Irish State announce plan to build a porn preference register for most of the EU
thegist.ieThe topic of ID verification for porn sites has gotten a lot of commentary on HN recently, e.g. North Carolina's law requiring ID recently went into effect.
Slightly sidestepping the issue of needing an ID for porn in the first place, though, I wanted to comment on the extreme shortsightedness of any sort of ID verification laws (most specifically, financial KYC laws) that require that each individual company verify and store your identity documents themselves. This is quite simply a data breach hackers dream. For example, when Stripe released their Identity product, which captures ID images and selfies, people were at first surprised that the businesses needing ID verification had full access to the ID images (after all, this is contrary to their credit card processing services where businesses never can get access to full credit card numbers, which is great as it keeps those businesses out of the most arduous requirements of PCI rules). But Stripe explained they had to give every end-business access to all the full image data for regulatory compliance reasons.
It would make much more sense to rewrite the regulations so that 99% of companies would never need to store identity verification info themselves, but could just delegate that to an approved provider who has much more stringent security checks (or better yet, allow people to cryptographically sign info to prove their identity without giving up their whole passport image, but that's a ways off). I'm not saying this would solve all issues (big companies get hacked, after all), but I hope by now we've put to bed the idea that companies, generally, can secure their data against determined hackers.
My thoughts exactly. If the state wants to ensure that ID checks are rigorous (or otherwise monopolize them) they can provide an attestation API for that purpose, and legislate that only tokens signed by a cert trusted by the government’s root are valid.
This can be solved in a zero-knowledge way, and the government should commit to open source here. You don’t want the government seeing the sites you visit; the government should just issue a token associating the attestation (age, work status, whatever) with your private key. I think the details end up being non-trivial but it should be doable.
Yes, the government should provide digital ID services. On my Coinpassport site in the documentation, [0] I make this plea to governments.
I've made a testnet version that uses a basic ZK circuit to provide anonymity. [1]
There's so many holes to my approach though with overlapping renewals, dual citizenship, etc. If governments simply provided this service it would be great.
Passport NFC chips get close. [2] They contain the passport data signed and there's a project to extract those details into a ZKSNARK proof which is awesome but this doesn't prove that the person holding the passport is the person verifying like Stripe Identity does with the photo check. And it requires the nfc reader hardware, but that's not too bad for a requirement.
Maybe something like risczero could prove that a phone photo matches the passport photo using ZK but it seems like a big project.
[0] https://coinpassport.net/docs.html
How is this supposed to protect against timing correlation attacks? If each time User 1234 signs into a particular site, Bob Smith requests a token, we know with high probability that Bob Smith is User 1234 (or anyway is using his ID to request tokens).
You can solve this by giving the user a generic token that asserts that the bearer is e.g. over 18 and is valid on any site for e.g. 30 days, and then Bob can request arbitrarily many tokens on the first of the month and use them as needed. But now all of this ZK proof stuff is making things unnecessarily complicated, because you could then give every user the same token that expires at the end of 30 days. They're fungible and anonymous. Anonymous means you can't distinguish one from the other means you don't need different users to be different, and then you don't have to worry about vulnerabilities in your ZK system.
Which leads back to the main problem with this whole mess: All it takes is for one person with an adult ID to share the token. Which is the problem with all of these systems -- most of the population has an ID and they can share access to it. There is no way to catch them or stop them if they're actually anonymous. If you could, they wouldn't be, and then the system fails as an invasion of privacy.
Yes, there's definitely many scenarios to consider that I've been wondering too about now that I've got it built this way. That's why it's in testnet only.
In my zk group scheme, you do get one token for each epoch. (could be 30 days) It's simply suggested that you wait as long as possible between joining the group on your main account before minting your token on the anon account.
Finding applications for ZK tech is complicated because it only works for such narrow circumstances. Although in your case of "give every user the same token" makes the users anonymous to everyone except the issuer. The issuer is still able to know to whom they're giving them. With a ZK proof, the bearer instead mints the token by proving that they are one from the set of people the issuer has verified. The issuer cannot then break the privacy.
As for mitigating people sharing their tokens, of course that's always a fear but I think mitigation strategies would be unique to each application's use case.
> In my zk group scheme, you do get one token for each epoch. (could be 30 days) It's simply suggested that you wait as long as possible between joining the group on your main account before minting your token on the anon account.
I'm not sure this is the same thing. What I was suggesting is that the token you get doesn't depend on the site you're using it on at all. All you do is ask the government for a token and they give you one and you can use it anywhere you want for 30 days and then it expires and you ask for more.
If the tokens are unique to you then you'd have to request a bunch of them because you don't want to use the same one twice on two different sites. If everybody had the same one then that wouldn't matter because the token can't identify any particular user.
> Although in your case of "give every user the same token" makes the users anonymous to everyone except the issuer. The issuer is still able to know to whom they're giving them.
But this is solved by making the token entirely generic.
The problem we have is that Bob wants to visit an adult site without associating that with his social security number. If all Bob does is request the generic token which is the same for everyone and asserts that anybody who has it is an adult, the issuer knows that Bob requested it, but not if Bob has a kink or is buying a beer or is just requesting a token on the off chance he might need one later or is applying for a job at a casino or is hiring for a job at a casino, since this system is so simple the way you verify the token is by requesting it yourself and comparing the one the user submitted to see if it's the same one. It's literally just a single secret password for everyone that the government changes once a month and only gives out to adults.
> As for mitigating people sharing their tokens, of course that's always a fear but I think mitigation strategies would be unique to each application's use case.
It's not clear how you're supposed to mitigate it in this case.
Suppose Bob hates this system and wants to destroy it because it blocks adults without a valid ID from accessing lawful content, e.g. because they're from another country. So Bob hooks up his own valid ID to a server via Tor and configures it to sign any request for age verification from anyone.
Now there two possibilities. One, the system can find out who Bob is and shut him down, which proves that it doesn't protect your anonymity, is a massive invasion of privacy, and must be destroyed. Two, there is actually no way to identify Bob, and then the system has been destroyed by Bob.
I think you end up needing something like trusted compute for biometric verification (eg FaceID) so the authority can delegate real-time validation.
And perhaps you do randomized (risk-based) audits where you actually have to call the government to check in - but in general, physical ID also has the same high-level problem of some baseline of forgeries, and the name of the game is just making it expensive, not making it impossible.
One example of “make it expensive” would be to require unique device IDs to be registered, eg you bring in your iPhone (or Yubikey or whatever) and the DMV verified it’s not actually a non-certified device. This rests on keys being expensive to extract from the Secure Enclave.
Edit to add: lest folks get sidetracked on the requirement for a private company and device, you can also have a baseline in-person flow where you go to the DMV, and they physically verify you, and then hand you a short-lived token that you can then send to whoever wants to verify you. For example, you're signing up with an age-sensitive site, applying for benefits, etc. -- it's non-trivial, but with a bit of infra and UX it could be made usable. The point is that once you have that token, it's pseudonymous, and e.g. PornHub can't figure out your real ID from it, nor can the government tell where the token was submitted.
> I think you end up needing something like trusted compute for biometric verification (eg FaceID) so the authority can delegate real-time validation.
That doesn't work because a) not all devices have cameras or trusted whatever and b) there are legitimate reasons to be able to use your ID without being there.
Suppose I want my search engine to be able to index the content on adult sites so it can return those results to adult users. I have a valid ID so I give it to my web crawler, that doesn't mean I'm willing to sit there all day and have it scan my face every 50ms when it moves on to the next website.
> And perhaps you do randomized (risk-based) audits where you actually have to call the government to check in
So then Bob calls in and says "Hi, this is Bob, yes this is a valid ID" and then carries on using it to supply age verification to anyone who wants it.
Unless you mean you're going to actually look into what Bob is using his ID to do, but now we're back to invasion of privacy, aren't we?
> - but in general, physical ID also has the same high-level problem of some baseline of forgeries, and the name of the game is just making it expensive, not making it impossible.
The difference is that physical forgeries are per-individual and generally require the acquirer to meet with the seller in person and risk criminal penalties, whereas digital things can be provided anonymously over the internet with no unit cost.
> One example of “make it expensive” would be to require unique device IDs to be registered, eg you bring in your iPhone (or Yubikey or whatever) and the DMV verified it’s not actually a non-certified device. This rests on keys being expensive to extract from the Secure Enclave.
Bob plugs his certified Yubikey or whatever into his server and has it age verify whatever anybody asks it to over the internet. The key never leaves the device.
Also, even if that wasn't the case, you would only need one person to extract a key from one device. This is the same reason DRM has failed to prevent Hollywood movies from appearing on piracy websites even if the median pirate doesn't know how to extract AACS keys or decrypt Netflix streams. (The reason they persist with the charade is that it prevents third parties from presenting a unified interface across media types and streaming services without their approval, not because it has ever been useful against copyright infringement. How many devices can recommend Netflix shows or YouTube videos based on what you watched on Disney+?)
The problem in this case is even worse because the "vulnerability" is actually an intrinsically mandatory feature. If you have a system that can't allow Bob to age verify whatever he wants to without revealing to the site who he is or the government what he's doing, your system is unacceptable. If you have a system that can do that and then Bob wants to age verify everything for everybody, your system is pointless.
Yeah the hard case to solve is “prove it’s still <ID principal> that is generating the challenge”.
With GenAI I wonder if images will be considered valid ID for long. “Generate a new video of face with camera pan” is currently hard (not impossible) to forge, but I doubt it will be in a year or two.
You get back to multifactor auth, but then the system is more stateful, and still, what is the incentive not to share your ID & password with underage friends?
(These challenges will also be faced with the OP’s scheme as well.)
> This can be solved in a zero-knowledge way, and the government should commit to open source here.
This is what France's government is working on if i understand correctly what i'm hearing (i'm working for the private sector right now, so i'm not as well informed as i should be on those kind of things). Not really a fan, but i note when they're doing good shit, and on that they're on point.
I don't mind a zero-knowledge age verification, i will strongly oppose anything else (with both money and time).
> This is what France's government is working on if i understand correctly what i'm hearing
Would you have any source discussing this? I don’t doubt you at all, I would like to learn more about where they want to go.
It seems that they are working with a decent team at INRIA. I would like to know better how compatible their developments are with the stance of the government (and other more or less hysterical ones like in the UK).
Sorry, it's mostly rumors and stuff I catch reading the chats I'm still in.
I've found a kind of white paper that link to LINC and Olivier Blazy:
https://www.cnil.fr/fr/verification-de-lage-en-ligne-trouver...
And the LINC repo might have some stuff?
"can be solved in a zero-knowledge way" - absolute zero?
I am curious how this would work - for example I want to check someone's ID, how could I take a pic with a phone and run it to prove it's real - but the gov have no idea that I ran the ID check?
Wouldn't their system know that I, my ip, browser fingerprint, checked ID X at y:yy time and likely the location?
I have a great app idea that would be useful if there really is a way to check these things zero knowledge.
Biometric passport chip.
All data on your passport can be read using NFC and is signed with a government key.
It even has cryptographic functions to test if you are talking to a real passport (to prevent replay attacks)
So it may be possible for two pieces of hardware to talk and prove a thing is signed by a reputable place.. so I could check an ID and be pretty certain the age is correct in the data pulled from it.. I guess..
But if I needed to take that ID and run it to check for a valid license or valid insurance - or if they are on a gov deceased list or other background check or something..
Unless I could have all these DBs on device I can't see a real way to do them zero knowledge checks.. I could imagine a service could promise to not log requests but no way to verify they are not..
I suppose I'd like to see a system where you could batch check 100 or so IDs at once to run checks to see if they have insurance, a valid drivers license, a valid XY or Z license, any warrants, pending litigation and such - able to do so in a way that the check on the person is not logged, prove-ably.
If each ID has its own signature, the signature can be used to uniquely identify the ID.
I'd rather require 'Kid mode' devices _self identify_ as being in _kid mode_ and a two layer approach of websites which are known to be not 'kid friendly' identify as redirect to a kid-friendly resource.
Do not lock up adults on the Internet. Rather, keep the kids in the nanny's care in their own device context rather than on the wider network.
I’m not sure that making kids identifiable as such to any random website is a good idea.
Reminds me of the old joke about an app for finding local playgrounds being misused in that exact same way you are implying.
Sure, but we should still be able to have nice things, even if the one in a million weirdo exists.
Yep, I fully share your sentiment on this.
I agree with the parent here. If the device is designated a kids device by some means, websites can ensure no adult content gets transmitted and their data isn't mined for ads.
Why is anyone's data mined for ads? If you're going to make a kids mode flag that denies data mining effort, then just fucking make the don't mine me switch and open it to everyone.
“But my next Ferrari…”
And malicious sites can decide that the user is a promising target for grooming or scamming, etc.
These could easily be ferreted out by synthetic agents scouring the internet and posing as kids.
Could you give an example of such an attack that is intractable in the status quo?
Well, currently ads can be targeted using user agents. This is analogous to that sort of attack, although less malicious. There are bad people who would target children if they could, so it does seem to fit with what you're asking. We create the means, and they will exploit it.
> I’m not sure that making kids identifiable as such to any random website is a good idea.
This is what any of the age verification proposals do, isn't it? You know who the kids are and who the adults are regardless of whether it's because you have the adults assert they're adults or the kids assert they're kids.
This is spot on. I have had to do KYC for me and my company on a couple of financial sites and I hate to think where that data is saved and what will it actually be used for. And this is mandated by law which is crazy.
Hasn't there been a few countries with some sort of digital ID development already? I get the impression the Anglosphere has an anti-ID card tradition so it seems like it's a bit behind in that.
The anti-ID sentiment comes from looking back on history, and not pretending that the future can only be better.
People who don't know history repeat its mistakes.
Germany is extremely focused on that aspect of history and even used to have laws [1] in the books prohibiting anything SSN-like for many years. Yet German ID cards have a built-in contactless chip that allows using them for online identity verification and e-signing.
This is obviously more secure than taking a photo of an analog ID as an "online identity proof" (a somewhat absurd idea if you think about it, yet it's the state of the art in most countries today). But if done correctly (and I do realize that this is a very big if), it even be more privacy-preserving too:
For example, when trying to prove your age to a website, the only thing that site really should have to learn is the fact whether you were born more or less than a certain number of days ago. Not your date of birth, not your name, and certainly not a picture of your face or any other biometric data.
Digital ID can do that (e.g. by asking the secure chip "Is the accountholder born before $date? If so, please sign this challenge using a key shared among all ID cards" or something equivalent). Analog ID requires you to reveal strictly more information than that to a service provider and hope for the best.
[1] Technically a supreme court opinion
I have used the e-signing function of my German ID card exactly zero times.
Even government websites don't support it for the stuff I would like to use it. So it isn't exactly a success story.
True, it does seem to be suffering from a chicken-and-egg type of problem: Not enough services accept it, so not enough people actually remember the PIN and care to install the app necessary to use it.
But now that both iOS and Android phones can be used as "card readers", I hope we should finally be seeing some more adoption. Before that, almost nobody had a card reader handy when they needed one.
The EU's eIDAS digital ID/signature portability scheme should also help boost it.
I went through four different use cases in the last two months or so, about 1.5 of them not the state. I'd say the chicken/egg phase is over. But it won't be an everyday tool anytime soon, but the same is true for the physical ID, its not like you need to show it around all too often.
I’ve used it for your Rentenübersicht (which is actually amazing) and Elster. But yeah, it’s not really deployed
To add to this, the AusweisApp in Germany shows what information you're sharing to a website and asks you to confirm its ok
Unfortunately the eID system is neither well communicated nor widely used. Which really is a pity. It’s (at least in principle) quite well thought out. You get clearly shown who’s asking for which information. Then you present the ID to the phone, enter your PIN and only that information gets provided. In principle this would allow for a blind “are you old enough?” check without ever touching the actual data.
But of course while this is a relatively simple game of signatures and certificates and (afaik) safe and secure it is basically impossible to communicate what exactly is provided at which point in a manner that is understandable let alone trustable by the general public. And the workflow requires you to provide the PIN twice, which is nice (it’s not cached) but also annoying
This idea ("I'm against IDs because I fear what they'll do with it") is really interesting to me, because in my country (Argentina) a large part of the national pro-ID sentiment comes from looking back on our own history and attempting to prevent some of the human rights abuses that were committed in our country.
The last dictatorship tried to erase dissident's identities, kidnapped their children and erased their links with their previous family. As a consequence, Argentina now has a "Right to Identity" enshrined into our Constitution and deeply ingrained into our society and culture.
How do you imagine registering your identities with the government is going to protect you from the government?
safeguards. how do you imagine anything secure works at all anywhere?
“Safeguards”? What does that even mean in this context?
> This is quite simply a data breach hackers dream
That's... well, not the point of the laws, but inseparable from them; the point is to build a database (distributed, when the information isn't also reported to the government at time of collection) which the government can access at need;
That’s just a bad design though. When I go to a bar they don’t store a record of my ID for future review by the government. They look at my ID, see I am of age, and then our interaction is complete. No further record exists, nor should it.
The government can try accessing porn sites themselves to see if the sites are in compliance. The same way we do, well, everything.
That it isn’t designed this way shows the incompetence of the regulators and their disregard for public safety and free society.
And hopefully it doesn’t need to be pointed out but none of this actually protects children. This is abuse of power for the purpose of puritanical guilt tripping.
> That’s just a bad design though. When I go to a bar they don’t store a record of my ID for future review by the government.
Banking KYC isn't about making sure people are authorized to bank, its about making sure the government is able to track them down if they are (determined by the government to be) associated with bad things.
The purpose is not the same as checking ID at a bar.
(Now, there's an argument that, for porn consumption, the purpose of any ID requirements should be like a bar and not like banking KYC, even if for porn production or distribution, there is more of an argument for a banking KYC-like regime.)
> Banking KYC isn't about making sure people are authorized to bank, its about making sure the government is able to track them down if they are (determined by the government to be) associated with bad things.
That's simply not true. E.g a huge part of KYC is ensuring people aren't sanctioned for banking purposes (i.e. OFAC checks are mandatory).
Yes, a record of a user's identity is important, but it's still bad design that every little company, many of which have dubious security practices where they squeaked through figuring out all the right boxes to check to "pass" a SOC 2 audit, have to store this information indefinitely. Some sort of federated system where a business could delegate KYC responsibilities to a respected provider (which is exactly analogous to how Stripe-like credit card processing works) would make a lot more sense.
For porn production you need KYC. For porn consumption you need a bouncer. That the regulators miss this is either incompetence or malice and maybe both but that doesn’t make this a good idea. Real harms will come from this when the databases are breached. The kids will still be able to find porn and alcohol. To make matters worse when they grow up they will live in a surveillance state.
> Banking KYC isn't about making sure people are authorized to bank, its about making sure the government is able to track them down if they are (determined by the government to be) associated with bad things.
The problem with this is that it doesn't really work. Serious criminals use shell corporations, fake or stolen identities, hire patsies, use precious metals or physical cash, foreign banking systems, cryptocurrencies, Hawala, etc. The effectiveness of KYC rules is abysmal, to the point that we could abolish them and hardly notice any effect on crime. And yet we continue to pay all of the costs, which fall on innocent people.
Given the fundamental truth that "everything is tax fraud" would it actually make it easier to identify crime by making it easier for criminals to open bank accounts?
This is a great point. A numbered account at a US financial institution would presumably be much easier for the US government to execute a warrant against and get the transactions than some adversarial international Hawala network or privacy coin which would be equally in the dark about the target's social security number (if any).
> Banking KYC isn't about making sure people are authorized to bank, its about making sure the government is able to track them down if they are (determined by the government to be) associated with bad things.
Have you implemented an AML compliance program? That’s not really how it works…
> When I go to a bar they don’t store a record of my ID
Many bars are storing a record of ID. e.g. PatronScan (https://web.archive.org/web/20190604193217/https://onezero.m...)
That’s also a bad design. I still normally get my ID checked by a bartender or bouncer’s eyes.
In my neighborhood, there is a new law requiring use of such scanners.
Are they required to store the scans for some period of time?
The requirement [0] is “Must reject entry to anyone using a fake or duplicate ID.” I gather that the bars have determined that the easiest way to detect duplicate IDs is to outsource to these services that capture IDs and can be queried at time of entry. I have no idea how long they keep them, but it seems safe to assume they would value the data forever.
0: https://www.orlando.gov/Our-Government/Departments-Offices/E...
I’m sure it depends on the bar if they care about retention or derived insights but I fully expect the service providers to retain these records indefinitely for the purpose of monetization.
Presumably using these services alleviates some legal liability for the business.
I do wonder if there’s a legal requirement for retention and what access the government has to the data.
I suspect that you're probably also individually tracked and logged when going to bars thanks to GPS systems (phone/car), indoor/outdoor security cameras, cell phone location data (via gps/bluetooth/wifi), license plate readers, red light cameras, electronic toll collection systems (https://www.aclu.org/news/privacy-technology/newly-obtained-...), credit card transaction records, ring cameras, atm cameras, and bluetooth tracking beacons. By the time someone scans your ID your location has probably already been recorded many times over. No doubt that the government is collecting and keeping records from at least some of those sources and I imagine that the coverage of even just a few of those records in combination are comprehensive.
The places that scan your ID often do save your info. Not supposed to, but it’s common.
If they use a scanner absolutely. That’s the only safe assumption. But at least that’s engineering incompetence instead of government overreach. Most of the times my ID gets checked the only tool used is the human eyeball.
> But at least that’s engineering incompetence instead of government overreach.
This is incorrect. Many states have laws specifically encouraging ID scanning: https://idscan.net/us-id-scanning-laws/
Is there a requirement to make this scan history available to the government?
BTW I don't exactly follow. If it's a database of people showing their government-issued IDs, it's then just a copy of the government database of these IDs. I can't believe that a government issues a photo ID number so-and-so to some Joe Random, and forgets about it. I bet it keeps a record.
The interesting part might be tracking the real people across websites, at least such websites that require this level of identification.
It’s a database of government issued IDs with all the associated details and where they showed those IDs. So it’s a security nightmare and a privacy nightmare.
I think this is what Apple introduced in iOS16: https://www.apple.com/newsroom/2022/06/apple-unveils-new-way...
Keys and IDs in Wallet get expanded support. Users can use their ID in Wallet for apps requiring identity and age verification. To ensure a private and secure experience, only the necessary information required for the transaction will be provided to the app, and the user can review and consent to share it using Face ID or Touch ID.
While acknowledging identity verification is problematic and bordering an unsolved problem, that really is a horrible precedent for someone to be required to own an electronic device that rapidly falls in to obsolescence to perform basic activities.
In the more extreme sense, the complexity and security hurdles really make this something only the largest multi-billion dollar corporations could do. European countries really seem to do a good job of re-enforcing existing American monopolies while hamstringing their own economy and the freedom of the internet as a whole. I don't know if this is intentional (regulatory capture) or just based on a very superstitious understanding of computer science and mathematics (see the recent encryption debacles.)
Apple has gotten a free pass for security & privacy, so far, by mostly producing secure(ish) devices, at least relative to the competition and give the never solved problem of keeping an always-on always-connected device that can receive messages from anyone in the world secure. However, as Apple's only remaining growth area is advertising their privacy reputation is going to diminish. Apple's leadership over the next decade or two will determine just how quickly that erodes. Definitely not a company I would want to be reliant on ID verification.
> to be required to own an electronic device that rapidly falls in to obsolescence to perform basic activities.
I bought an iPhone 11 Pro in 2019. I paid Apple $40 for a battery replacement last year. My phone continues to work well, and I'm going to keep it until it breaks.
Apple still pushes updates for the iPhone 8 which was released in 2017, so I expected to get at least two or three more years of life out my iPhone.
I believe this is just based on: https://www.iso.org/standard/69084.html
Some information: https://www.ul.com/sites/g/files/qbfpbp251/files/2021-08/mDL...
I've never tried it, but there's an implementation here: https://github.com/walt-id/waltid-identity/tree/main/waltid-...
From: https://walt.id
I don't think Apple did anything magical here, and from what I can tell there's no lock in. You could load your ID to any number of places for this verification, it's not just locked to Apple.
The key part is that it's a private company offering something that is opt-in. If the federal government mandated it, it's almost certainly a 10th Amendment violation (via commandeering). It would also effectively make the currently de facto second class citizenship of those who entered without inspection including DACA recipients into de jure second class citizens and under current law, for life. It would fall squarely into the small part of the opinion landscape in the US where both the right and the left would have reasons to hate it.
I'm not sure there's any reason to mandate that exact solution.
It seems more likely that they would mandate age verification. This would be one way the government could support to do that. There's no reason PornHub couldn't support this, or other methods (or just one or the other). I think the law would say "a site has to verify the age of the user", not "everyone who wants to look at porn has to have age verification via a smart phone".
I don't know the details, but I think what you're describing is what the Dutch DigID ( https://www.digid.nl/ ) system provides. It is used on local and national government data portals as well as for legal document signing, etc. It works very well in my experience, and in fact I don't even have to have a username/password on the websites.
There's a similar system in Denmark called MitID (my ID), it can even be used by businesses. I can pop into my local REMA 1000, scan my groceries —including alcohol—on my phone, and pay for them all in-app without any interaction with another human being. Because I'm logged in with MitID, there's no need for the additional age verification that more traditional self-scan checkouts require for purchasing alcohol.
>This is quite simply a data breach hackers dream.
The problem here is you're missing the point of the people making these laws. This is a feature, not a bug to these people. They want to punish you for stepping outside of your cis normative + 2.5 kids relationship that good 'religion of their choice' people do.
Gave you an upvote because you're calling out that this is a feature, not a bug.
But I don't think you needed to go down the religious-norms path to get there. It's not really fair. I think you could easily substitute items from the other side and end up in the same place.
The point is that the government wants all this information for the same reason they want to spy on our chat communications and all the rest - they want to control us with it.
Eh, I'm not really much of a 'both sides' type of person when one particular group (in the US in this case) is increasing pushing rules that border fascism while the other side may have bad ideas, but are far more moderate. To do so hands power directly to the fascists and makes them an acceptable choice.
You're bundling a lot of large groups into one group that is not particularly representative.
I hear you, but I think you're slightly missing my point. Even if I grant that the current regime is focused on religious/conservative issues, that can easily change over time. The problem is allowing our governments to use spying and surveillance to control us. That's something that gets worse over time and doesn't get rolled back with changes in elected or unelected officials.
In 100 years, will progressives or conservatives be in charge? I don't know, but I'm pretty sure that whatever spying apparatus we put in place now will still exist (or be enhanced) by then.
I'm with pixl97 on this one, but I think you are both in agreement, just focused on different parts. They are focused on the cause, you are focused on the effect. The two are causally linked.
I cannot for the life of me think of a way this policy would be enacted without a strong religious based push. I understand you think that it is unfair to claim that this is caused by religious based policy-making, but how can you claim that "you could easily substitute items from the other side and end up in the same place". What other side? Atheism? Can't see an atheist caring about this subject enough to create privacy invading laws. Religion always seems to be focused on what people do in the bedroom more than any other subject. Absolutely sex-obsessed.
And to add to your statement, in western culture religion is going to be the policy element used to favor power when using these moral arguments.
China with there developing demographic issues will use a less religion based policy and more of the social shaming policy, and already are an authoritarian government.
We don’t have to imagine. We saw it in action in the Soviet Union with Stalin.
Interesting to know that's the reason. I make a website called Coinpassport.net that uses Stripe Identity to do just like you describe: verify once and reuse it on other sites.
I would have loved if Stripe signed the results so that it could be more decentralized and anybody could verify with their own stripe account and have it be comparable to others.
These laws are (almost always) written by smart and competent industry lobbiests. The lack of privacy security is likely the point. I doubt very much that this was merely an oversight or they that they just hadn't thought it through. They got what they wanted.
At least in the US this is already how it works. There are existing KYC vendors where you can basically pass along info to them and they will give you a KYC score for a customer.
> This is the national internet regulator proposing that it would require that everyone, adult and children alike, would upload their state ID and live selfies, to porn sites to have biometric processing of their facial images performed. Resulting, amongst other things, in an effective register of porn preferences for adults and a collection of selfies of children kept by the porn sites for six years (required to prove they have complied with the regulation, you see).
I'm sure this data would never fall into the wrong hands or be misused :-)
> I'm sure this data would never fall into the wrong hands or be misused :-)
Ireland has a long history of data scandals. One that springs to mind is illegally keeping phone records for years (knowingly in violation of EU law) then illegally accessing them (in violation of Irish law) and then using them in multiple murder convictions, including the very sketchy conviction of Graham Dwyer [0].
[0] https://www.theguardian.com/law/2022/apr/05/mobile-phone-dat...
To be clear about the 'sketchy' conviction of Dwyer: there is no doubt about his guilt, and his defence essentially amounts to "ah, but you should not have been able to catch me".
In the US, as I understand it, if the cops violate the rules about gathering evidence then the conviction can be quashed. It's not so automatic over here. So his appeal has been rejected, and no one is upset about that apart from him.
As another example, in 2016 or 2017 the Irish police (Garda Síochána) installed a tracking device on a suspect's vehicle. Data collected from this was used in evidence some years later[0]. The suspect's vehicle had left the jurisdiction (crossed the non-border into Northern Ireland) while being tracked, and the Gardaí used this data which they are not allowed to do. So what was done? Well, the judge ruled that the Gardaí hadn't intended that, so it's ok, the data - including data collected outside the jurisdiction - is admissable. "Lol, lmao" added the judge. I know, I know, I can hear an alarm in your head going off as you read this, so I'll throw you another detail you'll love: this was heard in a non-jury court, yeah, that's right a court of three judges, none of this twelve of your peers nonsense.
It's all sounds a little less precise than you might like, a little more like muddling through than the 'majesty of the law' vibe. And it kinda is. Mostly works though.
[0] https://www.breakingnews.ie/ireland/tracker-device-planted-o...
That’s probably the intent. create massive friction without outright forbidding it
Lol, the fact you're downvoted shows how little critical thinking some people on this site have.
The US has done things like this for generations, the 'red scare' is a perfect example of the state creating lists of people's political and personal preferences and using them against them. Knowing the list exists and you could get on it my standing too close to those thoughts not approved was used as a force to keep people only thinking 'good thoughts'.
The intent is to ask for ID in order to connect to any website, the article already says that this law will apply to any video sharing site including facebook, twitter, tiktok and even mastodon...
Also putting anyone watching non-straight porn as a huge risk in the current political climate.
anyone "doing their own research" can probably get an exemption
What does that mean?
It's a common excuse used by several anti-LGBQ activists who later got caught viewing said porn.
What does that content have to do with LGBTQ exactly?
You don't see the hypocrisy of anti-LGBTQ activist and politicians looking at gay porn?
See Pete Townshend doing "research".
What do you mean by this?
There are a lot of politicians who hate gays, so being outed to the government isn't exactly ideal.
Kind of like how the Jews didn't think anything of having their religion on their ID cards in early 1930s Germany.
Yeah what's up with that. Already now many service providers like payment processor or online brokerage requests me to upload "a selfie" holding sheet of paper with something written on it, or holding my document. How they arrived to the conclusion that it's acceptable?!
I'm annoyed that it's now a problem for people when it applies to porn. I've been avoiding services that want pictures of my passport and selfies for years now. It was never OK.
This data probably already exists, though. Fingerprinting is more than good enough to identify an individual. Porn sites can easily aggregate this information already.
This data is collected, stored, but not shared. For example, when you arrive at any airports located in China, your facial information (along with walking gait) will be collected by the airport authority. This data, however, is not shared with checkpoints alongside the physical border. It would like a central directive to set up a shared database and the system to correctly utilize the data. I doubt that a simple porn/ entertainment corporation has the ability to do such a thing (even if they somehow are allowed to obtain the data legally).
The Irish state has a serious problem with using peoples data and it often uses it maliciously. The Irish Data Protection Commissioner is widely regarded as a joke.
Examples include knowingly illegal phone record collection and use in dubious murder cases [0], using medical and school records to pressure parents of disabled children to settle court cases against the state when most vulnerable (and lying about it until caught) and secretly recording all calls to police stations including non-emergency numbers likely to catch whistleblowers [2].
That doesn't include all the private sector scandals, like data breaches that went uninvestigated and unpunished.
[0] https://www.theguardian.com/law/2022/apr/05/mobile-phone-dat...
[1] https://www.irishtimes.com/news/ireland/irish-news/dossiers-...
[2] https://en.wikipedia.org/wiki/Garda_phone_recordings_scandal
Regulating porn is just stupid. It's never going to work and I don't get its objectives. Porn probably has a negative effect on children, but much less than something like TikTok. I could at least see the sense in banning children from the entire internet or limiting their access in some way (preferable implemented by ISPs rather than individual websites), but trying to specifically stop them from seeing naked people is pointless. Parents can easily control which parts of the internet their kids have access to, and much more effectively than the state can with the added bonus that it doesn't affect people without kids.
I can easily block TikTok because it has little informational value. Youtube on the other hand is a serious and important learning resource and I would not want to block it for my kid.
At the same time, offering Youtube Shorts in the same service under the same domain is like "cabinet next to their bed with cigarettes, snickers bars, and painkiller pills" as a sibling comment aptly put it.
I use a combination of:
- https://letsblock.it/ and Ublock Origin
- The Unhook plugin for Firefox
- Blocking channels on my YouTube account when I see something inappropriate
- Adguard Home also blocks certain channels
to try to moderate the YouTube content for my kids. It's not perfect, but it does get rid of a lot of garbage (like YouTube Shorts).
My 6 year olds class were given a chromebook with youtube installed just as an app, zero filtering, zero adimn controls from our end.
It's like no one in the loop: teachers, IT providers, local / government procurement, big tech companies, etc thought to ask themselves if it was a good idea for kids to roam unrestricted on a site where anyone can post anything.
Not to mention the constant barrage of video advertising in the classroom.
Bonkers.
I wonder if there’s a chrome/FF extension to block shorts… just delete the whole element as soon as it hits the DOM. If not, someone please make one! I guess this could just be a tampermonkey script, even…
It blows my mind that they’re willing to pollute their brand and value for such a clearly awful, addictive feature. So short sighted. If anyone here is still a Google employee, I implore you: leave. Your talents could be used so much better when directed by people who are a little less greedy
I used to work there and this kind of thing is why I left. Google lost their moral compass years ago. The greed I saw from top to bottom was baffling. People earning $200k already, who spent all their time figuring out how to get the next promotion (and thus inventing stupid unnecessary and uninteresting projects) rather than trying to find actually fulfilling-to-the-employee or useful-to-the-enterprise-or-the-user work.
You already make a ton of money and have a ton of status, why not enjoy it and find work that is actually fulfilling to you and/or useful to the user and/or failing that at least useful to the shareholders if nothing else. But no, they were conditioned to seek achievement blindly and without any moral or other introspection.
I could not stand it. I spent years regretting not holding my nose longer for the sake of being able to buy a house and so forth.... but I've made my peace with it. Since then I've had the opportunity to see how harmful Google's attempts to make money are to children (they are the new Joe Camel) and now I no longer have regrets at all. It's one thing to manipulate and exploit adults who should know better, but to target children is just the worst kind of low.
Very interesting perspective, thanks for the insight! Seriously.
I recently quit Google, thus the preachy tone above lol - it’s an emotional topic. Ultimately I wanted to prove to myself that I could cut it as a “big tech” software engineer, but the whole corporate structure and purpose was unbelievably anxiety and shame inducing. Probably an overreaction but hey, us engineers are a fragile bunch…
I was in ads, so it was the front line of the insanity: thousands of truly kind, smart people were pampered in brand new Science-Fiction buildings on NASA Ames land (kagi “Google Bayview Campus”) with the finest food, gyms, tech, transportation, everything. They talked all day about modernizing ads and pleasing customers and powering the Free and Open Internet, and never about politics. And promotions, as you said. Meanwhile:
- we were surrounded by an army of underpaid contract workers because the engineers refuse to collectively organize with them,
- desperate pleas from organizations I trust to stop [LATEST_GOOGLE_3PC_REPLACEMENT_PROPOSAL] because it would destroy the internet were hitting the top of hacker news every few weeks,
- lawsuits are landing from the DoJ for illegal business practices with quite shocking screenshots of internal slides, and
- The legal manipulation culture runs so deep that employees get regular training on why they need to tag everything as “attorney client communications” even if there’s no attorneys involved (something tells me that “”loophole”” isn’t gonna last long).
Such a weird, jarring experience. I’m still living off Google savings so haven’t quite hit the “miss the paycheck” stage for real, not looking forward to that! Hopefully someone finds this emotional rant illuminative.
Thanks for sharing. I wish this could hide all Shorts though. They still show in search and on the subscription pages though
YOU SAVED ME
You should try https://newpipe.net/
It's not about regulating porn, it's about regulating what you can think about. This has been a 'feature' of the US for quite some time, create lists of your political enemies and the 'naughty' things they do so you can use them against them.
you won't beat us in that regard. The article is a bit biased but the examples are real(uk). https://care.org.uk/news/2023/08/the-new-thought-police
Please, McCarthy is old hat.
Here's a Survey of WorldWide Censorship, specifically the chapter on internet[0] to get you up-to-date. There's also the Open Observatory of Network Interference (OONI) [1] which deals more with infrastructure blocks.
There's also the more subtle kind, called "fact-checking" which on the surface does a very good job shielding us from the conspiracy theorists[2]. Don't misunderstand, on the surface this is a noble task, but it is still a filter of information that you did not employ yourself, and one that you have no means of controlling or influencing. You will only see what they left out: If you are not accepted by these gate-keepers you are silently excluded by most big media outlets. Here are eg. the organizations that Facebook trust to fact-check[3]
There's a really large machinery operating worldwide these days. Or, specifically, a whole lot of different machines. I'm not saying this to spead FUD, just FYI.
[0] https://www.ietf.org/archive/id/draft-irtf-pearg-censorship-...
[1] https://explorer.ooni.org/findings
[2] The European Fact-Checking Standards Network (just one example): https://efcsn.com/
[3] https://www.facebook.com/formedia/mjp/programs/third-party-f...
>Parents can easily control which parts of the internet their kids have access to
I'm not sure that this is true. It doesn't sound true.
Most ISPs have a fairly effective child safety mode. Combined with one of those parental protection apps, you can probably prevent your own child from seeing anything you don't want them to.
Please spell this out for me.
I'm a very tech savvy individual, and as a parent who has spent hours and hours navigating the murk of disparate parental control systems, it is clear to me that what you say is only true if you commit to preventing your child from having access to anything at all.
Worst of all, children have friends!
In other words, you must lock them in a closet and deprive them of access to sunlight itself to accomplish what you say.
So instead we lock the adults and block access to adults for things that are intended for adults?
I totally fail to see how you got that from my comment.
Either the children or the adults will need to overcome hurdles to access porn. I believe the parent is suggesting that if we have to pick who faces the hurdles, it should be the children (and their parents) not the adults legally deciding to surf porn.
I don't have a position on that, and there's not one implied by my comment, which is why I am unsure why the commenter assumes one.
I'm afraid the only way to introduce children is by whitelisting. Service by service, website by website, video by video. Giving them a smartphone with WiFi is like filling cabinet next to their bed with cigarettes, snickers bars, and painkiller pills.
I did not limit internet access for my children, past certain age. Instead, my children asked me to protect them from disturbing content sometimes. (So I did, setting up an age filter on YouTube.)
Most of the time, unless you yourself don't eat snickers bars non-stop while chain-smoking, your children won't, too. Children do what their parents do, not what their parents tell them to do.
I agree somewhat. Ideally, the internet wouldn't be addictive at all, and hence wouldn't be an issue for children or adults. A whitelist seems reasonable for the current state of the internet, but I can't think of anything beyond Wikipedia that you could put on it. That said, you still run into the more fundamental issue of what exactly is adult content? Violence, gore, and gambling certainly, though I'm not sure casinos should be legal at all. But I struggle to justify it for porn. It's probably more healthy for children to have access to some kind of pornography.
That might actually be the lesser evil here. There could be a new category of "kid-friendly" devices which require parental unlock to (temporarily) access the open Internet, either in general or outside of a government-approved whitelist. Such a whitelist might include things like YouTube Kids, kid-friendly subsets of app stores / package repositories, reputable news sources, informational and educational sources, and filtered versions of search engines.
Then there's the enforcement model to consider. Maybe it's just an option consumers have available for purchase at their own discretion. Or maybe vendors would be banned from knowingly selling non-kid-friendly devices to minors, and/or parents would be banned from allowing their kids to own non-kid-friendly devices.
If this is the direction society wants to go in, it shouldn't impose on anyone other than parents and children. Current legislation and proposals narrowly target one specific use case (porn), and do so in a kludgy way that's effectively just banning its use without a VPN. Instead, this approach would provide a general framework for filtering kids' interaction with technology.
For example, some states might use it to ban social media and AI chatbots for children, at least in their current forms. I could imagine an alternative AI chatbot service being allowed which shared the history with parents and teachers, so as to deter cheating, and to provide an opportunity for human adults to add context or corrections to any misinformation. I could also imagine allowing more limited social networks that segregated schools or classes into their own private bubbles, wiped content at the end of each school year, blocked posting images/videos without parental approval, used uncomplicated news feed algorithms, and gave teachers and staff reddit-style moderation power.
Personally, I'm not sure how much I like this, vs simply leaving the parenting to parents. Maybe it would be less bad than alternatives, but it's also dangerously close to a ban on general-purpose computing[1]. We'd have to remain vigilant to ensure that governments didn't use it as a foothold to start cracking down on adults' use of computers and the Internet in the future.
You must not be a parent. A non technically savvy parent really has very limited control. Even a technically savvy parent can control the devices they buy for their children only, on the wifi network they pay for for their own home, only.
This leaves them totally exposed if school gives them a chromebook or anytime they're in range of another open network.
Besides, the effects of this content are society wide. You can be the one parent who keeps your kids away from dangerous content, but if all their friends don't, they will be influenced by them.
> Parents can easily control which parts of the internet their kids have access to,
Oh, that said, the specific technical way they want to implement this is awful. Making or even allowing individual porn sites to administer the ID system is horrible. Have they never heard of Oauth? There should be a "adultidcheck.gov" type central government service that handles this.
Friendly reminder that prior to the popularization of the internet 20-30 years ago, there was absolutely no equivalent situation where you could have the kind of anonymity the internet provides. It is not any kind of natural right. If you wanted to send or receive information it had to be done in some physical way, so your identity could not really be hidden. Privacy, yes, anonymity, no.
> Friendly reminder that prior to the popularization of the internet 20-30 years ago, there was absolutely no equivalent situation where you could have the kind of anonymity the internet provides. It is not any kind of natural right. If you wanted to send or receive information it had to be done in some physical way, so your identity could not really be hidden.
What? You could buy books/magazines with cash. There were literally laws preventing porn rental shops from keeping records on their customers. No one had any idea what you watched on your television or listened to on the radio. There were (are) ham radios. You could record your own tapes, print your own magazines/pamphlets/books, put up your own flyers/posters. There are analytics on every single one of the modern equivalents of these things now, in fact I think you probably have to admit the point of the web has become to add analytics to stuff for advertising.
The era we're living in now is the least private, least anonymous era ever, it just doesn't feel that way because there's a huge inequality in who we're exposed to. In other words, some people argue that in village or tenement life there wasn't a lot of privacy, but that was maybe 40 people knowing when you had sex. Anyone with your smartwatch data has that info now, which a lot more than 40 people; they just don't live anywhere near you (well, probably not anyway).
Laws like this really don't address anything then. Children will continue to find and circulate "dangerous content."
As a mid-thirties millennial, I saw the transition. Kids shared paper pornography in the 90s, and had access to the most extreme and anonymous version of the early internet. I don't think either inflicted the kind of widespread harm mass surveillance proponents would suggest.
> Friendly reminder that prior to the popularization of the internet 20-30 years ago, there was absolutely no equivalent situation where you could have the kind of anonymity the internet provides.
It also wasn't possible for every action and thought a person had to be monitored by governments and corporations. We've gone way too far in our assault on privacy and desperately need to claw rights back.
I can't believe that this seems to be such a minority perspective.
I find it horrifying how many people seem to default assume that censoring is a good thing.
The internet may be harmful but it's not just a few explicit sites that you need to worry about. It's the whole thing. Either teach your kids to make good decisions or block them from the internet in full. There isn't a middle ground that works really. We are absolutely rocketing towards the worst kind of dystopia and it seems like a lot of people are on board with it.
I for one welcome our new overlords. /s
Citation needed - I think most American kids (sorry Ireland) are pretty much unrestricted on the internet by their tweens, since most parents buy them smartphones but don’t know how to do meaningful browser lockdowns.Parents can easily control which parts of the internet their kids have access toRe:”naked people”, I think that’s doing disservice to the proponents of these controls (who I vehemently disagree with, ofc); the modern porn landscape has problems with non-consensual videos (see: Pornhub & GDP), extreme content (violence, CNC), and really harmful stereotypes about gender roles. It’s much more than just “healthy human sexuality” as many people on here seem to assume.
I think the only workable solution is a) better parental controls by default on the client level, and b) better educated and supported children. Children are smart, they know sex exists, and they know it’s something they don’t care at all about - they can be our allies in this fight.
If this move is to prevent teenagers with a motive from accessing porn, then: HA
> the modern porn landscape has problems with non-consensual videos (see: Pornhub & GDP), extreme content (violence, CNC), and really harmful stereotypes about gender roles. It’s much more than just “healthy human sexuality” as many people on here seem to assume.
I suppose children should have access to a better quality of porn. The stuff we have now is probably harmful to watchers of all ages in varying degrees. That said, I don't think society will ever be liberal enough to have a kids section on porn sites.
> better parental controls by default on the client level
Having parental controls on by default would be a reasonable solution to this issue.
> they know it’s something they don’t care at all about
Is this a typo? Children go on porn sites because they want to watch porn. That's why I did it. If children didn't want to watch porn, they wouldn't. I don't think the sex itself is something they need protecting from. Just the addictive qualities that are present in both porn sites and the wider internet.
> better educated and supported children
Better educated and supported parents would also help.
Very well said on all points. Re:”children don’t care”, I was mostly referencing adolescents when I said children —- during and after puberty is a totally different matter. At that point, I agree they need to be protected just like everyone else is protected - against general harmful patterns, and with very little direct government intervention. There’s no way the government can realistically stop teenagers from accessing porn, unless this guy gets his Porn Selfie initiative passed, I guess…
Scary times in Europe! Of course American conservatives could easily pick up this issue at random any midterm cycle now, assuming we continue having midterm elections.
What do you think about the constant surveillance on children/teens by their own parents and the long term psychological trauma it may leave behind from knowingly being monitored 24/7?
Children used to go out, do things, come home. Now children have zero privacy. Into the teen years, they can't get into trouble, learn, socialize, etc. They just sit at home because their parents are constantly watching their GPS location and reading their texts.
Is porn worse than the damage done by the mistrust?
I wasn't supervised 24/7 but didn't have access to porn 24/7 in a second either, lads shared some old magazines someone nicked from a father most likely. It sure did need a bit more effort to get a playboy from your corner store.
My daughter came home from the playground where 10 year old guys showed her hardcore anal porn from mobile because it's funny.
> I think most American kids (sorry Ireland) are pretty much unrestricted on the internet by their tweens, since most parents buy them smartphones but don’t know how to do meaningful browser lockdowns.
It’s actually pretty hard to do lockdowns because there’s been so much consolidation. Many parents can turn on the built in controls, but then they face problems like “do you block YouTube entirely, even though their homework will include links to things like videos from NIH hosted there?”
The big problem isn’t that kids could innocently find sexual content but also that grownups will try to trick them into engaging with things for a variety of reasons. This is different from letting your kid have free rein of the public library because the library didn’t have some guy recruiting for a political movement putting books in the children’s section and the librarians wouldn’t let that creepy dude hang out there.
This came up at a school party recently where multiple parents of first graders were talking about how quickly YouTube will go from auto playing LEGO and Minecraft videos to some pretty unhinged stuff.
> but then they face problems like “do you block YouTube entirely, even though their homework will include links to things like videos from NIH hosted there?”
Tell kids to create list of URLs. Download the videos. They've just learned copy/paste, about existence of URLs, and concept of remote and local. Now they're hackers!
Sure, but then you’re in the business of having to add many exceptions on an ongoing basis. That’s why I wish we had more decentralization - it’d be trivial for parents to, say, whitelist *.gov with the knowledge that they’re not going to find porn there. Doing the same on YouTube is a much harder problem.
One time I ran into a subdomain of cjcc.ga.gov, via google results, that was hosting porn (it's on the internet archive too - vicspublic).
At the time I couldn't even find abuse/webmaster contact info to report it to get it fixed. They were serving porn for months.
> The big problem isn’t that kids could innocently find sexual content but also that grownups will try to trick them into engaging with things for a variety of reasons. This is different from letting your kid have free rein of the public library because the library didn’t have some guy recruiting for a political movement putting books in the children’s section and the librarians wouldn’t let that creepy dude hang out there.
You’d be surprised.
I would in the library field so, no. I know public librarians have to deal with weirdos but they’re a LOT more willing to do so than YouTube. It probably has something to do with how much better funded they are than Google…
I actually think the .xxx TLD plan from a few years ago was about the best version of this legislation that could exist - essentially adult content would be limited to a certain subset of blockable TLDs. If a site is showing adult content and not on an adult TLD, it risks a state-level block until it's compliant.
This seems much easier to police, gives 80% of what the legislators are trying to achieve, and doesn't require entrusting KYC to a bunch of dodgy websites.
Sure, it won't block VPNs and there would be problems at the start while things migrate, but if realistically your goal is to keep kids off adult websites then it's at least more reasonable than this proposal to entrust the parents/guardians with some amount of responsibility to make sure the safeguards can't be circumvented on their kids' devices.
There's no way of getting kids from getting porn if they really want it. We had plenty of VHS and magazine porn as kids even though shops didn't sell them to kids.
Current mainstream porn sites curate off the most hardcore stuff quite well. The dark web versions that will pop up due to draconian KYC will definitely not have such curation.
I'm not a big fan of this form black or white thinking. We could apply this to guns, bombs, drugs and conclude that it was pointless to reduce numbers.
In it's extreme form, a sufficiently motivated teenager built a homemade neutron source[1] therefore we shouldn't control nuclear material. I just don't think this argument, taken to its logical conclusion, is valid. Is there a better way of reformulating it?
1. Silverstein, K. (2005). Radioactive boy scout: The frightening true story of a whiz kid and his homemade nuclear reactor. Turtleback Books.
I didn't say there should be no restrictions for guns, bombs, drugs or even porn, even though they can't be fully rooted out.
The problem is the thinking that they can be rooted out. War-on-Porn would have just as horrible effects as War-on-Drugs has.
As for porn, I think the potential effects of it to kids are way overblown. Children should be educated (age appropriately of course) about sexuality so they can handle the stuff and situations they will see at some point anyway.
>>age appropriately of course)
UK research into this is staggering though - children as young as 8 already report having seen porn, and learn behaviours from it. I also support the need for full, open, completely honest and comprehensive sex education, but there's a reason why even the most liberal programs in the world don't teach 8 year olds explicitly about sex other than mentioning it very broadly - 8 year olds are not ready to learn about all the details yet(this is an opinion of child psychologists, not my own), but obviously with porn you sidestep all of it, kids don't even get the chance to learn properly.
Part of it is obviously the fault of parents - a lot of whom are completely incompetent and who probably shouldn't use any electronic devices themselves, much less give them to children. But the sheer prevelance of porn is also a problem.
I don't know what the solution to this is. Definitely not what the government is suggesting, that's for sure.
The solution is to fix those parents, as you mentioned, who are the sources of the problem.
They are the ones who can set up parental controls on devices, but don't. Or could not give unsupervised screen time to kids, but of course do, because it's convenient.
And of course fixing them would require changing a lot of things, like income inequality and funding a lot of family support programs, and in general shifting a significant chunk of the economy away from dumb shit to education. (By taxing the dumb shit and then using that as income.)
But of course a lot of those current parents don't want this either.
It's important to clarify why you think this standard applies to the things I've mentioned, but not to porn. There's some decision-making going on that isn't apparent.
I think porn is underblown, so it seems like we're at a bit of an impasse.
> It's important to clarify why you think this standard applies to the things I've mentioned, but not to porn.
I do think this standard applies to porn, and e.g. the .xxx TLD wouldn't be KYC. And probably wouldn't cause as big a dark web porn explosion.
For me porn is in a bit different category from guns and bombs, and from drugs too. Guns and bombs and some drugs kill. Porn probably borns if something.
It kinda sounds like our differing perspectives are the biggest factors on the social effects of porn and subsequently our openness to compensating actions. Does that sound suspicious at all?
We probably differ in assessment of social effects of porn. I don't find it very harmful at all. In the balance porn may be even beneficial if it helps to remove harmful taboos and hangups about sexuality.
In fact I find it totally absurd how depictions of horrible violence is quite OK for people who are shocked about genitals. Or profanity.
And I find that advertising in general, especially for children but also for adults, is more harmful than even the violence.
We probably disagree. I think my opinions are quite well founded, but so do probably you.
What bar would you place on evidence that would change your mind?
> We had plenty of VHS and magazine porn as kids even though shops didn't sell them to kids.
Having second hand access and having direct access to a market are entirely different things. The fact that the secondary access might in some cases exist is not an excuse to punt on the actual primary problem.
> The dark web versions that will pop up due to draconian KYC will definitely not have such curation.
If we measured legislation by it's ability to perfectly secure a market, we would have no legislation at all. Fortunately, we can measure the positive impacts of things and compare them, and I suspect, that there are actually significant positive benefits to creating some form of limiting legislation here.
It's also the case that draconian KYC implementations aren't the only way to solve this problem, in this case, I believe it's lazy or ideologically possessed politicians who want to use this as an excuse to implement these laws for other purposes.
IMHO, this is a misleading headline: They are not building a “porn preference register”, they just going full-dystopian nightmare collecting live biometric data that could be used to _infer_ your porn preferences.
We don’t need stupid headlines to make this idea sound dumber, and kinda distracts from the real issue of biometric verification for websites being a stupid idea.
Limiting porn exposure for children and early teenagers is probably a good thing, but this is the wrong way to do it, and a weak justification to create a blackmail registry.
Highly misleading title. Although I disagree with the plan either way, the state is not building a 'porn preference register.' This concept is introduced in this particular article, but there technically are ways to store user preferences separate from their PII.
The linked article from Irish Examiner has a more accurate title:
> Porn sites may require passport details in order to stop children from using them
Upload biometric data to porn sites? That seems like a phishers dream come true.
Even if the big sites farm this out to third parties, unscrupulous imitators could harvest personal info on an enormous scale for sale on the dark web.
Bearing in mind that it is practically impossible to both operate a publicly accessible website and avoid getting hacked if someone wants you bad enough, who gets sued when this incredibly sensitive PII is inevitably stolen? Websites who didn't want to store it in the first place, but were legally required to do so, or the government who required them to? I'm not an Irish lawyer, but I have a guess.
Misrepresentation of the actual intent of the Irish government, but as result they will end up creating what title says.
What's the intent here then?
Like, I'm an Irish citizen (a former coworker recently took a job with the body responsible for this policy), and I have no idea what the intent is here (apart from the general think of the children stuff).
This is false, they're not building a "porn preference register", they're requiring age verification for pornographic websites.
Submitting one's identity documents to access such websites is of course very easily avoided, by simply choosing not to consume pornographic materials online.
If the website is tracking what you visit when logged in (which, they will be, as their business model is serving you relevant videos so you stay on the site longer to see more ads), and now the law is going to require them to verify that your account belongs to a person over the age of majority by storing your biometric information, then that is exactly what this law is doing.
Anyone who breaches that website's database (whether an inside job or not) is now going to learn not only what videos RandomUser782 has watched but also who they are, where they are, their birthdate, and what they look like; and if they chose to prove their identity via driving licence, also, their home address.
If this doesn't strike you as completely fucking nuts, I don't know what to say.
This is an extremely short-sighted and crypto-moralistic position masquerading as reasonableness. Why should I be forced to provide a government ID to a random third party simply because I want to view legal images? One does not follow logically from the other; and moreover, secular people should not be forced to live according to the moral strictures of the conservative and/or religious.
The ol' "if you did nothing wrong you have nothing to worry about" way of thinking, eh?
I'm sorry, what? Are we still living in a democracy or is it already back to the USSR?
Pro tip for Gov't bureaucrats: if the news stories about your initiative begin with "this is not a joke" -- you may want to rethink things.
Web pages are all about tags with data and metadata. It shouldn't be hard to add metadata about content type. I never quite understood why labeling initiatives never gained traction:
* https://en.wikipedia.org/wiki/Platform_for_Internet_Content_...
* https://www.w3.org/2007/powder/
Throw some <meta> tags in and browsers can parse: then have a password-protected "filter controls" area in settings (and perhaps a GPO for corporate environments).
I would think that the porn companies throwing some money at web browser developer resources to implement this wouldn't be a bad idea. Every time this idea comes up (again) they can point to it and say "we did our part, now it's up to the parents" (or whatever).
When the government starts requiring ids to vote or immigrate or stops companies from fraudulently controlling the narrative, eg Facebook, then I’ll take them seriously. If a person is underage on a porn site that’s on the parents not the provider company. The internet needs to be freed from further government restrictions.
For the commenters taking the question of efficient ID solutions seriously, you're missing the point. Simply put, this is an anti-porn bill. The legislatures are fully aware of the ridiculousness of the requirements--that's the point. No one in their right mind is sending passports and videos of themselves to the shadiest corners of the internet. An outright ban would be difficult to achieve, a set of requirements to protect children from offensive material is much easier.
Direct link to document - https://www.cnam.ie/wp-content/uploads/2023/12/Draft_Online_...
Digital age IDs should be equipped with a way to perform a zero-knowledge proof that the bearer is indeed 18 without betraying their identity. Perhaps a full-fledged blockchain is a bit much but a decentralized way to perform basic verification tasks like this makes sense.
Please note: Ireland
This is the national internet regulator proposing that it would require that everyone, adult and children alike, would upload their state ID and live selfies, to porn sites to have biometric processing of their facial images performed. Resulting, amongst other things, in an effective register of porn preferences for adults and a collection of selfies of children kept by the porn sites for six years[0]
Anyone see something slightly worrying here? Anyone? Just asking rhetorically.
[0] TFA
[1] Not only porn sites, but any site which allows you to post a video (TFA)
The tech savvy will just use VPNs to get around geo-politics such as this, at least a VPN should work in theory to get around verification measures by the Irish State. This advice has been echoed countless times when this issue crops up.
One concern is that there are tech-illiterate people who fall victim of such an ID system and don't use a VPN to bypass it. I don't have numbers/stats, but I imagine a good chunk won't be using VPNs.
There is also another concern I have; that this verification database could be breached and people's 'preferences' are exposed. The only way to avoid such a breach is to not collect such data in the first place.
I'm genuinely worried that increased adoption of VPNs to get around these restrictions will then lead to laws that ban or restrict VPN use.
You can tell me that it will be difficult to enforce such a ban - but then it turns us all into criminals - all the better to control us.
"We don't normally enforce this law, but in your case we'll make an exception."
So, we are going to become China then. Under the pretence of caring for children. Thanks, but no. The road to hell is paved with good intentions. And I'm not even sure if those intentions were really good in this case or this all is just an evil pretence.
This is fucking crazy! Keep the government out of the internet.
So I’m a kid who uses my dad/mom/uncle/neighbor’s ID to watch porn then. Totally useless. At best this will just charge people up to create a new set of internet protocols. Then all the adults will be stuck regulating the old net, while porn industry and kids will use the new net.
What if you don't have a passport?
Back to Sears catalogues for you peasant!
More like Nat Geo :-D
The fact that this article talks about passports is a hint that it is at least partly misreporting based on assumptions from someone who didn't know much about the situation.
This is within the EU, so obviously what would be asked is an EU id.
> EU id
There isn't one. Ireland also doesn't have a national ID program, so effectively for most people their passport or driver's license are the only forms of government ID they _might_ have. But even then it's not mandatory to have either.
"EU id" was a shortcut for "id documents issued by EU countries", they're valid EU-wide. It's an ID card in most EU countries and that's what would be used for the purposes of this article, except for Irish citizens I guess but they are probably a relatively small percentage of EU visitors of porn sites.
Now I just noticed that although the subject is "most of the EU", this is an Irish site, so maybe they just didn't really take this into account.
You could use the PSC card I suppose. The union of driver license, passport and PSC probably covers most of the country.
Just go to any of the thousands of porn websites that don’t ask for it.
No porn for you then I guess.
Just torrent your porn. Regulations like this will achieve nothing.
No video-sharing platform for you then.
No porn for you then.
torrents?!
Beware: you run risk of inadvertently downloading or distributing child sexual abuse material (CSAM).
A friend was talking about how their US friend got given a sex offence label due to downloading a zip of porn that unknown to them contained some CSAM. Lost their job and worse.
You didn't know is no defence in some jurisdictions. You personally can't check images or image collections for legality, so the risk is real.
Well, opening a website can save in the browser cache any image which is not displayed on the website. What all these silly mobile apps and games exactly are downloading and uploading? Who knows....
Progress: jail for everyone. Certainly modern life has dangerous tripwires. I just had to google the words for the acronym CSAM - and as a non-citizen it made me double-think about surveillance.
Maybe add a couple more paras to your comment?
If you give me six sentences written by the most innocent of men, I will find something in them with which to hang them. - powerful political figure (1585 – 1642)
Yes, the Internet has created a real life Orwellian nightmare.
Wasn't there a tool/bot to confuse search engines by submitting a bunch of random terms?
Time for a rewrite.
How far can you take this? Porn is on Facebook, Reddit, and Youtube. Will you need to verify your ID for social media as well? That's not even getting into Stable Diffusion and other tools that could be used to create your own porn on demand.
Just ban minors from using smartphones. Works even better for their growth than trying to block them from seeing porn. And it's a very simple law to write, no need for useless bureaucrats to make money (but maybe that's the problem).
How about be a responsible parent instead and educate your kids about the dangers of internet/tech? Why limit the curiosity of teens? Let them explore, but do it responsible/under your supervision. Otherwise they will do it anyway but in the worse possible way and you'll have 0 say in the matter.
Wow I thought Ireland was changing now, they even voted for gay marriage. But the Catholicism still reigns strong there :(
A few years ago a hospital even let a woman with a miscarriage die because they didn't want to intervene.
This has probably nothing with catholicism and everything with bureaucracy-satety-ism.
> A few years ago a hospital even let a woman with a miscarriage die because they didn't want to intervene.
They were legally unable to intervene, without risking prosecution. Yes, it was entirely insane. And that case was a major reason that the constitution was changed to prevent this ever happening again.
This is 100% nothing to do with Catholicism, just standard moral hand wringing around what might happen to kids.
> They were legally unable to intervene, without risking prosecution.
They should have done so anyway, obviously. There's no chance they would have been prosecuted for it. Not with all the uproar. I walked in the candlelight demonstrations too.
> And that case was a major reason that the constitution was changed to prevent this ever happening again.
Only after a referendum which the church opposed, and it's still one of the most restrictive countries in terms of abortion.
> They should have done so anyway, obviously. There's no chance they would have been prosecuted for it. Not with all the uproar. I walked in the candlelight demonstrations too.
Can you give me some evidence that you're willing to destroy your career in a country on a point of principle?
Like, I completely agree that they should have done that, but that's pretty easy for me to say, it wouldn't be my career on the line.
> Only after a referendum which the church opposed, and it's still one of the most restrictive countries in terms of abortion.
Look man, my wife had a missed miscarraige under the old rules, and I completely agree, but at least that shit won't happen anymore. I did query this with our fertility consultant about what would happen if we were past 12 weeks and got a seriously bad genetic test result, and he just shrugged and said we could go to England, which was pretty disappointing, post referendum.
Why intervene and save one life when to could stand idly by and make a political point that saves thousands? /s
How does Ireland define porn for the purpose of age restriction? Is it a "I know it when I see it" standard or something concrete enough that content creators can go right up to the line?
Having grown up in a time where porn was illegal for minors but trivially obtained by anyone who cared in VHS, I honestly don't understand why anyone thinks this scheme would be useful for anything.
I’m also pretty perplexed regarding who are these people who come up with these ideas. Like, how and where did they grow up? Appeared out of thin air with absolutely zero street smarts? I don’t think I knew anyone so removed from reality when growing up.
To play a devils advocate for a second - when I was growing up(in the 90s) I also saw porn way too early than even remotely appropriate - a friend had a VHS tape that he got somewhere, we had to find a moment in time when his parents weren't home, and we put it on for like 5 minutes, we were so scared we were going to be found out we immediately dumped the tape afterwards and didn't find the contents even remotely exciting - I remember just being really disgusted by it(turns out the overproduced fake 90s porn really isn't a great way to introduce anyone to sex).
Nowadays if you speak to any child psychologist about it it's obvious that kids get exposed to it really early(in the UK it's estimated that nearly all kids below age of 10 will have seen some kind of sexual material already) and they do it regularly.
It really isn't comparable to what we(pre-internet people) had and what's happening to kids right now.
I also want to make it completely clear I'm 10000% against this insane idea proposed here. Just pointing out that it isn't even remotely the same as us watching a random VHS tape.
I agree with you, kids are exposed to porn too early and too easily these days.
I am just doubtful that you can obtain any significant limiting by gatekeeping mainstream porn sites, kids will show each other porn in Signal rather than telling each other "visit www.lots-of-porn.xxx", but it won't change much.
I'm afraid it's one of those cases where we can't put the djinn back in the lamp.
Why, it would be useful as a general register of people, matched with their online activity here and there. You speak as if you never ran a state surveillance agency, or at least a major search engine! /s
Why would minors be required to take part in this? To access age-restricted material suitable to them (not 18+ but maybe 13+), or would this registration be mandatory for everyone?
I think the line of thinking is:
1. Minors will attempt to access porn sites
2. They will be faced with the picture validation
3. Some of them will try it
4. They will theoretically fail the validation, but the porn site will still be required to keep the data from the attempt.
The article says any “video-sharing platform” would require all users, adults and children, to upload their IDs and pics. Porn websites are video sharing platforms, so they must comply no matter the age.
But don’t worry, porn sites must also run a biometric analysis on the images sent to check if the user is 18+!
The article clarifies that this would cover pretty much any website which allows you upload video, so minors would have to take part on YouTube, Facebook, etc.
I guess the opt out would be to not use those platforms, but that seems unlikely.
> The Irish State announced [..]
It's interesting how quickly the EU went from a Trade Union to a Government consisting of states.
There is no reasoning with these people. What, if any, are the alternatives to a war against totalitarian entryists?
The far right is going hard against porn in multiple countries right now. I don’t agree but I get where they’re coming from.
However, I don’t get going after porn before going after casinos. Casinos ruin lives and wreck economies far worse than porn could ever hope to. Going after porn before casinos feels like going after kitchen knives before AR-15s.
> The far right is going hard against porn in multiple countries right now. I don’t agree but I get where they’re coming from.
It's none of their business though. Porn doesn't harm people. And they're not getting rid of it anyway. Just like nobody's getting rid of torrents.
The girlsdoporn victims would disagree with you.> Porn doesn't harm people.Porn actually lowers the amount of sex crimes in the society. Instead of going outside and performing sex with a real person, people simply stay at home. This is by far the cheapest and easiest solution to the problem.
Without porn, the amount of victims would be significantly higher and the crimes would be having a much worse outcome.
Not many people remember the world before porn, but I do. I vividly remember how rape was a regular crime on the streets of my city. It almost completely disappeared after the invention of the internet and since porn become widely accessible to people.
What city are you from?
That's not to do with the porn. But with the trafficking and coercion. Those are separate things, and those are already illegal (hence the convictions).
Most people in porn (and prostitution, for that matter) do the work voluntarily.
The Irish government is far from being far-right. And I don't think it's only a push against porn, it's a push against any kind of anonymity on the internet.
How long until you have to scan your ID before connecting?
> The far right is going hard against porn in multiple countries right now.
Sigh.
This (unfortunately) has nothing to do with the far right, it's a government of centre right parties who don't (yet) understand what a terrible idea this is.
Is this a "right-v-left" dichotomy really? secondly, different kinds of harm are not directly comparable, more so for their sources.
Same reason people complained about old ladies wearing fur coats, more than bikers who wear leather jackets; one enemy is scarier than another.
far right, far left it's the same gestapo crap. going after porn is just a pretext. the real target (i think) is having dirt on people
This will predictably lead to coomers putting on their pirate hats en masse.
So who's behind these porn laws that are popping all over the place?
I'm suspecting that certain Evangelical Christian groups might have something to do with it. They have front groups with names such "anti exploitation network", where nobody would suspect it's a religious organization behind it.
> and a collection of selfies of children kept by the porn sites
I hope this journalist never has to do any actual critical thinking. It goes without saying that obviously children wouldn't upload selfies if they're under 18 and that's the purpose of KYC.
Do I need to walk around with a yellow star or pink triangle?
What's Minecraft and how do you tame a horse in it?
> But wait! That's not all! The CnaM Executive Chairman wanted to talk about porn sites because that's the least popular class of entities covered by this regulation. But the age-verification requirement actually can cover any video-sharing platform under the jurisdiction of the Irish State (link to the designation notice under section 139E and section 139G of the Broadcasting 2009 Act). That's a list that includes Facebook, WhatsApp, XTwitter and YouTube, just to pick four household names (because of Section 5 of the Online Safety and Media Regulation Act 2022). It might also mean homegrown platforms such as Mastodon.ie, the most prominent Irish part of the Fediverse, who also allow videos to be shared.
...
> Also, these restrictions won't just limit and record access to porn sites. They can be applied to any sites which contains material the Commission decides may be legal, but on the other hand, oughtn't be seen by children. In other countries, this has been the kind of legal provision which has seen libraries restricting access to books involving LGBTQ+ themes, racial justice themes and anything else you could imagine the Burke family objecting to.
Protecting children is the emotional wedge for introducing age verification requirements. Video sites are the wedge into all internet sites. The legislators' emphasis on porn is a wedge into any speech (including otherwise legal speech) the government claims is harmful for children. That government-mandated age verification would protect children is an assumption, full of uncertainty of the beneficial first-order effects and full of ignorance (willful blindness?) of the obvious detrimental second-order effects. Mandatory age verification requires mandatory data collection, and strangers are going to read that data: some first-party websites will be forced to collect more information than they currently do; third-party websites involved in the collection and verification processes will collect data as well; and the government will get information about the citizens' internet habits from websites. Adults will lose their privacy because people who have no business knowing their internet habits will know them.
Children will lose their privacy, and more. They will grow up learning that it's normal to give their personal information (including but not limited to relatively immutable biological details such as faceprints) to strangers. They will grow up learning that it's normal for the government to know every website a person visits online. The offline analogue is for the government to know every building a person visits offline. No matter how noble the current government's current intentions may be, a stranger has by default no right to know that much about a person's life.
Movie theatres can show childrens' films and adult films. The movie theatre doesn't have to store anything about age other than "minor" and "adult". Libraries and bookstores can contain childrens' books and adult books. Malls contain stores for many audiences. Clothing stores have sections for children's clothes, modest adult clothes, and risque adult clothes. You know what the normal way for a child to visit many such buildings is? A caretaker (maybe a parent, but not every child has a parent) brings the child and supervises. On the other side of the equation, it would not be normal for a mall to collect people's ages at the mall entrance (the adult-only stores inside being a different story).
A website should have the option to verify age, and the alternative option to require no more than a self-reported "are you at least 18? yes no". Government-mandated age verification is burdensome to small websites, especially small platforms for user-generated content. If a website could choose to remove potentially harmful content instead of verifying age, then the burden would still be too large for small websites. Might as well not host user-generated content at all. Large internet companies like Google and Facebook would eat the costs either way. Small websites would have to rely on third-party age verification services. Software for age verification will be predominantly proprietary or not available to the general netizen or both, so the average person won't be able to know how much information the websites collect and store. What's more, lawyers and judges in privacy-related or accuracy-related court cases (especially regarding biometric verification) will have a hard time examining the software.
Making every website collect information the way a bank does is applying a hammer to problems that are not nails. Don't make the entire internet a bank. And as Mike Masnick wrote, "The Internet Is Not Disneyland; People Should Stop Demanding It Become Disneyland" [1]. "Are you at least 18? yes no" paired with proper parenting/caretaking can go a long way. Proper caretaking is not simply knowing what the child does on the internet. It's knowing that the child might visit the internet while the caretaker is occupied. It's teaching the child early on that not all websites are for children. It's setting up parental controls while understanding that parental controls are imperfect, like one slice of Swiss cheese [2]. You are a Swiss cheese layer. By teaching your child what to do if they stumble upon the wrong websites, you will be turning your child from a hula hoop into their own Swiss cheese layer. When you find out that your child stumbled upon porn, you can talk to your child about the incident. As a caretaker, damage control is a necessary part of determining healthy boundaries. Additionally, I don't expect the damage to a younger child from accidentally viewing porn to be as proportionately severe as the damage to an under-21 college freshman from drinking alcohol at a party. You can't talk brain damage from drugs out of someone. But I'm assuming that you can talk the harm from an accidental porn incident out of your child.
I like the idea posed by mjevans [3] to make websites respond to a self-reported "kid mode" - as a header in a web request, I presume - by redirecting to a child-friendly site. Websites could also respond by serving only content manually confirmed to be child-safe according to the website's interpretation of the law's definition of child-safe. As part of supporting the "kid mode" header, the website would have to respond with a "kid mode" confirmed. Parental controls on the device would include the "kid mode" header in all web requests whenever kid mode is on. If the website doesn't return the "kid mode confirmed" header then the parental controls can cancel the website visit. Adults would simply leave kid mode off for themselves. The burden on websites (learning how to send a 301 redirect status code at the simplest) would very low, and would avoid the data collection and other privacy problems of age verification.
[1] https://www.techdirt.com/2022/09/20/the-internet-is-not-disn...
This is not just beyond idiotic, this is straightforward evil and dangerous.
Good.
Will they make search engines provide relevant porn results for me then? I have to wade through thousands of irrelevant and disgusting stuff that doesn't fit my porn needs.
> Irish State announce plan to build a porn preference register for most of the EU
They (the Irish state - ministers, elected officials) shall do it forst and publish it. Then we will follow suit. /s
>live selfie
Why not just make everyone live stream their wank? /s
I'm pretty libertarian when it comes to things like drugs or sex work, but it's hard for me with porn. Maybe because I've been addicted to it for 20 years at this point so it's personal for me. You can call it a parenting failure or whatever, either way I'm addicted to porn and I think it will stay with me forever simply due to my lifestyle of remote tech worker. Luckily, it's not totally crippling, but it's definitely hampered my development
I don't know what a reasonable solution is. We forbid selling alcohol & cigarettes to people under a certain age because we deem it unhealthy for children's development, but we don't have the tools to do that for internet porn on a societal scale. Is digital ID the right solution here? Is there a better way to do this? The HN mentality is to tear down digital walls, and is it even possible without seriously harming the open web or personal privacy & security?
> > Maybe because I've been addicted to it for 20 years at this point so it's personal for me.
Without porn you would have been addicted to lingerie catalogues and failing that of course real p*y in the form of endlessly chasing girls and or prostitutes bringing financial ruin upon yourself.
Porn is just how sex drive manifests itself for men (we are visual creatures) in a frictionless world where there are 5bn cameras in our pockets.
There is no shame in going down because of sex drive, it has been engrained in our brains during the past 100 million years
You may be right lol. Honestly I hate my sex drive sometimes. Sure it's useful from an evolutionary perspective, but for me personally it does no good
> > Sure it's useful from an evolutionary perspective
It's also useful from a relaxation and performance perspective.
Every time you rub one out you give your brain the illusion that you passed your genes so you go through life much more relaxed because it's an orgy (pun intended) of 'mission accomplished' banners within the brain.
At least for me that's how I explain post nut clarity and relaxation.
yea i'm not sure having 8 hour long marathon porn sessions improves my performance or relaxation
though like you said earlier, I bet if it wasn't for porn I'd have multiple unwanted children or multiple STDs
These addictions are likely a symptom of another problem. It's not the porn itself that's the problem. It's likely childhood trauma or some other adversity that's caused the addiction.
for me, the porn was the trauma. early exposure to it without any parental controls (i had unfiltered access to the internet too young)