Don’t get me wrong, I’m all for privacy. But between setting up the birthdate when creating my children’s local account on their computers, and having to send a copy of their ID to every platform under the sun, I’d easily chose the former.
I’d even agree to a simple protocol (HTTP X-Over-18 / X-Over-21 headers?) to that.
What I’m really confused about is how are we going to confirm at account creation that the age is correct? Or that the person using the computer is who the account is for?
The issue with “children” local accounts (assuming they ever remained 100% local anyway) is that for it to be effective, you would have to control who install the OS for it to be effective.
I have been managing my own OS install since I was a teen, so I could have just created an adult account for me. But, okay, you could say that you could just regularly check your child hasn’t reinstalled the machine.
Well, see, they could just install a Virtual Machine. There is plenty of Virtual Machine software out there, and then we’re back at whoever installs it being responsible for filling in that information. And Virtual Machines are very useful for a bunch of things: from running software not made for your hardware (see Android emulators, WSL), to being safer around dodgy software.
You could counter that by not letting them install things with your permissions… but there are portable versions of software that people make for a bunch of reasons which don’t recall an installation. And I am not talking about hypotheticals: back when I was in school people would carry portable versions of games in USB sticks to copy around school machines so they could play video games during IT class.
Never mind that it means that whenever they want to install something, they will poke you about it, and now you’re on the hook for reviewing that. Which you should already be doing because you care about what your child does and they don’t have the years of experience to not break their OS.
But if you are doing that, why not use proper parental control software that let’s you have much finer-grained control over what they can see or not online, along with other controls around how much time they can spend on the machine and a few nicer things?
Kids also get alcohol from their older siblings. It doesnt have to be 100% effective to still make a massive impact on children. Plus, kids these days could learn a thing or two about computers. Maybe byspassing restrictions will give them motivation to learn
Because parents are responsible for stuff their off-spring does and the government should not be needed to do that.
At the very most, provide tools to help parents (e.g. on device filtering etc. or require companies to provide APIs to facilitate the same goal)Other than that: Fuck off of my phone.
How is your first reason an argument against OS-level check?
It’s not needed, thar’s the parents job. Not the OS’ job
People keep saying this. Is it not within an operating system’s purview to provide parents tools to configure what their kid can do with the system? Have parental controls been out-of-scope for all these OSes this whole time?
Whether it should be government-mandated is one question, but it seems more like this “it’s the parent’s job, not the OS’s” has become a tagline that people just repeat rather than really thinking through it.
Is your expectation then that parents should sit over their kids’ shoulder every moment that they access the internet? Are our tools not supposed to make that easier to handle?
At the very most, provide tools to help parents (e.g. on device filtering etc. or require companies to provide APIs to facilitate the same goal)
I thought that this is what you were getting at here, which is why I asked how this was an argument against values held locally on the device.
Whether it should be government-mandated is one question,
That:s my primary issue
Is your expectation then that parents should sit over their kids’ shoulder every moment that they access the internet? Are our tools not supposed to make that easier to handle?
In a perfect world, I would want APIs and other integrations be made available that will do that and the parent will only need to press a button to allow/deny it.
Not really government mandated but voluntarily by a group that executes the vision of a parent, requested by the government (due to requests by the parental society but not because corps deciding they need/want more controllable elements) and the technical parties (e.g. OS devs) that can integrate the wish.Unfortunately this will probably be a mandated integration requiring everyone, doesnt matter if a child is existing, to authenticate that they are truly legally able to access the device and/or ressource.
Great, now as a childless person I have to do those things because some were irresponsible and ruined it for everyone :/I hope I could communicate my issue.
Whether it should be government-mandated is one question, but it seems more like this “it’s the parent’s job, not the OS’s” has become a tagline that people just repeat rather than really thinking through it.
People usually repeat it for calls for checks on online platforms, not just within the scope of OS - but its primarily stated because people, quite fairly, don’t want to see websites having to shut down, or them losing access entirely, or losing access without handing over private data because of parents inability to control their childs access to the internet.
Sure. I think clearly this thread has been talking about the OS piece specifically. I wholly disagree with having some private company that collects IDs and makes the determination themselves. If instead your browser can just ask your device if you have parental controls enabled, then that removes the privacy concern entirely, as far as I know. Is there an extra data point for browser fingerprinting? Yeah, I guess. But I would also assume that anyone who cares to avoid this fingerprinting is going to not have parental controls enabled.
Essentially, I’m confused why the world gave up so quickly on parental controls (not really confused—the alternative provides more surveillance capability).
But even if it happened purely at the OS level, it would be laughably unenforceable at best.
Essentially, I’m confused why the world gave up so quickly on parental controls (not really confused—the alternative provides more surveillance capability).
I can easily imagine a piece of software parents can download, for free, that if installed would basically function akin to a virus on someone’s computer - it blacklists much of the internet and is updated and maintained by a company that updates the allowed sites and banned sites regularly. It could not be turned off. If it crashes, is ended by force, it automatically reloads - and any attempts to remove it sends emails or text messages to the owners (the parents) who would know something is up. It could be turned off only by the parent putting in a specific password to disable it, and if they forgot, they would have to phone the company to get it reset.
Any responsible parent would install this on the phones and computers of their kids and it would do everything they need.
One thing I said before is the question of what is the research on this, and how do we know child internet safety is actually a problem? I don’t know the statistics on this, and I haven’t done much studying on it yet. So I will admit that I have been operating under the premise that this is an issue to begin with. Someone mentioned routers with parental blocks. Aside from being able to easily disconnect from the network (inevitability for kids because it’s easy and they have plausible deniability, in my opinion), if child internet safety is currently an issue, then clearly there is something about it that isn’t working.
But even if it happened purely at the OS level, it would be laughably unenforceable at best.
Don’t get me wrong, it would still require another component whether that be a requirement for websites to query the OS via the browser, or a database of “bad” websites.
Now, if you want there to be an app that handles this, that’s your opinion and I respect that. Personally, I would rather it be built into the OS. Least of all because already-on-your-device is easier than something parents need to research and download on their kids’ devices. More significantly, if this kind of capability becomes an expectation for your general usage OSes to have, then that’s less incentive for some company to come in and try to capitalize off of it and charge $12.99 per month, and then still have incentive to collect and sell data on which sites are being visited. I mean, you can be reasonably sure that Microsoft is gonna do that too, but that would be another reason to switch to a Linux distro that doesn’t do that.
My calculator doesn’t need to know how old anyone is. Nor does my refrigerator. I suppose a case could be made for a router if you are all onboard for age gating everything privacy and freedom be damned. An OS isn’t just Mac or Windows… the CA law is just so so dumb as written that I have zero faith in anything from Silicon valley.
At least my printer already has a scanner I can put my ID into. How am I going to tell my smart fridge, that I’m not too old for the snacks with cartoon characters on the wrapper?
Voice recognition with the latest brainrot phrases built in, grouped by generation.
“That’s gnarly, bro” - Millennial
“Skibidi Ohio Toilet brah” - Gen Z
"6 7 6 7” - Gen Alpha
Just because one option is better than another, doesn’t mean it’s good.
OS level age check applies to everyone, not just children. Some legislations require strong age checking, which means you need to send some identification to some service. You won’t be able to know how the information is handled, for how long it’s stored and for what purposes it’s used beside age checking. And because this applies to everyone, and is required to be able to use your computer, everything you do with your computer and phone is tied to your user account, and as such to you as an individual and identifiable human being.
Some of these legislations uses age ranges, and the OS is required to inform applications, and such, whether the user is, for example, below 13 years old, or 13 to 16 years old, etc. Consider this simple scenario: Some user uses some application, and the OS reports the user’s age as below 13. The user uses the same app the next day, but now the OS reports the user’s age as 13 to 16 years old. Can you figure out the user’s exact birthday and age? If that application is part of some kind of larger network of advertisers and whatnots, they will now forever know the user’s exact age without the OS reporting anything else.
These can also be used to make some software illegal, especially free and open source software. If you can replace Windows with Linux, Photoshop with Gimp, etc. it hurts the bottom line of those companies. Those companies can’t prevent you from using the open source alternative, but it would be in their interest if those pieces of software becomes illegal to use and distribute. If age checking functionality is added to some open source software, the age checking can simply be removed by the user. You only need to correctly form the age checking law and that entire software is now illegal, and must be removed from the internet.
While the intention of these laws might to be to protect children, they cause too much harm for little good. The age checking can be circumvented in some situations, meaning the children aren’t protected. And the entire thing is a huge privacy mess (data leaks, etc.) for every single computer user.
and to prove its not actually about safety and instead about control: parents are already responsible for what kids do online and could be charged using existing laws. but… where is the overreach in that?!
because its designed to feed surveillance data to Palintir, which allows governments all over the west to monitor any dissident movements, or relatives of “dissidents” against right wing governments. dont know of any computer system requiring your ID/ or birthday, you can always fake a birthday.
right now the biggest threat to conservative governments is anyone “left” of them.
Because they don’t care about your age. They want to tie you to your ID, so everything you say and do online can be tracked and tied to you as a person.
Meanwhile the leader of one of their countries has raped women and teenagers and even a couple of children, but they don’t do anything about it. But you can be jailed for decades for seeing a picture or video of it. But the actual act? They don’t care about that. (I’m saying you can be jailed for simply seeing CSAM online, but if you’re a billionaire actually doing the things, you won’t be tried for the actual CSA being recorded.)
So as you can see, it’s not your age, but your identity.
Most people think the Nazis only locked up Jews. Some realise they also locked up minorities. Historians know it was also anyone who disagreed with them. Anyone who spoke out against them. Anyone who wouldn’t wear the armband. And they’re afraid history will repeat. And they’re right to be afraid.
Most people think the Nazis only locked up Jews. Some realise they also locked up minorities.
They started with the impoverished, queer, and disabled.
Well, the problem is less setting up the birthdate and more whether the birthdate needs to be verified.
Plenty of OSs already query for a birthdate, particularly on gaming devices. And yes, they will provide age-based protections already.
The question is, does the parent/account creator need to enter an accurate birthdate or not, and how does the system know?
If they don’t, then whatever, it’s the same self-declaration we already have all over the Internet. No biggie. Everybody was born in 1901 and we’re all chill about it. It still makes for an absurd situation where you HAVE to have a personal profile for every user on every computer, which a ton of computers aren’t expecting, so it’s still dumb on top of being useless, but it’s a solvable problem.
If they do, then you know have one of the biggest cryptographic and data management challenges in computing history. How do you have every single device across the entire planet interface with every single piece of software and server to authenticate a piece of personal data and safely store it so you don’t have to constantly re-check? It’s insane. Plus it removes a parent’s ability to enable their children to engage with content at whatever speed they see fit. And there are potentially different regulations in different areas, where both the server and user location may change the required behavior, so the whole thing is an absolute mess from the concept up.
let’s follow the argument this is to protect children: why does is seem like a good idea to let everybody on the internet know what age your child is?
so if it is not to protect the children, what else could it be?
Wrong technical solution to a made up problem.
Governments have commissioned enough studies to know that education, training, and parental controls filtering content at the receiving end are more effective & less infringing of civil rights than laws imposing restrictions & penalties on website operators to comply with online age verification. Laws could instead allocate resources to promote the former in a major way, setup independent evaluations reporting the effectiveness of child protection technologies to the public, promote standards & the development of better standards in the industry. Laws of the latter kind simply aren’t needed & also suffer technical defects.
The most fatal technical defect is they lack enforceability on websites outside their jurisdiction. They’re limited to HTTP (or successor). They practically rule out dynamic content (chat, fora) for minors unless that content is dynamically prescreened. Parental control filters lack all these defects, and they don’t adversely impact privacy, fundamental rights, and law enforcement.
Governments know better & choose worse, because it’s not about promoting the public good, it’s about imposing control.
most homes don’t run their computers in multi-user mode. Even when they do most kids will learn the admin password because parents don’t select good passwords.
Kids are not stupid. Even if some are, there are many kids in school and so any bypass will spread kid to kid fast. For each of the following reread this paraghraph to remind yourself all kids will know this.
kids can install linux /bsd on a raspberry pi or old/cheap computer - this is something I want to encourage. that of course means they are root and can claim whatever age. They can likewise do it in a vm.
if there is any security flaw kids can use it to change their age.
many programs will not check when they should. Kids will install/use these instead. this is a likely exploit vector of actors (in foriegn counties) that target kids - release a new program that does what the kids wants while also doing what they want. (Websites have done bitcoin in javascript while you read them)
who will check? onlyfans probably will, but small web sites spring up all the time, and they won’t bother - many are already illegal (either copyright or illegal content).
Meanwhile many programs that we want kids to use won’t bother to check. why would things autocad check - they target professionals but kids can use them and may even have to.
the above is not a complete list!
Age is useful for ‘buy cigerettes’ that is illegal for kids in some way.
However most of what parents care about isn’t automatically bad and I know plenty of panents who are frusterated because we can’t controll things how we need to without being a helicopter parent (bad). Playing video games is fine in moderation - AFTER YOUR HOMEWORK IS DONE - but we don’t get an easy way to enforce that. My teens are old enough to stay home alone and do homework - but they will not do their homework when they can do something else (this problem has been around since school)
my kids phones have parental controls that I turn on. However they lack a way to enforce homework vs play vs sleep time. There is likely more, this is just what frusterated me yesterday. some things are not gated - my kids have got up at 3am, and connected their school device (under school control not me) to their phone hotspot (turned on who knows when - I can’t block that at all) to play a game that the school will block next week when they figure out it is one kids are playing but they shouldn’t.
people are proposing age verification because they have no idea what else they can do and are frusterated at how bad things are.
Lots of people are about to be born on 01-01-1900. I guess 01-01-2000 works now though. Man, I’m old.
As others have said
It has nothing to do with age checking, protecting the children, or security. NOTHING.
That’s one of the main things to me. The argument jumps directly to drivers license / DOB collection, but makes no conclusions about how it would protect children. It is OVERTLY, 100%, about feeding lists of targets to the pedophiles that run the biggest tech companies.
They claim it’s to protect the children, when in reality, they will target everyone that DOESN’T have CP on their phones.
There is a difference between providing the capability, and requiring that capability.
Under this law, something as simple as sharing a Google Drive could make you an “app store” under this law.
These laws are specifically designed to be broadly interpreted. We have no idea just how widely the nets will be cast, either tomorrow, or 10 years from now. It is prudent to assume the absolute worst case.
How can you provide the capability for parents to keep their children off inappropriate websites if you don’t require that sites adhere to a conduct?
(I’m simply asking why this makes it an inherently bad solution—not suggesting that there aren’t better solutions.)
But between setting up the birthdate when creating my children’s local account on their computers, and having to send a copy of their ID to every platform under the sun, I’d easily chose the former.
This is how they move the goalpost. They changed the argument.
You currently can just create a local account - period. It’s yours. No tracking. No personal info.
But now you’re accepting that you’re willing to give a third party information, even just a little.
The next argument is: “If giving your age is okay, why not your home address?”
This is what police do to fish information out of you.
I’d even agree to a simple protocol (HTTP X-Over-18 / X-Over-21 headers?) to that.
In a era where privacy conscious people don’t even connect their TV to the internet… This is okay to you?
You went from “Why do they want my information?”
To
“I’m not concerned with sharing my age. But how should we do it?”
And that itself is the root issue.
Also this goalpost will move almost immediately. What if the parent doesn’t understand why the OS is asking for a DOB and they type whatever? What if the parent doesn’t log out and the kids use the adult account? What if the kid is really smart and bypasses the check (I think this could actually get bypassed easily)?
Rather than rolling back this rule they’ll just go even further and say the OS must analyze every action and utilize every input (e.g. microphone, camera) to determine the age of the current user and that controls need to be at the hardware level and OSes need to get state certified, etc. Before long only Windows, Apple, Google, and maybe RedHat can comply. An entire community of Linux enthusiasts destroyed. And as some bills have stated, rather vaguely, this can apply to something as simple as a calculator!
Also this goalpost will move almost immediately. What if the parent doesn’t understand why the OS is asking for a DOB and they type whatever?
Which we have already seen with content ratings. Instead of using the rating to inform themselves on what content to allow their child, they basically relied on the retailers/theatres not selling access to people below the age.








