose whistleblowers,
We can figure out other ways to have whistleblowers without social media.
> effective criticism of the powerful from the weak, and “public interest” leaks like the Snowden revelations.
Snowden, who is living in Russia.
> You lose outlets where the abused can ask for help and advice in escaping bad situations.
The only way to do this is on social media, anonymously? If so, we have a much bigger problem. An emergency, even.
> You lose any/all criticism of employers current and past; who wants to hire a complainer?
I complain about past employers all the time. I don't think you lose this.
> You silence people who are afraid to give their opinion because of their employer or parent.
I don't think so. And both left and right political blocks have gotten plenty of people fired, even those who post anonymously.
> Slavery was also a feature of the United States.
Yes, and it required a Constitutional amendment to remove it. You’re welcome to try and push through an amendment to limit free speech rights, but it won’t pass!
> We can figure out other ways to have whistleblowers without social media.
I doubt it! The media is mostly dead or coopted, and the powerful won’t willingly set up a system where you can rat them out.
> Snowden, who is living in Russia.
Yes, to avoid retaliation. Your point?
> The only way to do this is on social media, anonymously? If so, we have a much bigger problem. An emergency, even.
Good, you’re getting it.
> I complain about past employers all the time. I don't think you lose this.
The popularity of anonymous outlets for this shows that most people don’t share your opinion. It would have a chilling effect.
> I don't think so. And both left and right political blocks have gotten plenty of people fired, even those who post anonymously.
Thanks for making my point for me. It’s even easier to target people when they are not anonymous. A number of left and right wing commentators are having to pay for private security because of threats. The ones who successfully remain anonymous don’t have to do this.
> Yes, and it required a Constitutional amendment to remove it.
Yea but I can think of lots of other examples. You are missing the point.
> You’re welcome to try and push through an amendment to limit free speech rights, but it won’t pass!
I'm in favor of free speech so I wouldn't want to limit it.
> I doubt it! The media is mostly dead or coopted, and the powerful won’t willingly set up a system where you can rat them out.
Sounds like defeatism.
> Yes, to avoid retaliation. Your point?
He's not just there in Russia because of that. My point is he is either an actual traitor, or someone who was duped into doing what he did.
> Good, you’re getting it.
Haha I think you missed the point, but I can explain it for you. If you are relying on social media for these things, you have already screwed up. Regulating them one way or another is immaterial, because the dependency is a far greater problem.
> The popularity of anonymous outlets for this shows that most people don’t share your opinion. It would have a chilling effect.
I don't think it'll have a chilling effect. People publicly complain about their employers all the time using their real information. The popularity of something isn't an acceptable argument to me.
> Thanks for making my point for me. It’s even easier to target people when they are not anonymous. A number of left and right wing commentators are having to pay for private security because of threats. The ones who successfully remain anonymous don’t have to do this.
Maybe you shouldn't say things that result in you needing private security? It's no different than walking down the street yelling vulgar or offensive things. You might get punched. I see much more harm done by anonymous broadcasting here than I see benefits. Plus you are never truly anonymous on these platforms. Sure it's slightly more difficult for someone to identify you, but if you make enough people mad you will be identified and no amount of "anonymity" will save you. If the government itself wanted to identify you it can do so at the snap of a finger.
> Maybe you shouldn't say things that result in you needing private security? It's no different than walking down the street yelling vulgar or offensive things. You might get punched.
Maybe you shouldn’t have spoken up. Maybe you shouldn’t have walked down that street. Maybe you shouldn’t have worn that dress.
Done with this convo, I think this says enough.
This is one of those things that sounds really nice and makes you feel morally good/superior, but it misses the point and the analogy fails. Speaking up, isn't offensive. Walking down a street, isn't propaganda. Wearing a dress, is your right as a person and it doesn't offend anyone. This isn't what's being discussed.
But, let's say you are right and we should maintain anonymity on social media platforms.
I don't think that kid who was wearing a t-shirt or sign or whatever supporting ICE should have been punched or face any consequences whatsoever. He should be free to exercise is right to free speech and/or protest, face no repercussions in public or private life, and when he goes home he should be allowed to hop on TikTok or Facebook or whatever, and post the most vile, hate-filled stuff he can think of, anonymously.
That's the world we live in today, and the status quo you are advocating that we maintain. Don't you think that warrants further discussion? I do.
I do agree that most people are able to be easily identified, and that anonymity has created problems, but people should be able to both use the internet and remain anonymous as without the anonymous or pseudonymous transmission of information a democracy can't function and makes it trivally easy for the state to further limit the rights of an individual
"Anonymity on social media has brought a lot of problems and I'm not sure what the benefits are"
Anonymity is a shield against public lynching for communities that are targeted by hate groups such as LGBTQ+ (one example, there are plenty).
But that is happening today with anonymity, but then we have all the negative stuff too.
> But that is happening today with anonymity
It would happen a lot more often without anonymity.
No it wouldn't. Accounts would be identified right so you would know that some account is a China bot farm or Russian military or whatever. And then when Jane down the street starts talking about the need to kill "insert group here" well you know who they are and you can go down and have a talking to them or tell their employer, or whatever. If you say crazy stuff maybe there should be repercussions. Today there are none. It has a moderating effect when there are consequences.
> And then when Jane down the street starts talking about the need to kill "insert group here" well you know who they are and you can go down and have a talking to them or tell their employer, or whatever.
This works the other way too. You tell others online "hey maybe we should stop killing X people" or maybe expose that X people are being killed without the public knowing and the people in favor of killing X people can and will ruin your life.
We in fact saw more of this happening in the past few years than the opposite.
That's just the messy fundamentals of democracy. I think it comes down to perception of what the threat is. I think groups like white nationalists, Antifa, pro-Hamas, pro-Russia, &c. are a much greater threat now than the potential downside of supposedly silencing people who "speak up".
How valuable is speaking up anyway? It's all good to argue when you see the positive case or the one you agree with, but do you also give sympathy to folks who are "speaking up" about white replacement theory or "speaking up" about avoiding COVID-19 vaccines, or other such nonsense?
>Maybe you should think twice before saying something online you wouldn't say while standing in front of your house or at work.
If you have to behave everywhere like you are in public, that is the very definition of having no privacy whatsoever.
> Maybe you should think twice before saying something online you wouldn't say while standing in front of your house or at work.
then I'd never say the things i'm saying about Russia/Putin as i still have a family there or in case US kicks me out back there.
Right, there are trade-offs.
it isn't trade-off. You're supporting a systematic chilling effect on legal free speech.
> it isn't trade-off.
Yes it is.
> You're supporting a systematic chilling effect on free speech.
No I'm not.
~~~~~~
There's no point in free speech if the only free speech is from bots and propagandists. Social media platforms aren't free speech platforms either, you're subject to their terms and conditions.
Are you a Russian bot seeking to destroy free speech, one of the foundations of Western democracy and civilization? How are we supposed to know?
Show us your passport and one piece of recent utility bill to prove your hard earned right to post shit on the Internet.
> Social media platforms aren't free speech platforms either, you're subject to their terms and conditions.
Sure, but this verification rubbish comes from the government.
> There's no point in free speech if the only free speech is from bots and propagandists. Social media platforms aren't free speech platforms either, you're subject to their terms and conditions.
You're absolving the social media companies of why they continue choosing to amplify bots and extremist content in one big "community", rather than working towards creating smaller communities that can have social trust and social regulation.
That is the core perverse incentive here that actually needs to be addressed, and by sidestepping that you're then going off into the weeds with some mistaken idea that we can approach the problem by purifying who can use such websites.
I think we should just ban social media companies. If you want to create a small community walk outside and create one with your neighbors.
> and by sidestepping that you're then going off into the weeds with some mistaken idea that we can approach the problem by purifying who can use such websites.
On the other hand we have what we have today, propagandists, bots, hatred, &c.
It's like you're complaining about potential problems, but ignoring the current problems happening today are those potential problems.
I am also not "going off into the weeds" because I'm just responding to the OP.
> I think we should just ban social media companies.
Sure, great! Go right ahead! I honestly think sec 230 was a mistake. Not in that I want to see it reversed so the fascists currently in power can use the dynamic as a club to go after speech they don't like. But rather that I think the Internet would have developed healthier without it, and what it has enabled.
> On the other hand we have what we have today, propagandists, bots, hatred, &c.
You seem to be pigeonholing all of the problems into one bag. "Hatred" does not go away with real-name policies.
> It's like you're complaining about potential problems, but ignoring the current problems happening today are those potential problems.
No, I am pointing out that you're approaching this from the wrong angle. The core dynamic of the Internet has always been "don't trust what you read on the Internet". The lack of needing permission to communicate is precisely what has enabled so much innovation. Defining context is the responsibility of higher layers.
What changed from that core dynamic? The social media companies showed up, took unvetted and unfiltered streams of content, and presented them to the public as trustworthy finished products. "We'll figure out a better system than naive voting later". Well later never came, did it? At least Slashdot tried.
Facebook relies on real names, creating lists of bona fide friends, and can (could?) show you only posts from friends-of-friends, right? How does this differ from what you're proposing? If you're seeing Facebook posts from bots, you've either friended bots or Facebook is responsible for showing them to you, right?
> Facebook relies on real names, creating lists of bona fide friends, and can (could?) show you only posts from friends-of-friends, right? How does this differ from what you're proposing? If you're seeing Facebook posts from bots, you've either friended bots or Facebook is responsible for showing them to you, right?
I think I am just more aligned with, for example, the French president on his criticisms: https://archive.ph/JMrd4 (archive link to avoid Bloomberg paywall)
I think this idea that social media companies are free speech platforms or should be treated as such, is incorrect and it's leading to bad outcomes. They are product companies selling you an experience of "being connected" and engaging with them is a matter of terms of service, not exercising a constitutional right.> Sure, great! Go right ahead! I honestly think sec 230 was a mistake.
I would but it's not up to me. I am not sure Section 230 was a mistake, at least in principle. But if you think Sec 230 was a mistake what would social media companies do in response? Verify you. Which the government has access to...
> I think this idea that social media companies are free speech platforms or should be treated as such, is incorrect and it's leading to bad outcomes. They are product companies selling you an experience of "being connected" and engaging with them is a matter of terms of service
Yes I wholeheartedly agree with Macron's quote, and basically agree with your interpretation of it. Maybe you can see we have some common ground here and re-read what I wrote before? My critique isn't trying to reject that there is a problem. Rather I'd say my critique is that your proposed solution is specious and will enable worse things
> not exercising a constitutional right
Except individual users are also exercising a constitutional right. That's the problem - users' main modern ways of partaking in their constitutional rights are being modulated by corporations!
(Just to be clear though, I think the legal system's current framing of the owners/workers of Facebook having a "constitutional right" to control users' speech is utterly disingenuous)
> if you think Sec 230 was a mistake what would social media companies do in response? Verify you
Now that the situation has been set up, maybe, and maybe users would stand for this. But verification wouldn't actually resolve their problem when Joe Judgementproof posts fascist hate, they'd become jointly responsible for publishing it. The point is that the moral hazard created by sec 230 is precisely what has allowed the centralized social media industry to grow to the point it has.
>The point is that the moral hazard created by sec 230 is precisely what has allowed the centralized social media industry to grow to the point it has.
That's exactly the opposite of what Section 230 has done.
Section 230 doesn't stop anyone from suing folks who defame or otherwise break the law. Rather, it specifies that those who say such things are the proper target, not the platforms that host such third-party speech.
And that's the important point. Section 230 covers third-party speech. Because litigation is expensive. As such, it mostly protects the little guy who doesn't have the resources to fight tens, hundreds or thousands of lawsuits because some folks don't like the restaurant/movie reviews or opinions about the quality of book plots or political speech or the Epstein Files or a myriad of other things that folks don't like and wish people would shut up about.
Nothing stops an aggrieved part from suing an individual for the things that individual says. But Section 230 says you can't sue the platform (say the website, Matrix or XMPP server you personally host) for the speech of a third-party who uses that platform.
In the absence of Section 230, huge, deep-pocketed companies like Facebook, Google, Twitter, et. al can pay for legions of lawyers to fight such lawsuits.
Do you have such deep pockets? Not all Internet content exists on those huge, deep-pocketed platforms. Many useful and interesting sites hosted by individuals or small businesses exist, but would be put out of business in a week if Section 230 didn't exist.
Getting rid of Section 230 would only cement the huge platforms' dominance and make them more unaccountable and powerful. Is that your goal? Not saying it is, but it's important to think through the impact of Section 230 beyond the (false and misleading) pronouncements of those who want to control you, your speech and the means of disseminating that speech.
I understand the mechanism.
I agree that removing section 230 today would have an even more centralizing effect. We've already got huge tech companies that would happily shoulder such liability, and lots of small sites that would find themselves in an uncomfortable position.
My point was that if we never had section 230 to begin with, then we would have kept the strong incentive against setting up sites revolving around centralizing speech in the first place. There would have been more emphasis on protocols, and keeping communication under the control of the person speaking.
>My point was that if we never had section 230 to begin with, then we would have kept the strong incentive against setting up sites revolving around centralizing speech in the first place.
Where did you get that idea? Section 230 never provided any preference or privilege to large organizations over small ones.
In fact, it did exactly the opposite for reasons I discussed. You say that without Section 230:
That doesn't even come close to covering it. Without Section 230, your aunt would take down her knitting pattern discussion website/chat room/mailing list/whatever within half a day, with whoever it was posting something objectionable (or just off topic) and when your aunt deletes it, file a lawsuit claiming censorship.How long is your aunt going to keep the completely free and volunteer site up when she has to pay lawyers $5-10K every week? And if she doesn't delete it, continue to flood the site with garbage until it's unusable, turning a knitting discussion site into 4/8chan.
All while doing nothing to stop the big boys from creating a dystopian hellhole because they have legions of lawyers on staff.
In fact, without Section 230, $BigCorp and/or other bad actors wouldn't even need to buy out their competition or wage costly efforts to destroy them, just post oceans of objectionable/off topic stuff, sue if it's taken down or wait for it to go under because its awash in garbage they posted there to make it unusable.
If we never had, or got rid of Section 230, your preferred candidate or issue advocacy group could trivially be taken down through these tactics, stifling free expression. Think fake DMCA take downs, but without recourse except through $500/hour lawyers and the courts.
Not sure where you got the idea that Section 230 ever was some sort of "giveaway" to big companies to encourage centralization. It was not, and even today it primarily protects the little guy, just as it did 30 years ago.
Do you have your mind made up and no amount of actual evidence will change it?
If not, feel free to check out the following:
https://www.congress.gov/crs-product/R46751#_Toc155275791
https://en.wikipedia.org/wiki/Stratton_Oakmont,_Inc._v._Prod....
https://www.techdirt.com/2020/06/23/hello-youve-been-referre...
https://www.propublica.org/article/nsu-section-230
https://theconversation.com/law-that-built-the-internet-turn...
There's lots more of that to be found, but don't believe me. Check it out for yourself. Thanks to Section 230, among other things, you can.
You're still missing where I'm coming from.
> Without Section 230, your aunt would take down her knitting pattern discussion website/chat room/mailing list/whatever within half a day, with whoever it was posting something objectionable (or just off topic) and when your aunt deletes it, file a lawsuit claiming censorship.
I don't want "my aunt" to be running a knitting pattern discussion website. I want "my aunt" to only be publishing/hosting what she herself writes, while her discussion partners each publish/host what they themselves write. I then want all of these messages stitched together to form a cohesive presentation on each person's computer, by software that represents their interests.
There was the better part of the decade after the CDA passed that the tech community was still focused on protocols that worked this way. Section 230 immunity made sites that centralized user content feasible rather than legally radioactive. Centralized sites then took off because they were easier to develop, and investment-wise they caused Metcalfe's law power to accrue to the entity running the site rather than to an abstract protocol.
I do agree that in the current context, there is a strong path dependence here - neutering section 230 would not cause the clock to rewind. And the present political push is from a movement that wants to control speech even harder than corpos already currently do. I'm talking about what could have been.
The chilling effect you’re supporting leads exactly to thriving of bots and propagandists while suppressing dissenting voices of regular people. Just look at any country where it is already fully or partially implemented.
I don't support any chilling effects.
> leads exactly to thriving of bots and propagandists while suppressing dissenting voices of regular people.
This is the current state, today, with anonymity.
> Just look at any country where it is already fully or partially implemented.
Which ones?
>This is the current state, today, with anonymity.
whatever the current state, removing anonymity will remove dissenting voices of regular people.
> Which ones?
Russia for example. The sites where verification is implemented has become pro-government bot cesspools.
Here you mentioned LinkedIn - it is where pro-Russian propaganda runs free (especially if compare to for example HN where people freely respond to it), and it is exactly where my even pretty mild response to it got me almost banned, and so I don’t engage it there anymore.
I wonder how do you square your de-anonymity of speech position with anonymity of voting, or do also think that voting should not be anonymous?
> whatever the current state, removing anonymity will remove dissenting voices of regular people.
I don't think so. It may moderate them, which given our political environment is likely to be a good thing.
> Here you mentioned LinkedIn - it is where pro-Russian propaganda runs free (especially if compare to for example HN where people freely respond to it), and it is exactly where my even pretty mild response to it got me almost banned, and so I don’t engage it there anymore.
Well I don't know what the specific example is. I've seen pro/anti all sorts of things on LinkedIn and when I do I unfollow or find another way to hide the content. But it's also not super engaging. Why is that? Because, well, firstly LinkedIn is a heaping pile of garbage, but also because money, careers, and more are at stake. If you find a pro/anti anything post and start saying really crazy stuff, yea someone might tell your employer about it. How LinkedIn moderates its discussions I think is a separate issue, and, frankly, is yet another demonstration that these platforms are simply not "free speech" and using them means you agree to the terms of service which allows them to moderate how they see fit.
When folks complain about these algorithms or the wrong group buying their favorite platform, there is a very easy and simple solution which is to just stop using them and delete your account. Then, nobody is policing your speech.
> I wonder how do you square your de-anonymity of speech position with anonymity of voting, or do also think that voting should not be anonymous?
I think voting should be anonymous, but you should have identification for voting issued by the state. It's an exercise of your constitutional right, and there are plenty of mechanical and morally good reasons for it. Yelling the most obscene shit imaginable on TikTok is not even in the same ballpark and is not exercising a Constitutional right.
The problem is that we'd all blocklist advertisers and then they'd all cry. It's like how most mobile distros don't allow you to control relative app volume - if it might hurt ad bucks it can't be allowed.
This isn’t even a hypothetical. On most phone there’s no toggle to completely block an app’s internet access (only its data usage).
The ad industry underwrites the consumer tech market. That's why you can buy a SmartTV for like 100 bucks (or whatever, I haven't bought a tv in like 10 years knock-on-wood).
My plan to buy a TV is to get one that can be kept offline, or one that can be made able to stay offline through flashing or dismantling into its very core elements.
Dismantling it would probably ensure it's ugly af, but maybe if you try to go for one of those TV-in-a-frame things it might not look hideous.
Every smart TV I own can be kept offline; I just don't put it online ever. The issue is the software bloat makes turning them on unnecessarily slower.
I don't trust that smart TVs won't use my neighbor's open Wifi or a mobile network to phone home.
Time to make a wiki... How to open up your TV and yank out the wifi antenna out of it...
Not sure how common it is now, but based on repair manuals my TV's wifi is provided by a standard m.2 wifi module and can be trivially removed. That wouldn't stop them from changing the TV's OS to nag or otherwise disable itself afterwards but the hardware change is about as trivial as it could be.
Now why the disable wifi option isn't available on the TV when it appears in the user manual is another matter...
>Not sure how common it is now, but based on repair manuals my TV's wifi is provided by a standard m.2 wifi module and can be trivially removed
Or just do egress filtering[0] on your router and block the device from communicating with the Internet. No disassembly required.
I block all access to/from my "smart" TV at my firewall/router and it works just fine.
[0] https://en.wikipedia.org/wiki/Egress_filtering
Or you can either do what I do and buy an old TV. I have a nearly 20 year old plasma that looks great and isn't gonna listen in on me. If you absolutely need a higher resolution than 1080p or need an OLED display, you can buy them as "digital signage" (though, usually with a pretty high markup)
Good point. I originally thought this would just be content categories. Maybe that's all that's plausible.
All the people with money would lobby against content categories because then large mixed category sites like Reddit or Twitter would have to either separate their app, or have the ability to send additional content headers based on content tags per piece of content.
Legally, since pornography still doesn't have a true definition in the US, someone would have to define the categories as well, and then the hundred million free speech fights would begin.
Your vision is the correct one, in my opinion, "adult content" headers would be an easy lift for web technology. But the ad agencies and information agencies (often the same) are spending all of the money to make sure nothing like that happens.
I've seen numerous apps that do already provide content categories without separating apps. NSFW/SFW is the most common, but I've also seen ones that allow you to opt-out of gambling or alcohol ads.
You say that like it's a bad thing.
Heck no - I own a Samsung purely to continue to have access to Sound Assistant (to enable individual app volume control without rooting my device).
I just want everyone to be clear on why it isn't happening.
This is also the same reason why early versions of Android had incredibly fine-grained permission controls that was stripped out... can't have users blocking inter-app marketing key coordination after all.
Sorry, I was responding to this part of your comment:
> The problem is that we'd all blocklist advertisers and then they'd all cry.
Remember: Advertisers cry with money.
They’ve proven themselves to be bad actors with no moral compass. No different than street drug dealers, casinos, traffickers, or any other predatory industry. They should’ve regulated as such.
I don’t have any problem with old-timey “Dishsoap Brand Dishsoap sponsored this content. They want you to know that a dish isn’t clean unless it’s Dishsoap clean!” Type ads. Much beyond that should no longer be tolerated.
> I don’t have any problem with old-timey “Dishsoap Brand Dishsoap sponsored this content. They want you to know that a dish isn’t clean unless it’s Dishsoap clean!” Type ads. Much beyond that should no longer be tolerated.
I think the only advertising I've knowingly listened to was a Privacy.com sponsorship on The Modern Rogue. Now been a paying customer for years and they have been mostly great. I think that sponsorship was back in, like, 2015 or 2016. Oh how times have changed.
(I'm sure there are thousands of subconscious influences that I have no idea about, though. Maybe a few radio ads put a brand in my mind for something so I didn't search for alternatives. I don't listen to broadcast radio anymore though.)
I think it's a great proposal if we add a slight alteration. Rather than requiring parents to maintain block/allow lists, the OS should allow the parent to lock in a birth-date, and that birth-date is used by the system to generate a user-age header, from there, websites can be legally required to respect the header and maintain whatever restrictions correspond to the applicable laws. This gives sites the ability to dynamically adapt to users, changing features and laws, as well as remove the burden from the parents of having to determine which sites are safe and not.
I'd really like to steer away from age entirely. This requires that we have universal rules about what content is appropriate for what age, which I don't think is necessary. For kids, why not let parents decide. And why not also use this infrastructure for adults. NSFW buttons are so common that it's clearly something that adults want too.
We already have the tech, in multiple forms. First, tagging:
ASACP/RTA https://en.wikipedia.org/wiki/Association_of_Sites_Advocatin...
PICS https://en.wikipedia.org/wiki/Platform_for_Internet_Content_...
POWDER https://en.wikipedia.org/wiki/Protocol_for_Web_Description_R...
Second, all ISPs could offer in their basic service something like DNS4EU modes, just like they offered email and web space decades ago (optional, nobody was forced to use them).
DNS4EU https://en.wikipedia.org/wiki/DNS4EU#Public_resolver
Parents would only need to configure the account to "child". Laws could force companies to properly tag their pages and sites. And privacy would be preserved.
Instead we have to keep on fighting the Crypto Wars. The childs are just a decoy, the target is destroying basic rights.
Clipper chip war, eg. https://en.wikipedia.org/wiki/Clipper_chip#Backlash
This sounds more like the most reasonable solution.
Part of me has wondered if there could be a PAC that focuses on pushing for issues that "both sides" can agree on to politicians from both sides. The big thing is it has to be problems both sides agree are problems, and both sides agree on the solutions. The only problem I see is that there's an insane amount of contrarianism from both sides. I have seen both sides of the political aisle flip flop on issues because one side chose one solution this time around.
So let me tell you a story.
There are plenty of states including the one I live in where you are required to verify your age to visit porn sites.
If you add up all of the sites that are not hosted in the US and combine them with all of the sites that you can get around the age verification just by using a VPN, would you be surprised if I told you that the total is 100% with most just ignoring the law?
The goal of these laws isn't to protect children, they just want to further surveillance and control of the population. While there are better ways to handle the "think of the children" concerns being invoked to justify these kinds of laws none of them would satisfy the legislators pushing them.
i'm surprised to see this suggestion highly upvoted, because this is the solution that usually makes hacker news the angriest.
in reality this cannot be just a simple plain text header. that's way too easily forged and will not satisfy any of the parties pushing for age verification. the "device verifies your age" model means hardware attestation, so the source of that age verification can sign a cryptographically secure promise that the device software has not been modified in a way that would allow this header to be forged.
the app stores might be a less than ideal place to implement age verification, but it lets regulators sidestep all the messy issues around a distinction between device owner and device user.
I'm advocating for services being made to respect what the device owners decide, not that devices be made to request what the services decide.
Of course, you are probably correct about the political infeasability of what I want, and are correct that this can get twisted into the exact opposite of what a just law would do.
Punctuation would make your ideas easier to understand.
The biggest issue is, of course, (4) - how do you plan on enforcing that for sites that don't run out of your country of residence? Implicitly restrict access to only those sites in said country?
You don't enforce that, the owner (or the owner's parents, etc) of the device set that policy. MDMs can all already do this, there just needs to be a more user-friendly/consumer focused MDM to allow parents to control their kids devices. Just have it warn "Out of country sites may not follow your device policy, do you want to block them (Y/n)?"
It’s called “Parental Controls” you don’t need an MDM to do it.
That issue exists with the current proposal as well or any proposal that leaves the enforcement on the website.
I think in addition to what OP said, the browser/device should let you set hard domain-level filters which are enforced by the browser/device.
This will not be ideal for applications / sites with mixed content, but gives the parent / guardian more control.
Same way the US enforces any internet foreign policy. Make the credit card companies cut them off,make advertisers cut them off. US controls most of the ways they could make money.
Who said it’s about children?! It’s about mass surveillance and building the proper infrastructure using your tax money, both digitally and legally to expand it later with ease. They start usually in a “test bed” states (like Arizona) or countries (like Australia) and evaluate, before fully implementing it.
You've still got it a bit backwards. Websites should be the ones publishing content suitability headers. Those headers are then legally-significant assertions about the content on the site - the type of content, age/moderation policies, etc. Browsers then implement the device's configured policy based on what headers the site returns.
This requires locked down computing on the end device, but all of these proposals inherently do - otherwise a kid can always just install whatever software that sidesteps the restrictions, right? And leaving the responsibility on the device owners/makers only motivates secure boot, which is already pervasive on the most relevant devices - phones and tablets.
Your proposal puts liability directly onto websites themselves, regardless of the end user/device. This would push websites into demanding remote attestation, which is at the early days of being pushed (safetynet, wei, etc), and is the thing that is really primed to destroy general purpose computing. You know all those "verifying your device" followed by endless CAPTCHAs that are everywhere these days? Imagine that, on every site, and no way to get around it besides installing a genuine copy of either Windows 2028 or macOS 28 Pyongyang.
That's a great solution
Parental controls have been built into Apple devices forever. Is that not the case for Android and Windows?
But how corrupt politicians will make money having such reasonable policies?
> Require browsers to respect the device's policy for site allow/blocklist
But then HN would still riot, because you would need to require all apps to be approved by a central authority (no unauthorized browsers) OR you need to lock down browser engines to those that respect the list somehow (maybe by killing JIT, limiting network connections).
I've learned long ago, as have politicians, there is zero solution that makes tech people happy... so move forward anyway, they'll always complain, you'll always complain, there is no tolerable solution but the status quo, which is also untenable.
> But then HN would still riot, because you would need to require all apps to be approved by a central authority (no unauthorized browsers) OR you need to lock down browser engines to those that respect the list somehow (maybe by killing JIT, limiting network connections).
The owner of a device could prevent the installation of third-party apps or app stores. That does not require having central approval.
> But then HN would still riot, because you would need to require all apps to be approved by a central authority (no unauthorized browsers) OR you need to lock down browser engines to those that respect the list somehow (maybe by killing JIT, limiting network connections).
I don't think you need to do that. You can pass a law without creating a technical mechanism that automatically enforces the law. The law doesn't even need to be perfect.
So what if you can still patch a browser yourself. Kids can steal cigarettes but laws against selling cigarettes to kids are still broadly effective.
So what if its technically possible for a vendor to ship a violating browser. Go after violaters with the legal system, not with the OS.
So what if there's a foreign vendor with a violating browser out of the reach of the law. You'd still have made the ecosystem vastly better even if there's gaps and loopholes.
Right, I assure you that no kid who wants to smoke weed or cigarette have any trouble finding it and isn’t saying “I was going to smoke weed/cigarettes but since it’s illegal, I guess I won’t”.
See also in the 1980s Nancy Reagan: “Don’t sniff glue to get high”, Kids: “You can sniff glue and get high!”
Funny that you understand what the problem would be, then you still insist that the authoritarian approach is the correct one. I’m sure people like you would gladly goose step into a 100% locked down surveillance hellscape, but the rest of us will keep working to ensure that this future never happens.
This is a bait-and-switch that will be used to roll in an internet ID for all people. I believe this is why M$ is trying to force people to log in to their local machines with a microsoft account.
I have been terminally online since the age of 7 and this would probably make me shut everything down and go outside. Maybe that'd be good for society, but I suspect most people will just shrug and go along with it.
"It can't be that bad if everyone else is also doing it."
I'm not sure how principled I would be if/when it comes to that. I hope I will be.
Conceptually it’s difficult to explain to most people why this would not benefit them.
Like, I don’t maintain the delusion that I can’t be precisely identified by the apps I use. I just am vehemently opposed to it being tied to my government issued identity, which could be arbitrarily revoked and controlled by people who dont have pure profit as their motive. A lot of people probably find that overly paranoid.
I'm much more convinced Microsoft wants to do stuff like sell cloud subscriptions at the click of a button in the desktop than Microsoft gives a crap about those subscriptions being tied to a consistent account ID. The latter certainly sounds evil, but not in a way that particularly helps Microsoft over their competitors.
Uncle Bob probably would probably need to do a decent amount of work to figure out how to purchase a OneDrive subscription from having no account, particularly if they think "I've already got an account - that's how I log in!". If the PC forces Bob to walk through creating a cloud Microsoft account before he even sees the desktop then the only step remaining is to click to OneDrive (or whatever) sales notification and enter a credit card so his "important personal files stay backed up" (or however they pitch the service in the notifications).
> I'm much more convinced Microsoft wants to do stuff like sell cloud subscriptions at the click of a button in the desktop than Microsoft gives a crap about those subscriptions being tied to a consistent account ID. The latter certainly sounds evil, but not in a way that particularly helps Microsoft over their competitors.
Bless your cotton socks, you had it in the first part MS wants to sell stuff, but then you failed to realise that by tying people to a consistent account ID builds a profiling on them that lets MS serve targeted advertisements, through Edge.
Edge (and the entirety of ad tech for the last few decades) does this today without needing a Microsoft account at all, let alone your real legal identity.
In that case, we should build a new internet designed specifically to prevent this kind of behaviour and the slopification of the current internet. Let HTTP rot and build something a little less spartan than gemini but still resistant to slop. If anyone has the resources, my current idea is a p2p protocol for sharing some kind of markup that can do minimal styling and a client that doesn't need some kind of scripting language to do things like use buttons
http isn't the internet. al gore created a series of tubes, and other folks built protocols to share information through those tubes. http is one protocol
You're right, I should have specified a new web. Gopher and usenet both still exist and aren't http
Serious question: why can't Meta, Google, and friends just decide not to serve Arizona? I get logistically it would be tough, but if they built that capability, they would have a very robust lever to pull anytime a government pulls this schtick.
I would imagine the backlash from the people would fix this pretty quickly.
This seems like one of those "the enemy of my enemy is my friend" situations. I'd fully support big tech saying, "Alright Arizona. Build your own technical infrastructure."
And letting the fools in government who don't understand how the world works figure it out the hard way.
What am I missing? (beyond perhaps being overly optimistic!)
I don't think Google considers such legislation to be their enemy. It would effectively kill F-Droid and other third-party app distribution methods, and would fully lock them in a place of high power over their platforms and pull the ladder up beneath them, and nobody would be able to blame Google for it. I mean, why would anybody submit their ID to a brand new unproven app store? Seems quite risky, better to just use Google Play
Laws as such favor big tech more than others, despite their proponent often selling them as "anti big tech." Big tech has more resource to comply with the said regulations than, say, some teenager with a Minecraft server in his basement. Big tech can also absorb the downsides of identity verification — if your choice is between giving out your ID or losing access to your entire gmail account forever, I imagine 95% of the people will just cave. So big tech does not lose much from complying either.
If big tech just withdraw from any market that tries to stop them, the logical conclusion is for these markets to seek alternative products. This gives the alternatives the investment and network effect they need to become more capable competitors of existing big tech products.
Not a good idea to enourage that sort of behavior though, because the same tools can embolden them and can be used to pull out of say California if it pushes for a strong pro consumer legislations.
Corporations don’t act on the moral principles regardless of what their PR/marketing department says. It is ultimately decided on how laws affect their bottomline.
They wouldn't pull out of California. It's 1/5 of the US economy and would leave a gaping opening for a competitor to gain a stronger foothold there. You're right it's about money not principles but that's exactly why the threat would be empty. They'd probably lobby congress to try and make it illegal for the states to enact the protection and do some performative annoyances instead.
They might try to make an example out of a smaller state, but since they aren't selling food or fuel or heart pills it isn't like the state is going to collapse without access to Meta properties.
> What am I missing?
Big tech are going to be the ones selling the verified ID solutions and the laws are going to effectively make it mandatory. There’s a potential future where we’ll all be paying for a subscription to a verified ID system that we don’t want.
Big tech is probably lobbying for it behind our backs.
what would those companies do with the infrastructure in AZ? serve clients in other states? I imagine the AZ legislature would have some levers they could pull to make those existing datacenters less effective or more costly to run.
Also because the companies are beholden to shareholders and their financial best interest. cutting off millions of clients to make a political statement is not in the companies best financial interest and would likely result in a shareholder lawsuit.
These companies can't just pull out of a state like Arizona very easily even if they wanted to. Many of the major tech players have a presence in Tempe or Scottsdale- not to mention the defense work that happens throughout the state. AZ is no California but it's silly to act like it's an economy tech is ready or able to easily write off.
Why would big tech care? Age gating is probably good for them, and they won’t want the market share loss.
A total pull out is what big tech threatens when government is impacting on their profit margins, not working in their favour.
Exactly, this will just lead to regulatory capture, where only the big platforms thrive and they are periodically “nudged” to push government supported viewpoints, like what happened to TikTok.
>Serious question: why can't Meta, Google, and friends just decide not to serve Arizona?
I'll answer your serious question with one of my own. What incentive would Meta, Google and friends have to "decide not to serve Arizona"?
What is the business model of these companies? To make you view ads and charge advertisers more for "targeted" ads. Having age (which ends up being ID) verification gives them more tools to "target" ads and thus can charge more for the ad space they sell.
I'd say that these folks would be among the last to fight against something like this.
And so I'll reiterate my question: What incentives do these corporations have for opposing such legislation?
I'd say zero. In fact, I'd argue that their business models incentivize them to support such legislation.
Curious, what is driving this "you need permission to use the internet" bills suddenly ?
Really miss the old internet.
As wealth inequality and corruption based economic policies push people further and further into a corner the state will have a greater need to identify any nascent organization of political movements that threaten the status quo earlier so these can be strangled in their cribs.
As I recently observed [1], there is a lot more of this sort of coordination than people realize. I personally know of about three groups trying to get some cross-state initiatives implemented at the state level, and I'm not even particularly looking for such things.
It is not a coincidence. It means there is some organization out there pushing these. In general, "organization" here applies very broadly; there are some cases where it pretty much is just more-or-less normal people who organize to get something done. I wouldn't expect this particular thing is that for a second, of course. I'm just saying in general the term applies broadly. Someone is organized and trying to push this.
[1]: https://news.ycombinator.com/item?id=46873297
Can you name the groups? (Assuming they are sufficiently public, corporate/political entities)
The rise of anti-Establishment politics led the Establishment to strike back, and they play for keeps.
That said I still expect mandatory age verification/ID for the internet to fail legal challenges in the US as there is broad precedent for both anonymous speech rights and children’s speech rights under the first amendment.
The anti-Establishment people that were only anti-Establishment until they had power, then they are very much pro-Establishment.
The writing has been on the wall for years with a desire among states to identify individuals using the internet. Whether or not we will continue to win the fight against it is up in the air.
Back in August SCOTUS declined to enjoin a similar law in Mississippi but for procedural reasons, and Kavanaugh wrote as part of the denial that he believed the law was probably unconstitutional. That makes me optimistic for the us on this matter tbh.
https://courthousenews.com/supreme-court-greenlights-social-...
Look at any HN thread about social networks. It's the good old "why won't anybody think of the children" thing.
It's right wing censorship plain and simple. Unfashionable to state this.
While this particular bill is all R sponsors, current censorship efforts are bipartisan inside the US and even international in scope. The one ray of hope is that left and right can’t agree on what should be censored or how, or even what constitutes “censorship.”
IMO when both-sides-ing a debate, it would be helpful to provide more specific examples to support the claim. Especially when your first few words acknowledge the apparent one-sided nature.
Just look at the Senate votes for these bills/laws.
If you need examples for left wing censorship in the US: the federal government (primarily through CISA) worked for years through NGOs to pressure companies on moderation policy, going so far as to suggest particular accounts or individuals needed scrutiny. California is currently suing several website operators for offering blueprints for 3D printed guns. A few blue states are experimenting with hate speech bills again (typically focused on islamophobia or antisemitism), although they will likely face a successful 1A challenge if they pass.
Both Ds and Rs have been attacking Section 230; Mark Kelly wants to strip those protections when sites “amplify content that caused harm.” KOSA is a looming bipartisan threat.
Left radicals are as virulently against free speech as those on the right, often calling for allies to “shut down” or even physically harm opponents.
Schools are a particularly difficult battleground for free speech, with actions against scholars from both left and right: https://www.thefire.org/research-learn/scholars-under-fire
If you are left wing, you probably don’t think some of these are censorship, others do, that’s why I said it was a good thing that left and right disagree with each other here. In many ways they cancel each other out, although they do a lot of damage to free speech along the way.
It’s also true that currently in the US the primary threat comes from the right, as a consequence of the right being in power. Internationally it is reversed.
You weren’t around when Tipper Gore was raising the alarm about Ice T’s “Cop Killer” (now “ICE Killer” since he has been playing a cop on TV for a quarter century) or NWA and “F%%% the Police”
Gore is at best a centrist
And not born in Edinburgh, either.
I caught the tail end of the civil rights movement and I've never been fussed about white folks whining about black music. It's just what they do.
I am 51 and my still living parents grew up in the Jim Crow South and they witnessed the “Albany Movement” (my home town) first hand.
But to be fair, it’s also generational thing. My parents were just as put off by the rap music of the day.
Yes. Right wing.
This isn't about ideology. This is about money and control.
which 'wing' cheered loudly when every platform openly suppressed their political opponents during the last decade, and frothed in impotent rage when one of those platforms unexpectedly changed hands and ceased the censorship?
somehow, censorship is only bad when the wrong side does it. when the correct side does it, it's justified and necessary for your democracies to survive.
I sometimes wonder how serious these sorts of sentiments are. Like, when you claim something easily disproven and openly partisan, do you know that and do it anyway, or is your internal dialog one of righteous outrage?
for example, go ahead and easily disprove that Twitter, Google, and Facebook had banned the sitting president of the United States in January 2021, simultaneously and voluntarily.
So a couple platforms banning one guy from continuing to attempt an insurrection of the federal government counts as suppressing your political opponents?
Would you assert that politicians are by definition untouchable, no matter what they do? Literally. I know your man bragged about this, but was he joking or not?
right. in other words, it was justified and necessary for your democracy to survive.
next example: which 'wing' cheered at COVID misinformation, such as the lab leak theory, being voluntarily suppressed by every platform?
I think it's questionable whether the censorship has ceased. It's just done less transparently and blamed on "the algorithm". There's an article about it now on the front page of HN.
Not disagreeing with the need of a reminder that there was censorship from the left though.
I don't know. Which wing, and what's an example of the suppression they did openly?
The days you move between categories can establish your birthdate, which is a lot of bits if you are doing this on an individual level (basically it's a great start at a supercookie).
All of a sudden various governments and tech companies want to do age verification. Co-incidence?
One thing to keep in mind is that every session has crazy proposals in AZ. (Not clear how many of them get anywhere.)
It's good to take note of who exactly is pushing (and/or being bribed to push) the crazy. In the case of this monstrosity you can thank:
Could the unwritten motivation be to kill some of the internet and boost sales at local brick and mortar stores? trying to think like a state government critter... Privacy risks aside, people are averse to added friction.
Since I'm in AZ, I had to look about the sponsor. Here's what Michael Way has on his campaign website :
"Michael is NOT a politician. He has spent his career in business, not government. We need bold, conservative outsiders to shake up business-as-usual."
https://michaelwayforaz.com/about/
The bill sure sounds contradictory to his campaign statement.
It'll certainly be interesting to see how age verification works for Notepad
They should just require people to answer a dynamic set of random history questions.
What would be interesting to know is which age verification services are popular these days?
See https://en.wikipedia.org/wiki/Social_media_age_verification_... for a full picture of US states age verification laws, states in the article include: Arkansas California Florida Georgia Louisiana Mississippi Nebraska New York Ohio Tennessee Texas Utah
California seems like the odd one out on that list. And maybe NY.
Reclaim the Net is not really a reliable source
Remember when children weren't even supposed to use the internet unsupervised? What happened? The internet hasn't gotten any less filthy.
Shareholders happened and decided there was money in it, and now the government is using their failures and the irresponsibility of parents for mass surveillance
You don't need an ID of any sort to conceal carry a gun in AZ, but you need one for an app?
The 2nd amendment is the only constitutionally-guaranteed right these days. And that too only if you have the correct political views.
See Pretti
Only if the bill is voted on, approved and signed into law, which I would bet top dollar will never happen.
Can children buy guns in AZ? Look, I don't have an opinion here one way or the other, this almost certainly won't pass, but please at least try to argue in good faith.
Adults can buy a gun with no ID, no problem in AZ, fully legal. If you prefer that comparison, to an adult being carded to buy an app. I do feel I was making a good faith comment here.
--------- re: below due to throttling ---------------
>Adults can sell each other property with no ID and without the state getting involved, who knew.
Yes and it's legal. Should be for apps too. Headline says all apps.
--------------------------------------
>Is it legal to sell a gun to a child in Arizona? Or do you responsible for age verification? You continue to argue in bad faith.
It is legal to sell a gun to an adult in AZ without carding them and without doing "age verification" as described in the article. In comparison, this bill appears to make it illegal to sell an app to an adult without doing "age verification" as they've described. My comparison here is in good faith.
------------------------------------
>How do they pass the federal background check?
Easy, meet in parking lot, pay cash, buy gun, no background check needed and fully legal.
Adults can sell each other property with no ID and without the state getting involved, who knew.
If you mean at a store, a regulated vendor, you are incorrect.
Yes private sales have no background check, obviously I was referring to the "correct" case since that is part of "all" sales and the headline here is "all" apps. Why would I be referring to the incorrect case?
If you want to force a condition in which I'm wrong, in bad faith, then I can play that fuck fuck game with you too. I can walk into a "regulated" store and buy a perfectly functional and accurate 1889 Schmidt–Rubin bolt action cartridge rifle with absolutely no background check no ID -- so *ha ha ha you are incorrect!*.
> Adults can buy a gun with no ID, no problem in AZ
How do they pass the federal background check?
Is it legal to sell a gun to a child in Arizona? Or are you responsible for age verification? You continue to argue in bad faith.
If you want to go down the bad faith rabbit hole I can play that fuck fuck game with you, then yes Midway USA will literally sell a gun to basically any child in the country in the country in two boxes, the first as a black powder revolver and the second as a cartridge replacement cylinder. Once both boxes are in proximity it legally becomes constructive possession of a firearm.
Of course in some states (I think North Dakota is one) there is no restriction on transferring a gun privately to a minor. So yeah in North Dakota you can straight up sell a gun to a kid.
But what I was referring to was that adults don't have to be carded or have age verification in AZ to privately buy a gun, not that it is legal to sell a gun to a child.
Who do they think they are? The UK?
This whole pile of bullshit is just to end anonymity. Decentralizing things, including finances seems like the only real path forward to keep the world sane.
It's clear these "age verification" bills will just keep coming and it's a losing battle to try and oppose each individually.
Instead (or rather in addition to) activism we should go at it from the other end and request the introduction of a verifiably independent authority and zero knowledge protocol that will deliver a cryptographically secure boolean bit (isOver18) with no way to correlate from either end the ID or which website the bit is used for.
The alternative is IDs get collected by all these horrendous privacy fiends and sold / leaked / monetized across the board, which sounds like a dystopian nightmare.
Solutions based on zero-knowledge-proofs would solve the privacy aspect at the massive cost of killing general purpose computing as we know it today, by mandating the use of remote device attestation (as that is the only way to guarantee an otherwise fully anonymous token is not being sniffed and passed onto someone else). That would be in my opinion significantly more dystopian than every service having a copy of my ID, as it would lay the groundwork for corporations and governments to be able to dictate what you can and cannot do exactly with any internet-connected device.
It's not hard for instance to imagine that once every computing device available to the general public is locked down and cannot be jailbroken without also losing the ability to log into any online service, a law would be introduced requiring client-side scanning of all files to check for CSAM, evidence of political dissent or even just plain old movie piracy. The technology to implement this exists (see what Apple tried to do a few years ago) and the exact same legislation is currently being pushed in the 3D printing space, so these fears are not unfounded.
In the farthest along systems, such as the one the EU has been working on for a few years and is now field testing, you only need to have one secure device to store your digital ID, which in the first version will be a smart phone. If you want to use a site that requires proof of age from some other device like a desktop computer or a public computer in a library you can do the age verification on your phone.
I'm not an expert in this area, but I thought blockchain and things like zk-SNARKs solved this.
I agree that if remote device attestation comes bundled in, it's worse overall.
But are we just SOL then? How long before Cloudflare integrates, and then ISPs? What is left of the internet? Are we all going to run pirate LoRa nodes and other such things to get some free (as in freedom) internet?
> Are we all going to run pirate LoRa nodes and other such things to get some free (as in freedom) internet?
I will, if it comes down to it. I wouldn’t love to return to the 1980s with pirate BBSes and floppynet, but I already lived through it and survived. There would be a certain romance to it, like old hacker movies, maybe it would even make cyberpunk cool again.
(To be clear, it would still suck and we should fight this. But even if we lose a battle, the war is eternal.)
Your 2nd paragraph is a foreign language to US representatives. A bunch of senators, like Graham and Turtle Man, brag about not using email.
I would propose a variant of RFC 3514, where adult-related packets have a specified bit in the IP header. Simpler and you can filter it at the firewall.