Today “loudness” is an aesthetic choice and good mixers and producers know how to craft a record that is both loud and of good sonic quality.
There is a place for both dynamic records (in the sense of classical or old jazz records) and contemporary loudness aesthetic.
Can inexperienced producers/mixers do a hack job trying to emulate the loud mixes of pros? Yes. The difference comes down to taste and ability to execute with minimal sonic tradeoffs.
Source: I have a long history producing, mixing, and mastering records and work among Grammy winners regularly. Very much in the dirt on contemporary records.
From my observations and from industry people I've read opinions from, the early '90s were the peak for mastering quality. Digital was well-understood, but wasn't being abused.
Listen to the original pressings of songs like "Creep." That guitar noise punched through because there were still dynamics back then. Music was fun to listen to, especially with headphones. The soundscape of an album sometimes led me to give music a second chance that I might not have bothered with if it didn't sound so good.
Now, even very catchy music is tiresome and quickly abandoned because of dynamic compression. It's fatiguing (if not grating) to listen to. Yes, there are a few exceptions here and there. "Gives You Hell" by the All-American Rejects comes to mind. But in general music sounds like ass now. Take Coldplay... regardless of what you think of the content, this music should sound great. But it's sonically dull trash.
The thing about mastering is that unless you're a part of the production team and get to hear the before/after you'll almost never know what the mastering engineer's contribution actually was. Done well, their role is invisible.
Mastering engineers work with the record that they receive from the mixer. It's entirely possible that the smashed (over-limited) record was handed to them by the mixer and approved by the artist. In that case the ME's hands are usually tied. They work with what they receive.
Likewise, the mixer may receive a reference mix (from the producer) that is smashed. The mixer has far more ability to influence the sonics than the ME (waaay more), but they too can have their hands tied if the artist is really attached to the vibe of that rough producer mix.
Professional mixers and ME's are well aware of the negative effects of the loudness wars. It's well understood by any working professional today. Ultimately the buck stops with the record's producer and the artist. They're the ones seeing the project through from beginning to end.
The difference falls on them, between a "loud" record that sounds like lifeless trash and a "loud" record crafted with skill, taste, and intention that has depth and impact. As I said, amazing "loud" records do exist when all stages of the record's production team are aligned. But it requires restraint and taste on the production team and the artist.
---
You're not wrong that something changed around the mid 90s. Until the late 80s records were being mixed primarily for vinyl. The limitations of the medium (namely the needle would skip out of the groove if you tried to print a loud or bass-y mix) kept the loudness in check. You simply COULDN'T make a record that loud. This limitation acted like speed bumps. But perceptual loudness has always been an objective of recording engineers since the dawn of recording.
What happened is that in the 90's digital tools (particularly digital limiting) in combination with digital playback mediums (CDs) opened up the door to squeeze greater loudness and new sonic aesthetics out of records. As such, these tools have been abused and over-cooked. In some cases that abuse may be the objective.
Today we're well aware of the trade-offs and to some artists it just doesn't matter. They WANT it smashed. It ultimately comes down to restraint, taste, and good technical know-how to get a flavor of loudness that doesn't have too many tradeoffs.
I'd liken playing multiple instruments to coding in multiple languages. There's a baseline understanding of the fundamentals that is necessary to overcome in the beginning, but once you get confident with them they transfer across multiple instruments/languages.
I pedicabbed for five years, and the job is very much what you put into it.
You can be passive and low-effort, or you can be active and hustle rides by chatting up strangers. My roommate could squeeze blood from a stone when it came to persuading strangers to hop in her cab. She had a real talent for connecting with people and stretching out the ride in a way that was mutually beneficial for her (well paying) and the passengers (fulfilling concierge experience). In some ways she was like an escort you'd hire for good conversation at the bar. Minus the sexual expectations.
We all experienced bad actors (malevolent, drunk, immature, entitled) while working, but you can defuse the situation with finesse and charm, or you can bluntly and persistently deny them until they get worn down and steam off down the street to be someone else's problem.
I began as a largely introverted person and came to love the 5-15 minute window that I would have to get to know my clients while we traveled. It's a real captive audience and most people are down for the conversation and the connection. You learn how to listen and you learn to draw people out of their shells and be their best selves.
Some people were so great that on a few occasions I parked up my cab at our destination and spent the rest of the evening hanging out with them.
The job really rewards open-mindedness and a "yes, and" approach to dealing with people. Certain interactions with clients had a way of becoming very fun and adventurous if you kept an open mind and went along with your fares.
As a pedicabber of five years this is solid advice. Negotiate before you depart. I always made it a point to get buy-in from my passengers before we took off. Nobody wants to be surprised.
What many people don't understand is that pedicabs are independent contractors in many cities. We have full autonomy to charge as we see fit. Sometimes pedicabbers will gouge and sometimes it means the passenger will be surprised by an otherwise reasonable fee.
I haven't yet read the essay, but I will jump at the opportunity to share my experiences working as a pedicab driver in Austin, TX for 5 years:
Pedicabbing is one of the most satisfying, fun, and rewarding jobs that I've ever had for a handful of reasons:
1. I had full autonomy to operate how I see fit. I work when I want, I retire when I want, I roam where I please, and I select (or deny) customers I want to serve. I can hustle as hard as I want to drum up work and persuade other to take a ride or I can sit passively and wait for people to approach me.
2. It taught me a lot about sales, negotiation, value-based fees, soft skills, being an entertainer, and showing people a good time.
3. I was pedaling for dollars and hauling up to three full-grown adults at a time. Sometimes uphill. The physical exertion gets easier, but remains challenging. Quite often I am doing the equivalent of high intensity interval training for 8 hours a day. By the end of a shift I am operating on a runner's high.
I got home every night at 3a, took a shower, and then passed out in bed like a stone. Then I rose and ate 1500 calories for breakfast. Not to mention my constant food intake while working.
Gallons of water would flow through me. Quite often the heat was so much that I'd go hours without the need for a bathroom break because it was all coming out through my skin.
4. I met a LOT of fascinating people and got to spend 5-15 minutes at a time getting to know them. Having good conversations. If we hit it off well enough I have it within my power to park up my cab and spend time with them. I've ended up spending entire nights hanging out with people who I really enjoyed. Off the clock.
5. If all else fails and work is slow that evening I still have a custom stereo strapped to my cab and (for a music lover like me) that is all I need to keep going. People had to listen to some WEIRD shit on my cab, and often I would meet people who were just as passionate as I am and want to share their favorites.
6. The job is improvisatory, surprising, and rewards those with an open mind and an eye for opportunity. Those with a "yes, and" mindset. If you're down for it, you can follow your nose to some wonderful surprises.
7. You get to know the city intimately. You take pride in navigating well and in a creative manner. Being a pedicab affords you a lot of flexibility in how you travel, that cars cannot access.
8. Your fellow pedicabbers. A very colorful bunch. People from all walks of life do the job. Artists, crusty punks, 65 year-olds, family-men (and women), students, athletes, entertainers, the fabulously extroverted. My friend was a marine biologist for the city whose day job had him out in the river in a wetsuit taking water samples and working in a lab by day, and he was pedaling for dollars on the weekend. One of us was a clerk at the Capitol and was studying law. A common thread amongst us were people who had alternate lifestyles and this was a good hustle that suited our needs.
Many of us were musicians. I originally got into the job because I did a lot of touring with my band throughout the year. I needed a job where I could hit the road for two months and then jump back in as soon as we got back into town.
I could go on, but the job was so much fun. It's not for everyone and it takes a certain type, but for my five years on the cab I wouldn't trade them for anything.
I have a tangential question. Do you find that snow banks near roads are appreciably less black and disgusting now that there are fewer ICE vehicles on the road?
Growing up in America I have memories of our roadside snowbanks becoming black and saturated by vehicle exhaust and it always felt so gross to me. The back half of winter was characterized by blackened, salt-saturated puddles and banks. I wonder if the prevalence of EVs has made things less dirty in the winter.
> The back half of winter was characterized by blackened, salt-saturated puddles and banks. I wonder if the prevalence of EVs has made things less dirty in the winter.
The dominant cause of that is probably brake and tire particulate matter, not car exhaust. And EVs make tire pollution go up (because they're heavier) and brake pollution... I'm not sure if the weight effect there is counteracted by the decreased amount of friction brake use (as opposed to resistance braking).
On my Polestar 2, I was surprised how in actual use, friction braking was basically zero - to the point where when you start a trip the brakes are used for a few seconds to make sure they're still working (and scrub them a bit.) In actual driving - without trying particularly on my part - it's just always regen.
As others have said most of that was probably not pollution related to being an ICE vehicle, but if even part of it was the environmental performance of ICEs is magnitudes better over the last 25 years when it comes to unburned hydrocarbons and particulates, which WOULD reduce visible pollution way more than modest EV adoption. CO2 reduction? not so much with bigger vehicles offsetting gains here...
Could be! I don't know enough to say what the ratio of exhaust to tire particulate is on the average road.
In either case it's a good physical representation of how much particulate we are exposed to every day. Maybe having it trapped in dirty snowbanks is better than having it getting kicked up into the air during a dryer season.
If it's particulates from tires then heavier EVs are probably making that worse not better (partially offset by regenerative braking, but only partially).
EVs produce more tire dust, but much less brake dust and exhaust (even when powered by coal plants).
The net effect is a massive reduction in dust and particulates.
Some modern tire additives are incredibly toxic to fish. They’ve been banned in the EU, but for the very special corner case of driving in sensitive watersheds in the US, it’s possible EVs are worse on that one dimension.
Of course, we could just ban the recently approved additive, and completely solve that corner case problem.
If I’m not mistaken, Meta has been lobbying heavily for all of these age-verification bills lately.
It seems their strategy is to externalize their responsibility to verify age themselves, and thus reduce their exposure to liabilities when child protection acts like COPPA are violated.
It should be externalized to a degree. Facebook shouldn't be the ones verifying age, but there should be a trusted 3rd party service that does that, which just tells facebook "yes this user is old enough to use your service" or "no they're not old enough".
It abso-fucking-lutely should not be at the OS level though, for so many reasons. Even the implementation alone would be a nightmare. Do I need to input my ID to use a fridge or toaster oven? Ridiculous.
You might think you can keep 16 year olds from looking at porn, if they want to. You can't. You have never been able to. All you can do is teach them that the law is stupid and pointless, and they should treat rules with contempt. But they'll still be able to look at porn.
What you can do is allow the government and private companies to track everyone, everywhere, all the time. And you can create more gatekeepers that hold personal identity data, misuse it, and leak it.
Yeah, I agree with this. I think age-related content moderation is a losing fight and one that will create more contempt for laws, more surveillance, and much more PII surface area that will be exploited.
There are really two "core" issues at play:
1. The prudish nature of US society
2. The fact that we don't have data privacy laws and restrictions on digital surveillance by private companies
Sixteen year olds? Sure, mysterious Forest Porn and the older brother who'd give you skin mags have always existed. And Cinemax at night, catching the odd frame that somehow gets thought the scrambler. Whatever.
But we can't realize all the supposed glorious promise of all this tech bullcrap for education and free exploration of younger kids if we can't at least come pretty damn close to guaranteeing that an eight-year-old won't stumble on Rotten.com or hardcore porn if an adult isn't looking over their shoulder constantly. And whatever that solution is needs to work for parents who don't have the know-how or time to be sysadmins for their household.
I'm not overly concerned with 16 year olds. But the tools for protecting younger children suck. A consistent account setting and header would do a lot to improve parental controls.
> What you can do is allow the government and private companies to track everyone, everywhere, all the time. And you can create more gatekeepers that hold personal identity data, misuse it, and leak it.
This is already happening. A central setting would improve privacy over the way things are right now.
> A central setting would improve privacy over the way things are right now.
What? How? What improvement are you seeing that I'm not?
Putting all our PII into one huge repository and then letting corps and govts access it sounds like a dystopian nightmare. This is why we don't like Palantir.
What happens if a bad guy steals that data and your identity? They go and look at CSAM using your ID? The police turn up at your door and cart you off to prison? Are you really going to be able to argue that it wasn't you? If so, what is the point of the system? If we're relying on IP addresses and other evidence for access (so you can fight these charges) can't we just use them in the first place?
I don't know what you're talking about, but it's not what this kind of bill is about.
This kind of bill is about the OS telling things whether you're: 0-12, 13-15, 16-17, 18+
No databases, no stealable identity, only the barest sliver of 2 bits of PII.
As for how it's an improvement, we already have sites asking to see your driver's license or pictures of your face for much worse age verification paradigms. If most of those changed to a local age setting, privacy would go up.
How does the OS know that you moved from the "13-15" bracket to the "16-17" bracket without knowing your DoB?
And this is the thin edge. Because in a few years there'll be a bill saying something like "too many children are lying about their age online. We need to verify their age" and then we're capturing IDs and storing them somewhere.
> The OS could require the parent to manually update it.
How is their age verified?
At some point one of two things is required:
1) A promise that the user is a certain age
- Which puts us exactly where we are
2) Official identification is used to verify age
- Which creates a PII nightmare
That's it. There's only those two options. You may not believe #2 is going to be a privacy nightmare but we're already seeing it happen with Discord/OpenAI/LinkedIn and everyone else that uses Persona[1]. They aren't doing the minimal security things and already aren't doing what they claimed (processed on device, then deleted). This "hack" couldn't happen if that was true
The difference here is it can be set by the parent on the OS and locked. Requiring sudo equivalent to change.
The way it is now, there's nothing stopping a (18-) user from logging out of a 'parental control enabled' account and making a new account without those controls on any service from Facebook to Steam. So the only effective option at that point is to entirely block that app or service.
This gives more power to parental control software. And yeah moves the responsibility from the service to the parents, which is what the services want cuz COPPA and other similar laws.
But you do bring up another issue people aren't discussing. That the default setting is under 18.
So we protect the children from adults by... having no way to actually verify someone is a child?
The problem is less kids getting access to porn and more pedos getting accounts to spaces designed for children. Places like Club Penguin or very famously Roblox.
Here's the problem, you can't verify children. They don't have identification in the same way adults do. And worse, if we gave them that then it only makes them more vulnerable!
Then we have the whole problem of a global internet. VPN usage is already skyrocketing to circumvent these policies.
So the only real "solution" to this is global identification systems where essentially everyone is carrying around some dystopian FIDO key (definitely your phone) that has all your personal information on it and you sign every device you touch. Because everything from your fridge to your car is connected to the Internet.
But that's a cure worse than the poison. I mean what the fuck happens to IOT devices? Do we just not allow them on the internet? That they're assumed 18+? So all kids need to do is get a raspberry pi? All they need to do is install a VM on their phone? On their computer? You might think that kids won't do this but when I was in high school 20 years ago we all knew how to set up proxies. That information spread like wildfire and you bet it got easier as the smarter kids put in the legwork.
This is a losing battle. It's not a cat and mouse game it's While E Coyote vs Road Runner.
We're on HN FFS. If there's anywhere on the Internet that the average user is going to understand how impossible this is it should be here. We haven't even talked about hacking! And yes, teenage script kiddies do exist.
These policies don't protect kids, they endanger them. On top of that they endanger the rest of us. Seriously, just try to work it out. Try to create a solution and then actually try to defeat your solution. Don't be fucking Don Quixote.
> But you do bring up another issue people aren't discussing. That the default setting is under 18.
Some things do that. This law doesn't have a default. If the admin sets all the user accounts to 18+, then the users are stuck with the setting being 18+.
> I mean what the fuck happens to IOT devices? Do we just not allow them on the internet?
Sounds pretty good to me.
But yeah they need a different handling of some manner. Maybe a "give no access to anything age-gated" category, though is that really different from under-13 in practice?
> So all kids need to do is get a raspberry pi? All they need to do is install a VM on their phone? On their computer? You might think that kids won't do this but when I was in high school 20 years ago we all knew how to set up proxies.
Just delaying unrestricted access to high school would already solve most of the problem.
> These policies don't protect kids, they endanger them. On top of that they endanger the rest of us.
They do not. Some totally different system could endanger people, but this one doesn't.
Really? Be a bit more serious now. There are a lot of things that connect to the internet, and not just for stupid data harvesting reasons. I gave other examples. I think you can understand that this gets pretty hairy pretty quickly. If you don't, then dig in deeper to how the networking is done. You're an older account so I'm assuming you actually understand computers.
> They do not.
They definitely do. I explicitly stated how that happens too. If you want me to take you seriously you have to respond with something better than "trust me bro".
There is no evidence that these companies are actually handling that data properly. There is a lot of evidence that they are handling it improperly. That data being leaked does in fact, endanger kids.
I'm also unconvinced these things even achieve the goals they claim to be after. Which is keeping pedos away from kids. i.e. the reason I said you're missing the point. So either it is not achieving that goal, or lulling people into a false sense of security. Imagine if Roblox was saying "we don't allow adults on the platform" and so now all the tech illiterate parents and kids think their kids are exclusively talking to other kids. That's just a worse situation than now.
> They definitely do. I explicitly stated how that happens too. [...] data being leaked
Again "Some totally different system could endanger people, but this one doesn't."
Any system that has companies handling personal data and able to leak it is not the system this kind of law talks about.
> false sense of security. Imagine if Roblox was saying
In that situation, Roblox is the problem, not the law.
> So what do these laws even solve?! I'm serious
If widely implemented, a parent can set a single toggle and then the accounts their kids make will all be appropriately restricted.
It wouldn't replace direct checks from the parent on what their kids are doing, but it would greatly reduce the risk profile. And making it simple and built-in means that non-tech-expert parents can set it.
>> Be a bit more serious now.
> The serious answer is in the next line.
> ...
> Again "Some totally different system could endanger people, but this one doesn't."
>> If you want me to take you seriously you have to respond with something better than "trust me bro".
I do have a hard time taking you seriously
> If widely implemented, a parent can set a single toggle and then the accounts their kids make will all be appropriately restricted.
People keep telling you option 1 is the correct one, and that it's not actually useless.
You keep describing privacy problems that only exist with option 2.
This law is not option 2. Stop interpreting people as if they're badly defending option 2. They're not.
> HOW
They take an OS where only admins can change the age setting. They set the age on a non-admin account, which they give their child access to. The OS passes the age setting along to programs, which pass it along to services that need to restrict behavior.
This is not the same as how it works today. It's impossible for a parent to do this today. The best they can do is try to keep track of every account their child has and dig through the settings manually.
Heard exactly the same thing about VPN use (kids won't know how to set up a VPN). Then Australia age verification kicked in, and VPN use went through the roof [0]
And, of course, the response so far has included similar thoughts as the UK about banning VPNs [1]
> How does the OS know that you moved from the "13-15" bracket to the "16-17" bracket without knowing your DoB?
The OS has the birth date. Of probably 1-5 people.
> And this is the thin edge. Because in a few years there'll be a bill saying something like "too many children are lying about their age online. We need to verify their age" and then we're capturing IDs and storing them somewhere.
Those things are already happening. I see this kind of mechanism as significantly more of an alternative to privacy invasion than an enabler of privacy invasion.
The political establishment used to be able to control what you read, through control of the media. Then 1995 happened and everyone got access to anything they wanted. The establishment have wanted to put that genie back in the bottle ever since. This is part of that effort.
> Requiring the central database is the scary part.
Yes, agreed.
And this type of proposal has no central database, so it removes the scary part.
(Unless you're talking about the local accounts on each computer storing dates of birth for a single household as a "central database" in which case you're being ridiculous and please stop doing that.)
A), which is the status quo. I don't see any other option as realistic.
B) makes things worse in several ways, but primarily by stifling innovation. Only large incumbents will have no trouble paying for the measures required to ensure compliance.
There's also the cost of enforcement, which will likely have to be borne by the taxpayers. I don't think this is a good thing to spend money on.
C) cannot be enforced, and any good faith attempts will cost more than the damage from harm they're supposed to prevent.
Option A isn't really the status quo. The status quo has a bunch of sites doing invasive checks and other sites region blocking users.
> Only large incumbents will have no trouble paying for the measures required to ensure compliance.
Oh my gawwwwwd. People trot this out any time any regulation is mentioned. Option B is a single easily accessible age category value. It's simpler than the status quo.
I'm not really focused on the exact wording of this bill. But mandating distros have a useradd and glibc with an extra couple functions is not a significant burden.
I mean, how is the OS going to actually verify the age of the operator?
I see how this helps Facebook - if you lie to the OS, and the OS tells Facebook that you're over 18, then it's not Facebook's fault if they provide you an 18+ service.
It's set by the administrator of the computer, so a parent can set it for their child instead of hoping their child is honest to every single individual site.
That's the difference between a parental control and a pinky swear.
The thing we want (well, that other people want, I have other views) is that large tech companies are not able to brainwash kids.
The thing this creates is liability on parents, or schools, or anyone who provides computer access to children. And access to PII for bad guys (who can ask your computer for your date of birth in this proposal, right?)
> The thing we want (well, that other people want, I have other views) is that large tech companies are not able to brainwash kids.
That has little connection with this law.
And having no age settings at all is where you'll have the most brainwashing.
> The thing this creates is liability on parents, or schools, or anyone who provides computer access to children. And access to PII for bad guys (who can ask your computer for your date of birth in this proposal, right?)
They're already responsible for controlling that. I think they should have more tools to help.
> And access to PII for bad guys (who can ask your computer for your date of birth in this proposal, right?)
Did you look at the law(s)? They get one of four age ranges.
> It's set by the administrator of the computer, so a parent can set it for their child instead of hoping their child is honest to every single individual site.
You are assuming the parent is the administrator of the computer.
I hope the number of downvotes you’re receiving makes you consider the absurdity of your suggestion.
Have you seen distrowatch? Are you going to go track down maintainers from every distro - many of whom live outside of the U.S. - and demand they implement this? The smaller ones would probably ignore you or tell you to get fucked, the larger ones with funding might decide to drag you into court.
Does "the government doesn't get to decide what people can look at on the internet" count as C or D to you? It is the situation we've been in technically for 20 years now anyway; the world hasn't ended and it generally seems to be pretty workable. The status quo isn't an especially radical one.
20 years ago was only 2006. The internet has been around for much longer. The first consumer focused ISPs launched in the early 90’s, 35 years ago, but CompuServe and others were providing access to chat and BBS’s in the 80s.
I’d say nearly 50 years is precedent enough that government intervention is unnecessary.
What about every other system where we rely on parents to parent?
Kids can turn apple juice into wine in their closet
they can drive their bicycle to a drug dealer
they can rub a butter knife against the sidewalk until it's pointy
Do we need govt AI cameras in kids closets and on their bicycles? How do we verify they're cycling somewhere safe? How do we make sure they're not getting shitfaced on bootleg hooch they made with bakers yeast and a latex glove?
This is more like a store being able to see their age just by looking at them, and make restrictions because of that. We don't rely on parents to prevent a 10 year old from going into a bar.
Which, unlike this, does not create issues, since the bar is a place staffed by people, employed to serve drinks, who can reasonably be required to look at their customers, while an operating system is some software, perhaps written by an enthusiast, which cannot reasonably be required to inspect its users.
C and D, combined. New internet for kids-only. This internet would be WHITELIST only. We would not be wack-a-mole trying to catch porn sites (sigh...)
Rather, companies would have to submit a formal proposal to get their website listed on Kid Internet. This inverts the responsibility. It's not my cost, or your cost, it's their cost now. If they want kids, they better prove it.
Then, you can trivially configure your router or any computer, with any operating system, to use the Kid Internet DNS. It's now completely operating system and device agnostic. It can be organizational wide with the flick of a switch. It can be global, if we want.
The proposal we're seeing here is bad, bad, bad. Not just for privacy reasons, but because it will not work. Not might, will. This will not work. For many reasons:
1. Most operating systems are not going to implement some stupid ass bullshit.
2. Most websites do not give a single fuck. Porn websites will not care. Trying to play wack-a-mole is ALWAYS a losing game, no exceptions.
3. This is trivial to bypass.
4. If it's not trivial to bypass, it still will not work, but it will now be the end of computing as we know it.
So we have some kind of control to stop your router from connecting to Adult Internet DNS? Because the difficult bit here is not allowing connections to the Kid Internet, but stopping connections to the Adult Internet.
How do we decide what sites resolve as part of the Kid Internet? Is there some process where a site submits itself for approval to be part of the Adult Internet?
How do we stop the government from using this to stop access to parts of the internet it doesn't like?
> So we have some kind of control to stop your router from connecting to Adult Internet DNS?
Yes, all routers currently have this built-in. Most software outside of routers does, too.
Will it be perfect? No. But, for example, this is how content filters work at schools and just about every workplace. And it seems to be good enough for them.
And, this will work better than that. Because the key point is we're not blacklisting anything. Nobody has to maintain a list of banned websites.
> How do we decide what sites resolve as part of the Kid Internet?
Companies or people send an application. The website is reviewed by a human, and they get approved or denied. If you don't care to target kids, which most people don't, you do nothing.
So I don't have to do anything, nor do you. But Meta does. Google does. I'm fine with that.
And, this "board" or whatever who hands out Kid-Friendly certificates can also take complaints. Why not?
> Is there some process where a site submits itself for approval to be part of the Adult Internet?
No, this it the beauty of it. If you want to be a part of adult internet, you do nothing. You already are.
Every website is implicitly adult internet, and it naturally completely subsumes kid internet. So, if you're just making a blog or whatever, nothing changes. In fact, you don't have to update anything from right now. It will all still work. Because Kid Internet is new thing, and it's whitelist only.
> How do we stop the government from using this to stop access to parts of the internet it doesn't like?
Related to above, adult internet is what we currently have. Nothing changes. You and I won't notice, and we can't notice. There will be the free-range internet, and then the subset of the internet approved for kids.
Yes, they are more sophisticated, or at least I'm assuming from how pi-hole and my workplace blocking works. Meaning, it works.
But those are not the best solutions, because of blacklisting. There are basically infinite porn websites. So, if you're going to try to block every porn website, you will lose, point blank.
So, even considering that, they do quite good. So if we just take the principle and invert it, it will be very good.
I mean, whitelisting vs blacklisting is why I am able to open my computer up to the internet via SSH. I'm not out here blocking 1 billion sites. No, I'm just allowing my laptop. And that gives me a lot of confidence, and it works.
And, I agree with culture change. But, culture change is very hard and I don't think it's something we can rely on.
So, you whitelist Kid Internet sites, and you have a DNS server that handles Kid Internet.
And everything else is Adult Internet, and there are many DNS servers that serve Adult Internet.
You sign your household router up for Kid Internet, and it ignores Adult DNS servers, and only routes according to Kid DNS, is that right?
I can think of about 50 ways around this already, but let's assume we're not talking about anyone with any knowledge of how the internet works. So the entire household is signed up for Kid Internet, and there's no way an adult can view an Adult Internet site from this household, is that right?
Well most DNS can be done per-device, just like in an IT setting. For example look at iOS. The device controls DNS, so set up little Timmy's iPhone to do Kid DNS.
That sounds an awful lot like this proposal, right? Well yes and no. No because this would actually work. Just letting the iPhone say "im a kid" does fuck all, because all the websites we're targeting with that will just ignore it.
And of course there are ways around this. Wanting a solution with no ways around it is dystopian. But is it a better solution than this? I think yes, it is.
If Little Timmy signs in then OS chooses the Kids DNS, but if Uncle Bob signs in then it chooses the Adult DNS?
As you say, I can see a few ways around this ;)
Again, this feels like it just moves the responsibility for everything onto the parents, without meaningfully giving them any control. If something screws up and Little Timmy gets to see some boobies, who gets blamed? Is it the OS provider, the hardware provider, or the parents? Did the parents actually configure this themselves? If so, who taught them how to do that? Or did they buy the machine pre-configured? So does the vendor take responsibility?
Sure, or per-device, or per-network, or per-organization. It depends on how each particular person wants to implement it.
> As you say, I can see a few ways around this ;)
Yes, notably less than the current proposal. Which, again, will just straight-up not work.
> f something screws up and Little Timmy gets to see some boobies, who gets blamed?
I think this really hit the nail on the head. None of this is about solving problems or helping little Timmy. It's about accountability management.
If we implement the OS syscall, then Meta gets to point their grimey finger at someone else while they continue to fuel genocide in Myanmar.
> Did the parents actually configure this themselves? If so, who taught them how to do that? Or did they buy the machine pre-configured? So does the vendor take responsibility?
Well, um, both. You can configure your router, sure, or your Linux computer. But I imagine a new iPhone would just come with a checkbox you can check at account creation time. Again, very similar to this proposal, except it works.
Yes, parental controls already exist. You’re up and down this thread advocating for this particular bill, but what does the technical solution actually look like to you beyond the controls already available? And with regards to account creation specifically, what do you see as a workable solution that isn’t defeated by a “pinky swear”?
Can you name a piece of parental control software that tells relevant apps and sites whether I'm above 13/18?
I'm sure there's plenty of software that can block sites entirely, but that's a lot less useful.
And how much should I trust the popular products on a scale of 1-10? An OS setting doesn't need much trust.
> And with regards to account creation specifically, what do you see as a workable solution that isn’t defeated by a “pinky swear”?
I'll copy a different reply: "It's set by the administrator of the computer, so a parent can set it for their child instead of hoping their child is honest to every single individual site. That's the difference between a parental control and a pinky swear."
The idea of something like this isn't to replace parents, it's to give them a simple centralized tool. The parent has the admin account.
E. Platforms that want to serve violent, sexual, predatory, scammy, snake oil content in the most addictive way possible to exploit minors and other vulnerable populations for profit should save some of their revenue for lawsuits when they hurt people. Hold products that cause harm responsible.
The Illinois bill is not about 18+ content. It's about controlling who your children can talk to on social media. The OS age check is just a means to that end. The end is blatantly unconstitutional. The bill of rights doesn't mention age limits. Freedom of assosiation applies to kids just as much as it does to adults. If the bill passes, then any racist parent could block all comms from kids of a different color for example.
I get what you’re saying but it’s a false premise. In today’s era, racist parents already block their children from even attending school with someone of a different color. Merely blocking comms would be a step before that in severity of control.
Parents have always had the ability (though maybe not explicitly the right to) control their children’s environment for the purposes of teaching personal beliefs. So long as the belief itself wasn’t deemed harmful to the child, society would allow it to continue propagate that way. Racism unfortunately has never been seen as innately harmful. It’s looked down on, yes, but not to the point of making it illegal to enforce in family life.
To be fair, as a parent I don’t want my under age children hooking up with literal nazis on social platforms, whoever that might be. The current tools and controls are lacking. A lot.
The spin control on this story is intense. Saying that it's "just parental controls" when we've had fscking parental controls since the 1990s is disingenuous as hell. Obviously it's something new, but that's really all they have got to try to spin it back into their favor.
Once you force OS to communicate data about the user, here we’re talking age, is it a slippery slope? Once the architecture is created, why not put other things about you in there?
I'm reminded of a video essay I watched about AI once, which took a side tangent into surveillance capitalism:
"Google's data harvesting operation became a load bearing piece of the Internet before the public understood digital privacy. And now we can't get rid of it."
The public has been conditioned to expect web services free at point of use. Legitimately it's hard to monetize things like YouTube without ads, and I get that. But turning our entire ecosystem of tech into a massive surveillance mini-state seems like an astonishingly shitty idea compared to just... finding a way to do advertising that DOESN'T involve 30 shadowy ad companies knowing your resting blood pressure. My otherwise creative and amazing industry seems utterly unwilling to confront this.
Edit: Like, I don't know, am I crazy for thinking that simply because we can target ads this granularity, that it simply must be that? I get that the ad-tech companies do not want to go back to blind-firing ads into the digital ether on the hope that they'll be seen, but that's also plus or minus the entirety of the history of advertising as an industry, with the last 20 or so years being a weird blip where you could show your add to INCREDIBLY specific demographics. And I wouldn't give a shit except the tech permitting those functions seems to be socially corrosive and is requiring even further erosion of already pretty porous user privacy to keep being legally tenable.
Society won’t delay reward now for future good on its own. Even if one person will, there’s a line of people who will step in to pollute the lake or kill the whales for a bag of money.
It will just decay until it’s a short squeeze into oligarchy or worse (the corrupt will be forced into an arms race of accelerating corruption as opportunity becomes scarce). Then some other country who isn’t leaving it up to their society to do the right thing will be in charge. Until the same happens to them.
This is the value of religion historically, one of the few ways of coercing a population into doing the right thing for their own good. But every group can be spoiled or hijacked by a small handful of bad actors who are willing to do what others are not.
We don't externalize age verification when buying alcohol or visiting the strip club. It's on the responsibility of those establishments to verify age.
In those in-person contexts, the identification document is still externalized - they're checking a government-issued photo ID in the vast majority of situations.
It works for the in-person context because it's a physical object, making it easier to control access to it. A high resolution picture of the same ID is a privacy problem as it can be copied, shared, transferred, etc without the knowledge of the ID holder.
I think that main goal would be to keep the ability to have accounts be anonymous or pseudo anonymous.
If social mean company has to verify an accounts age themselves they then have to use some for of official government identification and with that any chance of anonymous or pseudo anonymous access.
Facebook has less than zero interest in allowing people to use their platform anonymously. They very much want to know everything about their users including their age and they would never back a law that would stop them from collecting that data. Now that you know that facebook isn't pushing this law to protect anyone's anonymity why do you think they're doing it?
> Now that you know that facebook isn't pushing this law to protect anyone's anonymity why do you think they're doing it?
My comment was not about what I knew/know about facebook or not. I was answering the question of why age verification should be externalized to a degree and in this case externalized means the power stays with the user and parents rather than being in the hands of say facebook/meta.
I was not talking about why facebook/meta would want it or not want it. Large companies want lots of different things. Sometimes it is required to know their motivations to discuss or decide on something. I think it can be detrimental to do that though without discussing/analyzing a topic/idea on its own merits first or at least parallel. My comment was focused on the merits not the motivations or desires of companies like facebook.
The point is that you can't just externalize age verification and expect that data to never be sent to facebook because facebook needs that data to do anything (good or bad). It doesn't matter if your OS broadcasts that your child is 6-9 to facebook or if facebook has to ask the government to tell them that same information, either way, in the end facebook will know that your child is 6-9. The power is then in facebook's hands. Facebook won't see a copy of their government issued ID, but what difference does that make when they've got their age, their selfies, and a list of every friend and family member.
> The point is that you can't just externalize age verification and expect that data to never be sent to facebook
facebook and similar social media companies have a ton of ways to get peoples age and or to narrow it down.
> either way, in the end facebook will know that your child is 6-9.
The main point of the law is not about restricting facebook or similar operator in the laws lanuage from knowing user ages. Though the does say the age bracket can not be used for anything other than to implement the intent of the law.
> The power is then in facebook's hands. Facebook won't see a copy of their government issued ID, but what difference does that make when they've got their age, their selfies, and a list of every friend and family member.
May not matter much for facebook or similar, it matters a bunch for any random website/forum/service you might sign up for where the intent of the service is not about public posting that sort of personal infromation.
> facebook and similar social media companies have a ton of ways to get peoples age and or to narrow it down... May not matter much for facebook or similar, it matters a bunch for any random website/forum/service you might sign up for
You're right about that. There are websites and services that won't have the kind of data needed to identify an individual using the age bracket data, and there are those who could do it anyway or could make some guesses about the ages of users even without having OS gathered age data sent to them. That said, I've seen how bad companies are at making those kinds of assumptions. For example, I've seen youtube's AI age guesser fail completely and mischaracterize viewers ages in both directions.
> Though the does say the age bracket can not be used for anything other than to implement the intent of the law.
I didn't see that anywhere in the text. It does have a section where it says that the age data collected can't be shared with third parties unless they're made a part of the implementation of age-check scheme. There's also this: "All information collected for the purpose of obtaining the verifiable parental consent required under this Section shall not be used for any purpose other than obtaining verifiable parental consent and shall be deleted immediately after an attempt to obtain verifiable parental consent" but it's entirely unclear if age bracket data is considered part of the data collected when "obtaining verifiable parental consent". I suspect that it isn't and this language is intended to protect the data of the adults who will be forced to prove they are the child's parents. In fact they don't define at all what "obtaining verifiable parental consent" should or shouldn't involve.
You are right it is hard to use it for anything else though given the constraints.
> An operator that receives a signal in accordance with 20this Section shall use that signal to comply with this Section 21but shall not: 22 (1) request more information from an operating system 23 provider or a covered application store than the minimum 24 amount of information necessary to comply with this 25 Section;
You know the age bracket but nothing else and are not allowed to store more data on the topic to figure anything out. So you can not legally figure out someones age by keeping track of when they change age brackets.
> In fact they don't define at all what "obtaining verifiable parental consent" should or shouldn't involve.
It is the "Account holder". The user that set up the account and provide the age is considered the parent or legal guardian.
Do we make contractors do age verification on their supplies when building a liquor store or strip club? The OS is a tool used by Meta, just like the utilities and the compute itself.
Meta Apps can have age verification but it should be at the point of service, not the supply chain.
And even if we were to agree to this, uploading your IDs to an untrusted third party is asking too much.
It's not enough for the government to know. Platforms, websites, and advertisers want to know. That's why the law facebook has been pushing for doesn't have a simple "is 18+" flag but instead has a long list of age buckets so that advertisers and platforms can target specific demographics even when they are minors.
The law doesn't require any protection levels at all. It just requires your OS to tell every website you visit which bucket your children fall into. Every website and platform can use that information in whatever ways they want, even if it's just to adjust how best to groom a victim or to decide which ads to push at a child. They could also use it to say that a 9 year old can't watch a certain video that a 13 year old can, but that would be entirely their choice.
I'd much rather a third party ID that I can easily bypass because they're lazy and cost saving every step of the way, than a governmental ID which will be x100 harder to bypass and can be abused by the goverment whenever there's a man-child in power who likes going after groups of people who don't agree with him.
But in a perfect world it would be parents doing their job and parenting. You can grab your child's pad, phone, laptop, whatever, and black list the entire internet allowing only a few select white lists of your choice. But it's too hard to educate parents on how to do that I guess, assuming this was ever about children and not data collection, which it is that.
I mean, as much as I don't want the Government to be able to do that, I don't want private industry to be able to do that even more tbh. Though both options are pretty horrendous privacy-wise.
Until recently I felt the opposite way -- what they could do with that was more targeted advertising. The government currently in power is demonstrating that they can do far worse, and plans to.
Very good point. But there are businesses that are via the barcode on the back of the license. They're using machines to validate and do who knows what with that data.
I'm surprised that people think this is some new 'save-the-children' thing ? Didn't Zuck say like 10 years ago, you should not be allowed to be anonymous on the internet ? This just seems on-brand at this point.
A different approach that would keep incentives properly aligned is for Facebook (et al) to publish labels in website headers asserting the age (and other) suitability of content on various sections of the site. It would then be up to client software (eg a browser) to refuse to display sites that are unsuitable for kids on devices that have been configured for kid use.
As there has been a market failure for decades at this point, it would be reasonable to give this a legislative nudge - spelling out the specific labels, requiring large websites to publish the appropriate labels, and requiring large device manufacturers to include parental controls functionality. The labels would be defined such that a website not declaring labels (small, foreign, configuration mistake, etc) would simply not be shown by software configured with parental controls, preserving the basic permissionless nature of the Internet we take for granted.
But as it stands, this mandate being pushed is horribly broken - both for subjecting all users to the age verification regime, and also for being highly inflexible for parents who have opinions about what their kids should be seeing that differ from corporate attorneys!
Except none of these bills (California or the one in question) as currently written require an ID to actually be verified, merely that the user provide an age. This seems intentional as it's seems to solve the user journey where a parent is able to set a reasonable default by simply setting up an associated account age at account creation. It's effectively just standardizing parental controls.
I think this is a reasonable balance without being invasive as there's now a defined path to do reasonable parenting without being a sysadmin and operators cannot claim ignorance because the user input a random birthday. The information leaked is also fairly minimal so even assuming ads are using that as signal, it doesn't add too many bits to tracking compared to everything else. I think the California bill needs a bit of work to clarify what exactly this applies to (e.g. exclude servers) but I also think this is a reasonable framework to satisfy this debate.
I've seen the argument that this could lead to actual age verification but I think that's a line that's clearly definable and could be fought separately.
Kids aren't stupid. They'll just create another account when they're old enough to figure it out. They'll tell their friends how to do it and the rest of us will be stuck with these stupid prompts forever like it's a cookie banner.
Actually given boot chain protection, this will probably get harder as time goes on but even assuming some kids are able to, this is clearly definable as a user error: the fault lies with the kid and as a parent you need to think about your threat model.
Right now, it's not even clear how to create parental controls at a reasonable level so there's no clear path for what to do or how to respond.
Maybe we can agree that if you're mature enough to hack your own phone, you're mature enough to see a nipple. Why am I rate limited though? Dang must hate this opinion.
I don't think "real" age verification with ids is immune to this either. (kids paying an adult to get an id for it or fooling an ai classifier, whatever).
Basically unsolveable, so why worry about that edge case? Kids will always get through to some adult content somewhere. A token system will make parents feel better in the meantime.
From a parent's perspective, that's the great part about bubbling it up to the OS user account level.
Its trivially easy to see if the user (child) has indeed created multiple OS level user accounts with different permission levels if you want to spot check the computer.
You'll see it on first startup and then you can have "a chat". With Guest account access disabled, spawning a new account on a computer takes 2-3 minutes, will send emails and dashboard notices to the parent.
Its very much near impossible to verify that the child is not just going to Facebook etc. and using separate accounts and just logging out religiously.
That said I wish Apple/Microsoft/Google had more aggressively advertised their Parental Control features for Mac/Windows/ChromeOS as a key differentiator to avoid Ubuntu/Open Source distros from having to implement them.
> You'll see it on first startup and then you can have "a chat". With Guest account access disabled, spawning a new account on a computer takes 2-3 minutes, will send emails and dashboard notices to the parent.
On what OS? Microslop Windows? On my computer no one is notified when an account is created. And the account list isn't visible when I log in. I log in to the TTY.
Now, granted, I am not the norm. But my OS falls under these regulations. So what is my OS vendor supposed to do? For that matter, who is the vendor? What if I were using LFS? Who even would be the vendor for LFS? It's not even a distro!
Yes it doesn't show up probably because you were able to pretty easily mindlessly click through the part where you were asked if this is being provisioned as a child's computer.
When you provision a Windows, Mac or Chromebook these days as a child's device using your parental account, it will require a parental account to enable new user accounts and/or re-enable guest user on the device.
Like I said - my preference would have been for Microsoft, Apple, Google and Meta and TikTok to have made an industry effort to educate parents about the existence of such tools a priori of any legislation, we could have avoided Linux etc. getting sucked in.
It's pointless. Kids who want an uncensored internet will use a VPN or proxy the same way they've been getting around the restrictions and filers put on the computers and networks at schools. These laws will do nothing to protect children but will instead enable them to be targeted.
I don't think its quite so easy anymore that I can tell, with parental tools today - on a properly provisioned device you can require parental permission for app installs such as VPN, etc.
So you're advocating for stronger and more invasive controls?...
I think this is a sensible compromise. It gives parents more control than before without relying on shady third-party software or without turning every platform into a cop. Yeah, it also aligns with Meta's interests, but so what?
The age attestation solutions pursued by the EU are far more invasive in this respect, even though they notionally protect identity. They mean that the "default" internet experience is going to be nerfed until you can present a cryptographic proof that you're worthy.
> I think this is a sensible compromise. It gives parents more control than before without relying on shady third-party software or without turning every platform into a cop.
It doesn't give parents any control whatsoever. It just forces the OS to tell every website your child goes to how old they are. It doesn't require those websites to hide certain content for certain age groups. It doesn't define what types of content are appropriate for which age groups, it just makes sure that every advertiser bidding on your child's eyes knows what age range they fall into to.
If anything this takes control away from parents because even the cases where a website does their best to restrict content based on which age the OS tells them your kid is, it's the website setting the rules and not the parents. You might think that your 16 year old can read an article about STDs, but if the website your kid visits doesn't think so you as the parent don't get any choice.
With 3rd party software parents are controlling what software is used, they have the ability to decide which kinds of content are appropriate for their children and can be allowed and which types of content should be blocked. They can black/whitelist as they see fit. All of the power is in the parent's hands. This law gives parents one choice only: "Do I honestly tell my OS how old my child is". That's the end of the parent's involvement and the end of their power.
I mean on a UNIX OS you could make it yet another group the user needs to be part of. Like the group for access to optical media or for changing network credentials. Whether the child gets root access is on the parent, but that is like with anything else. A child can get around this, but it means finding and exploiting a 0-day on the OS. If they are able to pull this of I would congratulate them.
There is a huge attack surface for this. For example, kid manages to buy an old phone. Resets the phone and creates an account. Kid buys something like a Pi 3 manages to get a regular phone to become an access point. Etc. If a laptop is not completely locked down, a kid might boot a live USB stick.
The problem is that these laws tend to escalate. Once a government starts regulating, it doesn't stop.
It is also the wrong model. Instead of creating child-safe devices, just like there is a difference between toys and power tools, this regulation pretends that all devices are child safe and parents have to figure out which ones really aren't.
I don’t care if it’s part of the user setup, but make it an App Store dotfile. Don’t issue fines to Debian for offering a Docker image without a user setup script.
Except how is this done on GNU/Linux or FreeBSD or Haiku? Who's going to implement it, who's going to ensure it can't be bypassed and who's going to be responsible if it's not?
I agree. There is a real drive to catastrophize here but so far, none of the bills actually take any steps to prevent users from lying about their age.
I want to be able to hire a licensed Identity Service Provider that gets all of my verified identity data in an encrypted token and let me register it with the OS, and control what amount of the data I expose to apps, with age verification being one of the lower levels of access.
I pay the company to verify me, I am their customer. They take on the liability of the OS makers and app makers of age verification.
If you have a valid token signed by a licensed IDS that verified your age in your OS, that's all anyone needs to know.
So we have to pay some 3rd party service to hoard information about Children? Why we want to set that up? Why would we want to take that power from the parents and give it to some company?
So, they want to profit off children, but do nothing to protect them?
> but there should be a trusted 3rd party service that does that
Gee, if only Facebook would use their incredible might to create this, rather than trying to rob our representative government from underneath us.
> It abso-fucking-lutely should not be at the OS level though
It's not my problem. It shouldn't involve me at all. I don't use social media and I think if you let your kids on there unsupervised you have a screw loose.
If social media, alcohol, drugs, gambling, phones are so, so, so bad for children. Just ban them from children.
We were completely fine 30 years ago without any phone. They will survive. They will probably thrive because now they have to learn how to hack the system.
Instead, we just give them everything they need and all the thinking they do is scrolling.
Sometimes even things that are good for Meta are good for the rest of us. This law, and the one in California, mean that liability is disclaimed as long as the parent selects an age above 18 for the child. It's like a section 230 for age protection. Meta supports this because they won't be liable for wrong age inputs, and we should also support this because it doesn't verify age in any other way.
We should support something that does the minimum to accomplish the goal. As luck would have it, we don't need to do anything because parental controls already exist, and apps like YouTube already have a "kid mode". But for some reason, people are very attached to the idea of getting that number. Your age. It isn't enough to have a boolean isAdult. Oh no, they want to know how old you are, and they want that number to follow tou everywhere you go. View a site on your PC and then load it in incognito to create an account and comment? Oh look, this person we've identified as pockauppet age 99 or whatever viewed the page, then someone registered aged 99 and commented on that same page. This is a data goldmine. But I guess we're not against sharing data anymore.
Have you used parental controls? They're complete and utter shit. You cut your child off from almost all of the internet, or you may as well not have any controls at all.
App developers don't want to comply with them - that's one reason. Now the law says app developers have to follow parental controls, and are liable for ignoring parental controls. That's a sensible law.
He doesn't want to have to stand up, turn around and apologize to parents on behalf of an asleep at the wheel Congress again.
At some level I don't blame him. It is also a bit strange how in that act alone he showed more accountability than most of the politicians that were questioning him, never mind most executives. I suppose Josh Hawley wants to be liable for personal lawsuits for his acts of Congress too... people cringe at his "robotic" demeanor but I can't remember the last time someone turned and faced people and apologized like this. Most people asked to do the same (even in front of the same body) never do.
If a company relies on self reported ages, they don't "know" it well enough to satisfy COPPA. Probably. I'm not a lawyer but I do keep up with the latest in privacy enforcement and I think this is the way things are headed.
For the record, I'm against age verification laws. But I think companies are pushing for them because of liabilities they face under other laws, not because they would actually like to have the data.
Facebook has always been there for only one reason; for people who don't value privacy.
Nothing less, nothing more.
Most things that are not suitable for children were recognized so long ago that it was decades, centuries, or millennia before anybody living was ever born.
Like porn, when it got on the web it has always been instinctively gatekept as traditionally as possible, and complaints which do arise over the decades are addressed by the websites in ways that measure up to how you expect a company to act. Consistent with the way they truly don't want underage visitors to their websites at all.
Those complaints are now dwarfed by what parents are saying about Facebook in particular.
Facebook, and now Meta, is just not something that previous generations had to deal with, so it didn't get handled in a very adult way as it should have been from the beginning. And it only got worse as it got bigger.
If it wasn't worse for their kids than porn, parents wouldn't be screaming so much louder than ever.
I guess it turns out the combination of fundamentally devaluing privacy across-the-board including minors is the main problem, and then the idea of hooking them early, like cigarette companies would do with as much habit-forming reinforcement as possible, is what leverages the lack of overall privacy through the roof.
What's really needed is bold gatekeeping on Meta's digressions alone, they should be the ones to aggressively keep everyone underage off their site. Like they really mean it, which has not existed before. That's what's been wrong the whole time, the internet was so much better before Facebook came along with their anti-privacy mission, and it got put on steroids.
Reining in Meta alone should be big enough to be noticeable, no-one else has a shred of responsibility by comparison.
Facebook has invested $billions in these underage crowds and they want to know exactly when everyone else on the internet turns a certain age even if they are not on Facebook.
Don't give it to them no matter how much they pay.
It would be the complete opposite of an advanced thinker who wants to respond by compromising more people's privacy across the regular internet, when Meta is the primary source of the problem, and they're who stand to benefit the more privacy is compromised in any way, child or adult.
Like my 19th century grandmother would say, "what's wrong with some people?"
It's amazing how many things We The People want our government to do that go ignored year after year, but the moment corporations want something laws get pushed through at lightning speeds. Does anyone actually think that masses of regular people in Illinois were begging their government to force operating systems to tell every website and advertiser how old their children are? They weren't. A small number of corporations with lots of money wanted that though. Bribing matters a lot more than voting.
How should they do it? Surely they don't have a responsibility to do something that nobody knows how to do?
There have been numerous cases in history where governments have attempted to legislate the outcome they want without regard to how that might be done or if it was possible in the first place. Obviously it can never deliver the results they want.
It would be like passing a law to say every company must operate an office on the moon, and then saying that companies lobbying for an advanced NASA space program is them externalising their responsibility.
They could require government ID to sign up and an adult sponsor to certify accounts for kids. Plus a limit on how many accounts an adult can sponsor.
It would be a mess, but solve the problem. It’s not that we don’t have the technology, we just don’t want to because the friction would decimate user numbers and engagement; it would be much simpler to regulate (e.g. usage limits on minors); and minors are less monetizable, which would lead to lower CPM on ads.
Then there’s the legal liability if you know someone is a minor and they’re sending nudes, for example. And the privacy concerns of tying that back to de-anonymized individuals.
But obviously I wouldn’t believe that social media companies care about user privacy on behalf of people.
>They could require government ID to sign up and an adult sponsor to certify accounts for kids. Plus a limit on how many accounts an adult can sponsor.
Requiring all online account creation to go through some government vouching system sounds far worse for privacy than OS doing age verification.
I see no such claim that comment said that the parent verifies the child. That that means that the parent must be verified. I don't see that approach having any chance of succeeding. It would be a much more invasive process to both verify the parent and the relationship with the child.
The points:
1. No new law is required, FB could do this voluntarily.
2. Meta has a vested interest in a low-friction solution that maintains engagement.
> They could require government ID to sign up and an adult sponsor to certify accounts for kids.
Even if they used an open source zero knowledge proof, HN will still immediately dismiss it as an attempt to steal your data. The proposal here and the similar bill that passed in California doesn't require any validation that you enter you age correctly.
It's up to parents to parent. It's not up to the government, and Facebook pushing this shit is evil.
It's not about protecting children. It's about increasing adtech intrusion, protecting revenue from liability, pushing against anonymity, and for all the various apparatus of power, it's about increasing leverage and control over speech.
bad take man. these companies don't care about kids; they just want to take the responsivity off of themselves. they don't actually put any money towards child safety.
But the parent comment didn't say anything about companies caring. So you're not disagreeing with them, unless you think any selfish corporate action should be automatically opposed. And that would be a bad take; it's way too generic and applies to both sides of most issues.
With all the LLM bots they need a new way to sort out the people from the machines to not lose ad revenue and to help their spook friends.
It's better for them if this "responsibility" rests with another organisation, they don't get blamed as much when the information leaks and it is replaceable.
Really, I’m surprised that for all of the discussions on HN around these individual statewide acts that I see so little discussion of Meta as a primary force pushing them.
They don't but frankly no one who matters actually gives a s#it about HN anyhow.
HN is also much less representative of the demographics within the American tech industry now as well - almost all the references I see on here are stuff only men in their late 30s to 50s would recognize, and an increasing amount of users appear to be based in Western and Central Europe.
Heck, I'm on the younger end by HN standards (early/mid 30s) and when I introduced HN to my peers over a decade ago (this is my throwaway) even back then they complained that it was "toxic", "snooty", and "unhelpful". And it's reputation amongst the younger generation has only gotten worse.
HN has "SlashDot"ified, because most people are either in private groupchats on signal/imessage/discord or meeting each other with Luma invites.
Why does it matter specifically that Meta is doing it? This has long been a goal for intelligence apparatus and big tech: get rid of anonymity online to "fight terrorism" and sell ads respectively.
Don't get me wrong, it's good to know but it's not earth shattering information.
>Why does it matter specifically that Meta is doing it? This has long been a goal for intelligence apparatus and big tech: get rid of anonymity online to "fight terrorism" and sell ads respectively.
How does getting the OS to do age verification "get rid of anonymity online" or help "sell ads"? Assuming the verification is implemented in a competent way (ie. it's not just providing an id scan for any app to read), it's probably one of the more privacy friendly ways to implement age verification, that's also more secure than an "are you over 18" prompt on every website.
You've accepted the overton window shift that age verification is an inevitability and that we need to give up information to the operating system because any other way would violate our privacy! It's naive to see this internationally coordinated effort to "save the children" as anything other than the temperature in the pot being turned up.
> implemented in a competent way (ie. it's not just providing an id scan for any app to read)
What if there are vulnerabilities? You're inherently introducing more attack surface and providing more data than you would without these laws.
>You've accepted the overton window shift that age verification is an inevitability and that we need to give up information to the operating system because any other way would violate your privacy! It's naive to see this internationally coordinated effort to "save the children" as anything other than the temperature in the pot being turned up.
If you're trying to imply Meta is behind the "overton window shift", that's plainly not the case. The popular sentiment that smartphones and social networks are harming kids (thereby necessitating bans/verification) has been boiling over for a while now (eg. "The Anxious Generation, 2024", and the recent social media bans in Australia), and meta is just trying to get ahead of this with laws that favor them.
>What if there are vulnerabilities? You're inherently introducing more attack surface and providing more data than you would without these laws.
Probably less likely to cause vulnerabilities than web usb or web bluetooth , both of which gets some pushback here but nowhere as much an API that returns a number.
> If you're trying to imply Meta is behind the "overton window shift", that's plainly not the case
No, I'm saying the exact opposite: Meta is just one player in a campaign from intelligence agencies and other tech companies who want to normalize mandated prompts in your OS that collect information. Right now it's "just a DOB field bro" turns into "well... people can lie with the DOB field, let's just add a ID check step in that dialog" and build on it from there. Of course the pot has been boiling for a while and it's not just Meta looking for regulatory capture.
> Probably less likely to cause vulnerabilities
I don't care about likelihoods, this "feature" inherently introduces more risk and for something I don't even want on my computer. Even a small chance that this can be abused is unacceptable.
I find it odd when people write off policies as using “save the children” or “protect women” as if this isn’t something people are really capable of thinking. You fail to understand why the Overton window has shifted because you fail to understand people really are worried about their children
I don't know of any surveillance state act that used "protect women" as their top line, but maybe I missed it.
> because you fail to understand people really are worried about their children
No, I completely understand but that doesn't give anyone the right to start mandating that we give up our privacy in pursuit of that. That's sorta the joke with "save the children", it's meant to tug at your emotions and make you look like a bad person for not consenting to massive overreach.
Okay, so not every single person pushing surveillance is a bad faith actor and there are some parents in there who truly want the best for children. How does that change the substance of my point about overreach?
> Why does it matter specifically that Meta is doing it?
Their entire top leadership has shown a multi-year tendency towards psychopathy and lying. Knowing Meta is pushing this bill makes me want to understand why my views and theirs randomly agree as well as carefully read the bill text for any signs Adam Mosseri was within 500 feet of it.
I've seen skepticism about the veracity of the claims, in part as various sources cited in the git repo pointed to todo files not actual data[1] (in that example was only just hours ago a source file was added, when the project still claims part of the conclusions are based on data said to be contained there).
Which has led some to suspect much is LLM generated and not properly human-reviewed, in addition to the very short timeframe from initial self-disclosed start of the research to publishing it online (mere 2-3 days) despite the confident tone the author uses.
That's the correct strategy, if anyone sues meta, meta can bring their age verifier into the lawsuit and blame them. It makes sense from a business perspective, insurance perspective. etc...
Meta is definitely helping to push this, but they aren't having to push very hard because its already in the zeitgeist. It's a classic moral panic. Millennials are raising kids and turning into their boomer parents.
Millennials had their hippie era in their 20s (same stuff their parents did rebranded as "hipster" instead of "hippie," where instead of building a lifestyle of free love and bong hits in the Haight-Ashbury, they built a lifestyle of free love and bong hits in Williamsburg Brooklyn).
Now in their 30s-40s they've moved to the suburbs, they're voting Reagan, and are falling for hysterical media-driven moral panics about "what kids these days are up to" just like their Boomer parents did in the 80s-90s.
What's even more funny about all these "social media is evil" legislative proposals, they're motivated by the idea of what social media used to be when millennials were in college...which doesn't even exist anymore.
The classic narrative that teens are depressed because they're seeing what parties they didn't get invited to is wildly outdated now. Social media isn't social anymore (see Tiktok), it's just algorithmic short form TV. Nobody is seeing content from their peers anymore.
In reality, most modern research on social media finds little to no affect on teen mental health. But of course, if you have ulterior motives to undermine privacy or shirk corporate responsibility under the cover of "saving the kids," this moral panic is an already burning flame waiting to be stoked.
> my experiences don’t look like the Instagram shots, my body doesn’t look like theirs, etc
Zero difference from the reality TV/tabloid era. "Influencer" is just a rebranding of "celebrity," and instead of seeing their Hollywood Hills mansion and chiseled bodies on MTV cribs and in Abercrombie ads you see them on your phone.
Here's a few quick pulls, the best stuff is the meta-analysis studies but don't have time to dig them all out:
What does this bill have to do with age verification?
It legally mandates the existence of a required "age" field in user account records, a user interface to populate it during account setup, a mechanism for service providers to read this field, and that providers act as if it has been populated accurately.
As someone who has been the de facto "system administrator" for my family's computer systems since kindergarten, this has to be one of the stupidest policies I've ever seen gain traction.
I think it will be an extension of parental control and shift that accountability/responsibility upwards; Meta is not anyone's real life parents anyway.
Android doesn't ask your age, Google does for an account. You can use an android phone without a google account. Most people don't but the distinction is important because degoogled android phones will also have to comply.
So for example operating system that does not ask this question could simply declare itself "inappropriate"/"illegal" in the jurisdiction.
Say, GrapheneOS can explicitly disallow image downloads from Californian IPs and not sell phones with preinstalled GOS there.
You don't need to be complaint with the Mongolian law to sell in Burkina Faso.
Similarly they don't need to be complaint with Ohio law if they do not operate and have presence there.
American companies that decide to surveil users ont heir websites with pervasive tracking without consent would only contravene the European GDPR if they allowed EU users to use them. Block the EU (famous http/451), and they're in the clear.
This is what Ageless and some apps are deliberating. I wonder if my ToS can protect me as a scientific calculator maintainer; if I mandate that it cannot be installed within jurisdictions that ban or fine maintainers who fail to implement the age checks.
Edit: I have no control over who links to my library.
As an "operating system provider," the law as written still requires me to provide an accessible interface for you to indicate your age to the operator.
Should we be asking your age every single time you use a credit card reader or ATM? If not, embedded operating system providers need exceptions to the law in each state that adopts their own non-standardized approach.
Agreed. I want my h1’s to be larger than my h2’s. That visual distinction is how I parse data faster. Flat markdown with no formatting feels like it’s missing the point of Markdown.
And are they really proposing that we ought to read italics and *bold* like this?
Edit: Oops. Looks like HN has formatted bold/italics for me. Italics should be bracketed with one asterisk and bold bracketed with two asterisks.
For the first time this year (and nearing 40) I'm teaching myself web development and learning to code - and I love it. I like the problem solving, and the creativity, and having the facility to build things for myself.
The threat of LLMs undermining my opportunities in the work pool are never far from my mind as I move towards a seemingly burning building, but you know what? I will do it regardless, because even though my prospects for employment may be diminished I'm enjoying the craft, and I like being creative with it.
I intend to embrace LLMs as an augmentation of my will once I get a good grasp on how to code proficiently. Maybe I'm too late for the heyday of coding by hand, but if these tools allow me more power to solve the ACTUAL problem, then that's alright. The point is to solve problems, right? Not to write code.
Yeah. It remains an open question if they'll be a net positive in the end. If they end up being helpful, good. And if they end up being mostly a waste of our time, then we'll go back to where we were. More or less.
It seems like there's still some juice to squeeze from this technology, though. So my money is on a net positive. For now.
Even if they end up being bad practice for production code, we can probably agree that they're decent at mock-ups, experimentation, and quick proof of concepts. That at least has some value.
I see a lot of people with zero coding/engineering experience trying to make their own products, and very few of those products with long term staying power. We've got a long way to mature with how we use this tech. This moment feels like the introduction of the home microwave: A lot of terrible, terrible meals were cooked while people briefly forsook their stove to use the miraculous microwave for everything. Eventually people figured out what tasks the microwave was suitable for and then went back to the oven for all but simple re-heating.
Most coding tasks take place outside of pure tech companies, if I’d venture a guess.
And let’s be honest, enterprises in general do not value that quality - and they face very little in terms of technical challenges that can’t be solved by code on stack-overflow or github.
What most enterprises lack is knowledge about themselves though - this is more a business problem than a technical one however.
Today “loudness” is an aesthetic choice and good mixers and producers know how to craft a record that is both loud and of good sonic quality.
There is a place for both dynamic records (in the sense of classical or old jazz records) and contemporary loudness aesthetic.
Can inexperienced producers/mixers do a hack job trying to emulate the loud mixes of pros? Yes. The difference comes down to taste and ability to execute with minimal sonic tradeoffs.
Source: I have a long history producing, mixing, and mastering records and work among Grammy winners regularly. Very much in the dirt on contemporary records.
reply