What’s the argument against a ban? I don’t see a downside to banning social media for kids. In theory they would be forced to build in-person social connections and local communities. After 16 they can expand into the social media space. Personally, I think it should be tied to something like drinking age.
It depends how it will be implemented. Do you want to send your ID to Facebook etc.? Or do you want to make a video call before you can use a social media site? Will only the big players be required to keep your age verification details, or will each forum, each Fediverse site be required to gather and keep your personal ID?
not so terrible way to do it: to verify your age you get redirected to government run service, you authenticate with you digital ID, get redirected back to original site with information about you age only
terrible way to do it: tell each site to handle age verification on their side
Knowing Spanish government they will go with the terrible way.
What do you mean? With Cl@ve I’m still redirected to government website and back. The governments knows which site I’m visiting. It’s like the first solution.
Yes, the only issue here is that the government knows which sites you visit. It’s not an issue for facebook.com but is an issue pornhub.com
I don’t like the ‘slippery slope’ argument but in this case, I can very easily see the government extend this beyond social media sites using the exact same arguments.
So now the government has absolute detail on every single thing you need to authenticate for, online. Nothing could go wrong there.
I don’t think there’s any good safe way for verification to even be achieved, even if there was a good reason for it, which, honestly, I think there isn’t.
That’s why I said it’s ‘not so terrible’ way, not that it’s a good way.
I don’t see a big issue with people authenticating this way for Facebook or Twitter. They government will basically know that “this person is using Facebook”. They don’t even have to know your username or anything. It gets problematic when we get to more controversial apps and porn so it’s still bad, just not as bad as letting Facebook scan people faces and IDs.
Agreed this way is bad, but there can be a safe way of doing it. Basically, your digital ID has a way of signing that you are over 18 without giving any details. Estonia’s digital ID can do this. Imagine your digital ID has a way to sign documents with your age, but no other information. That way sites can know you’re over 18, without knowing your name, and the government doesn’t know what site you’re signing up to.
A less technical example of how this could work for the sake of explanation: You ask the government for a piece of paper that says you’re over 18. They don’t ask why you need it. All it has is a government stamp on it, saying you’re over 18. You give that piece of paper to someone trying to verify you’re over 18. They now know nothing about you other than that you’re over 18, and the government knows nothing about your activity other than that you want to prove your age for some reason.
Kids can still just use a VPN to get around this, but at least it doesn’t compromise the security of adults.
Kids can still just use a VPN to get around this, but at least it doesn’t compromise the security of adults.
And I can just sell my “you’re over 18” paper to some kid and he can use it. Spanish government proposed anonymous age verification certs some time ago. It’s also better solution than letting privet companies handle the verification but it doesn’t really solve anything. One leaked cert can be used by all the kids in Spain. If it’s truly anonymous you will never know who leaked it. If it’s not anonymous then… you know.
So the only arguments against the ban come down to how to perform the age verification and not issues with the ban itself. That makes sense. Maybe we could institute some kind of one time passcode where it’s like an MFA for age. Like picture your passport can generate a hash (unidirectional) that just contains like month and year of birth and is verified via PGP with the passport issuing body as the cert authority. So the only actual information you are sending is a hashed and cryptographically verified month and year of birth. That should probably make everyone happy.
elmicha only mentions this one arguments but parents will have more. Some parents claim that this will isolate their kids and since social media is good at radicalizing children fascist parents will see this as simply censorship, cutting their kids for valuable, fascist content.
What’s the argument against a ban? I don’t see a downside to banning social media for kids. In theory they would be forced to build in-person social connections and local communities. After 16 they can expand into the social media space. Personally, I think it should be tied to something like drinking age.
It depends how it will be implemented. Do you want to send your ID to Facebook etc.? Or do you want to make a video call before you can use a social media site? Will only the big players be required to keep your age verification details, or will each forum, each Fediverse site be required to gather and keep your personal ID?
They don’t need to gather your data. Only the answer to the authority about the age and not even that.
Exactly:
not so terrible way to do it: to verify your age you get redirected to government run service, you authenticate with you digital ID, get redirected back to original site with information about you age only
terrible way to do it: tell each site to handle age verification on their side
Knowing Spanish government they will go with the terrible way.
Not if the procedure is like cl@ve.
What do you mean? With Cl@ve I’m still redirected to government website and back. The governments knows which site I’m visiting. It’s like the first solution.
But the site doesn’t need to say the user.
Yes, the only issue here is that the government knows which sites you visit. It’s not an issue for facebook.com but is an issue pornhub.com I don’t like the ‘slippery slope’ argument but in this case, I can very easily see the government extend this beyond social media sites using the exact same arguments.
So now the government has absolute detail on every single thing you need to authenticate for, online. Nothing could go wrong there.
I don’t think there’s any good safe way for verification to even be achieved, even if there was a good reason for it, which, honestly, I think there isn’t.
That’s why I said it’s ‘not so terrible’ way, not that it’s a good way.
I don’t see a big issue with people authenticating this way for Facebook or Twitter. They government will basically know that “this person is using Facebook”. They don’t even have to know your username or anything. It gets problematic when we get to more controversial apps and porn so it’s still bad, just not as bad as letting Facebook scan people faces and IDs.
Agreed this way is bad, but there can be a safe way of doing it. Basically, your digital ID has a way of signing that you are over 18 without giving any details. Estonia’s digital ID can do this. Imagine your digital ID has a way to sign documents with your age, but no other information. That way sites can know you’re over 18, without knowing your name, and the government doesn’t know what site you’re signing up to.
A less technical example of how this could work for the sake of explanation: You ask the government for a piece of paper that says you’re over 18. They don’t ask why you need it. All it has is a government stamp on it, saying you’re over 18. You give that piece of paper to someone trying to verify you’re over 18. They now know nothing about you other than that you’re over 18, and the government knows nothing about your activity other than that you want to prove your age for some reason.
Kids can still just use a VPN to get around this, but at least it doesn’t compromise the security of adults.
And I can just sell my “you’re over 18” paper to some kid and he can use it. Spanish government proposed anonymous age verification certs some time ago. It’s also better solution than letting privet companies handle the verification but it doesn’t really solve anything. One leaked cert can be used by all the kids in Spain. If it’s truly anonymous you will never know who leaked it. If it’s not anonymous then… you know.
Find info on cl@ve.
They have precidet! The UK already went with the latter.
So the only arguments against the ban come down to how to perform the age verification and not issues with the ban itself. That makes sense. Maybe we could institute some kind of one time passcode where it’s like an MFA for age. Like picture your passport can generate a hash (unidirectional) that just contains like month and year of birth and is verified via PGP with the passport issuing body as the cert authority. So the only actual information you are sending is a hashed and cryptographically verified month and year of birth. That should probably make everyone happy.
Cl@ve works that way. You have to authenticate with a 3 letter code in your cell phone.
elmicha only mentions this one arguments but parents will have more. Some parents claim that this will isolate their kids and since social media is good at radicalizing children fascist parents will see this as simply censorship, cutting their kids for valuable, fascist content.