[alpaca128]

> Obviously this is my mistake

No, it isn't. 2022 should not be a valid date of birth in the first place. And the account being locked because of that should probably also not happen without additional checks.

It's okay to have standards even when most UIs are bad.

[xjay]

Coder sees "We need feature X". Coder implements feature X, marks it as complete; next.

So they have the coder (implementer) role covered, but not the "programmer" role ("thinker"/feature designer).

Leslie Lamport - Thinking Above the Code: ~ A lot of people like to think that they're thinking, but they don't really do much thinking. [1]

Evidently, there was no expectation that the coder/implementer was supposed to do any thinking here.

[1] https://www.youtube.com/watch?v=-4Yp3j_jk8Q&t=134s

[willcipriano]

This got past the undoubtedly upwards of nine product managers/business analysts/directors/etc on the team as well. Blaming the low man on that totem pole in a organization thick with management like that is silly.

None of the "idea men" had the idea of "what if someone's cat walks across the keyboard when we ask them their birthday". That's the embarrassing failure here.

[cdjk]

This could actually be a feature and not a bug from a legal perspective. If they are blocking anyone who gives any indication that they are under 13 then it might be easier to show compliance with COPPA.

This has made me wonder at times if the best way to get my data delete from someplace is to talk to customer service and repeatedly say that I'm twelve.

[hansvm]

That's definitely how it explicitly worked at one workplace; to the extent that account restrictions could form a poset, if we had evidence that some restriction might be required (e.g., from multiple forms of age evidence, do any of them indicate this might be a minor or some other protected class), that restriction would be applied.

[globular-toast]

What should be the lowest valid date of birth? Is there some universal standard? I know it feels like 4 months is quite young, but where would you draw the line?

[xeromal]

At least in the US, I don't believe you're supposed to use the internet unless you're 13 or older. You could start there for your dropdown.

[roywashere]

My kid made a presentation for his class using Google Docs, then filled in his day of birth on his new phone when setting it up, then got locked out of his account. He was 12 at the time.

Also, his class had a WhatsApp group chat in which school info was shared. This was kind of weird because it meant that all 12 year olds in the group must have cheated their dates of birth, because otherwise they could not have had a WhatsApp account

[xeromal]

Cheating on your DOB is a rite of passage on the internet. I did it in the 90s. I think my old hotmail account still has my mom's bday in it

[cdjk]

One of the main results of COPPA is teaching children to lie about their age on the internet.

[Arrath]

Why yes I was born on the 20th of April, way back in 1969, why do you ask?

[BeFlatXIII]

I’ve been a 41-year-old single dad ever since I was a nine year old.

[astura]

90s? COPPA didn't go into effect until Q2 2000.

[xeromal]

Sorry, I was 10 so I don't have the best memory of the era. Lol.

And I still probably lied about my age in the 90s. I doubt StarCraft allowed 8 year olds to play on battlenet

[mindslight]

Er, no. There is an actual privacy law with teeth if you're under 13 ("COPPA"). Companies don't want to be subject to any such regulation, so they choose to prohibit anyone under 13 from using their services. It's widely assumed that people under 13 simply work around these prohibitions by lying about their age, but as long as the companies don't have specific knowledge of this then legally everything is fine. Making the dropdown preclude ages under 13 could be interpreted as companies encouraging this behavior, and is thus a non-starter compliance wise.

[sushid]

Thank you! Thank god there's someone who knows why features like this are being implemented. You can't just say you're compliant by adding a button that says "I'm above the age of 13." Dropbox has to include ages younger than 13 in their dropdown selection.

[SOLAR_FIELDS]

Funny, the law about alcohol and tobacco related websites must not have the same “teeth”, to use grandparent’s wording. In those websites, a simple modal that says “Yes I am over 18” (tobacco) / “Yes, I am over 21” (alcohol) or “No I’m not” is what everyone uses.

[sushid]

Not sure about those laws but yes, COPPA is more strict. Per the FTC:

> In designing your age screen, you should ask age information in a neutral manner, making sure the data entry point allows users to enter their age accurately and does not default to an age 13 or over. An example of a neutral age screen would be a system that allows a user freely to enter the month and year of birth. Avoid encouraging children to falsify age information by, for example, stating that certain features will not be available to users under age 13. In addition, consistent with long standing Commission advice, FTC staff recommends using technical means, such as a cookie, to prevent children from back-buttoning to enter a different age.

[astura]

No, That's expressly not allowed.

https://www.ftc.gov/business-guidance/resources/complying-co...

>If you choose to block children under 13 on your general audience site or service, you should take care to design your age screen in a manner that does not encourage children to falsify their ages to gain access to your site or service. Ask age information in a neutral manner at the point at which you invite visitors to provide personal information or to create a user ID.

>In designing a neutral age-screening mechanism, you should consider:

>Making sure the data entry point allows users to enter their age accurately. An example of a neutral age-screen would be a system that allows a user freely to enter month and year of birth. A site that includes a drop-down menu that only permits users to enter birth years making them 13 or older would not be considered a neutral age-screening mechanism since children cannot enter their correct ages on that site.

>Avoiding encouraging children to falsify their age information, for example, by stating that visitors under 13 cannot participate or should ask their parents before participating. In addition, simply including a check box stating, “I am over 12 years old” would not be considered a neutral age-screening mechanism.

[josephcsible]

> No, That's expressly not allowed.

Is "allowed" the right word, given "This document [...] is not binding", "guidance" and "should consider"?

On an unrelated note:

> consistent with long standing Commission advice, FTC staff recommends using technical means, such as a cookie, to prevent children from back-buttoning to enter a different age.

So if 12-year-olds learn about a website they don't want their parents to ever visit, they just have to preemptively try to visit it from the same computer and tell the truth?

[smittywerben]

I hear platforms ban < 13yo due to cost of compliance. Is this true? It was simple on Neopets when COPPA was new - just faxed a signed parental consent form so I could access the forums.

[exfascist]

You're definitely allowed to use the internet but there are very strict rules on data collection. I think the intent is to keep people under 13 from using the internet socially or being exposed to the data collection/PR/ad machines.

[causi]

I believe many countries have special laws about the online activities of children below the age of 13. Seems like a good cutoff.

[rolph]

it varies from place to place but perhaps the minimum age for participation in a legal contract/useragreement to be binding