In Russia, they claimed that new measures to block websites are necessary to protect the children online. Of course, they immediately used these new capabilities to block opposition websites and sources critical of the government.

Now, seeing many European governments tirelessly push for these new measures to protect the children, I'm pretty sure that the children are finally going to be safe online.

> the main thing that we've done is we've commissioned additional research on this because I've not been happy with the evidence.

Ah, yes, the existing research doesn't agree with our biases, so let's fund new "research" that does.

I've been using a VPN in the UK on my laptop and phone exclusively for 20 years, and the state has been working with ISPs to make "connection records" for most of that time.

On mobile a VPN isn't always effective in avoid geoblocks. Some apps are able to determine I'm in the UK and still ask for ID - reddit is one for example, if you stumble on to an adult subreddit. Using the web interface avoids this.

The UK has also moved to force ISPs to block certain bittorrent search engines.

The UK is not shy when it comes to invading your privacy or censoring the Internet.

Some context - Birmingham Mail is one of dozens of clickbait-driven publications owned by Reach plc.

They're not a high quality source of news - they've more than decimated their journalism staff and replaced them with 'content' staff who are performance monitored on the number of clicks their articles generate.

Content is syndicated in different accents across their range of papers from the national papers, The Mirror and The Daily Express down into a large number of notionally 'local' outlets.

So, take it with a pinch of salt.

I'm very much in favour of blocking children from social media - it's an absolutely vile cesspit of cognitive addiction, bullying and social (and potential sexual) abuse. But none of it requires a mass-surveillance network to be put in place.

Just for one example; it would be trivial for Apple and Google to put age estimation on my phone, verify it on opening the web browser and provide a zero-knowledge proof of age to websites in a way that does not reveal my identity. All the infrastructure is already there, and it's relatively trivial to turn it on. The downside is that this will only work for people who are older than about 25 because of the uncertainty of face-to-age recognition, but it would be a start.

Another way to do it is for my bank, who know my age already, providing a similar credential that I can feed into the zero-knowledge proof engine on the phone.

This was all done properly for the covid tracking apps, at a time when the phone providers actually wanted to do tracking with anonymity - this is a similar problem, and it's easily cracked by technical means.

And you don't even need zero knowledge proofs if you perform on-device content detection - turn it on for kids, keep it off for adults. Modern phones have more than enough TPU capacity to do this.

But none of the actual implementations I've seen are truly anonymizing, and they all rely on trusting some really dodgy companies with your identity and browsing habits. Yes, the more respectable ones have security and privacy policies that are audited, but will they always? The cynical answer is "no", because history shows that someone will always do something sooner or later if (a) it makes money, and (b) they can get away with it.

Everything I see suggests that the desire for mass surveillance is the driver, and the "protect the children" front on this is a strategem by the people who are really driving this from behind the curtain. There are huge amounts of money to be made by capturing verifiable, blackmailable, personal data, and this is a magic money fountain for those who will be able to mine it.

If you ban IPsec ESP people will start using WireGuard on random ports.

If you ban WireGuard using DPI people will start using SSL VPNs.

If you ban SSL you ban the entire internet.

At least we get to raise the next generation of IT geeks because they'll have to understand a bunch of networking basics to watch porn, and might get hooked on it. (on IT)

bruhghghbmphf, the VPNs! the VPNs! can't have those! What's that good sir? You say ssh? Do not shh me sir. Oh, SSH... yes, SSH, can't have that! It's elementary, any system which one accesses MUST report to parliament. Personally Identifiable Documents for General Evaluation Of Ne'er-do-wells. We'll call it the P.I.D.G.E.O.N. network.

In a way, the cack-handed way they've gone about this makes me slightly more optimistic. If we must have such a law, please let it be one which:

* Creates a market for privacy tech of several million teenagers

* Wastes police time chasing down social forums which kids are hosting abroad using their pocket money

* Rubs the noses of the securirati in the fact that they've made it easier for terrorists to hide their comms among the thousands of teenage speakeasies

This is not the 80's when comms tech required capital and man-years of engineering. Setting up forums online isn't even a high-school project.

Most VPN companies won't implement age verification, because their purpose is privacy. This is really an attempt to ban VPNs. This won't be popular when 70% of the population uses VPNs.

Anyone who thinks parenting by legislation is a good solution to anything should be neither a parent nor a legislator.

Good thing Brexit happened to prevent government overreach.

Every corporate I know of, uses VPNs. Especially when workers connect from home. Is the UK government really interested in going up against the majority of their business partners...?

The great firewall of UK.

Oi m8! U got a fooken loicense fer dem veepee-en or wot?!

The "loicense m8" memes are getting less and less funny ...

1. Age-gate social media

2. Children start using VPNs to bypass the ban

3. Age-gate VPNs

4. Repeat steps 2-3

Truly a masterful plan.

What if I use a VPS instead? What if it's a virtual private VPS wholely in memory? What if it's a pool of VPS boxes shared by me and a network of people?

There's always a way around, but this direction is concerning.

This will obviously not become law, because it would cause significant collateral damage to businesses, and they won't risk the gravy train derailing.

There is very little doubt that we need to find a way to update our relationship with social media. The evidence of their harm in current form is overwhelming.

However, using this reason to induce censorship rules, word by word matching Russia/China playbook is making the goal less achievable if anything.

There are few things more exciting, in relationship to attempting to restrict access to (data) communications, than a government which thinks geeks won't find ways around such. Now sit back, relax, and let's wait for the next generation of encrypted channels solution development.

This will be interesting to follow. I dont see how this can be fully enforced. Maybe for iOS and other platform where app distribution is highly restricted, but on linux, windows and even macOS i can use mullvad, sending cash in an envelope without ever revealing my identity.

It is so funny to read. They are so stupid.

So the UK government finally admits that age-sniffing is just an attempt to censor people. How evil.

People need to look at the UK government much more so than the US government in ADDITION. Everyone knows how the USA serves the superrich only these days, but the UK government is kind of polite on the outside, but pure evil on the inside.

Doesn't the UK already have geo-targeted age verification infrastructure in place? A website or app could require the user to submit a live video of themselves quaffing a local beer.

While I do support restricting social media to younger minds, the way they go about it, and the collateral damage that will result is unacceptable. For about 500ms I thought I might have found the "one thing" I agree with this government, but nope... I'm considering whether it's time to leave the UK. There is an air of hostility here towards... well everything.

Uk kids about to discover the power of Hetzner Linux vps + vnc.

At some point there has to be a line past which you can still get a clean network between A and B somehow. At very least for corporate, right?

Enclosure of XXI century

Glad HN is getting to experience the true level of adverts on “news” sites in the UK. It really is next level.

Funny how quickly "won't someone think of the children" turns into mandatory government ID for private services, banning necessary and secure (and encrypted) communications systems, and locking children out of access to the de facto communication systems of the modern era.

This is a privacy nightmare on all fronts and a horrible limit on freedom of speech. These kids will be learning how to drive a car, yet unable to contact their extended family over Messenger or follow news on Twitter. For everyone else, it means no anonymity or secrecy which has a chilling effect on free speech at a time when fascism is growing within democratic countries and dissidents are being imprisoned or murdered.

Yes, there are some really big problems with social media, but keeping children away from it doesn't fix the problems - it just leaves them for the rest of us to deal with. Let's fix the root of the problem, starting with the recommendation algorithms that inherently polarize people by building echo chambers around them and pushing divisive content all in the name of "engagement".

The UK can’t block Dissent [1] since it looks like normal HTTPS traffic.

[1] https://godissent.com

Don't panic. These debates are nothing new. Encryption and obfuscation tech comes up every ten years or so. People scream and, in the end, nothing changes.

One upon a time, encryption math was regulated as a munition and the act of sharing open source software was tantamount to weapon smuggling. Once upon a time, VPNs were being banned by credit card companies. Part of the rise of bitcoin was the idea that you would need it for services like VPNs that credit card companies refused to service. Today, VPNs are openly advertised as piracy tools for getting around media geo-restrictions. Once upon a time, ISPs throttled torrents and so torrents become encrypted. Once upon a time DNS was to be poisoned in order to block filesharing websites (see COICA and PROTECT IP acts). All those efforts also came to nothing. These too will die.

Just moved back to the UK after many years away, and it's creepy here. Doing the elderly under terror legislation, some crazy kangaroo court antics, a frankly sinister approach to "online safety". VPNs?

The even more concerning thing is that we've got a far right party that have been leading in the polls for most of the last year.

This is a very dangerous situation.

Hopefully won't happen

This is all about pushing Digital ID by the backdoor and building surveillance state for benefit of corporations pretending to be against it.

https://www.lighthousereports.com/investigation/blair-and-th...

https://institute.global/insights/politics-and-governance/di...

maybe the UK should instead look into protecting women and girls being systematically abused and raped while the police and government cover it up

Baffling how easy companies like Meta have it with politicians. Fuck them all, I'm leaving for the woods. It's been fun with tech but now it's just so painful,

The article below sharply summarizes why all this is a dystopian surveillance setup:

> how, precisely, do you stop a fourteen-year-old from opening Instagram without first checking the age of the forty-year-old?

> You don’t. You can’t. So everyone gets carded. Britain is lifting the system wholesale from Australia, where a computer first scans your face and guesses your age from your cheekbones, then, failing that, surveils you to death, studies your browsing habits and the hours you keep, and then, when the algorithm throws up its hands, simply demands your passport.

https://reclaimthenet.org/starmers-social-media-ban-surveill...

Honestly, the UK already shot itself in the foot. Now they're shooting their other foot. And they keep voting for the Labor party...

And yet, govt will find it's impossible to regulate the creativity of software engineers.

FWIW you can age-gate VPNs the same way you can age-gate anything else that is paid for: just don't let people who haven't got credit cards (not debit cards) sign up.

Or you can simply let free plans only terminate inside their own country. I noticed recently that TunnelBear has done this with their free plans — the "fastest" endpoint, which is the only one that is free, is now a UK endpoint. It still meets the security need anyone might have from a VPN.

I am honestly not that bothered about adult content age gating in principle, and I never really have been. I personally think sexual content is not remotely immoral but that it's reasonable to say the very young shouldn't be able to see it. It's not a freedom of speech issue.

Given the practical impossibility of parental regulation of access to devices when cheap phones and PAYG exist, the problem is the practice of it: how do you do that in a way that is privacy-preserving?

I feel that Apple has coped with this pretty well: they decided I am an adult automatically based on how long I have held an account.

I also think the UK PAYG mobile providers handle this well: they have simply always blocked adult content until you unlock it. I haven't bothered and I have never seen the content wall (except when deliberately testing it) so I believe its boundaries are drawn quite well.

Though I do routinely use one site that might end up blocked over time because it sits right at the boundary of the law's interest. So one day I might need to, I guess. And I have considered what I might need to do about a website for my own photographic work, which sits on the edge of the ofcom rules interest in practice.

We are missing secure anonymous age attestation but I think that will come.

I do think American critics tend to interpret this in terms of the morality and religion battle-zone that riddles US culture and encourages US states to try to police morality in bizarre ways or to extend "porn" rules to things like information about sexuality, gender or sexual health (which would just not happen here because we're actually not really religious or prudes; there is essentially no religion in our politics, which is ironic considering the C of E have seats in the Lords).

I don't think American critics should really leap to judge UK rules when you have two dozen different states imposing rule sets that in some cases came first and in many are wholly unworkable.

UK concerns are about child access to extreme material and about sexual exploitation, fundamentally. It's not easy and it's clear some aspects of the legislation are difficult, but accepting criticism from Americans as if the US position is clear, unambiguous and robust is no longer something we should entertain, especially lessons about the morality of free speech from the US administration, given their apparent selective contempt for it.

[dead]

[dead]

[dead]

[dead]

[dead]

[dead]

isn't the simple answer an age-limit for VPN? /s

all this because they refuse to make the law just

"legal parent/guardian is responsible for the child"

if a parent faced fine or jail for a child having access to the internet you can be sure 90% of the children wouldn't have internet access

I'm no defender of the big social/media sites but I don't see why it's their fault/problem if a minor has internet access when they aren't supposed to

This all feels like the opposite goal of knowing everyone who is online everywhere

Because it's not how you'd make the law, you'd wouldn't go to service by service and make it their problem, you'd make it the adult responsible for the child's problem

[flagged]

[flagged]

what if instead of this age gate or whatever government is doing, what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?

remove all "reasonable step" shield to hide behind. for example, a shopkeeper can't say they took "reasonable steps" if they sell alcohol to a child so why should a website be any different? if we are going to the absurdity of age-gating VPNs, at least lets make it so that there is an incentive for children to self-report