- cross-posted to:
- privacy@programming.dev
- cross-posted to:
- privacy@programming.dev
Of course, this is not only about Ubuntu, Fedora, or Linux Mint, as it would apply to all GNU/Linux distributions, desktop environments, and application hubs lke Flathub or Snap Store, which will have to comply with the upcoming law in the near future in some way, especially since similar laws have already been proposed in other US states, including New York and Colorado.
Age declaration, not verification. I know I’m in the minority here, but I don’t understand what the big uproar is. All it is is a way for mom and dad to mark an account as under aged.
If this didn’t happen we would keep seeing more mandatory ID uploads and facial scanning. This is probably the best outcome we can hope for. They get to protect the children and we can keep using the internet.
Why are you even accepting this something like this should exist? What is the threat model that this is protecting against? How would it offer any protection against that threat? Why should everyone who is making any program need to ask about the age of their possible users?
In addition, the law requires that every developer of every application, commercial, FOSS, student, hobbiest, professional, or whatever verify the age bracket of every person who downloads and runs their program every time. Every time it is downloaded, every time it is run. Yes an API for this would be trivial to implement, but that’s not the point. The point is why the fuck should I have to face a $2500-$7500 fine every time some kid downloads my pong demo? Why the fuck should PyPI, GitHub, or crates.io have to get the age bracket of every user? Why should every apt request include an age flag? Because that is what the bill requires.
Again. Not should exist. Will exist. I fundamentally believe they won’t shut up about it until something is done. “Nothing” is not an option.
If you take out the option for nothing, then this is really the next best.
The uproar is the same uproar that has always existed when government overreach threatens privacy. The question should never be, “why are you fighting this?” the question is, “why is this needed?” And the answer is that it is not. It’s yet another mnaufactured moral panic which is being pushed by the folks who want to destroy privacy. Some want that destruction for the privacy so that they can spy on and control others, the rest are dimwitted fools who believe that they can give up privacy to obtain some small measure of security. They are wrong and in the end will have neither privacy nor security.
Day 1: Age declaration laws.
Then the public gets used to it. It becomes the norm.
Day 30: Age verification digital ID laws.
“But I don’t have anything to hide!”
Society gets used to it.
Day 60: Always on live digital monitoring stream
“Well I’M not doing anything wrong, and it’s to protect children”
Day 90: Always live camera video/audio feed inside your house.
“Well I don’t have anything to hide! And it’s to help find child predators.”
Ect ect ect ect ect.
The thing to remember here is, they wouldn’t bypass child protection COPPA laws to install age verification if it really was meant to protect children.
Also, YOU don’t get to decide if you have nothing to worry about. YOU don’t get to decide if you’ve done nothing wrong. That’s for the fascists to decide. You won’t know until it’s too late.
https://www.youtube.com/watch?v=B2MxUCENw2s
See this is what we call the slippery slope argument. If things like that happen I will be up in arms with all of you. That’s not what is happening though.
That is absolutely what has BEEN happening!
All throughout the 2010s there was a battle for net neutrality. We lost that fight.
Then they put in the scanners for TSA that take full body nude photos whenever you fly. You can “opt out”, but they intentionally make it a hassle, and make it feel like YOU’RE the asshole for not wanting yourprivacy invaded like that.
Then all the appliances in your home started getting smart, so the internet was slowly becoming less of a luxery, and more of a requirement. Let an entire generation grow up without knowing a world without internet.
Then comes the tracking. We’re entering this phase now.
And eventually you’ll be isolated from society if you don’t consent to being tracked.
I have never had a facebook account. Yet facebook knows my name, my face, my phone number, my address. All of this was never consented by me. You know who did consent to it? My mom. She put me in her contacts list on her phone. She willingly entered all that info, uploaded a photo, and saved it to her phones contacts. Then she downloaded the facebook app. Which promptly asked her if she’d like to import her contacts list into her facebook contacts.
And it’s true that officially facebook isn’t technically part of the government. However, these mega corporations are all in bed with the government. Whatever they want, under this corrupt fascist government, it’s theirs for the taking. Nothing a little bribe can’t solve.
And now you got ICE out on the streets, downloading databases of who they want to oppress, where they live, what they look like.
It’s ALL connected. You are a frog slowly boiling. You don’t think the water is hot because you keep getting used to the tempature increases.
What does your bridge inventory look like? I’d like to go over some proposals.
There is a difference between a theoretical slippery slope and a logical path to an obvious goal.
That’s actually my point though, that some sort of this is going to happen no matter what. If you start at the assumption that they’re not going to stop until they can verify that the children can’t access porn, then working backwards this is the best way to accomplish that because it’s privacy focused.
The option of refusing is not on the table. It’s not going to happen. There can be holdouts, but it’s happening whether you like it or not. The only real thing we can do is fight for a version which does handle our privacy, which this one does.
An operating system is not a tool for accessing porn.
To state that this is required for protecting children from porn or harmful content means there is an essential misunderstanding of what an operating system is.
When you say privacy, I say surveillance.
I will not be proving my identity in anyway to my computer. It’s never happening whether you like it or not. I will fork an old Linux distro before I submit to that.
Your argument – that this type of privacy intrusion is inevitable – is also a full of various logical fallacies which i am not going to take the time to list.
Well great! Because no one is asking you to provide your identity. Both California and Colorado laws say that you only provide a birthdate (that you set) on a child’s account. So, don’t make a child’s account?
Your argument is literally the slippery slope argument, so maybe we can agree that the whole topic is blown out of proportion.
sudo?The community’s reaction is not “blown out of proportion”. I’d say the reaction is actually not proportional enough.
I hate lists in comments, but fine.
Up to $2,500 per affected child for negligent violations Up to $7,500 per affected child for intentional violationsThey don’t, there is no mandatory reporting, there is no “phone home” of compliance. It is only, and I mean only a boolean check in the OS, “Is the user a child or not”.
There is no section mentioning penalties for individuals entering false age information. You are completely free to submit whatever age you wish. This is 100% for parents to create a childs account.
No. This is the largest bit of misinformation about these bills. There is no place where a database is created. It is literally an OS level signal that says “Child is under X age”. A browser can check that signal, and if little Billie wants to see something adult related, the browser blocks it saying that they are under aged. It is still 100% opt in, there is no requirement for an OS to take an age, only that they must allow the option.
NO. They have no idea! There is no tracking at all! Seriously. Read the law for yourself.
NO. If the account is a default, normal adult account, all developers can trust that signal. “A developer that relies in good faith on a signal… is presumed to have accurately determined the user’s age and to be in compliance…”
This is the only slightly ambiguous part, which CA at least knowledges is a gap, if there is a shared account. This law does not state anything about that, and only puts in place that a child should be able to create a child account. At this point the OS would say that the user is an adult, and would fire the signal that they are an adult, and from the other parts of the law there is no liability if the parent didn’t set it up as a child’s account.
Seriously. Please go read it yourself. I’ve been an open source advocate for a long time, and I’m a software engineer. Nothing in this law seems alarming to me. Annoying sure, but literally I can’t think of a better more privacy friendly way to do this. It is quite literally only saying “You must have a way to create a child’s account, so that the API is there for other apps to block access”. It’s literally just closing the giant loophole of “I’m totally over 21” that we all made fun of for years.
In fact what I really love is that it’s doing what we always wanted from the beginning. Put the onus on the parents. This quite literally puts 100% of the onus on them. Like as an app developer I can say
If !os.isChild showPorn. It’s quite literally saying “Look, we’ve done as much as we can, you had one job to do as a parent and that was to set your child’s account as a child account, and you didn’t. That’s on you.” As an engineer myself, if all I have to do is check a flag to make sure kids don’t use my NSFW app, then that sounds like a win.https://legiscan.com/CA/text/AB1043/id/3269704
I credit Stallman with correctly being a zealot unwilling to give an inch on this topic for the last 30+ years. If he’d been the tiniest bit “realistic”, we wouldn’t have Linux or GNU coreutils or ad-free browsers.
Here’s the deal: I paid for this computer, it is mine. I can make its logic gates do anything I want (back then there was no Internet so it couldn’t reach out and hack/defraud someone else)
No matter what, it will be trivial to fork either Fedora installer or whatever to remove this. And because it’s files that are freely given away, it’s a lot harder to legally restrict than other consumer software.
No, age verification is not in inevitability. Neither is panopticon surveillance. We have the defensive shields.
I’m feeling the need to go a little more purist about open source these days. Every closed-source program lets you down in the end.
Yeah this is a way better alternative and no more invasive than a “I’m over 18” checkbox, it’s just done once on a OS user account rather than on every site.
I think all the age verification bullshit happening elsewhere is making people jump to angry conclusions rather than actually read the law.
EDIT: JFC the straw man arguments on this one are insane. I feel like people are intentionally misunderstanding how this functionality works because they’ve decided to be mad about it in advance.
Except that’s not all it is.
Go read the bill, particularly section 1798.501.b, 1798.502.a and b. Every developer of every application that can be downloaded from every package system MUST request your age bracket every time it is downloaded. And possibly every time it is launched. Basic utilities like ‘ls’ and ‘cat’, that pong example I pushed as a test two weeks ago, everything.
Thanks but i don’t need a fridge to question my age if i want to take beer out.
(not that you’d catch me eith a smart fridge in the first place, i am not insane)
The verbiage appears intentionally vague in the case of the Colorado law. It extends to literally anything with an OS, and the incentive for compliance is being allowed to spy on minors again.
Opinions are just vibes based. Age checks are bad vibes, so everyone hates anything to do with them no matter what.