[Quarrelsome]

What I find particularly tragic about all of this legislation (the OSA and now this) is that there are obviously technical people in the room that would advise against this clusterfuck of a direction and they are being ignored by politicians who think the internet is something they can aggressively control. This will continue to push people towards providers who operate outside UK jurisdiction or providers that care less about UK law and are less trustworthy.

I remain upset that they do this without building the necessary infra. They already assert identity when applying for a passport (and they do this very well). If they had extended this process by creating a OAuth compliant digital id provider first, then they could have avoided all the problems on the day the OSA dropped. Even better, they could have created a non-governmental agency to exchange tokens and urls to prevent the privacy issue of the government knowing which sites people are visiting. Instead we have this status quo of encouraging UK citizens to hand over their identity documents to dubious third-parties or shifting their traffic from the UK externally to avoid these checks.

[embedding-shape]

> by politicians who think the internet is something they can aggressively control

You seem to believe they're wrong. Since they're the ones who come up with the laws of the land, I think it's important to realize that they can and do aggressively control access to the internet in their country. It sucks, but it's the reality.

[Quarrelsome]

> they can and do aggressively control access to the internet

yes but this is like watching someone deal with an ant infestation by stamping on them. They're not solving the issue and unlike the ant analogy, they're making the problem worse.

[chrisjj]

> If they had extended this process by creating a OAuth compliant digital id provider first, then they could have avoided all the problems on the day the OSA dropped.

Far less than all. See Australia, where age restriction is routinely evaded through adult collusion.

[FrostViper8]

> Even better, they could have created a non-governmental agency to exchange tokens and urls to prevent the privacy issue of the government knowing which sites people are visiting.

The privacy issue would still exist. They can tie your online activity directly to these tokens.

[Quarrelsome]

not with a non-governmental agency doing the exchange. All they would see are tokens going out. You would need the non-governmental agency to share the urls with the government agency for the activity to be tied directly which would undermine the entire purpose of that architecture.

[FrostViper8]

> You would need the non-governmental agency to share the urls with the government agency for the activity to be tied directly which would undermine the entire purpose of that architecture.

Which would absolutely would happen. The authorities will ask the non-gov agency for the details and they will be provided.

[Quarrelsome]

that's like stating that there's no value in creating a financial regulator to set interest rates because the government will just tell them to set them to whatever they demand.

There's still value in it.

[FrostViper8]

Firstly, I didn't even mention what the value might be. I simply pointed out that the "independent organisation" would not really be independent. Which means it won't protect anyone's privacy. Which undermines the entire point of having it. Therefore it has no value.

Secondly, it is the central bank that sets the interest rate. In the UK that is the Bank of England. Secondly the government sets their mandate. They have a mandate of keeping the inflation at 2%. One of the mechanisms they to control inflation is the interest rate.

https://www.bankofengland.co.uk/monetary-policy/inflation

Moreover the "Chair of the Court of Directors" (the Chairman) of the Bank of England is appointed by the Crown (the King) at the advice of the Prime Minister and the Chancellor of the Exchequer.

The government both sets the mandate and effectively selects the Chairman. So while they don't directly set the interest rate, they do set the mandate and who runs the Central Bank.

BTW the Bank of England is failing to keep the inflation rate at 2% (and for some time) as it is currently 3.4%. So we can see how well that is going.

[Quarrelsome]

> Therefore it has no value.

We've not had a black wednesday since this change. It has value because governments cannot be trusted to directly control interest rates. The indirection has value, politicians are forced to spend political capital in order to wrest control.

> So we can see how well that is going.

Still better than black wednesday and Norman Lamont.

[iamnothere]

Yes, the “value” being centralizing identity and access so OFCOM and GHCQ can finger dissenters more easily.

[Quarrelsome]

the UK already forces ISPs to hold a database of the hosts you have visited in the last three years. By implementing the laws in the way they currently are doing undermines their own legislation by pushing UK users into having a tangible reason to hide their their browsing patterns from UK networks by funneling their traffic through VPNs or other proxies to avoid age gates.

Tin foil aside, my issue is that they're not even good at what they're trying to do. Their policy is inconsistent with their aims and lacks technical strategy. You think they're worried about dissenters when in practice they're more worried about elections in 2029 and whatever pearl clutching users post on mumsnet.