Hacker News new | ask | show | jobs
by mjevans 906 days ago
What if you had to show Government ID whenever you entered a grocery store, a library, a movie theater? What if you were tracked each time you consumed a video, a still image, an audio clip, or even a text message?

What if the government kept a record of any or all of those checks? What if they arranged for third parties to commercialize that data so they could 'legally' end-run any restriction on domestic spying with a small ad targeting data service fee?

This is the sort of dystopia that librarians and others focused on liberty have been fighting for what seems like forever.
8 comments
hn_throwaway_99 906 days ago
While I strongly disagree with this NC law, and others, your analogy is a bad one.

As a society I think we've accepted that some things (cigarettes, alcohol, sex, etc.) should be restricted from children. That's a far cry from requiring ID every time I go to the grocery store. But, as long as I've been alive, you have had to show ID to purchase alcohol, and the sky hasn't fallen.

Again, I think these types of laws are particularly poorly thought out, but I don't buy the "slippery slope into dystopia" arguments, and I think there are better arguments against it.

link
LammyL 906 days ago
It is one thing to show ID. It is an other thing to show ID and have the details stored in a database in perpetuity by companies who don’t have huge budgets for data privacy and security.
link
jxdxbx 906 days ago
Zero-knowledge methods for verifying age are possible but there is almost no political will or interest in them. Sites would get a “yes” or “no” as to whether someone is of age, and no other information.
link
BobaFloutist 906 days ago
They could verify ID, associate you with an "ID verified" token, and immediately trash all the information they collected other than that token.
link
Keeeeeeeks 906 days ago
they could, but a law enforcement agent looking for a suspect will send a lot of subpoenas to every porn site. When a porn site says "we wipe that data instead of storing it," the law enforcement agent will say "what do you mean you wipe KYC and identity verification trails once you get them? Are you letting sanctioned people use your site and covering your tracks?"

Similar thing happened to Valve; people were trading gun skins, and regulators fined them for not having AML/KYC controls because the state argued "the business didn't do enough to stop money laundering."

This trickles out to porn companies (and the vendors that use them for identity verification), and implies that they need to store this data to prove that they didn't delete it to help terrorists.

link
paulryanrogers 906 days ago
Does this require users trust several parties? Any one of which could sell out, get a court order, be tapped en mass by the NSA?
link
tzs 905 days ago
It is possible to design a system where there are three parties, you, the site R that is requesting you prove your age, and a site D that you are willing to show documentation that will prove your age, with these properties:

1. There is no direct communication between R and D related to your proof of age. You will receive a message from R, send a message to D, receive a message from D, and send a message to R.

2. R gets no information other than (1) your age information, (2) what site D checked your documents, (3) the timestamps of when you exchanged messages with them.

3. The site D just gets (1) the documents you provide to prove your age, (2) a binary blob that you generate that is for all practical purposes random to anyone other than you [1], and (3) the timestamps of when you exchanged messages with them.

If someone compromises D all they get is copies of your documents (assuming D kept them) and those for all practical purposes random blobs (if they kept them), and timestamps. They don't get the identity of R, the site you were verifying your age to.

If someone compromises both R and D, they might try to match up timestamps to try to figure out who people really are. If D is busy enough and you add some delays in your message sending it should be possible to make this risk negligible.

[1] The blob is some data you receive from R, transformed by a random permutation chosen by you. To anyone who does not know the random permutation it is indistinguishable from random.

link
Fatnino 905 days ago
California is trying out something like this with their digital drivers license.

Basically, if you only want to verify age, you open the app in age verification mode. It will display your picture and a qr code but not your address and other sensitive info typically present on a drivers license. The participating* alcohol vendor then scans the qr code which only contains data like "over 21" and some sort of verification that the qr code isn't forged. I'm a bit hazy on how this last bit works but it really all pivots on how this bit is implemented. Could be good for privacy or a total nightmare.

*there are only 3 locations participating in this test phase, afaik

link
LargeTomato 905 days ago
It would be helpful to be able to digitally verify different types of identity. Where I live, how old I am, my real name, my nationality, etc. Give the user control over what information is being verified.
link
nazka 905 days ago
I am curious how this would work. Could you put me in the right direction in how this is done?
link
miki123211 905 days ago
THe simplest way is as follows:

1. There's a provider that already has your data (it could be the government, a bank, a phone carrier etc). If more than one provider is supported, there's a list of trusted providers somewhere.

2. Whenever a website needs an age check, it asks you to authenticate with one of the trusted providers. The provider gets a challenge (a random string).

3. If you authenticate successfully, the provider uses their public key to provide a cryptographic signature of the challenge. This signed challenge is then transmitted back to the website.

In a more advanced version of this system, the website also provides a boolean expression, like `country_of_residence not in forbidden_countries && (age > 21 || (age > 18 && country_of_residence != "us"))`, and providers promise not to return successful responses for users who don't fulfill the expression criteria.

link
tedivm 906 days ago
These days when you buy alcohol there's a good chance that data is being stored. A lot of restaurants and stores that sell alcohol scan or swipe cards as part of the purchase now.

Just one example: https://okcfox.com/news/local/cyber-security-experts-be-wary...

link
no_time 905 days ago
I wonder if merely paying with your credit card leaves a monetizable paper trail.

Does anyone know if Mastercard gets any data relating to whats actually being purchased? Or does the store get a globally unique ID to associate with every purchase made with a specific card?

link
hn_throwaway_99 906 days ago
Completely agree, and that's one reason I'm against these laws. But that's a very different argument from the one I was responding to.
link
hattmall 906 days ago
You had to show ID to buy porn magazines, go in a strip club or even the adult video rental room.

It's pretty insane that we have no check for an unlimited amount of free porn with all kinds of extremes.

It fucks up a lot of kids (and adults).

Showing porn to a random kid on the street would have you catch a charge if not something worse, but somehow on the Internet it's just fine?

link
jzb 906 days ago
"It's pretty insane that we have no check for an unlimited amount of free porn with all kinds of extremes."

And... we still don't. Porn is available through a lot of channels to anybody who knows how to look, all the NC law (and others) is doing is applying pressure to a handful of businesses and encouraging bad practices in the form of having to handle IDs.

I'm the first to acknowledge it's sometimes worth doing something imperfect if it'll improve things, even if it's not 100% effective. But this isn't likely to be 10% effective, much less 90% or 100% effective. Anybody who wants to can dredge up tons of porn on any number of other sites, torrents, etc.

As others have said, it's one thing to have to flash an ID at a convenience store or to enter a business where there's nudity, etc., but here you're requiring people to pass their info online. That's bad policy, and I doubt it's even in good faith that the legislators really think it'll do anything to curb access by those under 18.

It's designed to target sites like PornHub and to give government a cudgel against all kinds of content that most wouldn't consider "porn" to begin with. And they want to go after LGBTQ+ content on the basis that it's LGBTQ+ -- not that it's necessarily adult in nature. [1]

There's little chance that you're going to come anywhere close to preventing motivated people from seeing porn on the Internet laws and policy like this. If you have kids that you don't want accessing porn, then you need to take steps to monitor their access and have the hard conversations with them.

(I am less alarmist about the "dangers" of kids accessing porn, but I will agree that unfettered access at a young age especially if parents aren't teaching their kids adequately about sexuality and that porn isn't a good representation is not great.)

[1] https://www.techdirt.com/2023/08/17/masculine-policy-the-gop...

link
dgacmu 906 days ago
"NC legislature accidentally endorses Mullvad VPN" could be a parallel article to this one. It would be interesting if someone analyzed the growth in VPN use following the enactment of this law.
link
jzb 905 days ago
Indeed. I'm pretty sure VPN subscriptions had a nice little spike at the end of December in NC.
link
whatshisface 906 days ago
They are leaving it out where anyone can get it (if their parents aren't watching), not showing it to unsuspecting pedestrians. Maybe teenagers have too much autonomy online but it's the place of their parents to take it away from them - not the state of North Carolina.
link
hattmall 906 days ago
I think a reasonable analogy would be putting TV's playing porn outside of a school and covered them with a cloth and sign that said adults only. What would my liability be then? And I also sell advertising on the side of the tvs?
link
JohnBooty 906 days ago 

    I think a reasonable analogy would be putting 
    TV's playing porn outside of a school and covered 
    them with a cloth and sign that said adults only.
Well, no. Anybody entering or leaving the school would have no choice but to see the covered TVs. Whereas porn is generally not showing up online unless you are looking for it.

Strongly suggest dropping the analogies entirely.

Like many digital concepts this just will never map cleanly to a real-world analogue.

This is like the millions of bad analogies related to music downloads back in the Napster days. Please, stop. This is an issue worth discussing, but every analogy is bad and every analogy pollutes and enshittifies the discussion.

link
maxbond 906 days ago
Though porn advertisements can pop up when you're just minding your own business. The other day a friend of mine was doing perfectly mundane research, and they were shown ads with full nudity. (Yes, I know, they should install an ad blocker, that's not the point.)

That I do think is pretty messed up, and potentially something to pass legislation about. Some people want to opt out of pornography altogether, and their choice should be respected. As should the choice of people who do consume pornography, but aren't choosing to do so at this moment.

link
whatshisface 906 days ago
Based on the growth of some "romance boutiques," who seem to be able to open chain stores anywhere, the liability is nil.
link
hattmall 906 days ago
They allow kids to go in?
link
likeclockwork 906 days ago
If you give your kids unrestricted access to a gun they can shoot themselves.

Why should minors be allowed on the internet unsupervised at all?

link
kazinator 905 days ago
> You had to show ID to buy porn magazines

Not to someone wearing a Google Glass device, taking a snapshot of it.

link
stickfigure 906 days ago
> It fucks up a lot of kids (and adults).

That which is asserted without evidence, can be dismissed without evidence.

link
stickfigure 906 days ago
At least here in the US, we don't legally restrict minors from having sex (with others of the same age). The other two are physical goods with well-studied and proven health effects. Porn is not like these things.
link
ImpostorKeanu 905 days ago
The core of OPs argument is that tracking is bad, not that ID/age verification is bad.
link
ttymck 906 days ago
You don't have to show ID if you look about 40 years old, generally.
link
ImJamal 906 days ago
As far as I know most of the laws don't provide an exception if you look old enough.
link
harry8 906 days ago
>What if you had to show Government ID whenever you entered a grocery store, a library, a movie theater? What if you were tracked each time you consumed a video, a still image, an audio clip, or even a text message?

  1) entered a grocery store - No, at least not since peak-pandemic. Face recognition?
  2) a library - Yes, to borrow books or on demand from security. Needed govt. id to get a library card.
  3) movie theatre - Yes, mine no longer takes cash.
  4)  tracked each time you consumed a video - Yes. Every single streaming service.
  5)  a still image - Everything on the web. Every book w/ photos I buy. Can hypothetically still look at books we own, was given, found, lent, pirated or stole in privacy.
  6) Audio - spotify, youtube etc.
  7) a text message - Your phone IS a device you pay for and maintain which is designed and regulated to spy on you. Signal is the only possibility for any privacy at all here.
>This is the sort of dystopia that librarians and others focused on liberty have been fighting for what seems like forever.

How is that fight going, do you think?

A Turnkey totalitarian state exists, who is going to turn that key?

link
cf1241290841 906 days ago
>A Turnkey totalitarian state exists, who is going to turn that key?

A totalitarian that will be recognized as such.

The plausible deniability of the status quo is worth quite a bit.

link
hatenberg 906 days ago
Oh I think a certain presidential candidate is running under the “let’s stop pretending” thing. So in half a year we’ll know.
link
cf1241290841 906 days ago
I dont see the "Look there a three headed monkey" type of tribalism distraction to be a future proof plan.

The attention economy overdid it. And corruption bloomed as a result. Which is typical for a totalitarian rise. Kleptocracies without checks and balances dont work and its quite visible to the outside.

Its just not a sensible path to go down on. Even looking past ethical and human perspective, totalitarianism is at its core dysfunctional.

link
hatenberg 905 days ago
The motivation of a late 70s old person is probably not being future proof
link
sneak 906 days ago
You have to show government-ID-linked payment card information to shop at most shops in airports, or to buy plane tickets.

Most people use a SIM card that is tied to same. Their web activity is similarly tied to ID.

Most USians voluntarily provide that payment card (with full name in the magstripe) whenever they shop at a grocery store or movie theater.

I’m not sure why people think this sort of surveillance isn’t occurring. We’ve known since before Snowden that the feds have been receiving this data in bulk in realtime for decades.

link
paulddraper 906 days ago
> What if you had to show Government ID whenever you entered a grocery store, a library, a movie theater?

What if you had to show Government ID whenever you entered a bar, a strip club, or a (R-rated) movie theatre?

link
hulitu 905 days ago
> What if you were tracked each time you consumed a video, a still image, an audio clip, or even a text message?

You already are.

link
koonsolo 905 days ago
And I would say if you carry a cellphone, they also know where you go physically.
link
gedy 906 days ago
> What if you were tracked each time you consumed a video, a still image, an audio clip, or even a text message?

I mean you mostly are already

link
slibhb 906 days ago
If you extend this policy to "consuming a video/image/text message," that would be dystopian. But this is about porn. Maybe it'll be a slippery slope but I doubt it.

I wouldn't vote for this policy but I get it. Lots of people don't want kids watching porn. And it's not just social conservativism, people across the political spectrum think porn is addictive, psychologically damaging, and leads to sexual dysfunction.

link
maxbond 906 days ago
> [P]eople across the political spectrum think porn is addictive, psychologically damaging, and leads to sexual dysfunction.

I think everyone acknowledges it can be, but it's a pretty distinct cohort that holds it necessarily is. Definitely not that it inevitably leads to sexual dysfunction, that's just patently untrue.

Most adults consume pornography, and for the vast majority of them it isn't a problem. Every adult who's sex life I know anything about, watches porn. They're fine.

link
User23 906 days ago
> Most adults consume pornography, and for the vast majority of them it isn't a problem.

Got a source for this? Because everything I look at suggests that much like alcohol, a relatively small number of habitual users account for the vast majority of consumption.

link
maxbond 906 days ago
Not to hand. That's my belief from my observation. I looked for statistics for about 10 minutes, but didn't really find good information. I suspect this area is under researched. Happy to look at any sources you want to link.

Both of these can be true, however. I imagine most adults sometimes drink alcohol too. Personally I might go weeks or months without watching porn, it's not something I generally do everyday. People who do would blow my usage out of the water (which, to be clear, is fine, you do you).

As a thought experiment - we all agree that lots of people watch porn, right? So if it leads to addiction or sexual dysfunction at even a rate of 1% or 2%, that would be an epidemic. If there are tens of millions of porn consumers in the US (which I think is very conservative), we'd expect hundreds of thousands of people to develop issues.

So - where are they? Do we have a source for that?

link
shadowgovt 906 days ago
You know, the organizations most likely to have that information are the ones with the big data on access and source IP address, who could make an educated guess on the scale and variety of consumers of pornography.

... In other words, PornHub.

link
maxbond 906 days ago
Do you think anonymous surveys wouldn't work here? (Genuinely asking and not being snarky, I expected to find lots of people doing surveys in this area but didn't readily find it, so I'm open to there being something I'm not understanding.)
link
notatoad 906 days ago
"porn" is poorly defined and has definitely been used to censor things before that aren't necessarily pornography.

whether or not you agree with the blocking of that sort of content, supporting these sort of restrictions on pornography means supporting a policy that lets the government gate content they deem objectionable behind an id check. i guarantee you there's at least some content out there that you're not going to agree with the government's definition of pornography. or even if you agree with the current government on all their content moderation choices, you might not agree with the next one.

link
boppo1 906 days ago
If I like BDSM, and that is cataloged, I can easily see that being leveraged against me.

We should focus on tools and systems that empower parents to guide their childrens' internet experience. Maybe a token of some sort sites can use to self identify as 18+ so parents can set up strong filters.

link
stephen_g 906 days ago
There is already one - it’s called RTA (‘Restricted to Adults’) and is a meta tag that should filter out sites if you have parental controls enabled. I expect it’s one of the things Google etc. look at for SafeSearch to remove those results too (among other checks).

Of course, the irony is that only those that would label their sites as RTA already (so are already easily filtered) would comply with any ID requirement, so these kinds of laws achieve very little!

link
maxbond 906 days ago
I mean, just talk to your kids about sex. You're not going to succeed in censoring their internet activity. Any more than you'll succeed in stopping them from sneaking out and going to parties or drinking with their friends - did your parents try to stop you from sneaking out? Did it work? Because I got really good at scaling fences and climbing out of windows.

But in the effort you will send the message that there is no trust between you and your child, and they won't feel safe talking to you should they need to. If you take the attitude that sex is something illicit, they will take the message that it's something to keep secret from you.

link
ethanbond 906 days ago
I mean a town in Tennessee recently outlawed homosexuality in public. I can easily see this being applied to anything with LGBT material, sexual or not.

That said, yeah, I get the motivation. I put this in a similar category as the regulatory response to Airbnb/Ubers of the world: it seems like a better outcome may have been possible if the companies didn’t totally and flagrantly shirk their social obligations to begin with.

link
sqrt_1 906 days ago
I don't think a town in Tennessee recently outlawed homosexuality in public,

They just added: "No person shall knowingly while in a public space engage in indecent behavior, display, distribute, or broadcast indecent material, conduct indecent events, or facilitate any of the foregoing prohibited acts."

Problem was that the referenced indecent statue definition included homosexuality, which was then removed from the definition even before it blew up on social media

https://www.usatoday.com/story/news/factcheck/2023/11/22/ten...

https://www.politifact.com/article/2023/nov/28/did-a-city-in...

link
sapphicsnail 906 days ago
What do you think the intent of the ordinance is? My aunt recently moved to Tennessee and as a trans woman, I am terrified of stepping foot in that state. It is clear we are not welcome there.
link
ethanbond 905 days ago
It was removed in response to a lawsuit. Strictly speaking, yes they did recently outlaw being gay, but it was (allegedly) due to forgetting to change a statute definition rather than expanding it.

I guess they get kudos for removing “homosexuality” from the definition of “indecent acts” in 2023!

In any case, the question is whether there’s reason to believe this will be a slippery slope. There’s obviously a pattern of increasing moral regulation throughout the country including book bans. That this particular instance of moral regulation was a bit complicated in its implementation and (allegedly) accidentally overzealous in its scope doesn’t negate the trend.

link
estarkio 906 days ago
Now I want someone to start The Church of Jesus Christ, Drag Queen, and say that reading the gospel to children is the Lord's calling and a religious requirement.
link
ClumsyPilot 906 days ago
> If you extend this policy to "consuming a video/image/text message," that would be dystopian. But this is about porn

Eho decides what is porn? There is portln on Twitter, will all of twitter be monitored?

Kids suicides inceased 10x because they arent alliwed to go outside any more and have no friends - if we actually cared about kuds we'd be solving that.

Western boomers grew up in a better world than kids today

“Our thesis is that a primary cause of the rise in mental disorders is a decline over decades in opportunities for children & teens to play, roam, & engage in other activities independent of direct oversight & control by adults.”

license to walk home alone from school dropped from 86% in 1971 to 35% in 1990 and 25% in 2010, and license to use public buses alone dropped from 48% in 1971 to 15% in 1990 to 12% in 2010.11

Homework, which was once rare or nonexistent in elementary school, is now common even in kindergarten. One study revealed that the average amount of time that US children in school, ages 6-8 years, spent at school plus school homework increased by 11.4 hours per week between 1981 and 2003, equivalent to adding a day and half to an adult’s work week.

those who could play freely in neighborhoods spent, on average, twice as much time outdoors, were much more active while outdoors, had more than twice as many friends, and had better motor and social skills than those deprived of such play"

link
defrost 906 days ago
> Kids suicides inceased 10x because ...

What country, which ages, and when?

That didn't happen in either the USofA nor Australia:

https://en.wikipedia.org/wiki/File:Crude_US_suicide_rate_by_...

https://viz.aihw.gov.au/t/Public/views/CoD_Tableaus_2022/S6a...

as "10x" would imply suicides per 100,000 rose from ~10 per 100K to ~100 per 100K (depending on country | age bracket, etc).

link
brettgo1 906 days ago
Thank god for those librarians fighting for our liberty. Read a book everyone!
link
konfusinomicon 906 days ago
don't tread on books
link