←back to thread

EFF launches Age Verification Hub

(www.eff.org)
347 points iamnothere | 3 comments | 10 Dec 25 20:35 UTC | HN request time: 0.001s | source

Also: We built a resource hub to fight back against age verification https://www.eff.org/deeplinks/2025/12/age-verification-comin...
Show context
rlpb ◴[10 Dec 25 22:08 UTC] No.46224574[source]
I'd be OK with an "I am a child" header mandated by law to be respected by service providers (eg. "adult sites" must not permit a client setting the header to proceed). On the client side, mandate that consumer devices that might reasonably be expected to be used by children (every smartphone, tablet, smart TV, etc) have parental controls that set the header. Leave it to parents to set the controls. Perhaps even hold parents culpable for not doing so, as a minimum supervision requirement, just as one may hold parents culpable for neglecting their children in other ways.

Forcing providers to divine the age of the user, or requiring an adult's identity to verify that they are not a child, is backwards, for all the reasons pointed out. But that's not the only way to "protect the children". Relying on a very minimal level of parental supervision of device use should be fine; we already expect far more than that in non-technology areas.

replies(8): >>46224965 #>>46225003 #>>46225048 #>>46225061 #>>46225433 #>>46236425 #>>46236866 #>>46241419 #
Bender ◴[11 Dec 25 20:42 UTC] No.46236866[source]
A server header exists to say something is adult and could be used for user-generated content as well. [1] It just needs legislation and an afternoon from interns at assorted companies. It's not perfect, nothing is but could easily trigger existing parental controls and parental controls that could be added back into user agents. No third parties required. I think I've beat this horse into dust [2] so I should just hire kvetchers to politely remind congress at this point.

[1] - https://news.ycombinator.com/item?id=46152074

[2] - https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...

replies(1): >>46237209 #
1. no_wizard ◴[11 Dec 25 21:10 UTC] No.46237209[source]
I like the first part of the idea, which is the header. Heck, even enable it by default. As long as the tracking of the toggle isn't a thing its a perfect compromise. While we're at it, respecting do not track headers would also be nice.

This completely leaves it up to the families / parents to control and gives some level of compliance to make the effort worth while.

There may even be a way to generate enough noise with the request to prevent any forms of tracking. This sort of thing should really be isolated in that way to prevent potential abuses via data brokers by way of sale of the information

replies(2): >>46237262 #>>46241686 #
2. Bender ◴[11 Dec 25 21:14 UTC] No.46237262[source]
As long as the tracking of the toggle isn't a thing its a perfect compromise.

This concept does not involve any tracking if implemented as designed. The user agent detects the RTA header and triggers parental controls if enabled. Many sites already voluntarily self label. [1] Careful how far one drills down as these sites are NSFW and some may be malicious.

[1] - https://www.shodan.io/search?query=RTA-5042-1996-1400-1577-R...

3. yardstick ◴[12 Dec 25 07:21 UTC] No.46241686[source]
They tried this years ago with ICRA and others. Long gone, but it worked by the webmaster adding metadata to self classify a site. Browsers and other agents could then allow/deny after inspecting the tags.

https://sk.sagepub.com/ency/edvol/childmedia/chpt/internet-c...