Discussion
Loading...

Post

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
Neil Brown
@neil@mastodon.neilzone.co.uk  ·  activity timestamp 2 months ago

Today - 25 July - is the deadline for user-to-user services subject to the UK's Online Safety Act to have "highly effective age assurance" in place for UK users, if the site's content requires it. (Not all sites/content require age assurance.)

Please be careful, especially if you are in the UK.

Think before handing over ID documents, and be especially mindful of mistyped URLs and other scams, trying to obtain your personal data for phishing or blackmail purposes.

#OnlineSafetyAct

  • Copy link
  • Flag this post
  • Block
David Njoku
@davidnjoku@mastodon.world replied  ·  activity timestamp 2 months ago
@neil A tech journalist that I have a lot is respect for, @acedtect, has always been an advocate for Tim Berners Lee's Solid as a means of identification that allows the citizen retain a modicum of control. I wish the UK government had taken this opportunity to push it.

https://en.m.wikipedia.org/wiki/Solid_(web_decentralization_project)

  • Copy link
  • Flag this comment
  • Block
tautology
@tautology@infosec.exchange replied  ·  activity timestamp 2 months ago
@neil A discussion came up today in the work chat, if I use a false ID (e.g. AI generated image) to bypass this check to allow me to access a service which I am old enough to access anyway, would I commit an offence under the identity documents act 2010 or the fraud act 2006?

Would even testing this lead be in a postion where I could be prosecuted (like testing for vulnerabilities under the CMA)?

How is this different from me using a fake date of birth on sites?

Do we all just need to wait for an actual judgement or will the age verification vendors actual care?

  • Copy link
  • Flag this comment
  • Block
happyborg
@happyborg@fosstodon.org replied  ·  activity timestamp 2 months ago
@neil
If they wanted to protect children - and adults - they would ban or tackle algorithmic feeds.

That's what caused the problem and the solution is simple, easy to police and enforce, if a bit more difficult politically.

Instead they are driving small communities onto those corporate platforms which cause the ham. 🤔

  • Copy link
  • Flag this comment
  • Block
chrisp
@chrisp@cyberplace.social replied  ·  activity timestamp 2 months ago
@neil Really think about which services you use, with which accounts need verification. Remember that password breach you were in 2 years ago? What if it were an ID breach? Or use a VPN to a sane country.
  • Copy link
  • Flag this comment
  • Block
Dog Noise Generator
@Buster@woof.group replied  ·  activity timestamp 2 months ago
@neil uk Reddit is going nuts. Also, Reddit now insisting that LGBT subs are all 18+ and need verification.
Yeah, hand over your ID to an American company subject to the patriot act and be on their list of known queers? No thanks.
  • Copy link
  • Flag this comment
  • Block
🌱@ambiguous_yelp:ahimsa.chat
@ambiguous_yelp@social.coop replied  ·  activity timestamp 2 months ago
@neil Im concerned how this will affect decentralised social media like #simplexhttps://simplex.chat #briarhttps://briarproject.org & #cwtchhttps://docs.cwtch.im these services r so decentralised there aren't even servers that facilitate users directly its more like a participatory network infrastructure, its undeniably user-to-user but what are they going to do charge every simplex relay operator? Or every node in a briar mesh? Or r group moderators liable instead?
  • Copy link
  • Flag this comment
  • Block
G-Squirrel
@gsquirrel@cupoftea.social replied  ·  activity timestamp 2 months ago
@neil I've absolutely no intention of agreeing to use any of these age verification services. It'll be interesting to see (a) how much this affects my experience of the web, and (b) how trivial it'll be to circumvent the checks where they do get in the way of what I'm doing.
  • Copy link
  • Flag this comment
  • Block
jaz :twt: :wales_flag:
@jaz@toot.wales replied  ·  activity timestamp 2 months ago
@gsquirrel @neil when I were a lad the age verification was "can I reach the top shelf" and "will Tony the News let me take this out".

I must have put a lot of trust in Tony. I bet he never shared what mags and electric blue videos I was into with his mates.

  • Copy link
  • Flag this comment
  • Block
Peter Brett
@krans@mastodon.me.uk replied  ·  activity timestamp 2 months ago
@neil I'm still struggling to work out what the absolute minimum service that would qualify as “highly effective age assurance” would look like

#OnlineSafetyAct

  • Copy link
  • Flag this comment
  • Block
Peter Brett
@krans@mastodon.me.uk replied  ·  activity timestamp 2 months ago
@neil I guess this isn't a completely hypothetical question, because I'm now considering building a minimally invasive age assurance service, if I can figure out how to meet the minimum requirements

#OnlineSafetyAct

  • Copy link
  • Flag this comment
  • Block
Ret
@ret@furry.engineer replied  ·  activity timestamp 2 months ago
@krans @neil I think it’s impossible. Either you protect user privacy adequately and build a client side solution (which implicitly trusts the client and is therefore spoofable and able to be bypassed). Or you build a server-side solution where the user has to blindly submit images and believe your promises about how they are processed.

We’re in this situation because hapless, lazy MPs believed techbro promises that they can solve this intractable societal problem (for money). No amount of code can fix this. This isn’t a computer problem. This is a society and people problem.

  • Copy link
  • Flag this comment
  • Block
Paul Fenwick
@pjf@cloudisland.nz replied  ·  activity timestamp 2 months ago
@neil : Australia is trying to follow suit. I can't wait for even more of the internet to try and grift my PII. 😢
  • Copy link
  • Flag this comment
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.0-rc.3.1 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login