In Russia, they claimed that new measures to block websites are necessary to protect the children online. Of course, they immediately used these new capabilities to block opposition websites and sources critical of the government.
Now, seeing many European governments tirelessly push for these new measures to protect the children, I'm pretty sure that the children are finally going to be safe online.
It is really disheartening to see the sentiment around privacy erode like this. Fifteen or even ten years ago this would have been unanimously and vehemently opposed, but now it is somehow up for debate?
There has been 15 more years of highly motivated psychologists tuning their social media systems to create addiction, time for those who've grown up through this to become adults, foreign interference with democracy etc.
Though I think banning it for children is the wrong approach. Ban the addictive and dangerous features for everyone, adults included â no more infinite scroll, and no more feeds showing content from outside social connections.
We've had time to witness the damage of a dopamine-doomscroll. I personally know children who've posted too much, and children who've been solicited directly by adults, both to try and meet and for nudes. And we've seen the complete lack of positive action from platforms. Roblox is full of paedophiles and Grok was letting you nudify your classmates just a few months ago. These places aren't suitable for kids.
I don't want a ban on VPNs. That isn't being suggested, just making sure they're also age-checked. But some inconvenience is a price worth considering.
Maybe they should get the pedos out of the government instead of a foolish attempt at restricting and harming everyone else? It's not ever going to protect or make children safer. It never was.
The only (probably) good thing here is that one can at least try to apply Russian experience at circumventing the censorship, where it's currently way more severe, up to the point when entire companies have their workflows disrupted because remote workers can't connect through the VPN (which is blocked). Maybe that will help.
You see, the problem is that all exit points of our VPNs are in Europe. These too can be banned quite easily. Where to will we run next, given that this cancer tends to spread?
Change the protocols, I guess? Move to some kind of self-hosted or community-run infrastructure? Because to block all of that (EDIT: to block that reliably, I mean), you will have to block the entire EU network sector, and we're likely not in "V for Vendetta" or full-blown 1984 scenario for this to be possible.
I also do not believe that this is primarily aimed at ptotecting children. I think the goal is to counteract the bot-farms that spread disinformation, instigate violence, and so on. Which Russia, by the way, pioneered and scaled up to make a material difference in elections in the West. It is a real problem for which no effective solution has been found.
Non-nationalist parties that have been in power in Europe for so long are shitting their pants at the growing rise of nationalist parties and are absolutely planning to censor the shit out of them.
I'm not even taking a side here and what they are trying to do is obvious.
> Ms Kendall told Nick Ferrari: âI told MPs yesterday I'm going to come back to the House with a statement on the issue of VPNs in July. There are very strong views on both sides of this. For some people, it is about privacy, and it is the ability to use that is really held strongly by people. And for others, they say they should be banned because kids are using them to get around. And so Iâ the main thing that we've done is we've commissioned additional research on this because I've not been happy with the evidence."
Sounds like they realize there are two sides and no "clear winning argument" in either direction, that's why the additional research is needed. Sounds a bit more nuanced than what I expected based on your snippet.
What is there to research? Yes, VPNs can be used to circumvent geofences (and by extension, regional age restrictions). Yes, attempting to age-restrict VPNs is at odds with strong privacy guarantees. Privacy is a human right, and one which is essential for effective democracy.
The trade-offs and how many people care and about what specifically.
E.g., you say "Privacy is a human right", so why is it that half the websites I visit ask for permission to share details of how I use those sites with more corporate "trusted partners" than there were students and staff combined in my secondary school? I'm all on board with just banning this kind of analytics, but there's a lot of people who are more angry with the EU for forcing companies to at least ask for permission before they sell your data to all those analytics firms.
> E.g., you say "Privacy is a human right", so why is it that half the websites I visit ask for permission to share details of how I use those sites with more corporate "trusted partners" than there were students and staff combined in my secondary school?
Because capitalism itself is the enemy.
And information assymmetry is a potent tool, as is constant and persistent surveillance. All of these enable extracting more money.
For example the vast majority of the UK residents is against the ongoing support and complicity of the UK in the genocide of Palestinians, to which the government orchestrated the whole operation to turn the protest into act of terrorism (!).
"I want to do the thing that gets me the most votes and carries the least political risk".
Note this is not necessarily the wisest thing, or even the thing that objectively solves or mitigates the problem the most. Many such cases...
These people created a law that is catastrophic for privacy, so I don't believe they will be stopped from banning VPN's just because someone claims VPN's are good for privacy.
If your argument is that a group is conspiring to establish policy in a country, the idea that it's happening in many, many countries means the threshold for evidence is now much higher, since the group should be able to have much more control.
It's as much of a "conspiracy theory" as ordinary monetary corruption worldwide: There doesn't need to be any connection or conspiracy between politicians who take bribes, just like there doesn't need to be any connection or conspiracy between politicians who push for more surveillance and control over others.
Oh yes like Indonesia, Malaysia and Turkey. If it is happening worldwide, it is less likely to be a coordinated scheme and more likely coming to the same conclusions based on current research.
Edit because I'm getting limited:
This isn't exactly something old that has been going on for decades in its current form and the usage has increased especially since the lockdowns. Nations have also been copying each other for centuries, you don't need a secret group coordinating for it with a singular ulterior motive.
Oh yes sorry, Western countries and dictatorships.
But sure, all governments suddenly woke up at the exact same time, give or take a few months, and realized that social media should be banned for kids.
I think they all wanted to control internet access since the arab spring, but they didn't have a good wedge. Now the data around harm to children is widely available, they all have the same excuse they can use at the same time.
Or maybe different people respond similarly to the same incentives.
For decades companies like Facebook have been saying you just have to let us groom children, there's no way to have this tech and not groom children. Now the predictable consequences of that are arriving: the tech industry is being turned off, because it grooms children.
And when I say groom children, I'm talking about actual child predators, not the transphobic nonsense point.
I've been using a VPN in the UK on my laptop and phone exclusively for 20 years, and the state has been working with ISPs to make "connection records" for most of that time.
On mobile a VPN isn't always effective in avoid geoblocks. Some apps are able to determine I'm in the UK and still ask for ID - reddit is one for example, if you stumble on to an adult subreddit. Using the web interface avoids this.
The UK has also moved to force ISPs to block certain bittorrent search engines.
The UK is not shy when it comes to invading your privacy or censoring the Internet.
>The UK is not shy when it comes to invading your privacy or censoring the Internet.
Definitely doesn't shy away from doing it! But one thing I find most irritating is that it seems reluctant to say it proud and loud.
Look at the situation with 4chan and Kiwifarms. They are basically asking to be blocked from the UK and they refuse to. I can't really say why the onus is put on the websites to enact blocks, but my suspicion is the government doesn't like the idea of displaying an official page stating that you are not allowed to see something because the government doesn't want you to.
> On mobile VPN isn't always effective in avoid geoblocks. Some apps are able to determine I'm in the UK and still ask for ID - reddit is one for example, if you stumble on to an adult subreddit.
I've never had this issue (using Private Internet Access on iOS).
I'm a Brit living abroad, when I visit the UK I use a Tailscale network with an exit node at my home, and yeah this always seems to work for me.
Going the other way around to try and watch British TV I used to find with a normal hosted VPN services could still figure out I wasn't in the country, but now I have a Tailscale exit node at my mum's place in the UK it always works fine.
So I suspect it all comes down to the IP source, probably a residential IP is the best possible case and with commercial VPNs it depends on how hard they work on isolating their IP blocks from known datacentres.
Some context - Birmingham Mail is one of dozens of clickbait-driven publications owned by Reach plc.
They're not a high quality source of news - they've more than decimated their journalism staff and replaced them with 'content' staff who are performance monitored on the number of clicks their articles generate.
Content is syndicated in different accents across their range of papers from the national papers, The Mirror and The Daily Express down into a large number of notionally 'local' outlets.
At least we get to raise the next generation of IT geeks because they'll have to understand a bunch of networking basics to watch porn, and might get hooked on it. (on IT)
Israel will be making kill on this, they will unleash their free VPNs to the young people like they did to Iran. UK national security will be like Suisse cheese
Most VPN companies won't implement age verification, because their purpose is privacy. This is really an attempt to ban VPNs. This won't be popular when 70% of the population uses VPNs.
bruhghghbmphf, the VPNs! the VPNs! can't have those! What's that good sir? You say ssh? Do not shh me sir. Oh, SSH... yes, SSH, can't have that! It's elementary, any system which one accesses MUST report to parliament. Personally Identifiable Documents for General Evaluation Of Ne'er-do-wells. We'll call it the P.I.D.G.E.O.N. network.
It's never about the technical capability of the tool. This is a mistake technologists keep making. It's about what the average person thinks it does or uses it to do.
Ban VPNs, an industry of SOCKS5 proxies will boom. Ban those, put the SOCKS5 proxy behind an SSH port-forward, and so on and so forth. Suddenly calling a Kubernetes API puts you in a secret service list somewhere.
This will be interesting to follow. I dont see how this can be fully enforced. Maybe for iOS and other platform where app distribution is highly restricted, but on linux, windows and even macOS i can use mullvad, sending cash in an envelope without ever revealing my identity.
Every corporate I know of, uses VPNs. Especially when workers connect from home. Is the UK government really interested in going up against the majority of their business partners...?
In a way, the cack-handed way they've gone about this makes me slightly more optimistic. If we must have such a law, please let it be one which:
* Creates a market for privacy tech of several million teenagers
* Wastes police time chasing down social forums which kids are hosting abroad using their pocket money
* Rubs the noses of the securirati in the fact that they've made it easier for terrorists to hide their comms among the thousands of teenage speakeasies
This is not the 80's when comms tech required capital and man-years of engineering. Setting up forums online isn't even a high-school project.
And then UK residents are going to discover the "power" of government which will require age verification for renting a VPS or VDS or any other kind of cloud infrastructure, tied directly to your passport/ID, because "many families are desperate for this to happen and I listen particularly to bereaved families that say the longer we delay this, the more children are put at risk".
/j or /s
P.S. by the way, is it possible for them to use Hetzner? Don't they need something like credit card?
There are few things more exciting, in relationship to attempting to restrict access to (data) communications, than a government which thinks geeks won't find ways around such. Now sit back, relax, and let's wait for the next generation of encrypted channels solution development.
This isn't something that can be defeated like this. You are right, there will be ways around this. But we also have to be honest: being able to buy "off the shelf", two click VPN solution for 5$ already puts you into "geek" category. Relatively speaking.
If they ban the commercial providers, payment processors will be the first to enforce it. And Google and Apple will throw the 1-Click solutions out of their app store for users from those countries immediately. And with that the topic is effectively dead even for most "geeks". At this point the goal is already pretty much achieved, most people are cutoff and under heavier surveillance. Next comes the group that know what a server is, how to rent one, what OpenVPN or Wireguard are. But many of the most used websites already make your life difficult if your IP is from such a range.
It goes on. At each step you can argue "there is still a way, as long as you got networking with other countries". Absolutely correct, but at each step the group who knows how and is willing to invest the energy shrinks. And the intended goal will likely already be achieved at the mentioned phase 1 above. The fact that some people still find ways isn't really a gotcha in this matter.
And at some point they will criminalize it. Does it matter that they are unlikely to catch you? Is it worth the risk? And if so, what if you catch strays for it from an unrelated matter. Ultimately they will simply target the devs that help build easy solution for the less tech-savy.
One big reason why you want to keep a bunch of nerds tunneling out around anyway is that you keep useful, defusing attitudes like that floating around. Aka "It's not that bad, there are still ways around it, haha, those idiots".
The beauty of VPNs is that you do not need to have a presence in the UK to make or sell one. And there's a huge amount of money in it.
The law is very bad at dealing with such realities, see also piracy and drugs. The last time I checked TPB is still accessible in the UK with only DoH.
Oh, they're in motion already. There are other countries that tried to ban VPNs for decades now, that sparked multiple great avenues of development.
It's exciting to think I'll become a dissident like my parents, just because I don't want a slimy, rightwing, greasy friends of Epstein and other known abusers to ID and surveil me.
Perhaps then you could at least vaguely understand the desire of people to avoid having slimy, rightwing, greasy friends of Epstein and other known abusers to ID and surveil their children.
I definitely see both sides of this argument but to pretend the answers here are obvious just means people arenât being serious. Serious harm is being caused to children and just because thatâs a known cliche doesnât make it not a real concern people have.
Look, the excuse is being made that kids are exposed to harms in online places, in general.
Most famously in Roblox (that's now fixed on Roblox side first with age banding, now by sharding it into three parts), and then in socials -- but the impact of, say, Instagram where kids are preyed upon because the algorithms are promoting them to preying populace, and where Meta openly runs experiments with their mental health, knowingly pushing them into harms way, is vastly different from, say, Coverstar.
Impact of abuse from Meta is well documented already, yet Meta is not punished.
Kids are being radicalised by being fed toxic content, and it's also well known.
Elon Musk's X was knowingly producing CSAM and non consensual nude images of real people and it took a tremendous amount of time for _anything_ to happen - and I don't see Musk on the dock yet?
There are ways to automatically block almost all kids on socials. Take away DMs and comments on the posts from all unverified users and kids suddenly will be much safer. All that can be done today.
The greasy friends of Epstein are running this shitshow, they're in the government (most famously PM of the UK knowingly appointed a longtime Epstein friend as the UK ambassador for the US), they've been covering Jimmy Saville abuses in the BBC, Police forces, the past government, which receives financial incentives from some of these companies to push things exactly the way they want.
Most severe harm to children is caused with the tacit approval of the government and media.
Sneaky access to the socials is not this.
Oh, and you know what? Receipts show it's Meta behind this weird, sudden push for age checks. Meta and their $2B.
So you already know something's off, or at least you should.
The slimy, rightwing, greasy friends of Epstein own all the main political parties, the UK's mainstream media, most of the social networks, and have their fingers in the NHS.
The UK hasn't been quick to deal with Epstein's associates and has a long history of either ignoring or losing critical evidence in CSA cases associated with politicians and public figures.
With that background, mandatory ID makes it easier, not harder, for abusers to act with impunity and/or official protection.
Doesn't the UK already have geo-targeted age verification infrastructure in place? A website or app could require the user to submit a live video of themselves quaffing a local beer.
No. It has laws that websites must follow to serve content in the UK. Itâs up to the websites to do the age verification themselves, and the majority use third party ID verification services. Reddit used an American company to do it,
While I do support restricting social media to younger minds, the way they go about it, and the collateral damage that will result is unacceptable. For about 500ms I thought I might have found the "one thing" I agree with this government, but nope... I'm considering whether it's time to leave the UK. There is an air of hostility here towards... well everything.
Where would you go to then? European countries, Australia and American states already have implemented or are keen to implement ID requirements/tracking for websites.
Funny how quickly "won't someone think of the children" turns into mandatory government ID for private services, banning necessary and secure (and encrypted) communications systems, and locking children out of access to the de facto communication systems of the modern era.
This is a privacy nightmare on all fronts and a horrible limit on freedom of speech. These kids will be learning how to drive a car, yet unable to contact their extended family over Messenger or follow news on Twitter. For everyone else, it means no anonymity or secrecy which has a chilling effect on free speech at a time when fascism is growing within democratic countries and dissidents are being imprisoned or murdered.
Yes, there are some really big problems with social media, but keeping children away from it doesn't fix the problems - it just leaves them for the rest of us to deal with. Let's fix the root of the problem, starting with the recommendation algorithms that inherently polarize people by building echo chambers around them and pushing divisive content all in the name of "engagement".
That's because the tech industry never made any attempt. It's like you blocked all the good options, now you get the worst one because it's one you can't block.
Just moved back to the UK after many years away, and it's creepy here. Doing the elderly under terror legislation, some crazy kangaroo court antics, a frankly sinister approach to "online safety". VPNs?
The even more concerning thing is that we've got a far right party that have been leading in the polls for most of the last year.
The alternatives are even more power-mad, fundamentally illiberal parties (Reform, Conservatives), equally pearl-clutching ones that will likely continue on the same road as Labour (greens) and unreliable figures that will flip-flop as soon as they are in power (libdems).
UK government has been talking about digital ID for a while now. The existing verification methods are too vulnerable to cheating (fake beards, fake ID, borrow dad's credit card, etc...), so the logical next step is direct government ID numbers. The goal is to link all online activity to a unique identifier to make it easier to punish dissent.
Baffling how easy companies like Meta have it with politicians. Fuck them all, I'm leaving for the woods. It's been fun with tech but now it's just so painful,
The article below sharply summarizes why all this is a dystopian surveillance setup:
> how, precisely, do you stop a fourteen-year-old from opening Instagram without first checking the age of the forty-year-old?
> You donât. You canât. So everyone gets carded. Britain is lifting the system wholesale from Australia, where a computer first scans your face and guesses your age from your cheekbones, then, failing that, surveils you to death, studies your browsing habits and the hours you keep, and then, when the algorithm throws up its hands, simply demands your passport.
> You donât. You canât. So everyone gets carded.
Exactly. A little at a time. First it's adult sites, because if you need to show ID to buy alcohol, shouldn't you need ID to buy pornography? Once that's accepted, expand the sphere of control to non-adult sites too by redefining everything as 16+.
"legal parent/guardian is responsible for the child"
if a parent faced fine or jail for a child having access to the internet you can be sure 90% of the children wouldn't have internet access
I'm no defender of the big social/media sites but I don't see why it's their fault/problem if a minor has internet access when they aren't supposed to
This all feels like the opposite goal of knowing everyone who is online everywhere
Because it's not how you'd make the law, you'd wouldn't go to service by service and make it their problem, you'd make it the adult responsible for the child's problem
what if instead of this age gate or whatever government is doing, what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
remove all "reasonable step" shield to hide behind. for example, a shopkeeper can't say they took "reasonable steps" if they sell alcohol to a child so why should a website be any different? if we are going to the absurdity of age-gating VPNs, at least lets make it so that there is an incentive for children to self-report
The end result will be the same. If you face a 10k liability for serving the wrong customer, you end up needing to ID your customers.
If the government isn't going to provide that service you end up with private companies verifying identity and the data security issues that entails.
If you want to shift the responsibility of protecting children away from parents, then you end up in a situation where third parties need to be able to differentiate between a child and an adult. I haven't yet seen a proposal that doesn't entail someone - government or private enterprise - getting access to identifiable information.
Of course, you could have something like a signed certificate, so the identity verifier doesn't see who you are patronizing, and the identity seeking business only gets to see your age, but it still has privacy issues.
You've needed to do that for at least ten years. Mobile internet either requires a contract, or an ID check before you get a sim (pay and go)
Anyone providing internets is liable for what the users are doing. The way you got out of that is responding to legal requests. (originally mostly copyright)
This is the frustrating thing, we have effective and relatively uncontroversial age gated network (mobile data) already. and it worked.
I donât think that would have worked. Parents buy phones for their kids since the kids canât buy them. What would the choices be? Give them a phone or not give them a phone. I donât think society is ready for that kind of choice anymore.
> what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
All of these proposals probably sound good to people who think the Venn diagram of sites they use and sites covered by these laws are two separate circles.
They probably sound a lot less good when you realize the law covers site like YouTube. The Australian law (which they said theyâre modeling this after) also includes social news sites like Reddit.
If they passed a law like this extending to VPN services then youâd have to hand over your ID to use a VPN.
Usually people realize how bad these proposals are once they realize it might impact their internet use, too.
> big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
HIPAA has been super effective this way. As we all know, American companies donât give two shits about user privacy or even security. But wave the HIPAA flag and everyone starts caring real hard and taking extremely cumbersome steps to comply with patient privacy.
Very simple: Each HIPAA violation comes with a financial penalty for the business and personal penalty for every person involved in the leak. Very effective.
I agree the threat is there but I've never seen anyone actually punished for HIPAA violations and my data have been involved in several hospital and insurance breaches.
There's not even a test for HIPAA compliance, so you can't legally prove you were ever compliant in the first place, other than you did what you thought was right. People love to use the term "HIPAA-compliant" but it's technically not a thing.
From my understanding, HIPAA mostly just says that you need to have policies in place for various things, such as rotating passwords or encrypting data, but it doesn't go into explicit detail about what all must be IN those policies, or how you enforce them.
> It's not possible to prevent a person (of any age) from reaching a specific website if they are determined enough. Full stop.
right, and that reveals the absurdity of this "age gate", doesn't it?
because I am sure giving every UK national their very own unicorn would also poll very well but that doesn't mean that's what a functional democracy should be prioritizing
just because a majority of the public supports
because doing so is not possible
yes and we do fine companies that sell alcohol and drugs to children.
lets give everyone an incentive to report companies that allow or encourage children to use these websites.
the children, the parents, bystanders, the employees and contractors of these websites, everyone should get paid from the fines these social media companies would need to pay out for every infraction.
I think GBP 10k per incidence is actually pretty cheap
considering the alternative is life in prison for the CEO and the board
starting with cash incentives all the way to prison terms for the CEO and the board
In Russia, they claimed that new measures to block websites are necessary to protect the children online. Of course, they immediately used these new capabilities to block opposition websites and sources critical of the government.
Now, seeing many European governments tirelessly push for these new measures to protect the children, I'm pretty sure that the children are finally going to be safe online.
"The urge to save humanity is almost always a false front for the urge to rule."
H.L. Mencken
It is really disheartening to see the sentiment around privacy erode like this. Fifteen or even ten years ago this would have been unanimously and vehemently opposed, but now it is somehow up for debate?
There has been 15 more years of highly motivated psychologists tuning their social media systems to create addiction, time for those who've grown up through this to become adults, foreign interference with democracy etc.
Though I think banning it for children is the wrong approach. Ban the addictive and dangerous features for everyone, adults included â no more infinite scroll, and no more feeds showing content from outside social connections.
Social media got worse.
We've had time to witness the damage of a dopamine-doomscroll. I personally know children who've posted too much, and children who've been solicited directly by adults, both to try and meet and for nudes. And we've seen the complete lack of positive action from platforms. Roblox is full of paedophiles and Grok was letting you nudify your classmates just a few months ago. These places aren't suitable for kids.
I don't want a ban on VPNs. That isn't being suggested, just making sure they're also age-checked. But some inconvenience is a price worth considering.
Maybe they should get the pedos out of the government instead of a foolish attempt at restricting and harming everyone else? It's not ever going to protect or make children safer. It never was.
The only (probably) good thing here is that one can at least try to apply Russian experience at circumventing the censorship, where it's currently way more severe, up to the point when entire companies have their workflows disrupted because remote workers can't connect through the VPN (which is blocked). Maybe that will help.
You see, the problem is that all exit points of our VPNs are in Europe. These too can be banned quite easily. Where to will we run next, given that this cancer tends to spread?
Change the protocols, I guess? Move to some kind of self-hosted or community-run infrastructure? Because to block all of that (EDIT: to block that reliably, I mean), you will have to block the entire EU network sector, and we're likely not in "V for Vendetta" or full-blown 1984 scenario for this to be possible.
Literally, tor.
Run to the Kremlin, with torches in your hands.
it would be great if they cared as much about the safety of kids in the streets
I also do not believe that this is primarily aimed at ptotecting children. I think the goal is to counteract the bot-farms that spread disinformation, instigate violence, and so on. Which Russia, by the way, pioneered and scaled up to make a material difference in elections in the West. It is a real problem for which no effective solution has been found.
Non-nationalist parties that have been in power in Europe for so long are shitting their pants at the growing rise of nationalist parties and are absolutely planning to censor the shit out of them.
I'm not even taking a side here and what they are trying to do is obvious.
> the main thing that we've done is we've commissioned additional research on this because I've not been happy with the evidence.
Ah, yes, the existing research doesn't agree with our biases, so let's fund new "research" that does.
Full context:
> Ms Kendall told Nick Ferrari: âI told MPs yesterday I'm going to come back to the House with a statement on the issue of VPNs in July. There are very strong views on both sides of this. For some people, it is about privacy, and it is the ability to use that is really held strongly by people. And for others, they say they should be banned because kids are using them to get around. And so Iâ the main thing that we've done is we've commissioned additional research on this because I've not been happy with the evidence."
Sounds like they realize there are two sides and no "clear winning argument" in either direction, that's why the additional research is needed. Sounds a bit more nuanced than what I expected based on your snippet.
What is there to research? Yes, VPNs can be used to circumvent geofences (and by extension, regional age restrictions). Yes, attempting to age-restrict VPNs is at odds with strong privacy guarantees. Privacy is a human right, and one which is essential for effective democracy.
> What is there to research?
The trade-offs and how many people care and about what specifically.
E.g., you say "Privacy is a human right", so why is it that half the websites I visit ask for permission to share details of how I use those sites with more corporate "trusted partners" than there were students and staff combined in my secondary school? I'm all on board with just banning this kind of analytics, but there's a lot of people who are more angry with the EU for forcing companies to at least ask for permission before they sell your data to all those analytics firms.
> E.g., you say "Privacy is a human right", so why is it that half the websites I visit ask for permission to share details of how I use those sites with more corporate "trusted partners" than there were students and staff combined in my secondary school?
Because capitalism itself is the enemy.
And information assymmetry is a potent tool, as is constant and persistent surveillance. All of these enable extracting more money.
Good thing then that Democracy isnât gonna defend itself.
But that's the point, circumvent democracy, to set the stage for techno-fascism. The citizen has no rights which the state is bound to respect.
By all means.
For example the vast majority of the UK residents is against the ongoing support and complicity of the UK in the genocide of Palestinians, to which the government orchestrated the whole operation to turn the protest into act of terrorism (!).
Etc.
> What is there to research?
Probably how they can best attach a license to VPN use like they're doing with TV.
"I want to do the thing that gets me the most votes and carries the least political risk". Note this is not necessarily the wisest thing, or even the thing that objectively solves or mitigates the problem the most. Many such cases...
>both sides
These people created a law that is catastrophic for privacy, so I don't believe they will be stopped from banning VPN's just because someone claims VPN's are good for privacy.
Reminds me of the drugs tsar, Dr Nutt, saying that drugs should be legalised/decriminalised. So he got sacked.
Quite often, people in power donât want to hear the truth, they want to hear their own words/views parroted back to them.
Obviously Labour has been "lobbied" and now have to deliver this for whoever wants this.
It's pathetic how they use sobbing families to push it through, similar tactic like before Iraq invasion.
same players behind the scenes.
This is pretty much it. Bought and paid for, or hand forced by intelligence powers operating beyond ordinary voter politics
Conspiracy theory^
This is happening worldwide: https://en.wikipedia.org/wiki/Online_age_verification_laws_b...
What you linked is the evidence of the conspiracy, no need to turn it the other way round.
The fact that it's coordinated in all "Western" countries show it's a real conspiracy, not just a theory.
If your argument is that a group is conspiring to establish policy in a country, the idea that it's happening in many, many countries means the threshold for evidence is now much higher, since the group should be able to have much more control.
It's as much of a "conspiracy theory" as ordinary monetary corruption worldwide: There doesn't need to be any connection or conspiracy between politicians who take bribes, just like there doesn't need to be any connection or conspiracy between politicians who push for more surveillance and control over others.
This is the logical conclusion but there is currently a mass wave of Meta grunts downvoting.
Apparently if countries all put an age limit on tobacco it must mean there is a secret group coordinating for it for ulterior reasons.
Oh yes like Indonesia, Malaysia and Turkey. If it is happening worldwide, it is less likely to be a coordinated scheme and more likely coming to the same conclusions based on current research.
Edit because I'm getting limited:
This isn't exactly something old that has been going on for decades in its current form and the usage has increased especially since the lockdowns. Nations have also been copying each other for centuries, you don't need a secret group coordinating for it with a singular ulterior motive.
Oh yes sorry, Western countries and dictatorships.
But sure, all governments suddenly woke up at the exact same time, give or take a few months, and realized that social media should be banned for kids.
I think they all wanted to control internet access since the arab spring, but they didn't have a good wedge. Now the data around harm to children is widely available, they all have the same excuse they can use at the same time.
Or maybe different people respond similarly to the same incentives.
For decades companies like Facebook have been saying you just have to let us groom children, there's no way to have this tech and not groom children. Now the predictable consequences of that are arriving: the tech industry is being turned off, because it grooms children.
And when I say groom children, I'm talking about actual child predators, not the transphobic nonsense point.
Isn't it how it alwasy works?
I've been using a VPN in the UK on my laptop and phone exclusively for 20 years, and the state has been working with ISPs to make "connection records" for most of that time.
On mobile a VPN isn't always effective in avoid geoblocks. Some apps are able to determine I'm in the UK and still ask for ID - reddit is one for example, if you stumble on to an adult subreddit. Using the web interface avoids this.
The UK has also moved to force ISPs to block certain bittorrent search engines.
The UK is not shy when it comes to invading your privacy or censoring the Internet.
>The UK is not shy when it comes to invading your privacy or censoring the Internet.
Definitely doesn't shy away from doing it! But one thing I find most irritating is that it seems reluctant to say it proud and loud.
Look at the situation with 4chan and Kiwifarms. They are basically asking to be blocked from the UK and they refuse to. I can't really say why the onus is put on the websites to enact blocks, but my suspicion is the government doesn't like the idea of displaying an official page stating that you are not allowed to see something because the government doesn't want you to.
The UK is a funny place. 4chan is accessible but IPTorrents is blocked.
Browsing with a VPN is a frustrating experience. They are abused by many of their users which leads to circular capture checks and straight blocks.
> On mobile a VPN isn't always effective in avoid geoblocks.
It seems like your VPN setup has a leak, or the real location is obtained otherwise through the operating system (locale setting or GPS).
I would be surprised if your locale leaked on GrapheneOS for example.
> On mobile VPN isn't always effective in avoid geoblocks. Some apps are able to determine I'm in the UK and still ask for ID - reddit is one for example, if you stumble on to an adult subreddit.
I've never had this issue (using Private Internet Access on iOS).
I'm a Brit living abroad, when I visit the UK I use a Tailscale network with an exit node at my home, and yeah this always seems to work for me.
Going the other way around to try and watch British TV I used to find with a normal hosted VPN services could still figure out I wasn't in the country, but now I have a Tailscale exit node at my mum's place in the UK it always works fine.
So I suspect it all comes down to the IP source, probably a residential IP is the best possible case and with commercial VPNs it depends on how hard they work on isolating their IP blocks from known datacentres.
Some context - Birmingham Mail is one of dozens of clickbait-driven publications owned by Reach plc.
They're not a high quality source of news - they've more than decimated their journalism staff and replaced them with 'content' staff who are performance monitored on the number of clicks their articles generate.
Content is syndicated in different accents across their range of papers from the national papers, The Mirror and The Daily Express down into a large number of notionally 'local' outlets.
So, take it with a pinch of salt.
If you ban IPsec ESP people will start using WireGuard on random ports.
If you ban WireGuard using DPI people will start using SSL VPNs.
If you ban SSL you ban the entire internet.
At least we get to raise the next generation of IT geeks because they'll have to understand a bunch of networking basics to watch porn, and might get hooked on it. (on IT)
Or they will ask their AI to do that for them, learn very little about the networking stack in the process
Unless AI detects their prompt is from UK and they reply: Sorry I am not allowed to do that.
Oss AI is good enough for that
I am sure a contract with Palantir to find these miscreants is just around the corner.
Israel will be making kill on this, they will unleash their free VPNs to the young people like they did to Iran. UK national security will be like Suisse cheese
Most VPN companies won't implement age verification, because their purpose is privacy. This is really an attempt to ban VPNs. This won't be popular when 70% of the population uses VPNs.
> when 70% of the population uses VPNs.
To be honest, unfortunately, I'm not really sure about this one.
bruhghghbmphf, the VPNs! the VPNs! can't have those! What's that good sir? You say ssh? Do not shh me sir. Oh, SSH... yes, SSH, can't have that! It's elementary, any system which one accesses MUST report to parliament. Personally Identifiable Documents for General Evaluation Of Ne'er-do-wells. We'll call it the P.I.D.G.E.O.N. network.
It's never about the technical capability of the tool. This is a mistake technologists keep making. It's about what the average person thinks it does or uses it to do.
Ban VPNs, an industry of SOCKS5 proxies will boom. Ban those, put the SOCKS5 proxy behind an SSH port-forward, and so on and so forth. Suddenly calling a Kubernetes API puts you in a secret service list somewhere.
This will be interesting to follow. I dont see how this can be fully enforced. Maybe for iOS and other platform where app distribution is highly restricted, but on linux, windows and even macOS i can use mullvad, sending cash in an envelope without ever revealing my identity.
they can forbid mullvad.
Every corporate I know of, uses VPNs. Especially when workers connect from home. Is the UK government really interested in going up against the majority of their business partners...?
Laws don't apply to corporations. It'll only be used to punish individuals.
A lot of corporations use crappy VPN-like MitM services like Zscaler.
It's not about a technical capability to encapsulate packets, it's about whether people use it to bypass censorship or not.
The government use VPNs. The ban will target individual use.
It would not be hard to write laws to restrict one use but not the other. They may be the same tech but the use-cases are quite different.
The great firewall of UK.
Feel like there ought to be some Sinn Fein backed point to point connection in Belfast that leverages the Good Friday Agreement to get around this.
It would have to alter the voice of anyone on it to make them sound ridiculous.
For yanks: https://en.wikipedia.org/wiki/1988%E2%80%931994_British_broa...
Hadrianâs Firewall
Hadrian's Gate
Good thing Brexit happened to prevent government overreach.
Better then performing a social experiment on children.
don't worry they're still doing that
In a way, the cack-handed way they've gone about this makes me slightly more optimistic. If we must have such a law, please let it be one which:
* Creates a market for privacy tech of several million teenagers
* Wastes police time chasing down social forums which kids are hosting abroad using their pocket money
* Rubs the noses of the securirati in the fact that they've made it easier for terrorists to hide their comms among the thousands of teenage speakeasies
This is not the 80's when comms tech required capital and man-years of engineering. Setting up forums online isn't even a high-school project.
1. Age-gate social media
2. Children start using VPNs to bypass the ban
3. Age-gate VPNs
4. Repeat steps 2-3
Truly a masterful plan.
It's actually
1. Ban something
2. People bypass the ban
3. Ban however they're bypassing the ban
4. Goto 2
Uk kids about to discover the power of Hetzner Linux vps + vnc.
And then UK residents are going to discover the "power" of government which will require age verification for renting a VPS or VDS or any other kind of cloud infrastructure, tied directly to your passport/ID, because "many families are desperate for this to happen and I listen particularly to bereaved families that say the longer we delay this, the more children are put at risk".
/j or /s
P.S. by the way, is it possible for them to use Hetzner? Don't they need something like credit card?
The UK canât block Dissent [1] since it looks like normal HTTPS traffic.
[1] https://godissent.com
There are few things more exciting, in relationship to attempting to restrict access to (data) communications, than a government which thinks geeks won't find ways around such. Now sit back, relax, and let's wait for the next generation of encrypted channels solution development.
This isn't something that can be defeated like this. You are right, there will be ways around this. But we also have to be honest: being able to buy "off the shelf", two click VPN solution for 5$ already puts you into "geek" category. Relatively speaking.
If they ban the commercial providers, payment processors will be the first to enforce it. And Google and Apple will throw the 1-Click solutions out of their app store for users from those countries immediately. And with that the topic is effectively dead even for most "geeks". At this point the goal is already pretty much achieved, most people are cutoff and under heavier surveillance. Next comes the group that know what a server is, how to rent one, what OpenVPN or Wireguard are. But many of the most used websites already make your life difficult if your IP is from such a range.
It goes on. At each step you can argue "there is still a way, as long as you got networking with other countries". Absolutely correct, but at each step the group who knows how and is willing to invest the energy shrinks. And the intended goal will likely already be achieved at the mentioned phase 1 above. The fact that some people still find ways isn't really a gotcha in this matter.
And at some point they will criminalize it. Does it matter that they are unlikely to catch you? Is it worth the risk? And if so, what if you catch strays for it from an unrelated matter. Ultimately they will simply target the devs that help build easy solution for the less tech-savy.
One big reason why you want to keep a bunch of nerds tunneling out around anyway is that you keep useful, defusing attitudes like that floating around. Aka "It's not that bad, there are still ways around it, haha, those idiots".
It is technically possible to circumvent the Great Firewall of China, but I think it's fair to say it's been successful in what it set out to achieve.
They know they'll find workarounds, they'll just arrest whoever is involved in the workarounds. Law isn't a computer firewall, it's a loaded weapon.
The beauty of VPNs is that you do not need to have a presence in the UK to make or sell one. And there's a huge amount of money in it.
The law is very bad at dealing with such realities, see also piracy and drugs. The last time I checked TPB is still accessible in the UK with only DoH.
Oh, they're in motion already. There are other countries that tried to ban VPNs for decades now, that sparked multiple great avenues of development.
It's exciting to think I'll become a dissident like my parents, just because I don't want a slimy, rightwing, greasy friends of Epstein and other known abusers to ID and surveil me.
Perhaps then you could at least vaguely understand the desire of people to avoid having slimy, rightwing, greasy friends of Epstein and other known abusers to ID and surveil their children.
I definitely see both sides of this argument but to pretend the answers here are obvious just means people arenât being serious. Serious harm is being caused to children and just because thatâs a known cliche doesnât make it not a real concern people have.
Look, the excuse is being made that kids are exposed to harms in online places, in general.
Most famously in Roblox (that's now fixed on Roblox side first with age banding, now by sharding it into three parts), and then in socials -- but the impact of, say, Instagram where kids are preyed upon because the algorithms are promoting them to preying populace, and where Meta openly runs experiments with their mental health, knowingly pushing them into harms way, is vastly different from, say, Coverstar.
Impact of abuse from Meta is well documented already, yet Meta is not punished. Kids are being radicalised by being fed toxic content, and it's also well known. Elon Musk's X was knowingly producing CSAM and non consensual nude images of real people and it took a tremendous amount of time for _anything_ to happen - and I don't see Musk on the dock yet?
There are ways to automatically block almost all kids on socials. Take away DMs and comments on the posts from all unverified users and kids suddenly will be much safer. All that can be done today.
The greasy friends of Epstein are running this shitshow, they're in the government (most famously PM of the UK knowingly appointed a longtime Epstein friend as the UK ambassador for the US), they've been covering Jimmy Saville abuses in the BBC, Police forces, the past government, which receives financial incentives from some of these companies to push things exactly the way they want.
Most severe harm to children is caused with the tacit approval of the government and media.
Sneaky access to the socials is not this.
Oh, and you know what? Receipts show it's Meta behind this weird, sudden push for age checks. Meta and their $2B.
So you already know something's off, or at least you should.
The slimy, rightwing, greasy friends of Epstein own all the main political parties, the UK's mainstream media, most of the social networks, and have their fingers in the NHS.
The UK hasn't been quick to deal with Epstein's associates and has a long history of either ignoring or losing critical evidence in CSA cases associated with politicians and public figures.
With that background, mandatory ID makes it easier, not harder, for abusers to act with impunity and/or official protection.
Oi m8! U got a fooken loicense fer dem veepee-en or wot?!
The "loicense m8" memes are getting less and less funny ...
It is so funny to read. They are so stupid.
Doesn't the UK already have geo-targeted age verification infrastructure in place? A website or app could require the user to submit a live video of themselves quaffing a local beer.
No. It has laws that websites must follow to serve content in the UK. Itâs up to the websites to do the age verification themselves, and the majority use third party ID verification services. Reddit used an American company to do it,
Damnably hard to find local ales. I had to wander for hours last time I was in London to get Fullers.
While I do support restricting social media to younger minds, the way they go about it, and the collateral damage that will result is unacceptable. For about 500ms I thought I might have found the "one thing" I agree with this government, but nope... I'm considering whether it's time to leave the UK. There is an air of hostility here towards... well everything.
Where would you go to then? European countries, Australia and American states already have implemented or are keen to implement ID requirements/tracking for websites.
Leaving is not the hard decision. The hard decision is where to go. Do you have any suggestions?
At some point there has to be a line past which you can still get a clean network between A and B somehow. At very least for corporate, right?
Glad HN is getting to experience the true level of adverts on ânewsâ sites in the UK. It really is next level.
Adblock??
That will be illegal soon enough.
They can have their cookie, I'm deleting it as soon as I close my browser.
Funny how quickly "won't someone think of the children" turns into mandatory government ID for private services, banning necessary and secure (and encrypted) communications systems, and locking children out of access to the de facto communication systems of the modern era.
This is a privacy nightmare on all fronts and a horrible limit on freedom of speech. These kids will be learning how to drive a car, yet unable to contact their extended family over Messenger or follow news on Twitter. For everyone else, it means no anonymity or secrecy which has a chilling effect on free speech at a time when fascism is growing within democratic countries and dissidents are being imprisoned or murdered.
Yes, there are some really big problems with social media, but keeping children away from it doesn't fix the problems - it just leaves them for the rest of us to deal with. Let's fix the root of the problem, starting with the recommendation algorithms that inherently polarize people by building echo chambers around them and pushing divisive content all in the name of "engagement".
That's because the tech industry never made any attempt. It's like you blocked all the good options, now you get the worst one because it's one you can't block.
maybe the UK should instead look into protecting women and girls being systematically abused and raped while the police and government cover it up
Hopefully won't happen
Just moved back to the UK after many years away, and it's creepy here. Doing the elderly under terror legislation, some crazy kangaroo court antics, a frankly sinister approach to "online safety". VPNs?
The even more concerning thing is that we've got a far right party that have been leading in the polls for most of the last year.
This is a very dangerous situation.
Honestly, the UK already shot itself in the foot. Now they're shooting their other foot. And they keep voting for the Labor party...
And yet, govt will find it's impossible to regulate the creativity of software engineers.
> And they keep voting for the Labor party.
The alternatives are even more power-mad, fundamentally illiberal parties (Reform, Conservatives), equally pearl-clutching ones that will likely continue on the same road as Labour (greens) and unreliable figures that will flip-flop as soon as they are in power (libdems).
What's left? Count Binface, I guess.
This is all about pushing Digital ID by the backdoor and building surveillance state for benefit of corporations pretending to be against it.
https://www.lighthousereports.com/investigation/blair-and-th...
https://institute.global/insights/politics-and-governance/di...
UK government has been talking about digital ID for a while now. The existing verification methods are too vulnerable to cheating (fake beards, fake ID, borrow dad's credit card, etc...), so the logical next step is direct government ID numbers. The goal is to link all online activity to a unique identifier to make it easier to punish dissent.
Baffling how easy companies like Meta have it with politicians. Fuck them all, I'm leaving for the woods. It's been fun with tech but now it's just so painful,
They have it easy, because law enforcement is too scared to act or is just as corrupt.
The article below sharply summarizes why all this is a dystopian surveillance setup:
> how, precisely, do you stop a fourteen-year-old from opening Instagram without first checking the age of the forty-year-old?
> You donât. You canât. So everyone gets carded. Britain is lifting the system wholesale from Australia, where a computer first scans your face and guesses your age from your cheekbones, then, failing that, surveils you to death, studies your browsing habits and the hours you keep, and then, when the algorithm throws up its hands, simply demands your passport.
https://reclaimthenet.org/starmers-social-media-ban-surveill...
> You donât. You canât. So everyone gets carded.
Exactly. A little at a time. First it's adult sites, because if you need to show ID to buy alcohol, shouldn't you need ID to buy pornography? Once that's accepted, expand the sphere of control to non-adult sites too by redefining everything as 16+.
isn't the simple answer an age-limit for VPN? /s
all this because they refuse to make the law just
"legal parent/guardian is responsible for the child"
if a parent faced fine or jail for a child having access to the internet you can be sure 90% of the children wouldn't have internet access
I'm no defender of the big social/media sites but I don't see why it's their fault/problem if a minor has internet access when they aren't supposed to
This all feels like the opposite goal of knowing everyone who is online everywhere
Because it's not how you'd make the law, you'd wouldn't go to service by service and make it their problem, you'd make it the adult responsible for the child's problem
what if instead of this age gate or whatever government is doing, what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
remove all "reasonable step" shield to hide behind. for example, a shopkeeper can't say they took "reasonable steps" if they sell alcohol to a child so why should a website be any different? if we are going to the absurdity of age-gating VPNs, at least lets make it so that there is an incentive for children to self-report
The end result will be the same. If you face a 10k liability for serving the wrong customer, you end up needing to ID your customers.
If the government isn't going to provide that service you end up with private companies verifying identity and the data security issues that entails.
If you want to shift the responsibility of protecting children away from parents, then you end up in a situation where third parties need to be able to differentiate between a child and an adult. I haven't yet seen a proposal that doesn't entail someone - government or private enterprise - getting access to identifiable information.
Of course, you could have something like a signed certificate, so the identity verifier doesn't see who you are patronizing, and the identity seeking business only gets to see your age, but it still has privacy issues.
> . I haven't yet seen a proposal that doesn't entail someone - government or private enterprise - getting access to identifiable information
California's Digital Age Assurance Act
That isnât age verification. Itâs an api for reporting unverified age data.
Itâs basically parental controls standardized.
> you end up needing to ID your customers.
You've needed to do that for at least ten years. Mobile internet either requires a contract, or an ID check before you get a sim (pay and go)
Anyone providing internets is liable for what the users are doing. The way you got out of that is responding to legal requests. (originally mostly copyright)
This is the frustrating thing, we have effective and relatively uncontroversial age gated network (mobile data) already. and it worked.
but now they've done and fucked it up with OSA.
I donât think that would have worked. Parents buy phones for their kids since the kids canât buy them. What would the choices be? Give them a phone or not give them a phone. I donât think society is ready for that kind of choice anymore.
But its already the case now! As in if you buy an sim now, it comes with filtered internet by default. its been like that for years
You have to phone them up/log in and request the block to be removed.
Or give them an age-locked phone that tells the websites it belongs to a minor.
> what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
All of these proposals probably sound good to people who think the Venn diagram of sites they use and sites covered by these laws are two separate circles.
They probably sound a lot less good when you realize the law covers site like YouTube. The Australian law (which they said theyâre modeling this after) also includes social news sites like Reddit.
If they passed a law like this extending to VPN services then youâd have to hand over your ID to use a VPN.
Usually people realize how bad these proposals are once they realize it might impact their internet use, too.
Or perhaps we should expect parents to take some responsibility for their kids' screen use?
Ok, can you explain what that looks like in practice or is it just some abstract feel-good words?
Don't be daft. It's not the parent's responsibility to monitor and care for their kids.
You expect the average parent to outwit Meta and TikTok and their teams of psychologists scheming to get their kids attention?
The social media companies could have done the socially responsible thing a decade ago and avoided all this.
How do you create new procurement pipeline and surveillance infrastructure from that?
Because they will just withdraw from the jurisdiction rather than bother to implement that, most likely
> big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
HIPAA has been super effective this way. As we all know, American companies donât give two shits about user privacy or even security. But wave the HIPAA flag and everyone starts caring real hard and taking extremely cumbersome steps to comply with patient privacy.
Very simple: Each HIPAA violation comes with a financial penalty for the business and personal penalty for every person involved in the leak. Very effective.
I agree the threat is there but I've never seen anyone actually punished for HIPAA violations and my data have been involved in several hospital and insurance breaches.
There's not even a test for HIPAA compliance, so you can't legally prove you were ever compliant in the first place, other than you did what you thought was right. People love to use the term "HIPAA-compliant" but it's technically not a thing.
From my understanding, HIPAA mostly just says that you need to have policies in place for various things, such as rotating passwords or encrypting data, but it doesn't go into explicit detail about what all must be IN those policies, or how you enforce them.
> these big companies need to self police
It's not possible to prevent a person (of any age) from reaching a specific website if they are determined enough. Full stop.
> It's not possible to prevent a person (of any age) from reaching a specific website if they are determined enough. Full stop.
right, and that reveals the absurdity of this "age gate", doesn't it? because I am sure giving every UK national their very own unicorn would also poll very well but that doesn't mean that's what a functional democracy should be prioritizing just because a majority of the public supports because doing so is not possible
Itâs not possible to prevent these same children from getting alcohol or drugs either but we certainly donât permit it.
yes and we do fine companies that sell alcohol and drugs to children.
lets give everyone an incentive to report companies that allow or encourage children to use these websites. the children, the parents, bystanders, the employees and contractors of these websites, everyone should get paid from the fines these social media companies would need to pay out for every infraction. I think GBP 10k per incidence is actually pretty cheap considering the alternative is life in prison for the CEO and the board starting with cash incentives all the way to prison terms for the CEO and the board
Fwiw they acknowledge this and claim the goal of this regulation is to drastically increase friction, not render it impossible