- cross-posted to:
- privacy@programming.dev
- cross-posted to:
- privacy@programming.dev
You must log in or # to comment.
The Epstein class never hesitates to fuck over the unwashed.
I’m genuinely curious as to what the fuck identifying on the OS level has to do with social media, and then what the fuck that has to do with protecting kids. If you’re a parent who engages with your child, and… hear me out here… take care of your child, restricting access is done the same way they they don’t get access to detergents, and similar.
In the consumption of media, have tools that let parents manage and control the type of content they can access. Similar to how you can child proof cabinets.
And, back to my original question. What the fuck does this have to do with identifying on the fucking operating system level?
I’m genuinely curious if anyone pushing this has been asked to justify this? Surely, you’d expect some aspect of reasoning to be behind this, no?
Edit: not to mention. Corporations have shown to reliably and consistently be bereft of any and all ethics and morals. One can more easily argue that identifying children is likely going to be harmful, as they’ll be tracked and targeted in any way that can be argued to private equity groups (or similarly condensed evils), to generate “value”. “Want to do behavioral experiment on kids? We can now do this insanely cheap, as we track the effect on a per child basis”
Well eu doesn’t care about os yet. Just social media
just ban this bigtech “social” media for everyone and push people to fediverse then.
Fuck it, I’ll just host my own Lemmy instance.
Unless it becomes bigger, after that they’ll come for you.
Banning social media for minors isn’t a new thing they are pushing. At all.
It’s not a new thing but what’s new is the coordinated top-down push for it.
And this isn’t just about banning social media for minors. It’s about how to verify if someone is an adult.
Welp, this was bound to happen, wasn’t it? I’m pretty sure they’re referring to this application, which I stumbled upon a while back. If I remember correctly, the app “allows” (or implicitly forces) the user to store a government issued identity: able to attest to an age-restricted website, whether or not the user is of age.
It does this, supposedly by “just” sharing an age-bracket with the website; but here’s the kicker: the Union, in its generosity, has granted their citizens an in-app option, to withdraw this signal from the websites it has been provided to. What this means in practice, is the app storing one’s government-issued identify, also ties back to every account requiring “age-verification”…
So now, every device containing the app, has the owner’s government-issued identify on it, together with connections to every age-restricted service. And considering the apps are maintained by the Union, or member states (through their own implementations), creating a backdoor to the application’s contents… I mean to “observe app usage”, would be absolutely trivial.
Again, I’ve read it a while back, so some things might’ve changed, and my memory might be spotty; but I’m quite sure it’s along the lines I’ve described.
Kill your fucking owners or you cannot have nice things.
We have too much tech. Capitalism and authoritarianism are no longer compatible with progress.
I’m starting to think the tinfoil hat people were onto something
We were always onto something!
Reminder: The reason that this seems coordinated is because it is.
Meta has spent over $2 BILLION dollars to push this everywhere.
Being able to link accounts to actual people is incredibly valuable for Meta and all of the other companies who sell your privacy for cash.
Source: https://www.reddit.com/r/linux/comments/1rshc1f/i_traced_2_billion_in_nonprofit_grants_and_45/
The EU approach is not without its own problems. The reference code is open, but the operational system is not self-hostable. You cannot run your own trusted identity provider. The wallet apps require Google Play Services or the iOS equivalent, which locks out users of privacy-focused Android distributions like GrapheneOS, CalyxOS, and LineageOS. […]
ollama launch <your AI agentic frontend here> -- "Write me an age attestastion app for Android that implements EU's attestation reference framework without any bootloader checks."I’ve been spamming this lately but it feels warranted:
Please reach out to your family and urge them to stop using Facebook (or worse, any form of reels) if they still do. The onus is on the informed now. It’s not enough to just ask the tech barons to stop, we also need to divert their support.
Just admit that we’re in an informational WWIII already.
Every day closer to a totalitarian world nanny state that only protects the elite.
It was just announced that the targeted solution is a Zero Knowledge approach, where the website just receives a simple “not underage” without any additional information from a mini-wallet. This would be a solution that I could stand behind as it doesn’t use any 3rd party services for age verification. It’s akin to the COVID certificate.
Edit: https://www.eff.org/deeplinks/2025/04/age-verification-european-union-mini-id-wallet
I don’t stand behind any of it. We shouldn’t even give them an inch IMO.
Then they will break you and industry that wants data will win. You vs bourgeois governments, you will lose.
This is a serious push and though children are the cover they’re after surveillance. Take away their talking points, give them what they claim to want but in a privacy-preserving way and this goes away for another 10 years before they can make another push.
If we win this fight by doing a zero knowledge form they have no scaffolding to use on which to build anything further. If we lose and they build something that isn’t zero knowledge it will 100% be used in a few years to iterate on to build more surveillance and control.
Basically if we don’t push for this privacy alternative and instead fight like hell against it entirely they’ll listen to the only voices putting forward a solution which is meta and the other privacy invasive actors who want an invasive approach. If it’s made heard that people will accept this we can shunt them onto this path.
Ideally we’d push onto this path but make demands that it doesn’t require verification. That parents can set it up at phone/computer setup and it cannot be changed without reinstalling the OS or erasing the phone and that on phones it gets tied to a Google/Apple account. That way there’s not even any identity aspect involved but tools given to parents who want to do this. Shove it back to parental responsibility. But this would be a compromise we could live with and still have some privacy with.
Systems that are put into place will get misused or it’s initial usage will get softened, loosened and then for some safety stuff re-purposed (protection of children, protection against terrorism). If it’s there already why not use it for more than just some age verification.
It’s so cruel that we debate this mainly so that network traffic can get attributed to natural persons and this is gold++ for marketing.
The only system I’ll accept. Not necessarily for pornography and a lot of “save the children” claims are just pretext for privacy violations, but there are services that legitimately need to check some info and a zero knowledge approach is the most privacy preserving way to do that.
the main probrem isn’t really what data is used for verification, but what data is made unavailable without it. if some conservative asshole decides that resources on sexual health (or alternate sexualities) are pornographic, then that information is effectively gone for everyone under 18 or without an account.
Well, good luck to the conservatives, because if that happens little (or not so little) Timmy will bike to their nearest friend and ask them. That’s how urban legends used to bk propagated
i’m looking forward to the cuba-style internet café culture where there’s a new hard drive of stuff every week
That is true. Sadly this is the direction society is going and it’s depressing.
They’ve already decided so. It is all in Project 2025: queerness and sex-ed are considered pornographic. And platforms have been preemptively demonetizing and censoring info for similar topics (abortion and sex-workers resources also) for years.
this is about the eu
Even with the Zero Knowledge approach, you will still run an app on a phone (what if I don’t have one) that will make some call to the government’s servers, which will most likely know what website you’re trying to access. We’re moving the data mining from some third party to the government, which can be wrongly used later if some idiot comes into power. If it’s not making a call to a government’s servers, I would be surprised, since you could imagine someone just bypassing this to always return “Over 18”.
Even funnier (read “sad”), this initiative will probably rely on Google and Apple to keep it robust, and will likely have no availability on rooted phones or non-Google Play Services ones. It’s premature at best to deploy this in a meaningfully safe way.
This doesn’t make a call to government servers.
The app (or desktop application BTW, incl. Linux) reads your national ID’s NFC tag, once. When you need to prove your age, the app locally computes a zkp that only tells the site “at least 18yo yes/no”.
Note that every EU country has a form of national ID, and the digital capabilities of these IDs are already used for a bunch of stuff (e.g. taxes, bank account creation,…). This doesn’t worsen the privacy situation for EU citizens, but instead ensures that no privacy-unfriendly solutions emerge.
What I understood is that the code of the app would be open so it can be Independently checked. It sucks that it comes to this and there will be a choice between plague and cholera, but I would rather have this approach than use 3rd party age verification services.
It’s better than nothing, but there’s also the issue of certifying that the code that’s open, is actually the code in the app. Also the vast majority of people do not posses the knowledge to actually read and understand the code to be able to verify it. So to most people, it being open is of little benefit.
It’s so funny to me how badly people want this to be some nefarious governmental conspiracy. Listen, the government already has much better tools to track you online. Your computer has, on a hardware level, sent unique identifiers to ISPs and websites since Pentium IIIs. This age requirement thing isn’t a government conspiracy to track you, they already track you.
It is a *corporate *conspiracy. It’s Meta and other major websites, games, and applications companies that want to off load their liability. Meta and Alphabet just lost major lawsuits for their negligence in protecting kids on their own websites. There is a liability dam about to break for these companies and schools and other advocacy groups start their own lawsuits. That’s what this is about. That’s the real conspiracy.
Let’s say this is the official narrative. My argument:
- Meta stands to consolidate power and revenue from further mapping devices to real people.
- Meta was also originally backed by Peter Thiel, who trades in data mining for secret services, now much more energetically. Zuckerberg is a sexist idiot and his app had no more merit than MySpace. Thiel saw the potential of mapping real idenities to online behavior, and it is no accident Palantir was later implicated in Cambridge Analytica.
- A redditor came up with concrete data that others have already posted, that show that Meta’s dark money are all over this case. As for the fine you say that completely explains this, is a very modest for Meta, who is used to pay such fines as a cost of doing business.
- Amongst the orgs taking Meta’s money to push this are many conservative organizations, like Heritage but also others (anti-sex, anti-abortion, and anti-trans organizations), who know that these laws will effectively suppress speech. Much like the trans moral panics, the laws are not as stupid as they appear, but carefully designed to obliquely achieve their goals (e.g. police bodies with wombs, in line with the same orgs’ anti-abortion positions).
- Governments watch closely as the new corporatist technofascism undoes regulations and checks and balances. They stand to gain from the turmoil and increase their surveillance capabilities even more. Alternatively, some EU goverments might be thinking that this is a way to stick it to US tech monopolies that brainwash their constituents, but they are wrong.
- In fact, the approach and outcomes hints toward government contractors in cahoots with surveillance agencies, that it would be surprising if there is no adjacency to Analytica personnel and/or the benefits for state actors and spooks are just an unplanned side-effect.
Conclusion: There is sufficient basis to consider that the official narrative is not the whole story.
The biggest problem with conspiracy theories like this is always the number of people involved keeping their mouths shut. Anyone that has ever managed a large project knows how impossible it is to keep a large group of people quiet about something. In real life, there are conspiracies. Often very large ones. But they didn’t stay secret for long.
What is easier to believe: (1) that all these people involved, across countries with leaders of many different political varieties, all agreed to stick to a single narrative in order to cover up a deep international conspiracy to build a massive international database of people’s ages online, OR (2) Meta and other orgs are doing a normal business thing and trying to reduce their liability costs.
Counter-example: Epstein. But just continue to collect the checks for campaigning in favour of big brother Zuck, Thiel and their corporate and government friends. LoL
The Manhattan project
I don’t agree that Epstein is much of a counter point. There were lots of people taking about him, it really wasn’t that closely held of a secret, and he was arrested and prosecuted and murdered for it. Ultimately, with the files released, there really isn’t much in them that we didn’t already know.
Not everyone needs to be ‘in the know’, in fact most of the time people won’t even try to think through a position and it’s consequences. They’ll just support it based on surface level arguments. Also Meta isn’t exactly drowning in liability when they’re raking in billions in profit. Power stands to gain when information is controlled
You really underestimate the trouble meta and YouTube are in. The specific rulings were barely tickets to them, but if they are upheld then follows flood gates of identical lawsuits are going to be opened up. They had millions and millions of child users in the 2010s that they knowingly served an addictive product to. If the current ruling is upheld, then there will likely be a very large class action settlement to payoff all the past injured users. But instead of changing their product going forward they want to get rid of the responsibility for their product entirely.
Stop making up fake conspiracies and be mad about that.
It is in fact a government conspiracy to track you. Not necessarily to gather data on you, which can be purchased from brokers, but so that they can also control what you can access.
There’s no mechanism that the government currently has that can track you as effectively as these age verification laws can.
“There’s no mechanism that the government currently has that can track you as effectively as these age verification laws can.”
I honestly can’t tell if you were serious or not.
The governments just buy your data from Google. Do you have any idea how much information on you Google has?
Buying profiling data from Google is not nearly as effective at tracking and controlling your online activity as integrating facial scans and government ID checks into every website or even directly into your operating system.
Frankly a brand new account pushing the “The government is already tracking you, there’s nothing you can do about it, don’t worry about all the new ways they can track you, just give in” narrative is a little suspicious.
Just to clear something up, my brand new account is only new because lemmings.world is closing and I had to migrate to a new server.
Your computer has, on a hardware level, sent unique identifiers to ISPs and websites since Pentium IIIs.
Source?
Source.
I’m not the person who made the claim but Device Fingerprinting has been around for decades and Hardware ID is certainly part of that.
That’s not the computer doing it, that’s the services you use going out of their way to gather one by combining data which has other legitimate purposes. Not so much being “sent” as it is being “abused”.
Unless we want to count Microsoft’s “advertiser ID”.
Google “Protected Processor Identification Number (PPIN)” to learn more.
When is this being sent
to ISPs and websites
as claimed?
They also want a reliable way to differentiate between chatbots and real users, because advertising isn’t very effective on chatbots.
But also, one benefit of ID laws for the government is that it makes court proceedings much faster and cheaper. Sure, they’re tracking everyone online, but a lot of that information is locked behind procedure. By just requiring ID to log in they can sidestep the procedures, because they can just ask corporations nicely for ID information and they’ll eagerly comply.
I didn’t know about that. Maybe that’s plays into it too. But I’m generally a “simpler answer is more likely the most correct” type of guy.
In this case the simple answer is that Meta and others just had their “Tobacco Lawsuits” moment in court and liability floodgates are any to open wide, and they are pushing these laws to divert their liability onto someone else.
“Corporations want a way to verify the humanity of users” is a simple answer.
“Governments want a way to easily prosecute users” is also a simple answer.
I don’t see why it can’t be all of these things. There is actually a more complicated answer that I didn’t bring up, which is that smaller websites will have a hard time complying with ID laws, which gives preferential treatment to large websites. That locks out potential competition, hinders smaller projects like lemmy or mastodon, and helps secure the current social media monopolies.
That one might just be a useful side effect, rather than the intentional outcome.
deleted by creator
Source: trust me bro
Nanny state surveillance.
Didn’t the tech companies threaten to leave if they were taxed? Seems easier to tax the tech companies than force people to identify themselves.
It shall be banned for kids/teenagers. The problem is the prehistoric usage of ID. It is possible to have IDs which just disclose the answer to ‘are you above legal age?’ with a boolean and not the age. The question is, do they want to push for global surveillance, because they know we don’t have ZK-featured IDs in most countries? (Based on zero knowledge proofs).
