←back to thread

Supreme Court's ruling practically wipes out free speech for sex writing online

(ellsberg.substack.com)
693 points macawfish | 6 comments | 12 Jul 25 18:14 UTC | HN request time: 0.001s | source | bottom
Show context
al_borland ◴[12 Jul 25 18:53 UTC] No.44544145[source]
All these ID check laws are out of hand. Parents are expecting the government, and random websites, to raise their kids. Why would anyone trust some random blog with their ID?

If these laws move forward (and I don’t think they should), there needs to be a way to authenticate as over 18 without sending picture of your ID off to random 3rd parties, or giving actual personal details. I don’t want to give this data, and websites shouldn’t want to shoulder the responsibility for it.

It seems like this could work much like Apple Pay, just without the payment. A prompt comes up, I use some biometric authentication on my phone, and it sends a signal to the browser that I’m 18+. Apple has been adding state IDs into the Wallet, this seems like it could fall right in line. The same thing could be used for buying alcohol at U-Scan checkout.

People should also be able to set their browser/computer to auto-send this for single-user devices, where it is all transparent to the user. I don’t have kids and no one else’s uses my devices. Why should I need to jump through hoops?

replies(36): >>44544207 #>>44544209 #>>44544223 #>>44544253 #>>44544375 #>>44544403 #>>44544619 #>>44544667 #>>44544797 #>>44544809 #>>44544821 #>>44544865 #>>44544875 #>>44544926 #>>44545322 #>>44545574 #>>44545686 #>>44545750 #>>44545798 #>>44545986 #>>44546467 #>>44546488 #>>44546759 #>>44546827 #>>44547088 #>>44547591 #>>44547777 #>>44547788 #>>44547799 #>>44547881 #>>44548019 #>>44548400 #>>44548482 #>>44548740 #>>44549467 #>>44560104 #
1. throw0101c ◴[12 Jul 25 20:20 UTC] No.44544821[source]
> All these ID check laws are out of hand. Parents are expecting the government, and random websites, to raise their kids. Why would anyone trust some random blog with their ID?

Kind of unfortunate that PICS[1][2] and POWDER[3][4] never really took off: it allowed web sites to 'self-label' and then browsers (and proxies?) could use the metadata and built-in rules/filters to determine if the content should be displayed.

[1] https://en.wikipedia.org/wiki/Platform_for_Internet_Content_...

[2] https://www.w3.org/PICS/

[3] https://en.wikipedia.org/wiki/Protocol_for_Web_Description_R...

[4] https://www.w3.org/2007/powder/

replies(1): >>44544911 #
2. Bender ◴[12 Jul 25 20:30 UTC] No.44544911[source]
PICS and ICRA were not adopted by many due to complexity. RTA [1][2] is a more generic header that can be used on any adult site or site that allows user contributed content and is easier to implement. There needs to be a law that requires clients to look for this header if parental controls are enabled. Not perfect, nothing is. Teens will easily get around it but most small children will not which should be the spirit of the ID verification movement. It's better than what we have today. The centralized ID verification sites will push many small sites to Tor and bigger sites to island nations and tax evasion in my opinion. More browsers are natively supporting .onion domains.

Congress critters should be opposed to the centralized ID verification systems as their browsing habbits will be exposed to the world when those sites ooopsie dooopsie "leak" the data or just openly sell it or an employee turns that data into a summarized online spreadsheet of who is into what. The kickbacks and lobbying they may be potentially receiving will not be worth it.

[1] - https://www.rtalabel.org/index.php?content=howtofaq#single

[2] - https://www.shodan.io/search?query=RTA-5042-1996-1400-1577-R... [dont follow the links, NSFW]

replies(1): >>44547536 #
3. sigwinch ◴[13 Jul 25 04:33 UTC] No.44547536[source]
> There needs to be a law that requires clients to look for this header if parental controls are enabled

Would that require MiTM at the network level? Or, is there a custom X.509 RTA that would tell clients not to accept the certificate?

replies(1): >>44548158 #
4. rocqua ◴[13 Jul 25 07:09 UTC] No.44548158{3}[source]
Put it in the parental controls feature of the browser. Parents have to turn it on. Parents get to decide if their kids can watch porn. The government helps parents enforce the rules parents want.
replies(1): >>44548207 #
5. sigwinch ◴[13 Jul 25 07:20 UTC] No.44548207{4}[source]
I wonder if I can detect when parental controls are engaged like that.

As of this ruling, all sites within striking distance of South Dakota must take “reasonable efforts” to age-verify, or be certain that no content could ever be politically harmful to the hypothetical minor.

replies(1): >>44550414 #
6. Bender ◴[13 Jul 25 13:43 UTC] No.44550414{5}[source]
Reasonable efforts in this case would be to send the RTA header. That's it. Done and dusted. If the client is able to browse your site that would mean that either parental controls are not enabled or they are enabled and your site was approve-listed in the client. This of course depends on changing the laws anywhere that require using a third party data-leakage site to verify ID.