| I agree it could be a stalking horse as things often are. Can't just boil the frogs. On the other hand I do not agree that people should require credit cards. For ages there has been a single line HTTP header that can be added to a site or even to the meta-data in HTML itself to identify adult content. A law could require all user-content sites to implement the header and require all browser apps, operating systems, mobile devices to make a best-effort attempt and requiring a parental control system that approve-lists domains that have the adult content header. A panel of the best UX designers in the industry could draft the RFC for device/browser updates and the law could reference the RFC. A panel of parents could test the beta versions. In NGinx it looks like this: location / { add_header Rating 'RTA-5042-1996-1400-1577-RTA'; }
In HAProxy it looks like this: http-response set-header Rating "RTA-5042-1996-1400-1577-RTA"
I do not know how to add this to Envoy or Caddy.This puts the control and liability of the approval on the parent and they don't even need to be technically savvy at all. This also puts the liability to self-label a site on the site owner/administrator and they can each have instructions in a standard location on the site how to enable parental controls in apps/devices after such a law requires devices to have this functionality created in a standard and simple way that just looks for the header. Despite being meant for adult content there is nothing stopping this from being used for user-generated content domains. The end goal would simply be to provide a method of parental controls per domain or globally. Most important, this method provides zero tracking of who is into what and does not leak financial or PII data. How to enforce this? Crawlers find user generated site, people submit user generated sites. No header? 3 attempts are made to contact the domains admin/technical contact. 4th attempt domain(s) are seized. |