In Russia, they claimed that new measures to block websites are necessary to <i>protect the children</i> online. Of course, they immediately used these new capabilities to block opposition websites and sources critical of the government.<p>Now, seeing many European governments tirelessly push for these new measures to <i>protect the children</i>, I'm pretty sure that the children are finally going to be safe online.
It is really disheartening to see the sentiment around privacy erode like this. Fifteen or even ten years ago this would have been unanimously and vehemently opposed, but now it is somehow up for debate?
There has been 15 more years of highly motivated psychologists tuning their social media systems to create addiction, time for those who've grown up through this to become adults, foreign interference with democracy etc.<p>Though I think banning it for children is the wrong approach. Ban the addictive and dangerous features for everyone, adults included — no more infinite scroll, and no more feeds showing content from outside social connections.
> no more feeds showing content from outside social connections<p>So, kill all news agencies and reporters I guess? or would there be a carve out for incumbents so they can cement their market share? who controls the approval list?
Ban infinite scroll? Sounds like a slippery slope and also hard to enforce. I don't even know how you would craft such a law.
> tuning their social media systems to create addiction<p>Except this has nothing to do with social media nor with children nor with addiction.
Social media got worse.<p>We've had time to witness the damage of a dopamine-doomscroll. I personally know children who've posted too much, and children who've been solicited directly by adults, both to try and meet and for nudes. And we've seen the complete lack of positive action from platforms. Roblox is full of paedophiles and Grok was letting you nudify your classmates just a few months ago. These places aren't suitable for kids.<p>I don't <i>want</i> a ban on VPNs. That isn't being suggested, just making sure they're also age-checked. But some inconvenience is a price worth considering.
I love how every harm you listed, is a platform design problem, and your fix touches none of it. A kid bypassing VPN age checks can still doomscroll and Roblox all day on a school wifi with no VPN at all. The only thing you've actually accomplished is stripping privacy and security from every adult who isn't a child abuser, to feel like you did something about the ones who are.
Requiring ID (which is what age gating is) for VPNs is absurd. Given that SSH can act as a proxy service, are you going to require all ssh connections out of the country to be age verified?
Facial modeling has been good enough for porn.<p>I'd be surprised if the law requires much beyond a vague best effort from service providers, but many already block connections from known server hosts and some even VPNs.<p>An airtight block is not what's required; stopping social media being mainstream for kids is.
Lol, no. Face scans are being bypassed using video games. Meanwhile the data has shown 90%+ porn users are unwilling to do them and switch sites instead (citation: <a href="https://pornbiz.com/post/17/the_scam_of_age_verification" rel="nofollow">https://pornbiz.com/post/17/the_scam_of_age_verification</a> ). The whole thing has been a complete fiasco in porn.
Maybe they should get the pedos out of the government instead of a foolish attempt at restricting and harming everyone else? It's not ever going to protect or make children safer. It never was.
Who are the 'pedos' in government?
Why doesn't it make children safer?<p>I'm trying to discuss this in good faith but that wasn't even an argument. A bland accusation wearing a tin foil hat.
You want age checking, you want ids
.
> But some inconvenience is a price worth considering.<p>You're trying to frame it as an "inconvenience" and not a blatant attack on the fundamental freedom of expression. I get that social media is bad, but sometimes (often) the cure is worse than the illness.
> Social media got worse.<p>Sure, whatever. Maybe in some ways.<p>> I personally know children who've posted too much, and children who've been solicited directly by adults, both to try and meet and for nudes.<p>... but not in <i>that</i> way.<p>I personally knew children who'd been solicited directly by adults before there was even an Internet. Including me, if you use the definition of "child" that seems to be popular in this sort of debate (and, by the way, it wasn't a big deal).<p>We did not shut down the world because of it.
They've somehow managed to breed several generations who's only criteria for "computing" is "it just works". All consumption, little-to-no understanding of how stuff works. As long as it does what it does, and it's "free", that's all that matters.
> <i>disheartening to see the sentiment around privacy erode like this</i><p>Coders went from being civically active—calling their electeds and showing up to events to defend privacy in the 90s—to being comfortably rich and content with maybe voting in generals. That’s had a direct effect on policy quality.
Us peasants cannot stop this, Canada will roll this out soon also, its being rammed through no matter what people feel.
In terms of political power, programmers are more like yeomen than peasants. Yeomen have power due to their essential skills because if a good fraction of them stopped working the system would collapse. (Whereas if peasants stop working, they just starve.) If a sufficient number of programmers said "We're not going to implement or support privacy-invading systems" the government would have to back down.
[dead]
Opposed, yeah right. People don't care back then just as they don't now. Only small groups of technical users like us care.
<i>"The urge to save humanity is almost always a false front for the urge to rule."</i><p>H.L. Mencken
All these children laws end up as putting the onus on the adult to expose themself to whomever.<p>It used to be "don't give your name to anyone online" and now it's "hand it over when you're told".
If you are talking about the recent blockades of VPNs, the Russians made it pretty clear that they did not want western information sources inside the country. I am not sure it was ever in the guise of protecting the children
The only (probably) good thing here is that one can at least try to apply Russian experience at circumventing the censorship, where it's currently way more severe, up to the point when entire companies have their workflows disrupted because remote workers can't connect through the VPN (which is blocked). Maybe that will help.
You see, the problem is that all exit points of our VPNs are in Europe. These too can be banned quite easily. Where to will we run next, given that this cancer tends to spread?
Change the protocols, I guess? Move to some kind of self-hosted or community-run infrastructure? Because to block all of that (EDIT: to block that reliably, I mean), you will have to block the entire EU network sector, and we're likely not in "V for Vendetta" or full-blown 1984 scenario for this to be possible.
Literally, tor.
Which will get blocked and go down, like, in no time. That's literally what happened in Russia - Tor is mostly unusable, you can't even bootstrap properly without some "tricks", so to speak.
Run to the Kremlin, with torches in your hands.
You seriously think the government has a clear, honest reasons, as stated?<p>Companies will be exempt (with remote employees having to identify linking their IP and computer's fingerprint with their real identity), and the next step, after using the law to silencing dissent, will be penalisation.
Also the UK arrests people for online posts more than Russia, China or Belarus. It seems clear the gov wants to control all forms of speech and if they could control speech at home they would too further, I have little doubt if they could control your thoughts they would too. They’d be more than delighted to have people wear sock collars that shock wearers as they stray from received though patterns.
> <i>seeing many European governments tirelessly push for these new measures to protect the children, I'm pretty sure that the children are finally going to be safe online</i><p>There is strong, popular will for age gating social media. At the same time, at least in America, there is a deep streak of laziness and nihilism in the tech community that makes it civically useless. When combined, you get politicians getting calls every day to limit social media and little from experts on how.<p>So you get folks reaching for the first solution on the shelf, and then getting wedded to it. The correct approach is making this the social-media companies’ problem. If they wind up with users under N years old, they get fined. If you want to use social media, you put up with their BS. If not, you’re not affected. Unfortunately, I’ve worked on privacy and technical policy enough to be sceptical that anyone will actually pitch that to their elected. So we get this, instead. (And at the end of the day, I’ll take an imperfect solution over a perfect one that goes nowhere. Though the UK, as usual, seems to have found the worst of the bunch.)
That's already happening in the UK too.<p>Shortly after the Online Safety Act went into operation, there was politically charged/sensitive/opinionated content on X mysteriously disappearing for UK users but nobody else in the world.
Yeah. The children are just the excuse. They hate us for our freedome.<p>Nobody is surprised that Russia resorts to this. They are a potemkin dictatorship. But that the UK is also acting as a dictatorship - now that's interesting.
it would be great if they cared as much about the safety of kids in the streets
Non-nationalist parties that have been in power in Europe for so long are shitting their pants at the growing rise of nationalist parties and are absolutely planning to censor the shit out of them.<p>I'm not even taking a side here and what they are trying to do is obvious.
Somehow the "center"'s answer to the rise of right-wingers is stupid censorship, instead of fighting ideas with better ideas.<p>Alternatively, the center starts trying to attract right-wing voters by adopting right-wing ideas like anti-immigrant views or "well, we can sacrifice the climate a bit more" positions.<p>Keir Starmer is from a "left" party but his actions has shown him to be a centrist, Ursula von der Leyen is quite right. Then again, these are European positioning, as someone's said years ago, the European right-wing would be liberal in the US. And with the currently openly racist regime of the USA, even more so!
How is that happening? In the UK fringe nationalist parties are typically given as much airtime on main stream media as the governing parties. They've also setup their own 'news' stations to further spread propaganda. Any notion that they're being censored in the UK is ludicrous. They're pandered to.
This isn't an axis from freedom to control, with the country sitting at an identifiable point. All of these things are happening, antagonistically, at the same time. Right wing people set up a television station, government cracks down on the internet, courts protect people's rights to express philosophical beliefs, police record "non-crime hate incidents" for things written online. It's all chaotic.
It's easy to blame the governments in this - and some of their decisions are idiotic - but most of the blame should go on the tech companies. The fact they think "our ToS says you have to be over 13" or a popup asking "are you over 18" is sufficient while they make billions is a disgrace. They're the reason the governments are sinking to these levels. It's not like they haven't been given every opportunity to do the sensible thing over decades.
I also do not believe that this is primarily aimed at ptotecting children. I think the goal is to counteract the bot-farms that spread disinformation, instigate violence, and so on. Which Russia, by the way, pioneered and scaled up to make a material difference in elections in the West. It is a real problem for which no effective solution has been found.
> the main thing that we've done is we've commissioned additional research on this because I've not been happy with the evidence.<p>Ah, yes, the existing research doesn't agree with our biases, so let's fund new "research" that does.
Full context:<p>> Ms Kendall told Nick Ferrari: “I told MPs yesterday I'm going to come back to the House with a statement on the issue of VPNs in July. There are very strong views on both sides of this. For some people, it is about privacy, and it is the ability to use that is really held strongly by people. And for others, they say they should be banned because kids are using them to get around. And so I— the main thing that we've done is we've commissioned additional research on this because I've not been happy with the evidence."<p>Sounds like they realize there are two sides and no "clear winning argument" in either direction, that's why the additional research is needed. Sounds a bit more nuanced than what I expected based on your snippet.
What is there to research? Yes, VPNs can be used to circumvent geofences (and by extension, regional age restrictions). Yes, attempting to age-restrict VPNs is at odds with strong privacy guarantees. Privacy is a human right, and one which is essential for effective democracy.
Are there ways of doing age gating while preserving privacy? For whom? How many people need that kind of privacy, would it impact lots of (say) teens seeking help or is this about whistleblowers? Are many under 18s using VPNs for porn? Or have they just shifted to other platforms anyway? If we implemented it “perfectly” would it even do the thing we wanted?<p>What are the actual numbers here? If there’s lots of fuss about vpns but actually while there’s been a big jump in use it’s not under 18s anyway it wouldn’t help.<p>> Privacy is a human right, and one which is essential for effective democracy.<p>And does this get broken enough for age gating something? We age gate alcohol to reasonable success, sometimes that involves showing id.<p>I’m not arguing for age gating here but I do think understanding the tradeoffs may require more evidence.
> What is there to research?<p>The trade-offs and how many people care and about what specifically.<p>E.g., you say "Privacy is a human right", so why is it that half the websites I visit ask for permission to share details of how I use those sites with more corporate "trusted partners" than there were students and staff combined in my secondary school? I'm all on board with just banning this kind of analytics, but there's a lot of people who are more angry with the EU for forcing companies to at least ask for permission before they sell your data to all those analytics firms.
> E.g., you say "Privacy is a human right", so why is it that half the websites I visit ask for permission to share details of how I use those sites with more corporate "trusted partners" than there were students and staff combined in my secondary school?<p>Because capitalism itself is the enemy.<p>And information assymmetry is a potent tool, as is constant and persistent surveillance. All of these enable extracting more money.
Good thing then that Democracy isn’t gonna defend itself.
But that's the point, circumvent democracy, to set the stage for techno-fascism. The citizen has no rights which the state is bound to respect.
> What is there to research?<p>Probably how they can best attach a license to VPN use like they're doing with TV.
> they say they should be banned because kids are using them to get around.<p>Ummm what??? lolll<p>if they don't want their kids using vpn... why would banning vpn for everyone and requiring ID verification be the answer? LOLLLL<p>That sounds like they need to control their kids<p>"it's hard" ...<p>"WHY DID YOU HAVE KIDS THEN?!?!?!"
"I want to do the thing that gets me the most votes and carries the least political risk".
Note this is not necessarily the wisest thing, or even the thing that objectively solves or mitigates the problem the most. Many such cases...
These people created a law that is catastrophic for privacy, so I don't believe they will be stopped from banning VPN's just because someone claims VPN's are good for privacy.
>both sides
Reminds me of the drugs tsar, Dr Nutt, saying that drugs should be legalised/decriminalised. So he got sacked.<p>Quite often, people in power don’t want to hear the truth, they want to hear their own words/views parroted back to them.
To put it into perspective he was asked to do the harm review, in which he proved how much more harmful the legal drugs (alcohol and nicotine) are from some of the banned ones (namely cannabis, LSD or Psylocibin).<p>Famously at the exact same time UK was claiming there was no evidence of the medicinal use of the cannabis, the UK was also the biggest exporter of it, and all was then turned into Sativex, a cannabis based medicine, not approved for use in the UK of course (individual import is allowed).<p>Interesting is that the husband of one of the very prominent Home Secretary and later Prime Minister is a senior executive in the producet.<p>Of course there's no suggestion of the financial interest of them in keeping a monopoly. See also: <a href="https://leftfootforward.org/2021/04/revealed-uk-is-the-worlds-biggest-producer-of-medical-cannabis-but-brits-cant-access-it/" rel="nofollow">https://leftfootforward.org/2021/04/revealed-uk-is-the-world...</a>
Nothing new unfortunately [0]. Happy to trust the science as long as it suits them.<p>[0] <a href="https://en.wikipedia.org/wiki/David_Nutt#Dismissal" rel="nofollow">https://en.wikipedia.org/wiki/David_Nutt#Dismissal</a>
Obviously Labour has been "lobbied" and now have to deliver this for whoever wants this.<p>It's pathetic how they use sobbing families to push it through, similar tactic like before Iraq invasion.<p>same players behind the scenes.
This is pretty much it. Bought and paid for, or hand forced by intelligence powers operating beyond ordinary voter politics
Conspiracy theory^<p>This is happening worldwide: <a href="https://en.wikipedia.org/wiki/Online_age_verification_laws_by_country#/media/File:Online_age_verification_laws_by_country.png" rel="nofollow">https://en.wikipedia.org/wiki/Online_age_verification_laws_b...</a>
What you linked is the evidence of the conspiracy, no need to turn it the other way round.
The fact that it's coordinated in all "Western" countries show it's a real conspiracy, not just a theory.
If your argument is that a group is conspiring to establish policy in a country, the idea that it's happening in many, many countries means the threshold for evidence is now much higher, since the group should be able to have much more control.
This is the logical conclusion but there is currently a mass wave of Meta grunts downvoting.<p>Apparently if countries all put an age limit on tobacco it must mean there is a secret group coordinating for it for ulterior reasons.
8 individuals have as much money, and much more power, than half of the globe's population.<p>The fact that you think there's no such group is simply insane.<p>I mean, the very agenda of their upcoming conference was on the front page of HackerNews a few days ago...
It's as much of a "conspiracy theory" as ordinary monetary corruption worldwide: There doesn't need to be any connection or conspiracy between politicians who take bribes, just like there doesn't need to be any connection or conspiracy between politicians who push for more surveillance and control over others.
Oh yes like Indonesia, Malaysia and Turkey. If it is happening worldwide, it is less likely to be a coordinated scheme and more likely coming to the same conclusions based on current research.<p>Edit because I'm getting limited:<p>This isn't exactly something old that has been going on for decades in its current form and the usage has increased especially since the lockdowns. Nations have also been copying each other for centuries, you don't need a secret group coordinating for it with a singular ulterior motive.
Oh yes sorry, Western countries and dictatorships.<p>But sure, all governments suddenly woke up at the exact same time, give or take a few months, and realized that social media should be banned for kids.
I think they all wanted to control internet access since the arab spring, but they didn't have a good wedge. Now the data around harm to children is widely available, they all have the same excuse they can use at the same time.
Or maybe different people respond similarly to the same incentives.<p>For decades companies like Facebook have been saying you just have to let us groom children, there's no way to have this tech and not groom children. Now the predictable consequences of that are arriving: the tech industry is being turned off, because it grooms children.<p>And when I say groom children, I'm talking about actual child predators, not the transphobic nonsense point.
Isn't it how it alwasy works?
I've been using a VPN in the UK on my laptop and phone exclusively for 20 years, and the state has been working with ISPs to make "connection records" for most of that time.<p>On mobile a VPN isn't always effective in avoid geoblocks. Some apps are able to determine I'm in the UK and still ask for ID - reddit is one for example, if you stumble on to an adult subreddit. Using the web interface avoids this.<p>The UK has also moved to force ISPs to block certain bittorrent search engines.<p>The UK is not shy when it comes to invading your privacy or censoring the Internet.
>The UK is not shy when it comes to invading your privacy or censoring the Internet.<p>Definitely doesn't shy away from doing it! But one thing I find most irritating is that it seems reluctant to say it proud and loud.<p>Look at the situation with 4chan and Kiwifarms. They are basically asking to be blocked from the UK and they refuse to. I can't really say why the onus is put on the websites to enact blocks, but my suspicion is the government doesn't like the idea of displaying an official page stating that you are not allowed to see something because the government doesn't want you to.
>the government doesn't like the idea of displaying an official page stating that you are not allowed to see something<p>They don't even have to do that, the connection can just be left to time out on the client side. This is what they did (and some ISPs still do) for the Internet Archive...<p>Yes, archive.org is classed as an adult site in the UK.
The UK is a funny place. 4chan is accessible but IPTorrents is blocked.<p>Browsing with a VPN is a frustrating experience. They are abused by many of their users which leads to circular capture checks and straight blocks.
On the mobile apps can check your SIMs country code. This is how bluesky knows the UK users (they used to use IP, not anymore)
> On mobile a VPN isn't always effective in avoid geoblocks.<p>It seems like your VPN setup has a leak, or the real location is obtained otherwise through the operating system (locale setting or GPS).<p>I would be surprised if your locale leaked on GrapheneOS for example.
Company like this exist<p><a href="https://www.geocomply.com/" rel="nofollow">https://www.geocomply.com/</a>
> On mobile VPN isn't always effective in avoid geoblocks. Some apps are able to determine I'm in the UK and still ask for ID - reddit is one for example, if you stumble on to an adult subreddit.<p>I've never had this issue (using Private Internet Access on iOS).
I'm a Brit living abroad, when I visit the UK I use a Tailscale network with an exit node at my home, and yeah this always seems to work for me.<p>Going the other way around to try and watch British TV I used to find with a normal hosted VPN services could still figure out I wasn't in the country, but now I have a Tailscale exit node at my mum's place in the UK it always works fine.<p>So I suspect it all comes down to the IP source, probably a residential IP is the best possible case and with commercial VPNs it depends on how hard they work on isolating their IP blocks from known datacentres.
Apps can read sim card info. Its country and whether the card is currently in roaming, you can't full them that way<p>You would need to get your sim card out of your phone and use wifi or buy one of them foreign esim<p>For vpns I actually found that websites that block vpns for some reasons are worse at detecting commercial vpns than when you deploy your own on vps<p>---<p>Also I forgot about other things. When my phone for some unknown reason had its region set as GB, I had British ads in YouTube music
Commercial VPNs publish their exit nodes IPs online. There are services like ipinfo.io which can accurately determine if you are using a known VPN service.
Some context - Birmingham Mail is one of dozens of clickbait-driven publications owned by Reach plc.<p>They're not a high quality source of news - they've more than decimated their journalism staff and replaced them with 'content' staff who are performance monitored on the number of clicks their articles generate.<p>Content is syndicated in different accents across their range of papers from the national papers, The Mirror and The Daily Express down into a large number of notionally 'local' outlets.<p>So, take it with a pinch of salt.
I'm very much in favour of blocking children from social media - it's an absolutely vile cesspit of cognitive addiction, bullying and social (and potential sexual) abuse. But none of it requires a mass-surveillance network to be put in place.<p>Just for one example; it would be trivial for Apple and Google to put age estimation on my phone, verify it on opening the web browser and provide a zero-knowledge proof of age to websites in a way that does not reveal my identity. All the infrastructure is already there, and it's relatively trivial to turn it on. The downside is that this will only work for people who are older than about 25 because of the uncertainty of face-to-age recognition, but it would be a start.<p>Another way to do it is for my bank, who know my age already, providing a similar credential that I can feed into the zero-knowledge proof engine on the phone.<p>This was all done properly for the covid tracking apps, at a time when the phone providers actually wanted to do tracking with anonymity - this is a similar problem, and it's easily cracked by technical means.<p>And you don't even need zero knowledge proofs if you perform on-device content detection - turn it on for kids, keep it off for adults. Modern phones have more than enough TPU capacity to do this.<p>But none of the actual implementations I've seen are truly anonymizing, and they all rely on trusting some really dodgy companies with your identity and browsing habits. Yes, the more respectable ones have security and privacy policies that are audited, but will they always? The cynical answer is "no", because history shows that someone will always do something sooner or later if (a) it makes money, and (b) they can get away with it.<p>Everything I see suggests that the desire for mass surveillance is the driver, and the "protect the children" front on this is a strategem by the people who are really driving this from behind the curtain. There are <i>huge</i> amounts of money to be made by capturing verifiable, blackmailable, personal data, and this is a magic money fountain for those who will be able to mine it.
In more sensible times, we'd run an ad campaign highlighting the dangers and informational campaigns for parents on what to do to prevent your children getting access to social media.<p>Perfect is impossible, but if its stigmatised then the network effects stop being so punitive to children who have reasonable parents.<p>it's the 10-80-10 rule: 10% of kids will still access social media, 10% will never... but 80% can be swayed.
At least we get to raise the next generation of IT geeks because they'll have to understand a bunch of networking basics to watch porn, and might get hooked on it. (on IT)
Or they will ask their AI to do that for them, learn very little about the networking stack in the process
I am sure a contract with Palantir to find these miscreants is just around the corner.
Israel will be making kill on this, they will unleash their free VPNs to the young people like they did to Iran. UK national security will be like Suisse cheese
bruhghghbmphf, the VPNs! the VPNs! can't have those! What's that good sir? You say ssh? Do not shh me sir. Oh, SSH... yes, SSH, can't have that! It's elementary, any system which one accesses MUST report to parliament. Personally Identifiable Documents for General Evaluation Of Ne'er-do-wells. We'll call it the P.I.D.G.E.O.N. network.
If you ban IPsec ESP people will start using WireGuard on random ports.<p>If you ban WireGuard using DPI people will start using SSL VPNs.<p>If you ban SSL you ban the entire internet.
They don't want perfection. They want to move things forward, for their definition of forward.<p>If they ban bog standard VPNs and find out they're still being used, they'll punish the VPN companies.<p>If the VPN companies create workarounds and avoid the punishment, they'll punish the payment processors.<p>If the VPN companies start using esoteric workarounds and taking cryptocurrency for payment, then they've mostly won -- most people aren't going to deal with that shit.<p>All the while, they'll still go after the social media/etc companies for allowing circumvention of age-gating. So the social media companies will crack down on our ability to visit their sites with any sort of privacy.<p>My point: laws are all imperfect but can still have a huge effect. Pointing out work arounds doesn't change that.<p>For context, I'm really disturbed by the recent move to punish people seeking privacy instead of the social media companies that are enabling this social media shit. They know who the companies are, since that's who they're going to punish for not age gating. But they'd (I'm talking about US based age-gating pushes as well) rather fuck with our privacy and make our PII more susceptible to data breaches than tell the social media companies to eat shit.
Mullvad already does all of the things you mentioned. Cryptocurrency payments with no KYC, and many anti-censorship [1] methods. Moreover, their mobile and desktop apps apply heuristics to find combinations of anti-censorship measures that work automatically. It's very user friendly (all the user needs to do is press on connect). So, the blocking attempts are still pointless because large, prominent providers already make all these bypass methods very user friendly.<p>[1] <a href="https://mullvad.net/en/help/connecting-to-mullvad-vpn-from-restrictive-locations" rel="nofollow">https://mullvad.net/en/help/connecting-to-mullvad-vpn-from-r...</a>
In a way, the cack-handed way they've gone about this makes me slightly more optimistic. If we must have such a law, please let it be one which:<p>* Creates a market for privacy tech of several million teenagers<p>* Wastes police time chasing down social forums which kids are hosting abroad using their pocket money<p>* Rubs the noses of the securirati in the fact that they've made it easier for terrorists to hide their comms among the thousands of teenage speakeasies<p>This is not the 80's when comms tech required capital and man-years of engineering. Setting up forums online isn't even a high-school project.
Most VPN companies won't implement age verification, because their purpose is privacy. This is really an attempt to ban VPNs. This won't be popular when 70% of the population uses VPNs.
> when 70% of the population uses VPNs.<p>To be honest, unfortunately, I'm not really sure about this one.
> Most VPN companies won't implement age verification, because their purpose is privacy.<p>They will when it's law. Their purpose is most likely either snake oil, or bypassing geo restricctions on netflix or sports.
Good thing Brexit happened to prevent government overreach.
Tbf the point was to prevent the EU 'overreach' i.e stopping us violating our own peoples human rights. We can violate them freely now. Success.
Better then performing a social experiment on children.
This is not to stop children from doing that. This is primarily to deanonymise as many people as possible, before the next steps come into force (scanning all files and messages on the every Internet - connected devices, hardware attestation of all the internet - connected devices, etc)<p>So when the citizens inevitably start protesting against the oppression, it's easier to subdue them.
don't worry they're still doing that
Every corporate I know of, uses VPNs. Especially when workers connect from home. Is the UK government really interested in going up against the majority of their business partners...?
Laws don't apply to corporations. It'll only be used to punish individuals.
There is nothing in this article that suggests the UK government are planning to ban VPNs.
There is lots in the article that suggests they want to ban them for minors though. How the hell is that supposed to work without at a minimum a severe curtailment of VPNs in general?<p>So no, not a ban for all. A ban for minors, and a severe curtailment in general. The parent post might not be 100% accurate, but it's close.
The government use VPNs. The ban will target individual use.
It's not about a technical capability to encapsulate packets, it's about whether people use it to bypass censorship or not.
A lot of corporations use crappy VPN-like MitM services like Zscaler.
It would not be hard to write laws to restrict one use but not the other. They may be the same tech but the use-cases are quite different.
The great firewall of UK.
Oi m8! U got a fooken loicense fer dem veepee-en or wot?!<p>The "loicense m8" memes are getting less and less funny ...
1. Age-gate social media<p>2. Children start using VPNs to bypass the ban<p>3. Age-gate VPNs<p>4. Repeat steps 2-3<p>Truly a masterful plan.
There are few things more exciting, in relationship to attempting to restrict access to (data) communications, than a government which thinks geeks won't find ways around such. Now sit back, relax, and let's wait for the next generation of encrypted channels solution development.
This isn't something that can be defeated like this. You are right, there will be ways around this. But we also have to be honest: being able to buy "off the shelf", two click VPN solution for 5$ already puts you into "geek" category. Relatively speaking.<p>If they ban the commercial providers, payment processors will be the first to enforce it. And Google and Apple will throw the 1-Click solutions out of their app store for users from those countries immediately. And with that the topic is effectively dead even for most "geeks". At this point the goal is already pretty much achieved, most people are cutoff and under heavier surveillance. Next comes the group that know what a server is, how to rent one, what OpenVPN or Wireguard are. But many of the most used websites already make your life difficult if your IP is from such a range.<p>It goes on. At each step you can argue "there is still a way, as long as you got networking with other countries". Absolutely correct, but at each step the group who knows how and is willing to invest the energy shrinks. And the intended goal will likely already be achieved at the mentioned phase 1 above. The fact that some people still find ways isn't really a gotcha in this matter.<p>And at some point they will criminalize it. Does it matter that they are unlikely to catch you? Is it worth the risk? And if so, what if you catch strays for it from an unrelated matter. Ultimately they will simply target the devs that help build easy solution for the less tech-savy.<p>One big reason why you <i>want</i> to keep a bunch of nerds tunneling out around anyway is that you keep useful, defusing attitudes like that floating around. Aka "It's not that bad, there are still ways around it, haha, those idiots".
> being able to buy "off the shelf", two click VPN solution for 5$ already puts you into "geek" category<p>I’m not sure that’s true anymore. I discovered recently my 70 year old, very technology-averse, parents are using a VPN (much to my initial concern). I think it’s for viewing football matches, or so they can watch iPlayer when they travel. They’re advertised on buses, etc. They’re pretty common these days.<p>That said I think you’re right that a block at the App Store level etc is enough to cut usage significantly.
It is technically possible to circumvent the Great Firewall of China, but I think it's fair to say it's been successful in what it set out to achieve.
They know they'll find workarounds, they'll just arrest whoever is involved in the workarounds. Law isn't a computer firewall, it's a loaded weapon.
Oh, they're in motion already. There are other countries that tried to ban VPNs for decades now, that sparked multiple great avenues of development.<p>It's exciting to think I'll become a dissident like my parents, just because I don't want a slimy, rightwing, greasy friends of Epstein and other known abusers to ID and surveil me.
but isn't it the labour party pushing this?
Perhaps then you could at least vaguely understand the desire of people to avoid having slimy, rightwing, greasy friends of Epstein and other known abusers to ID and surveil their children.<p>I definitely see both sides of this argument but to pretend the answers here are obvious just means people aren’t being serious. Serious harm is being caused to children and just because that’s a known cliche doesn’t make it not a real concern people have.
Look, the excuse is being made that kids are exposed to harms in online places, in general.<p>Most famously in Roblox (that's now fixed on Roblox side first with age banding, now by sharding it into three parts), and then in socials -- but the impact of, say, Instagram where kids are preyed upon because the algorithms are promoting them to preying populace, and where Meta openly runs experiments with their mental health, knowingly pushing them into harms way, is vastly different from, say, Coverstar.<p>Impact of abuse <i>from</i> Meta is well documented already, yet Meta is not punished.
Kids are being radicalised by being fed toxic content, and it's also well known.
Elon Musk's X was knowingly producing CSAM and non consensual nude images of real people and it took a tremendous amount of time for _anything_ to happen - and I don't see Musk on the dock yet?<p>There are ways to automatically block almost all kids on socials. Take away DMs and comments on the posts from all unverified users and kids suddenly will be much safer. All that can be done today.<p>The greasy friends of Epstein are running this shitshow, they're in the government (most famously PM of the UK knowingly appointed a longtime Epstein friend as the UK ambassador for the US), they've been covering Jimmy Saville abuses in the BBC, Police forces, the past government, which receives financial incentives from some of these companies to push things exactly the way they want.<p>Most severe harm to children is caused with the tacit approval of the government and media.<p>Sneaky access to the socials is not this.<p>Oh, and you know what? Receipts show it's Meta behind this weird, sudden push for age checks. Meta and their $2B.<p>So you already know something's off, or at least you should.
The slimy, rightwing, greasy friends of Epstein own all the main political parties, the UK's mainstream media, most of the social networks, and have their fingers in the NHS.<p>The UK hasn't been quick to deal with Epstein's associates and has a long history of either ignoring or losing critical evidence in CSA cases associated with politicians and public figures.<p>With that background, mandatory ID makes it easier, not harder, for abusers to act with impunity and/or official protection.
Anyone who thinks parenting by legislation is a good solution to anything should be neither a parent nor a legislator.
What if I use a VPS instead? What if it's a virtual private VPS wholely in memory? What if it's a pool of VPS boxes shared by me and a network of people?<p>There's always a way around, but this direction is concerning.
It is so funny to read. They are so stupid.
This will be interesting to follow. I dont see how this can be fully enforced. Maybe for iOS and other platform where app distribution is highly restricted, but on linux, windows and even macOS i can use mullvad, sending cash in an envelope without ever revealing my identity.
This will obviously not become law, because it would cause significant collateral damage to businesses, and they won't risk the gravy train derailing.
Doesn't the UK already have geo-targeted age verification infrastructure in place? A website or app could require the user to submit a live video of themselves quaffing a local beer.
No. It has laws that websites must follow to serve content in the UK. It’s up to the websites to do the age verification themselves, and the majority use third party ID verification services. Reddit used an American company to do it,
Damnably hard to find local ales. I had to wander for hours last time I was in London to get Fullers.
While I do support restricting social media to younger minds, the way they go about it, and the collateral damage that will result is unacceptable. For about 500ms I thought I might have found the "one thing" I agree with this government, but nope... I'm considering whether it's time to leave the UK. There is an air of hostility here towards... well everything.
Where would you go to then? European countries, Australia and American states already have implemented or are keen to implement ID requirements/tracking for websites.
Leaving is not the hard decision. The hard decision is where to go. Do you have any suggestions?
At some point there has to be a line past which you can still get a clean network between A and B somehow. At very least for corporate, right?
Safetyism is the actual biggest threat to free societies
Uk kids about to discover the power of Hetzner Linux vps + vnc.
And then UK residents are going to discover the "power" of government which will require age verification for renting a VPS or VDS or any other kind of cloud infrastructure, tied directly to your passport/ID, because "many families are desperate for this to happen and I listen particularly to bereaved families that say the longer we delay this, the more children are put at risk".<p>/j or /s<p>P.S. by the way, is it possible for them to use Hetzner? Don't they need something like credit card?
Glad HN is getting to experience the true level of adverts on “news” sites in the UK. It really is next level.
Funny how quickly "won't someone think of the children" turns into mandatory government ID for private services, banning necessary and secure (and encrypted) communications systems, and locking children out of access to the de facto communication systems of the modern era.<p>This is a privacy nightmare on all fronts and a horrible limit on freedom of speech. These kids will be learning how to drive a car, yet unable to contact their extended family over Messenger or follow news on Twitter. For everyone else, it means no anonymity or secrecy which has a chilling effect on free speech at a time when fascism is growing within democratic countries and dissidents are being imprisoned or murdered.<p>Yes, there are some really big problems with social media, but keeping children away from it doesn't fix the problems - it just leaves them for the rest of us to deal with. Let's fix the root of the problem, starting with the recommendation algorithms that inherently polarize people by building echo chambers around them and pushing divisive content all in the name of "engagement".
There is very little doubt that we need to find a way to update our relationship with social media. The evidence of their harm in current form is overwhelming.<p>However, using this reason to induce censorship rules, word by word matching Russia/China playbook is making the goal less achievable if anything.
Enclosure of XXI century
So the UK government finally admits that age-sniffing is just an attempt to censor people. How evil.<p>People need to look at the UK government much more so than the US government in ADDITION. Everyone knows how the USA serves the superrich only these days, but the UK government is kind of polite on the outside, but pure evil on the inside.
The UK can’t block Dissent [1] since it looks like normal HTTPS traffic.<p>[1] <a href="https://godissent.com" rel="nofollow">https://godissent.com</a>
Just moved back to the UK after many years away, and it's creepy here. Doing the elderly under terror legislation, some crazy kangaroo court antics, a frankly sinister approach to "online safety". VPNs?<p>The even more concerning thing is that we've got a far right party that have been leading in the polls for most of the last year.<p>This is a very dangerous situation.
Where is the evidence for that? Though I grant they may get into power and suddenly change their mind, at the moment those parties are <i>against</i> digital dystopia, most likely because the centrist parties are most interested in using those tools to silence criticism of current immigration policy and other failings.<p>-Reform UK vows to repeal ‘borderline dystopian’ Online Safety Act
<a href="https://www.theguardian.com/politics/2025/jul/28/reform-uk-vows-to-repeal-borderline-dystopian-online-safety-act" rel="nofollow">https://www.theguardian.com/politics/2025/jul/28/reform-uk-v...</a><p>"Block the Introduction of Digital ID."
"Repeal the Online Safety Act."
<a href="https://www.restorebritain.org.uk/restore_civil_liberties" rel="nofollow">https://www.restorebritain.org.uk/restore_civil_liberties</a><p>And the left are also being surveilled and censored, e.g pro-palestine / anti-war / anti-capitalist groups, though the strategy used there is less censorship and more often bogging those groups down with infighting about identity issues. What seems more dangerous is letting the increasingly tyrannical centrist establishment, dead set on stagnation and "managed decline", give legitimacy to censorship tools (which will be available to future extreme governments!) rather than fixing things properly.
Don't panic. These debates are nothing new. Encryption and obfuscation tech comes up every ten years or so. People scream and, in the end, nothing changes.<p>One upon a time, encryption math was regulated as a munition and the act of sharing open source software was tantamount to weapon smuggling. Once upon a time, VPNs were being banned by credit card companies. Part of the rise of bitcoin was the idea that you would need it for services like VPNs that credit card companies refused to service. Today, VPNs are openly advertised as piracy tools for getting around media geo-restrictions. Once upon a time, ISPs throttled torrents and so torrents become encrypted. Once upon a time DNS was to be poisoned in order to block filesharing websites (see COICA and PROTECT IP acts). All those efforts also came to nothing. These too will die.
This is all about pushing Digital ID by the backdoor and building surveillance state for benefit of corporations pretending to be against it.<p><a href="https://www.lighthousereports.com/investigation/blair-and-the-billionaire/" rel="nofollow">https://www.lighthousereports.com/investigation/blair-and-th...</a><p><a href="https://institute.global/insights/politics-and-governance/digital-id-a-defining-step-for-britain" rel="nofollow">https://institute.global/insights/politics-and-governance/di...</a>
UK government has been talking about digital ID for a while now. The existing verification methods are too vulnerable to cheating (fake beards, fake ID, borrow dad's credit card, etc...), so the logical next step is direct government ID numbers. The goal is to link all online activity to a unique identifier to make it easier to punish dissent.
Hopefully won't happen
maybe the UK should instead look into protecting women and girls being systematically abused and raped while the police and government cover it up
Baffling how easy companies like Meta have it with politicians. Fuck them all, I'm leaving for the woods. It's been fun with tech but now it's just so painful,
Talk to you on meshtastic.
They have it easy, because law enforcement is too scared to act or is just as corrupt.
The article below sharply summarizes why all this is a dystopian surveillance setup:<p>> how, precisely, do you stop a fourteen-year-old from opening Instagram without first checking the age of the forty-year-old?<p>> You don’t. You can’t. So everyone gets carded. Britain is lifting the system wholesale from Australia, where a computer first scans your face and guesses your age from your cheekbones, then, failing that, surveils you to death, studies your browsing habits and the hours you keep, and then, when the algorithm throws up its hands, simply demands your passport.<p><a href="https://reclaimthenet.org/starmers-social-media-ban-surveillance-state" rel="nofollow">https://reclaimthenet.org/starmers-social-media-ban-surveill...</a>
> You don’t. You can’t. So everyone gets carded.<p>Exactly. A little at a time. First it's adult sites, because if you need to show ID to buy alcohol, shouldn't you need ID to buy pornography? Once that's accepted, expand the sphere of control to non-adult sites too by redefining everything as 16+.
Honestly, the UK already shot itself in the foot. Now they're shooting their other foot. And they keep voting for the Labor party...<p>And yet, govt will find it's impossible to regulate the creativity of software engineers.
keep voting for the labour party?<p>this is the first time in more than a decade that its not tories in charge, and to get there, labour also had to become conservatives
<i>> And they keep voting for the Labor party.</i><p>The alternatives are even more power-mad, fundamentally illiberal parties (Reform, Conservatives), equally pearl-clutching ones that will likely continue on the same road as Labour (greens) and unreliable figures that will flip-flop as soon as they are in power (libdems).<p>What's left? Count Binface, I guess.
Conservatives drafted the OSA in 2021.<p>Reform are against it
<a href="https://www.theguardian.com/politics/2025/jul/28/reform-uk-vows-to-repeal-borderline-dystopian-online-safety-act" rel="nofollow">https://www.theguardian.com/politics/2025/jul/28/reform-uk-v...</a><p>Even the more extreme Restore are against it, and against Digital ID
<a href="https://www.restorebritain.org.uk/restore_civil_liberties" rel="nofollow">https://www.restorebritain.org.uk/restore_civil_liberties</a><p>The Greens are ... well they wanted to amend it in 2024 to include a ban on fake news, but that could turn into a mechanism for censorship.<p>And Lib/Lab/Con were all for building even more on top of it in 2024:
<a href="https://www.handleygill.co.uk/handley-gill-blog/general-election-2024-manifesto-pledges" rel="nofollow">https://www.handleygill.co.uk/handley-gill-blog/general-elec...</a><p>There are no 'liberal' parties in the UK.
FWIW you can age-gate VPNs the same way you can age-gate anything else that is paid for: just don't let people who haven't got credit cards (not debit cards) sign up.<p>Or you can simply let free plans only terminate inside their own country. I noticed recently that TunnelBear has done this with their free plans — the "fastest" endpoint, which is the only one that is free, is now a UK endpoint. It still meets the security need anyone might have from a VPN.<p>I am honestly not that bothered about adult content age gating <i>in principle</i>, and I never really have been. I personally think sexual content is not remotely immoral but that it's reasonable to say the very young shouldn't be able to see it. It's not a freedom of speech issue.<p>Given the practical impossibility of parental regulation of access to devices when cheap phones and PAYG exist, the problem is <i>the practice of it</i>: how do you do that in a way that is privacy-preserving?<p>I feel that Apple has coped with this pretty well: they decided I am an adult automatically based on how long I have held an account.<p>I also think the UK PAYG mobile providers handle this well: they have simply always blocked adult content until you unlock it. I haven't bothered and I have <i>never</i> seen the content wall (except when deliberately testing it) so I believe its boundaries are drawn quite well.<p>Though I do routinely use one site that might end up blocked over time because it sits right at the boundary of the law's interest. So one day I might need to, I guess. And I have considered what I might need to do about a website for my own photographic work, which sits on the edge of the ofcom rules interest in practice.<p>We are missing secure anonymous age attestation but I think that will come.<p>I do think American critics tend to interpret this in terms of the morality and religion battle-zone that riddles US culture and encourages US states to try to police morality in bizarre ways or to extend "porn" rules to things like information about sexuality, gender or sexual health (which would just not happen here because we're actually not really religious or prudes; there is essentially no religion in our politics, which is ironic considering the C of E have seats in the Lords).<p>I don't think American critics should really leap to judge UK rules when you have two dozen different states imposing rule sets that in some cases came first and in many are wholly unworkable.<p>UK concerns are about child access to extreme material and about sexual exploitation, fundamentally. It's not easy and it's clear some aspects of the legislation are difficult, but accepting criticism from Americans as if the US position is clear, unambiguous and robust is no longer something we should entertain, especially lessons about the morality of free speech from the US administration, given their apparent selective contempt for it.
[dead]
[dead]
[dead]
[dead]
[dead]
[dead]
isn't the simple answer an age-limit for VPN? /s<p>all this because they refuse to make the law just<p>"legal parent/guardian is responsible for the child"<p>if a parent faced fine or jail for a child having access to the internet you can be sure 90% of the children wouldn't have internet access<p>I'm no defender of the big social/media sites but I don't see why it's their fault/problem if a minor has internet access when they aren't supposed to<p>This all feels like the opposite goal of knowing everyone who is online everywhere<p>Because it's not how you'd make the law, you'd wouldn't go to service by service and make it their problem, you'd make it the adult responsible for the child's problem
[flagged]
[flagged]
what if instead of this age gate or whatever government is doing, what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?<p>remove all "reasonable step" shield to hide behind. for example, a shopkeeper can't say they took "reasonable steps" if they sell alcohol to a child so why should a website be any different? if we are going to the absurdity of age-gating VPNs, at least lets make it so that there is an incentive for children to self-report
The end result will be the same. If you face a 10k liability for serving the wrong customer, you end up needing to ID your customers.<p>If the government isn't going to provide that service you end up with private companies verifying identity and the data security issues that entails.<p>If you want to shift the responsibility of protecting children away from parents, then you end up in a situation where third parties need to be able to differentiate between a child and an adult. I haven't yet seen a proposal that doesn't entail <i>someone</i> - government or private enterprise - getting access to identifiable information.<p>Of course, you could have something like a signed certificate, so the identity verifier doesn't see who you are patronizing, and the identity seeking business only gets to see your age, but it still has privacy issues.
> . I haven't yet seen a proposal that doesn't entail someone - government or private enterprise - getting access to identifiable information<p>California's Digital Age Assurance Act
> you end up needing to ID your customers.<p>You've needed to do that for at least ten years. Mobile internet either requires a contract, or an ID check before you get a sim (pay and go)<p>Anyone providing internets is liable for what the users are doing. The way you got out of that is responding to legal requests. (originally mostly copyright)<p>This is the frustrating thing, we have effective and relatively uncontroversial age gated network (mobile data) already. and it worked.<p>but now they've done and fucked it up with OSA.
> what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?<p>All of these proposals probably sound good to people who think the Venn diagram of sites they use and sites covered by these laws are two separate circles.<p>They probably sound a lot less good when you realize the law covers site like YouTube. The Australian law (which they said they’re modeling this after) also includes social news sites like Reddit.<p>If they passed a law like this extending to VPN services then you’d have to hand over your ID to use a VPN.<p>Usually people realize how bad these proposals are once they realize it might impact their internet use, too.
Or perhaps we should expect parents to take some responsibility for their kids' screen use?
Don't be daft. It's not the parent's responsibility to monitor and care for their kids.
Ok, can you explain what that looks like in practice or is it just some abstract feel-good words?
Sure! With my kids it's meant not buying them internet-enabled devices (or disabling the internet access, eg smart TVs), only having 1 family computer in a shared space, and managing my own local network. There also aren't screens in the house through the week.<p>On the flip side, I let them read whatever they want, including things that are upsetting or that other parents would say aren't appropriate, and I talk to them about what they've read.<p>Overall, I think these policies have meant more thoughtful media consumption, and more time outside and with friends. I'm not enough of a fool to think our rules are enforced at friends' houses, but we've chosen to live in a community that's largely on the same page.<p>None of this stuff is easy, but as a parent, it's <i>the job</i>.
You expect the average parent to outwit Meta and TikTok and their teams of psychologists scheming to get their kids attention?<p>The social media companies could have done the socially responsible thing a decade ago and avoided all this.
I expect them to give a shit, yeah. Just like they should care about what they read or watch, or who they hang out with.<p>Don't let your kids have an internet-connected phone, or keep it locked down so they don't have parasitic apps preying on their pre-frontal immaturity until they're old enough to handle it.<p>All of this needs to be done intentionally, of course, or it will feel like the kids are being punished. But I can't emphasize this enough... it's our job as parents to raise our kids.
How do you create new procurement pipeline and surveillance infrastructure from that?
Because they will just withdraw from the jurisdiction rather than bother to implement that, most likely
> big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?<p>HIPAA has been super effective this way. As we all know, American companies don’t give two shits about user privacy or even security. But wave the HIPAA flag and everyone starts caring real hard and taking extremely cumbersome steps to comply with patient privacy.<p>Very simple: <i>Each</i> HIPAA violation comes with a financial penalty for the business and <i>personal penalty</i> for every person involved in the leak. Very effective.
> these big companies need to self police<p>It's not possible to prevent a person (of any age) from reaching a specific website if they are determined enough. Full stop.
> It's not possible to prevent a person (of any age) from reaching a specific website if they are determined enough. Full stop.<p>right, and that reveals the absurdity of this "age gate", doesn't it?
because I am sure giving every UK national their very own unicorn would also poll very well but that doesn't mean that's what a functional democracy should be prioritizing
just because a majority of the public supports
because doing so is not possible
That's because it's not about age gating, it's about identifying the internet users.
It’s not possible to prevent these same children from getting alcohol or drugs either but we certainly don’t permit it.
yes and we do fine companies that sell alcohol and drugs to children.<p>lets give everyone an incentive to report companies that allow or encourage children to use these websites.
the children, the parents, bystanders, the employees and contractors of these websites, everyone should get paid from the fines these social media companies would need to pay out for every infraction.
I think GBP 10k per incidence is actually pretty cheap
considering the alternative is life in prison for the CEO and the board
starting with cash incentives all the way to prison terms for the CEO and the board
Fwiw they acknowledge this and claim the goal of this regulation is to drastically increase friction, not render it impossible