This is being baked in because of US law. I wouldn’t be surprised if the US made some federal laws requiring your religion in the near future.
And that is why it is a slippery slope fallacy. Eventually, superpowers are going to want to have access to your machines (they already do, but mostly in isolated cases). So any kind of data storage and overrides should be destroyed. So let’s go shred our hard drives and remove the concept of sudo/root access?
Also, I will just add on that it is more than just the US that is increasingly pushing for age verification.
People can run secure systems that share minimal info. This requires all systems to store and share specific info. So you’re making it illegal to have a private system. Sure most people don’t, but now you’re making it illegal. You think that’s okay because we don’t have good privacy laws right now? You want to give up?
People can run secure systems that share minimal info.
And those generally aren’t the machines you want to connect to the internet and use for all your everyday browsing.
This requires all systems to store and share specific info.
Specific, unverified, info. That you are already sharing in most of the situations where it is being asked for.
So you’re making it illegal to have a private system. Sure most people don’t, but now you’re making it illegal.
A lot of things are illegal. Without the third party verification requirement, you are perfectly fine to hardcode that to say you were born on June 9th, 1969 by default. And that complies with the California legislation (last I read through it).
You think that’s okay because we don’t have good privacy laws right now? You want to give up?
No. I want people to actually understand what is going on so that they can actually protect themselves.
That is really going to depend on what your actual risk is. There are a decent number of articles and videos out there that go into what journalists have to do and… they are generally ahead of the curve on stuff like that.
But what people SHOULD do is to gain an understanding of what is actually going on. This entire debacle REALLY feels like a mix of people being mislead as to what the California legislature actually is (whether for Views or more nefarious reasons) combined with making it abundantly clear that they know absolutely nothing about their current risks.
Like, you telling pornhub you are over 18 is not telling PornhubCorp anything they don’t already know from all the other cookies and fingerprints you are carrying everywhere. Hell, a lot of services are dedicated to tracking by IP to get around incognito mode and even caching to get around VPNs (although, most don’t have to bother since people have been trained to just put EVERYTHING through a vpn so that it doesn’t matter in the first place). They are literally just ticking a checkbox in the hope of not getting blocked by more payment processors.
So if you truly care about protecting your age? Have multiple devices. Learn how to split your traffic based upon device to get around many fingerprinting techniques. Figure out where to sit at Starbucks so that you have your back to a wall but don’t look like a pervert. And so forth.
Rather than freaking out and throwing tantrums because people are trying to inform you about how little a self-reported age at the OS level that can be requested matters.
One fun bit of paranoia. I am sure most people are aware of the “Abnormal behavior has been detected from your IP. Please click here and then do some ML training to prove you are human” prompts that tend to come up on shared connections or if you have too many adblockers running.
Understand a lot of that is you “consenting” to have even more of your specific cookies checked (which is what happens when they “verify” you without a test). But a few years back there was an excellent paper that actually used how you perform on the ML training to further fingerprint you. The person at 1.2.3.4 with these cookies who is probably color blind is distinguished from the person at 1.2.3.4 with most of the same cookies (everyone loves going to Dildos R Us) but gets confused over whether a hotel shuttle is a bus.
And that all goes towards making sure they know exactly who you are and what ads (and trackers) to use.
Can I ask you to explain your point, “age doesn’t matter, your digital footprint carries over?” You mention solutions to protect yourself from the digital footprint carry over, but this law would just make it easier to overcome those solutions.
Now instead of having to figure out the various unique patterns of accessing the internet to determine info about you, you just tell them your age (or that you’re an adult, whatever) on those systems directly.
I also think it’s a bit disingenuous to call ‘this is the first step towards something worse’ a slippery slope when that is exactly how the creeping erosion of privacy has gone in the US historically, but especially the last few decades.
You acknowledge that a lot of people don’t fully understand how to protect themselves (and offer solutions that require more money, time, and education to accomplish) and in the same breath that is why it’s okay that we make data collection easier.
I know this probably comes across as accusatory, but I really don’t mean it that way. I’m genuinely trying to understand what your perspective is.
Can I ask you to explain your point, “age doesn’t matter, your digital footprint carries over?”
I… didn’t say that? Not sure if you replied to the wrong person?
But I’ll try to respond to what I can?
You mention solutions to protect yourself from the digital footprint carry over, but this law would just make it easier to overcome those solutions.
Assuming we are referring to the California legislature (I believe most/all of the US legislature if on the same grounds. The proposed EU "framework"s are very different), there is no requirement for third party verification.
It is literally the same check we already have. “Enter a random ass date that is more than 18 years ago”. This doesn’t “overcome” anything and, arguably, is a good law to get on the books so that you can say “Something is being done” before all the legislature and “frameworks” that want to be built around third party verification and “digital passports” do gain traction.
Now instead of having to figure out the various unique patterns of accessing the internet to determine info about you, you just tell them your age (or that you’re an adult, whatever) on those systems directly.
All of this is already happening and HAS already happened. You know all those stories about how google knows you are pregnant before you miss your first period? You know how you can quite often just click “verify you are human” and it processes without making you generate training data?
Hell, you know how targeted ads are a thing?
All of that is the same thing. It is about building profiles that tend to be so ridiculously specific that it isn’t even “This user connecting from Norway actually lives in the US and is from Cleveland” and is more “Oh, this is Oswald Harvey using his nordvpn subscription that he got with a discount from a Spiffing Brit video. He tends to favor the endpoints that are 25% down the list”
I also think it’s a bit disingenuous to call ‘this is the first step towards something worse’ a slippery slope when that is exactly how the creeping erosion of privacy has gone in the US historically, but especially the last few decades.
This is not exclusive to the US. This is something being pushed globally.
I never said this is “the first step towards something worse”. That step happened LONG before programming computers was “women’s work” and the cray loveseat was a genuine accomplishment
Both of which speak towards why people need to educate themselves to understand what information is already out there.
You acknowledge that a lot of people don’t fully understand how to protect themselves (and offer solutions that require more money, time, and education to accomplish) and in the same breath that is why it’s okay that we make data collection easier.
Yes? I am sorry that protecting your privacy takes effort? I am sure that if you pay a random sponsor on an LTT video that they’ll claim to do everything for you?
I… didn’t say that? Not sure if you replied to the wrong person?
But I’ll try to respond to what I can?
Oh whoops, if I did, my bad. That’s what I was understanding your comment about “it’s literally the same check we already have” to be. You’re saying there are already age checks for certain sites (and analysis of your web traffic and associated data being sold) and that this is no different, if I understand correctly. It is worth pointing out that while the California law requires no verification, the New York law potentially requires more than just a declaration of age. It’s worse elsewhere in the world.
All of that is the same thing. It is about building profiles…
Right, but you see how this is also a bad thing right? Given that the FBI has now spoken about buying this data and uses it to target people, I would think that we would all want better privacy protections, not fewer.
This is not exclusive to the US.
I don’t see how that should sway opinion about this being a good or a bad thing. It’s a bad thing for everyone, right?
I never said this is “the first step towards something >worse”.
No, I am saying that. I was saying that calling this a slippery slope doesn’t feel like it is based in the history of privacy erosion. I’d love to learn more about the original sin in all of this, but just because it isn’t the first step doesn’t mean we shouldn’t fight against consolidated, government-mandated privacy violations, right?
Yes? I am sorry that protecting your privacy takes effort? I am >sure that if you pay a random sponsor on an LTT video that >they’ll claim to do everything for you?
Like… I really don’t know what to tell you?
I think you’re misunderstanding me. I’m not complaining that it’s difficult. I’m asking why we don’t try and just fix the problem instead of letting something like this slide by because there are other, similar issues.
This is being baked in because of US law. I wouldn’t be surprised if the US made some federal laws requiring your religion in the near future.
There’s a big difference between data collection and government mandated identification.
And that is why it is a slippery slope fallacy. Eventually, superpowers are going to want to have access to your machines (they already do, but mostly in isolated cases). So any kind of data storage and overrides should be destroyed. So let’s go shred our hard drives and remove the concept of sudo/root access?
Also, I will just add on that it is more than just the US that is increasingly pushing for age verification.
People can run secure systems that share minimal info. This requires all systems to store and share specific info. So you’re making it illegal to have a private system. Sure most people don’t, but now you’re making it illegal. You think that’s okay because we don’t have good privacy laws right now? You want to give up?
And those generally aren’t the machines you want to connect to the internet and use for all your everyday browsing.
Specific, unverified, info. That you are already sharing in most of the situations where it is being asked for.
A lot of things are illegal. Without the third party verification requirement, you are perfectly fine to hardcode that to say you were born on June 9th, 1969 by default. And that complies with the California legislation (last I read through it).
No. I want people to actually understand what is going on so that they can actually protect themselves.
How do you want people to protect themselves?
That is really going to depend on what your actual risk is. There are a decent number of articles and videos out there that go into what journalists have to do and… they are generally ahead of the curve on stuff like that.
But what people SHOULD do is to gain an understanding of what is actually going on. This entire debacle REALLY feels like a mix of people being mislead as to what the California legislature actually is (whether for Views or more nefarious reasons) combined with making it abundantly clear that they know absolutely nothing about their current risks.
Like, you telling pornhub you are over 18 is not telling PornhubCorp anything they don’t already know from all the other cookies and fingerprints you are carrying everywhere. Hell, a lot of services are dedicated to tracking by IP to get around incognito mode and even caching to get around VPNs (although, most don’t have to bother since people have been trained to just put EVERYTHING through a vpn so that it doesn’t matter in the first place). They are literally just ticking a checkbox in the hope of not getting blocked by more payment processors.
So if you truly care about protecting your age? Have multiple devices. Learn how to split your traffic based upon device to get around many fingerprinting techniques. Figure out where to sit at Starbucks so that you have your back to a wall but don’t look like a pervert. And so forth.
Rather than freaking out and throwing tantrums because people are trying to inform you about how little a self-reported age at the OS level that can be requested matters.
One fun bit of paranoia. I am sure most people are aware of the “Abnormal behavior has been detected from your IP. Please click here and then do some ML training to prove you are human” prompts that tend to come up on shared connections or if you have too many adblockers running.
Understand a lot of that is you “consenting” to have even more of your specific cookies checked (which is what happens when they “verify” you without a test). But a few years back there was an excellent paper that actually used how you perform on the ML training to further fingerprint you. The person at 1.2.3.4 with these cookies who is probably color blind is distinguished from the person at 1.2.3.4 with most of the same cookies (everyone loves going to Dildos R Us) but gets confused over whether a hotel shuttle is a bus.
And that all goes towards making sure they know exactly who you are and what ads (and trackers) to use.
Can I ask you to explain your point, “age doesn’t matter, your digital footprint carries over?” You mention solutions to protect yourself from the digital footprint carry over, but this law would just make it easier to overcome those solutions.
Now instead of having to figure out the various unique patterns of accessing the internet to determine info about you, you just tell them your age (or that you’re an adult, whatever) on those systems directly.
I also think it’s a bit disingenuous to call ‘this is the first step towards something worse’ a slippery slope when that is exactly how the creeping erosion of privacy has gone in the US historically, but especially the last few decades.
You acknowledge that a lot of people don’t fully understand how to protect themselves (and offer solutions that require more money, time, and education to accomplish) and in the same breath that is why it’s okay that we make data collection easier.
I know this probably comes across as accusatory, but I really don’t mean it that way. I’m genuinely trying to understand what your perspective is.
I… didn’t say that? Not sure if you replied to the wrong person?
But I’ll try to respond to what I can?
Assuming we are referring to the California legislature (I believe most/all of the US legislature if on the same grounds. The proposed EU "framework"s are very different), there is no requirement for third party verification.
It is literally the same check we already have. “Enter a random ass date that is more than 18 years ago”. This doesn’t “overcome” anything and, arguably, is a good law to get on the books so that you can say “Something is being done” before all the legislature and “frameworks” that want to be built around third party verification and “digital passports” do gain traction.
All of this is already happening and HAS already happened. You know all those stories about how google knows you are pregnant before you miss your first period? You know how you can quite often just click “verify you are human” and it processes without making you generate training data?
Hell, you know how targeted ads are a thing?
All of that is the same thing. It is about building profiles that tend to be so ridiculously specific that it isn’t even “This user connecting from Norway actually lives in the US and is from Cleveland” and is more “Oh, this is Oswald Harvey using his nordvpn subscription that he got with a discount from a Spiffing Brit video. He tends to favor the endpoints that are 25% down the list”
Both of which speak towards why people need to educate themselves to understand what information is already out there.
Yes? I am sorry that protecting your privacy takes effort? I am sure that if you pay a random sponsor on an LTT video that they’ll claim to do everything for you?
Like… I really don’t know what to tell you?
Oh whoops, if I did, my bad. That’s what I was understanding your comment about “it’s literally the same check we already have” to be. You’re saying there are already age checks for certain sites (and analysis of your web traffic and associated data being sold) and that this is no different, if I understand correctly. It is worth pointing out that while the California law requires no verification, the New York law potentially requires more than just a declaration of age. It’s worse elsewhere in the world.
Right, but you see how this is also a bad thing right? Given that the FBI has now spoken about buying this data and uses it to target people, I would think that we would all want better privacy protections, not fewer.
I don’t see how that should sway opinion about this being a good or a bad thing. It’s a bad thing for everyone, right?
No, I am saying that. I was saying that calling this a slippery slope doesn’t feel like it is based in the history of privacy erosion. I’d love to learn more about the original sin in all of this, but just because it isn’t the first step doesn’t mean we shouldn’t fight against consolidated, government-mandated privacy violations, right?
I think you’re misunderstanding me. I’m not complaining that it’s difficult. I’m asking why we don’t try and just fix the problem instead of letting something like this slide by because there are other, similar issues.