AB 2273 could be a sea change for online privacy:
Today, for better or worse, the Internet is a rather free range for children. Websites ask their users' ages, sure. But virtually anyone who came of age around the rise of the Internet can probably relate a time or 20 when they gave a false birthdate.
A California law now in the works might bring that world to a crashing halt.
AB 2273, or the California Age-Appropriate Design Code Act, promises to make the Internet safer for children—in part by tightening age verification. Its opponents instead believe that, in the process, AB 2273 could completely decimate the existing Internet as we know it.
[...] California wouldn't be the first jurisdiction to tighten age-related design standards for websites. AB 2273 explicitly cites an existing law in the United Kingdom, which expects websites to comply with a bespoke age-appropriate design code. (In fact, both bills share a backer, one Baroness Beeban Kidron, a campaigner for children's rights online.)
That U.K. law has already made ripples. YouTube disabled its autoplay feature for users under 18. Instagram started preventing adults from messaging under-18s who don't follow them. TikTok stopped sending under-18s push notifications after a certain point each evening.
[...] Though California's code doesn't yet exist, AB 2273 lays out a few requirements. For one, websites must report their data-management practices to a California government agency. Also, websites can't collect or sell data on children (including geolocation) that isn't absolutely necessary for children to use the website. And websites must tell a child when a parent or guardian is tracking their activity on that site.
Where AB 2273 becomes more than a little controversial is the requirement that, to determine which users ought to experience what, websites must "estimate the age of child users with a reasonable level of certainty."
[...] Some of AB 2273's sponsors and defenders see the bill as a necessary measure in a world where children are vulnerable to dangers like manipulative websites, invasive apps, and social-media addiction.
But from many corners, the reaction has been less than positive. AB 2273 has garnered a wide range of opponents, including privacy advocates and big tech. Santa Clara's Goldman likens the law to a neutron bomb. "It will depopulate the Internet and turn many services into ghost towns," he says.
(Score: 1, Redundant) by Anonymous Coward on Friday September 23 2022, @09:10PM
The 1st Amendment has something to say about this. I hope somebody with the money makes a case for it.
(Score: 4, Insightful) by Opportunist on Friday September 23 2022, @09:12PM (8 children)
My page is hosted abroad. I don't give a flying fuck about your laws.
(Score: 5, Insightful) by Rosco P. Coltrane on Friday September 23 2022, @09:28PM (7 children)
Nobody gives a fuck about your page.
Big companies however can't afford to lose Californian customers, and will implement whatever the state requires to operate there. And if one does it, they'll all do it. Same reason why Americans are annoyed by Euro-centric GDPR-compliant cookie questions when they visit American sites.
The problem is that for real age verification to happen on the internet, anonymity must die. That would be a major blow for liberty and free speech around the world.
(Score: 2) by krishnoid on Friday September 23 2022, @09:35PM
Hey, they standardized all the phones, and then de-facto everything else, on micro-USB for data and charging. They can put up all the 1-time cookie banners they want.
(Score: 3, Funny) by khallow on Saturday September 24 2022, @02:39AM (1 child)
I disagree. If someone says they're older than 18, then that's their identity. We should respect that. That's all the real age verification we need.
(Score: 3, Informative) by maxwell demon on Sunday September 25 2022, @07:00AM
Age is merely a social construct.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 5, Interesting) by Opportunist on Saturday September 24 2022, @03:15AM (3 children)
As someone in Europe, I can tell you that there are quite a few pages who simply didn't go along with the GDPR and just display a "sorry, not available in Europe, get a better legal system if you want our page" page. Or as I tend to call them, the "sorry, but if we can't rape your privacy, we don't need your eyeballs" page. Kinda tells you something about what the page actually is doing...
So yes, I could very well expect others to do the same with Cali, especially when the alternative is alienating everyone by basically doing away with privacy.
(Score: 4, Insightful) by Rosco P. Coltrane on Saturday September 24 2022, @04:59AM (2 children)
If that was true, Facebook would have pulled out of Europe. And they haven't: if you visit Facebook or Instagram in Europe, they'll serve you with that nice "Choose how many cookies you allow us to put on your computer" page: if you chose bare minimum, it continues and works just fine - which tells me it does nothing to prevent Facebook from raping my privacy in any meaningful way. It's all theater: your privacy in Europe is just as fucked as in the US.
That's the problem: nobody is alienated by the loss of their privacy anymore. Older generations are, but newer generations have grown up in a world where giant big data monopolies watch their every moves and it's the new normal for them. Privacy is an odd concept that has gone the way of the dodo a long time ago to them.
(Score: 2) by kazzie on Saturday September 24 2022, @05:20PM (1 child)
Facebook relies on getting eyeballs to visit their pages, get the eyeballs to make more content, andthen also track what those eyeballs look at on other sites.
Most of the (US) pages I saw* pulling up the GDPR drawbridge were news sites. They just get money from advertisers tagging on their pages: they don't get as much user-generated content, and they don't get the browsing history/analysis - at least not without paying the ad companies for it.
On that basis, the cost/benefit of accomodating EU visitors (who may not even be their target audience) is relatively poor.
It's still annoying for europeans who are interested in world affairs, though.
*The OP's experience may differ.
(Score: 2) by Opportunist on Sunday September 25 2022, @07:10AM
I consider it less annoying and more revealing. Personally, I think it's time we start collecting these pages and making the list available to our US friends so they know which companies are essentially saying "if we can't abuse your privacy, we have no use for you".
Because they might not have any use for those companies.
(Score: 2) by krishnoid on Friday September 23 2022, @09:19PM (1 child)
Will we have to go back to our filthy, perhaps additionally filthy, chat rooms [youtu.be]?
(Score: 2, Informative) by Anonymous Coward on Saturday September 24 2022, @04:38AM
Video unavailable
The uploader has not made this video available in your country
also, do it like this to avoid the crap https://www.youtube.com/embed/bPUNsdwViE8 [youtube.com]
(Score: -1, Flamebait) by Anonymous Coward on Friday September 23 2022, @09:28PM
The next step will be all minors will be required to only access the Interwebs in public spaces, like libraries, where
they will be on camera and their sessions captured and kept in-perpetuity
California Uber Alles
(Score: 4, Insightful) by MostCynical on Friday September 23 2022, @10:23PM (1 child)
children should not be on the internet
while 'research' is now ubiquitous, easy - and often, wrong (thanks, wikipedia!), and libraries are hard to get to..
we should treat the internet like libraries - supervised, curated, directed - with actual trained adults in charge (no, not 'moderators' - they are almost never adults)
the point is in the definition of the word "child" [oed.com], and the whole concept of "age-appropriate" [oxfordowl.co.uk]
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 2) by Mojibake Tengu on Friday September 23 2022, @11:22PM
Every human is someone's child.
The edge of 太玄 cannot be defined, for it is beyond every aspect of design
(Score: 5, Insightful) by darkfeline on Saturday September 24 2022, @12:28AM (1 child)
It seems very few people know that the Internet and the Web are two very different things. Certainly not the people behind this bill, which refers to "online services". No doubt the intent is to address Web services specifically, but a literal reading of the bill would require IRC servers among many other things to implement age verification.
The best outcome (?) if this bill were to pass and be enforced is that children get blocked from or are otherwise overly restricted on websites, and they learn to explore the non-Web portion of the Internet. Enterprising adults may do likewise.
I'm sure our dear old lawmakers will have a hell of a time trying to get IRC clients to implement age verification or understanding the difference between clients and servers.
Join the SDF Public Access UNIX System today!
(Score: 5, Interesting) by Anonymous Coward on Saturday September 24 2022, @01:28AM
Unlikely, since kids these days all have smartphones and use apps like TikTok and WhatsApp, and lawmakers are well aware of that.
Incorrect. They only need to identify children if the service engages in certain activities, eg:
Thus IMO the *best* outcome would be for services to stop collecting or selling data on *anyone*, and tell *anyone* when someone else is tracking their activity on the site.
It seems to me that everything these kinds of laws want to protect children from is commonly considered abusive, exploitative, or at least underhanded, no matter the age of the mark: Tracking, UI dark patterns, unreadable legalese, etc.
(Score: 3, Touché) by deimios on Saturday September 24 2022, @02:14AM (3 children)
While I agree with the sentiment I'm growing tired of the bad implementation of such good initiatives. GDPR was a clusterfsck. This too will result in a clusterfsck.
Real age verification is done properly in China with actual face scanning tech. There the government also drastically limits screen time of children. Not sure I'd want the west to get it to that point.
Another aspect that makes me uncomfortable is the whole "for the children" part of the law. I could go on about slippery slopes but I'll leave you with a quote:
"The state must declare the child to be the most precious treasure of the people. As long as the government is perceived as working for the benefit of the children, the people will happily endure almost any curtailment of liberty and almost any deprivation." - That certain Austrian painter's banned book.
(Score: 3, Informative) by bradley13 on Saturday September 24 2022, @06:03AM (2 children)
Why do you think the GDPR was a clusterfsck? Enforcement has been uneven, and companies like Meta are dragging things out, but is it generally working.
Everyone is somebody else's weirdo.
(Score: 2) by janrinok on Saturday September 24 2022, @10:17AM
I agree. When it was first issued the EU made many public statements to the effect that the first offences would be used a an opportunity for other companies to learn how best to comply. They further stated that this would take years rather than a few months unless the same companies became non-compliant several times. This is the stage that we are now at. The companies that have been warned in the past are being made to pay. First offenders are being treated more leniently if they can make a convincing and persuasive case explaining why they are non-compliant.
Companies should by now be aware of their obligations under the GDPR. The level of fines being levied is roughly in line with how the EU said it would calculate fines.
(Score: 2) by theluggage on Saturday September 24 2022, @02:43PM
It's the cookie law - which, if I recall correctly, predated GDPR, and *should* have been made redundant by GDPR - that is the clusterfuck.
I think the problems were:
The aim should have been to make it as easy as possible for sites to avoid cookie popups by sticking to session cookies and anonymous usage stats - putting competitive pressure on other sites to do likewise. Instead, lots of sites have gone down the "better safe than sorry" route and it is training people to click "accept all" - now you add GDPR to the mix - what the hell is "Legitimate Interest"? (rhetorical question) - and people could be consenting to more than cookies.
(Score: 0) by Anonymous Coward on Saturday September 24 2022, @03:50AM
until they can't get their free porn
(Score: 2) by inertnet on Saturday September 24 2022, @06:57AM
They're punishing the victims instead of those causing the problem.
(Score: 1) by ShovelOperator1 on Saturday September 24 2022, @08:07AM
Website must not collect or sell data of children. In today's world where everything, even in server, reports telemetry, it is called data processing, and the data will be sold in some telemetry set now or tomorrow.
So, website admin must know which users are children.
So, websites must collect and process data of children.
Even when they must not do so.
Great, another law to find hooks on people? Because I highly doubt American politicians are more stupid then EU politicians with their cookie law.
(Score: 2) by Nuke on Saturday September 24 2022, @12:27PM
Lets see how far that goes. I see websites that tell me that it is absolutely necessary for them to know my location (and email, gender, favourite beer, colour of socks) before I'm allowed to get onto the proper home screen, even if I only came there to read an article about the Big Bang theory.
(Score: 2, Insightful) by MonkeypoxBugChaser on Saturday September 24 2022, @01:31PM (1 child)
Some company was pushing this technology as part of this bill. I've yet to see it mentioned but that's what was being offered. So upload an ID and scan your face just to use facebook. You've got to be 18, right? Next up for online purchases, especially anything age restricted.
Thanks california for making us into china... for the chillun.
(Score: 2) by maxwell demon on Sunday September 25 2022, @07:05AM
Well, it's called facebook, isn't it?
The Tao of math: The numbers you can count are not the real numbers.