Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
The Internet

Anonymity No More? Age Checks Come To the Web (nytimes.com) 113

In response to mounting pressure from activists, parents and regulators who believe tech companies haven't done enough to protect children online, businesses and governments around the globe are placing major parts of the internet behind stricter digital age checks. The New York Times reports: People in Japan must provide a document proving their age to use the dating app Tinder. The popular game Roblox requires players to upload a form of government identification -- and a selfie to prove the ID belongs to them -- if they want access to a voice chat feature. Laws in Germany and France require pornography websites to check visitors' ages. The changes, which have picked up speed over the last two years, could upend one of the internet's central traits: the ability to remain anonymous. Since the days of dial-up modems and AOL chat rooms, people could traverse huge swaths of the web without divulging any personal details. Many people created an online persona entirely separate from their offline one. But the experience of consuming content and communicating online is increasingly less like an anonymous public square and more like going to the bank, with measures to prove that you are who you say you are. [...]

Critics of the age checks say that in the name of keeping people safe, they could endanger user privacy, dampen free expression and hurt communities that benefit from anonymity online. Authoritarian governments have used protecting children as an argument for limiting online speech: China barred websites this summer from ranking celebrities by popularity as part of a larger crackdown on what it says are the pernicious effects of celebrity culture on young people. "Are we going to start seeing more age verification? Of course," said Hany Farid, a professor of engineering and computer science at the University of California, Berkeley, who has called for more child safety measures. "Because there is more pressure, there's more awareness now, on how these technologies are harming kids." But, Mr. Farid said, regulators and companies need to proceed with caution. "We don't want the solution to be more harmful than the problem," he said.
Further reading: 'Banning Anonymous Social Media Accounts Would Only Stifle Free Speech and Democracy'
This discussion has been archived. No new comments can be posted.

Anonymity No More? Age Checks Come To the Web

Comments Filter:
  • by Tough Love ( 215404 ) on Wednesday October 27, 2021 @08:38PM (#61934013)

    Well doncha? C'mon getting dragged out of your house by the secret police is nothing compared to kiddies seeing titties.

  • by bob_jenkins ( 144606 ) on Wednesday October 27, 2021 @08:46PM (#61934043) Homepage Journal

    How about allow anonymous read but require verification to write?

  • Utilize anal recognition.

    https://www.dailydot.com/debug... [dailydot.com]

    because, "everybody poops"

  • Welp... (Score:5, Interesting)

    by jenningsthecat ( 1525947 ) on Wednesday October 27, 2021 @08:54PM (#61934069)

    The web was gettin' kinda old anyway. I certainly won't be using many sites that require me to give my real identity. Beyond banking sites, my cell company, and the like, I just won't visit anyplace that requires real-life ID. Hell, I already miss out on age-restricted YouTube videos (many of which have no business whatsoever being age-restricted) just because I refuse to sign in to Google.

    I do wonder though - have the self-styled moral gatekeepers given any thought to how much traffic this trend will drive onto the Dark Web? It might even give rise to a "Grey Web" - where people can still remain anonymous. I would likely frequent the Grey Web, and even the Dark Web if it becomes the only refuge from the 'papers please' mentality of the jackboot crowd. But between advertisers, predatory social media companies, and net nannies, the web has just about jumped the shark. So long to the mainstream WWW - it was great while it lasted!

    • Re:Welp... (Score:5, Insightful)

      by rogoshen1 ( 2922505 ) on Wednesday October 27, 2021 @09:04PM (#61934103)

      nope, anonymity and privacy have lost to consumerism and convenience.
      regarding traffic going to the dark web? more likely what will happen is that people make a stink, log out for a week or two; then wind up caving in.

      truthfully though, with the amount of tracking pixels and the like, you haven't been anonymous on the internet for years. we've allowed madison avenue and silicon valley create a panopticon for us, and we've loved every second of it.

      • Re:Welp... (Score:4, Insightful)

        by apoc.famine ( 621563 ) <apoc.famine@gm[ ].com ['ail' in gap]> on Wednesday October 27, 2021 @11:42PM (#61934379) Journal

        you haven't been anonymous on the internet for years

        Bullshit.

        Nobody cares enough to try to track 100% of people, clicks, etc. There's no money in it. No sensible business wastes money trying to market to non-customers. Nobody spends more than they have to to make a profit.

        You might squeak 'NSA!!!' but even they have to decide what's worth it and what's not. If your IP isn't showing up contacting servers in Iran, they're not going to be going hardcore pixel tracking on your ass. There's just not the bandwidth and computing power to do that.

        Rejoyce in all of the fucktards of the endless summer. They have so massively dominated the internet and do such collosally dumb shit that they are trivial to track. They are where the money is at. The handful of us who adblock, use privacy modes, don't log into shit, split browsing between multiple browsers, blackhole google shit, etc., just don't look like we're worth chasing.

        If my adblocking an adblocking nagware screen works, I know damn well that company is not willing to invest resources in tracking fuck all. If the best you can do is throw a graphic over your content to say, "please don't block graphics that we put over our content", odds are they are just recording facebook cookies or some shit and not doing ANYTHING more sophisticated.

        What you're suggesting is possible, but there's about zero reason for anyone to do it. The money isn't there, and businesses cheap out on everything possible. The millions of people visiting your site and accepting cookies while logged into Facebook are vastly more important than the thousands of us who take privacy semi-seriously. You invest the money where 99% of the customers are, not 1%.

        • Re:Welp... (Score:4, Interesting)

          by JaredOfEuropa ( 526365 ) on Thursday October 28, 2021 @01:48AM (#61934545) Journal

          No sensible business wastes money trying to market to non-customers.

          Exactly. Which is why this fine-grained tracking exists in the first place. Not to figure out whether you as an individual might be interested in buying a cat poop avoiding automatic vacuum cleaner, but whether or not you are in the target demographic who tends to buy these things. Sophisticated tracking has gotten scarily good at putting labels on internet users, which has made online mass marketing crazy cheap, so cheap that small businesses and even hobbyists can afford to reach their target demographic in a very large population. This is what allows the companies who are good at this, like Google and Facebook, to provide services free of charge to the entire world, while still raking in billions upon billions in profit every quarter.

          Do these companies want to make an effort to thwart ad / track blocking? Oh yes. And they do. The cost of doing this decreases quickly per user once you can apply it at scale, and it’s easily worth the money to then.

          • Sophisticated tracking has gotten scarily good at putting labels on internet users, which has made online mass marketing crazy cheap, so cheap that small businesses and even hobbyists can afford to reach their target demographic in a very large population.

            Somehow I disagree with the efficacy of this. It's like how I buy a camera and then suddenly all the ads I get are for another camera. Why another one? I already have one. Or I buy a speaker and suddenly I get ads for speakers. Like WTF? How many ears do these guys think I have.

            My own personal favourite was Youtube (parent organisation Google who knows everything about everyone) somehow deciding it was appropriate to feed my girlfriend a video advert which says "Treat your balls". Somehow she's seen a Mansc

            • It's like how I buy a camera and then suddenly all the ads I get are for another camera.

              Targeted advertisement is not about showing camera ads to a guy who is in the market for one. Well, it would be if they could actually make that work. But for now, they are targeting demographics. Guys who might buy cameras. And guess what: by buying that camera you just given them 100% certainty that you are in the target demographic.

              Clever advertisers know that their ads are shown to people who might already bought what they sell, so they either show similar items at attractive prices (where you mi

              • Guys who might buy cameras. And guess what: by buying that camera you just given them 100% certainty that you are in the target demographic.

                Except that's not what I've experienced at all. In general I've not ever received a relevant targeted advert. Only after the fact adverts. I don't think I'm some superman outlier browsing the internet at hyperspeed and purchasing faster than I could ever be targeted. Yet somehow I only get targeted adverts for things *after* I have finalised my interest in them.

                And I've checked, my girlfriend doesn't have balls. So not sure what demographic they think they are targeting there.

        • by AmiMoJo ( 196126 )

          There is some truth to this, but only after the big push to make everything encrypted by default. Websites, email server connections, IM and the like are all mostly encrypted now, forced the cost of mass surveillance up to a point where it was hopefully no longer viable.

          It's possible that the NSA has found a way to crack the encryption used en-masse, but if they have they are unlikely to reveal that capability by using it on low value targets.

        • Should a dystopian society form in your country, it seems scarily logical, that citizens with the lowest digital footprint will be marked out for further investigation.

          Sure, totally no reason to just accept an invasion of privacy right now - it's a slightly far fetched idea, isn't it???
          But it's something a dystopian society could and probably would do.

          Lest we forget, where we've seen dystopia in history, it's the educated that are sought first, either to be drawn in or to be squashed.
          If your digital footpri

          • Of course, the truly smart, would create fake digital footprints, by creating their own set of automated algorithms, generating an exact match for what is "expected" in a "society" that operates in this manner.

            And should they be caught, in this evasive manoeuvre - "You have two choices, you work for us, or ... you die."

          • Should a dystopian society form in your country, it seems scarily logical, that citizens with the lowest digital footprint will be marked out for further investigation.

            I've had that thought from time to time. It's both comforting and discomforting to know that somebody else is thinking the same thing.

            How long before: "I see you want to open a bank account. Hmm, it seems your social profile is missing some key requirements. Can we ask why you are not a member of 'social network X' ? - in order to open a bank account, you will need to have registered on this network and have at least a 65% approval rating from your peers."

            I think we're already there in some ways. I'm pretty sure there are people who have basically no social media profile, who have lost job opportunities because employers just don't bother with applicants they can't suss out on Faceplant. I also suspect that lack of a social media presence is negatively affecting things like insurance rates.

            We are slowly drifting this way ... let's just hope we wake up and kick back.

            I wouldn't call it a slow drift - mor

        • There's just not the bandwidth and computing power to do that.

          It's like when people say "The NSA is listening to everyone's phone calls!"

          They have no clue as to the staggering amount of bandwidth and computing power that would be required to digitally listen to *every* phone call, performing real-time voice recognition and sifting for keywords. Even for the NSA it would be simply unpossible.

      • Re:Welp... (Score:5, Interesting)

        by Solandri ( 704621 ) on Thursday October 28, 2021 @03:57AM (#61934685)

        nope, anonymity and privacy have lost to consumerism and convenience.

        Most of you aren't old enough to remember. But back when the Internet first started, nobody was anonymous. The admins in charge of each system (mostly schools and companies) adhered to standard practice where when they created an account for you, your online ID was your real ID. If you look at some of the old USENET posts [google.com], you'll notice everyone uses their real names, real jobs, real addresses, and sometimes even real phone numbers.

        This changed when AOL joined the Internet [wikipedia.org]. AOL let each account have I think 6 sub-accounts. They were supposed to be used so you could give each family member a separate AOL username even though you only paid for one account. But AOL users mostly used them to create anonymous IDs while interacting with the Internet. AOL refused to enforce the norm of everyone using real IDs. So unable to enforce a global real ID policy, anonymity won out.

        So things have swung from no anonymity, to total anonymity, back to no anonymity. I suspect it'll swing several more times between these extremes before it finally settles down at some point in between in a few decades (my hunch is it won't be settled until nearly all voters are people who've had Internet access since they were born).

        • by Tom ( 822 )

          Most of you aren't old enough to remember. But back when the Internet first started, nobody was anonymous. The admins in charge of each system (mostly schools and companies) adhered to standard practice where when they created an account for you, your online ID was your real ID. If you look at some of the old USENET posts, you'll notice everyone uses their real names, real jobs, real addresses, and sometimes even real phone numbers.

          You were known to your admin. Anything beyond that was his or the network policy (USENET, FIDOnet, etc. each had their own policies, and sometimes sub-forums had ones differing from those).

          I kept that spirit in an online game I created 20 years ago, and it has survived through the ages till today: I ask for your real name because it's "my yard" (my server, my game, my rules) but I don't check ID and don't ask for anything beyond that. I want to know who I'm talking to, but I don't much care for anything els

          • by carton ( 105671 )

            I ask for your real name because it's "my yard" (my server, my game, my rules) but I don't check ID and don't ask for anything beyond that. I want to know who I'm talking to, but I don't much care for anything else.

            This doesn't make any sense. You want to "know who [you're] talking to," but your only reason is some flattering feudal ownership fantasy, and you flatter yourself a second time by saying you "don't much care" so everyone should congratulate you on being broad-minded.

            early networks I was on (BBS systems and FIDOnet).

            Yup, that tracks.

            I respect your intent and even your love of fidonet, but I really disapprove of this squirrely language here. The proper way is to start with the actual costs and benefits of each decision, then go back to whether each person

            • by Tom ( 822 )

              This doesn't make any sense.

              It absolutely does. My BBS was running on my server. Not some anonymous cloud, but actually the server sitting right next to my feet. The same way that I expect you to say "hi, I'm (your name)" when a friend brings you to a party at my place, I expect you to say who you are when you enter my BBS. That's the concept I kept for my game. It's not a matter of tracking you or selling you targeted ads (I didn't have any ads) but simply a matter of courtesy. You can disagree with my understanding of basic courtesy

        • okay, let's look at your post another way

          archaic internet: those in charge found it convenient to prevent anonymity => internet wasn't anonymous
          early internet (AOL times): those in charge found it impossible to avoid anonymity => internet was (largely) anonymous.
          modern internet: those in charge (or those with $$$ in this case) do not want anonymity (lol)
          future internet: those in charge ($$$) do not want anonymity. (lol)

          Anonymity is NEVER coming back, at least in any meaningful sense. The ones running

        • I had my first web page in 1992, so I'm certainly from before eternal September. And I certainly had plenty of ways to be anonymous, although indeed many people didn't use those ways. But it was not do to lack of choice, rather than lack of need.
    • The web was gettin' kinda old anyway. I certainly won't be using many sites

      How many different German porn sites does one person need?

      Don't answer that.

    • by AmiMoJo ( 196126 )

      Try this to bypass YouTube age restrictions: https://github.com/zerodytrash... [github.com]

      Very handy for browsing in private mode.

      • Thanks! I'm already running Greasemonkey to prevent YouTube autoplay, so I'll definitely try that out. I wonder if I'll be able to coax youtube-dl to work with it...

    • I highly suspect that you'll need an ID to log onto the web at all. Money has killed the internet as we knew it.
      • by carton ( 105671 )

        Yup.

        They are already doing this in Sweden and Estonia. It's frictionless and free for a web site to demand government-backed ID over a web browser (run indirectly via banks in Sweden, or directly by the government in Estonia). Once a system for nailing web sessions to bags of meat is built, it is almost irresistible. Add a contrived excuse why it has to be used all the time, and it will be.

        We could build an "anonymous attestation" system to satisfy the contrived excuse of age-checking while allowing unli

  • by joe_frisch ( 1366229 ) on Wednesday October 27, 2021 @09:00PM (#61934081)
    Just require companies to be insured for say $10K for each instance of loosing or having stolen an person's identity. Then I can safely give my ID to random online companies, knowing I'll be compensated of its stolen.

    I don't think $10K is an unreasonable number . The effort to recover from identity theft, and the possible damage to someone's reputation could easily equal that.

    The personalized information is of course valuable to marketers - and if they make sure that only a tiny percentage of IDs are stolen, they will still make a tidy profit.
    • A better solution is to ban giving people credit in your name just because they have a photo of your ID and know your SSN.

    • Also, once they have checked your ID, they should issue their own identifier and then delete the record they have of the ID. There is no need to just keep it all hanging around on a server. If necessary employ a notary to attest they have seen the ID and then discard the ID copy.
      • Tokenization is important. It would be nice where one ID clearing house can just say "yep, that person checks out", and issue a token. That way, no identifying info is stored on a company's S3 bucket. Hell, this could even be one with OpenID, where accounts coming from a site that verifies everything.

    • by flink ( 18449 )

      You could just have state issued IDs be smart cards. They could have 2 certs on them: 1 for proof of age that only has a birth month and year in it, no other identifying information, and another for proof of identity that has your name and mailing address and some unique identifier (NOT SSN).

      If a website wants to verify your age, it sends a challenge, you sign the challenge with the age verification cert, and done, no one needs to know who you are, and you don't smear your personal information all over the

    • by mjwx ( 966435 )

      Just require companies to be insured for say $10K for each instance of loosing or having stolen an person's identity. Then I can safely give my ID to random online companies, knowing I'll be compensated of its stolen.

      I don't think $10K is an unreasonable number . The effort to recover from identity theft, and the possible damage to someone's reputation could easily equal that.

      The personalized information is of course valuable to marketers - and if they make sure that only a tiny percentage of IDs are stolen, they will still make a tidy profit.

      Insurance?

      Insurance is a means of avoiding financial liability. All you're doing is making insurance companies richer and insurance more expensive for everyone. Which in turn makes everything more expensive for everyone.

      What you need is legislation with real teeth. Fines that aren't covered by insurance like you see in the EU's GDPR is just the beginning. Start adding jail terms for execs (starting with the CEO and working down the C levels) when breaches are serious and you'll notice a lot fewer com

      • Legislation is difficult to enforce. Insurance make use of the power of the "economics genie" to help.

        Legislation requires the insurance and sets reasonable rates. Then free market will cause companies to be more careful with their data if they want to be able to afford insurance.

        The concern I have with legislation is that we will have the problem that now exists in Europe where every website has a "click to approve use of your data" sort of thing, and the customer still has no real choice.
  • Every website has known the ip address of all who view (let alone interact with) it since there was a web.

    Few people bothered to obfuscate their ip address.

    What's really different?

    • An IP address doesn't equal a person and are easy to obfuscate if you need to.
      • An IP address doesn't equal a person and are easy to obfuscate if you need to.

        or just reboot your modem and then your router, presto, new IP address.

        • Why? You don't think the ISPs can check the MAC address of the modem and assign it the same IP it had 5 minutes ago, since the IP address lease hasn't expired? I guess it depends on your ISP.

          • Yeah, my IP address changes once every 6 months, if that. Reseting the modem is rarely the cause if it does change. It's more likely do to some internal changes in hardware or configuration at my ISP.

  • Tinder in Japan is complete crap, in every possible way.
  • by PPH ( 736903 ) on Wednesday October 27, 2021 @09:05PM (#61934107)

    ... I set up for Google and others to intercept. For that one, I used an age of 14 years. Too young to enter into a binding contract. Young enough to give the busy bodies fits should someone try to mine my data.

  • I was watching documentaries World War I/II in Color, etc, and I kept running into videos that required me to log in and verify my age to view. I am not logging in, so bye bye GooglesTube.
  • What he said: "We don't want the solution to be more harmful than the problem," [Hany Farid] said.

    What he means: "Yes, we very much do".

  • On one hand, I can see people people just accessing the non-local version of whatever site one is interested in. If you're in Germany, and want to view porn without giving up your ID, just use a site in the US (or wherever) and go look at their porn sites.

    At some point, if there is a crack down on users from outside the country a site intends to serve, people can just use a VPN to make it look like they're from that country.

    On the other hand, I can see the day come where you need to have a "license" to use

  • by ClueHammer ( 6261830 ) on Wednesday October 27, 2021 @10:18PM (#61934263)
    It is up the the parents/caregivers to ensure this type of thing. Not the tech companies Why should the majority of the population be tortured with age checking bs because your you lazy to supervise your kid?
    • Parents have better things to do than micromanaging their kids 24/7.

      • I think this is one of those times where both statements are true.
      • by vyvepe ( 809573 )
        They do not need to micromanage. They can put a local firewall with a whitelist of kid safe sites.
        • They do not need to micromanage. They can put a local firewall with a whitelist of kid safe sites.

          How easy is it to have multiple firewalls defined for the same computer, but different users?

    • by AmiMoJo ( 196126 )

      Age restrictions are a pretty shoddy way to stop kids accessing porn anyway. They only apply to sites that are in the jurisdiction of the country where the kid lives, i.e. there will always be loads of porn sites that have no restrictions at all.

    • It is up the the parents/caregivers to ensure this type of thing. Not the tech companies Why should the majority of the population be tortured with age checking bs because your you lazy to supervise your kid?

      I agree up to a certain point. My children are 7 and 5, so I've removed regular YouTube and access to the web browser on their iPods. They have accounts with YouTube Kids to help. As I have a job which consumes 40+ hours of my life per week, I can't hover over them 24/7. I need tech companies to properly identify suggested age (and reasons) for their product. When I go into the App Store, I can see the game my son wants has a suggested age limit of 12+ for violence and drug depiction. I can decide if my son

      • by carton ( 105671 )

        The correct solution is obviously to place restrictions on the children, not on the adults.

        There's an age limit to that strategy, and it's about 12. This solution can't do any better than placing the same "information you are allowed to see" restrictions on adults as on rebellious, resourceful "young adult"-age children. That's correct and traditional, and it's good.

        As an adult, I've never seen porn worse than Piers Anthony and C J Cherryh because I haven't gone looking for it. I don't think children sho

    • It is up the the parents/caregivers to ensure this type of thing. Not the tech companies Why should the majority of the population be tortured with age checking bs because your you lazy to supervise your kid?

      Looking over your kids' shoulder at everything they do, 24/7, would be far more torturous, and maybe scar them emotionally too. I'm not agreeing with the age checking as proposed, but micro-managing kids is impractical.

    • by lsllll ( 830002 )
      Damn! You beat me to it (and noticed yours AFTER I posted the same thing). But I get the bonus for my account name!
  • Remember the age check questions in Leisure Suit Larry in the Land of the Lounge Lizards? Here's the full list [allowe.com]. I think websites could definitely use these.
  • Anonymity = Equality (Score:4, Informative)

    by Bert64 ( 520050 ) <.moc.eeznerif.todhsals. .ta. .treb.> on Thursday October 28, 2021 @01:52AM (#61934553) Homepage

    There are so many complaints about inequality, sexism, racism etc these days - but anonymity is a great way to counter this.

    Online you can be whoever you want to be, and those you communicate with don't know any different unless you tell them.

    If you think people on a particular forum are going to discriminate against you because of your race or gender, then claim to be of the race and gender they seem to prefer. If you still feel you're being discriminated against then it's more likely your personality or behavior which is triggering them not your race or gender, while on the other hand if they get on with you just fine when they think you're a particular race or gender when in fact you're not you have evidence to expose their unfounded racism/sexism.

    Back in the days of IRC, i encountered a fair few transgendered people there. Generally they would join IRC with a name suggesting the gender they wanted to be, even if in real life they hadn't taken any physical step towards it. You had no way to know until they trusted you enough to tell you.

    • by Tom ( 822 )

      Back in the days of IRC, i encountered a fair few transgendered people there. Generally they would join IRC with a name suggesting the gender they wanted to be, even if in real life they hadn't taken any physical step towards it. You had no way to know until they trusted you enough to tell you.

      The net in general seems to be more open here. We had a transgender person join our online gaming group a while ago, and when s/he came into voice chat and literally the first thing was "if you wonder why my voice doesn't sound like what you expected..." everybody let her/him calmly finish and then said something like "That's ok, I really don't care about it. Welcome to the group."

      Routinely interacting with people without knowing more about them than the interaction itself seems to make you understand that

    • by Mitreya ( 579078 )

      If you think people on a particular forum are going to discriminate against you because of your race or gender, then claim to be of the race and gender they seem to prefer.

      But be warned that if people still treat you poorly, you may learn that you are just an asshole (rather than a target of pervasive sexism/racism/etc.)

  • Comment removed based on user account deletion
  • Ghu forbid that parents, you know, ACTUALLY RAISE THEIR KID!

  • by Gabest ( 852807 )

    Every teenager masturbates. They need their porn.

  • ... why Japan has a Hikikomori problem.

  • Hey! Collect ID before letting people access you.
        No.

    • by Duds ( 100634 )

      Well that got ruined by the site, it WAS a conversation between one of these governments and a site hosted in literally any other country who doesn't care about their laws.

  • by vbdasc ( 146051 ) on Thursday October 28, 2021 @04:15AM (#61934695)

    Because my productivity will increase and I will have more time for everything important. I will still be able to visit the hobbyist websites I frequent (hopefully), but no Youtube, social networks and other time-wasters. And no, this is not a temporary whim of mine. I'm not giving Youtube and its likes either my credit card details or a scan of my id. Never. No way in hell. This is the line that I will never cross.

    • by Bumbul ( 7920730 )

      I'm not giving Youtube and its likes either my credit card details or a scan of my id. Never. No way in hell. This is the line that I will never cross.

      Agree 100% on that. But in Finland we have this system of trusted parties (i.e. banks, telco operators or even Finnish population registry), which have means and a valid need to ensure that you are who you are. Now that we have established that trust with those parties, they have created a system where I can use e.g. my banking authentication (two-factor, electronically) to sign up for new services, for example to an insurance company.

      This authentication works so that when authenticating with the bank si

  • by Todd Knarr ( 15451 ) on Thursday October 28, 2021 @05:26AM (#61934787) Homepage

    Useless, at best. You can type anything you want into the form, using false information is trivial. Scan or photo of a government ID required? No problem, those are available and you just need to make sure the false information you entered for the site matches the information on whoever's ID you got an image of. Selfie required? Look up a photo of the person whose stolen ID you're using, or find a photo of someone similar enough to the DMV-quality photo on the ID and use that. Selfie holding the ID at a resolution high enough for the ID to be legible? I'm sure markets for that won't take too long to be set up, in the meantime someone with Photoshop skills can drop a suitable faked ID image into an existing image without it being obviously detectable. The only places age checks might work are countries where Internet usage is already controlled tightly enough that the authorities know exactly who's using every IP address and VPNs are either blocked entirely or locked down so the authorities know the real IP address of everyone connecting to one. The only country I can think of that comes anywhere near that is China, and even their Great Firewall is porous. I'm ignoring countries where Internet access simply isn't available to the general public.

    Age checks, to work, depend on being able to prove that the identity being presented is really that of the person at the keyboard. That, to date, is an unsolved problem. Well, unsolved for practical purposes, we know how to do it but every method involves either denying the authorities access to too much information that they'd like to have access to or completely destroying the business models of too many companies to ever be politically palatable.

    • Useless, at best. You can type anything you want into the form, using false information is trivial. Scan or photo of a government ID required? No problem, those are available and you just need to make sure the false information you entered for the site matches the information on whoever's ID you got an image of. Selfie required? Look up a photo of the person whose stolen ID you're using, or find a photo of someone similar enough to the DMV-quality photo on the ID and use that. Selfie holding the ID at a resolution high enough for the ID to be legible? I'm sure markets for that won't take too long to be set up, in the meantime someone with Photoshop skills can drop a suitable faked ID image into an existing image without it being obviously detectable. The only places age checks might work are countries where Internet usage is already controlled tightly enough that the authorities know exactly who's using every IP address and VPNs are either blocked entirely or locked down so the authorities know the real IP address of everyone connecting to one. The only country I can think of that comes anywhere near that is China, and even their Great Firewall is porous. I'm ignoring countries where Internet access simply isn't available to the general public.

      Age checks, to work, depend on being able to prove that the identity being presented is really that of the person at the keyboard. That, to date, is an unsolved problem. Well, unsolved for practical purposes, we know how to do it but every method involves either denying the authorities access to too much information that they'd like to have access to or completely destroying the business models of too many companies to ever be politically palatable.

      Are there sites whose content is so valuable that you'd be willing to go through all that hassle to give them fake identity?

      My state is talking of using electronic drivers licenses. We would open up the wallet app on our phone and people would scan a bar code or QR code and get data they have rights for. As an example, bars and night clubs might only get your age / birthdate, but not the other information normally found on the card (height, weight, DL number, address, etc).

  • It absolutely IS possible to prove your age, without revealing your identity to every website and its dog.

    The first solution is trusted agents, who know your identity and provide you with a token that they can verify and you can provide to sites. We already know this works because that's how SSO works.

    The second is one of several nifty crypto schemes that allow you to verify information without giving it.

    I'm sure there are others.

    I'm also sure none of these will be implemented, because all the big players w

  • Is paved with mouths bleating "Think of the children!"

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...