> Ms Kendall told Nick Ferrari: “I told MPs yesterday I'm going to come back to the House with a statement on the issue of VPNs in July. There are very strong views on both sides of this. For some people, it is about privacy, and it is the ability to use that is really held strongly by people. And for others, they say they should be banned because kids are using them to get around. And so I— the main thing that we've done is we've commissioned additional research on this because I've not been happy with the evidence."
Sounds like they realize there are two sides and no "clear winning argument" in either direction, that's why the additional research is needed. Sounds a bit more nuanced than what I expected based on your snippet.
What is there to research? Yes, VPNs can be used to circumvent geofences (and by extension, regional age restrictions). Yes, attempting to age-restrict VPNs is at odds with strong privacy guarantees. Privacy is a human right, and one which is essential for effective democracy.
The trade-offs and how many people care and about what specifically.
E.g., you say "Privacy is a human right", so why is it that half the websites I visit ask for permission to share details of how I use those sites with more corporate "trusted partners" than there were students and staff combined in my secondary school? I'm all on board with just banning this kind of analytics, but there's a lot of people who are more angry with the EU for forcing companies to at least ask for permission before they sell your data to all those analytics firms.
These people created a law that is catastrophic for privacy, so I don't believe they will be stopped from banning VPN's just because someone claims VPN's are good for privacy.
Oh yes like Indonesia, Malaysia and Turkey. If it is happening worldwide, it is less likely to be a coordinated scheme and more likely coming to the same conclusions based on current research.
Edit because I'm getting limited:
This isn't exactly something old that has been going on for decades in its current form and the usage has increased especially since the lockdowns. Nations have also been copying each other for centuries, you don't need a secret group coordinating for it with a singular ulterior motive.
Oh yes sorry, Western countries and dictatorships.
But sure, all governments suddenly woke up at the exact same time, give or take a few months, and realized that social media should be banned for kids.
Or maybe different people respond similarly to the same incentives.
For decades companies like Facebook have been saying you just have to let us groom children, there's no way to have this tech and not groom children. Now the predictable consequences of that are arriving: the tech industry is being turned off, because it grooms children.
And when I say groom children, I'm talking about actual child predators, not the transphobic nonsense point.
In Russia, they claimed that new measures to block websites are necessary to protect the children online. Of course, they immediately used these new capabilities to block opposition websites and sources critical of the government.
Now, seeing many European governments tirelessly push for these new measures to protect the children, I'm pretty sure that the children are finally going to be safe online.
I've been using a VPN in the UK on my laptop and phone exclusively for 20 years, and the state has been working with ISPs to make "connection records" for most of that time.
On mobile a VPN isn't always effective in avoid geoblocks. Some apps are able to determine I'm in the UK and still ask for ID - reddit is one for example, if you stumble on to an adult subreddit. Using the web interface avoids this.
The UK has also moved to force ISPs to block certain bittorrent search engines.
The UK is not shy when it comes to invading your privacy or censoring the Internet.
> On mobile VPN isn't always effective in avoid geoblocks. Some apps are able to determine I'm in the UK and still ask for ID - reddit is one for example, if you stumble on to an adult subreddit.
I've never had this issue (using Private Internet Access on iOS).
bruhghghbmphf, the VPNs! the VPNs! can't have those! What's that good sir? You say ssh? Do not shh me sir. Oh, SSH... yes, SSH, can't have that! It's elementary, any system which one accesses MUST report to parliament. Personally Identifiable Documents for General Evaluation Of Ne'er-do-wells. We'll call it the P.I.D.G.E.O.N. network.
It's never about the technical capability of the tool. This is a mistake technologists keep making. It's about what the average person thinks it does or uses it to do.
At least we get to raise the next generation of IT geeks because they'll have to understand a bunch of networking basics to watch porn, and might get hooked on it. (on IT)
Israel will be making kill on this, they will unleash their free VPNs to the young people like they did to Iran. UK national security will be like Suisse cheese
Some context - Birmingham Mail is one of dozens of clickbait-driven publications owned by Reach plc.
They're not a high quality source of news - they've more than decimated their journalism staff and replaced them with 'content' staff who are performance monitored on the number of clicks their articles generate.
Content is syndicated in different accents across their range of papers from the national papers, The Mirror and The Daily Express down into a large number of notionally 'local' outlets.
Every corporate I know of, uses VPNs. Especially when workers connect from home. Is the UK government really interested in going up against the majority of their business partners...?
"legal parent/guardian is responsible for the child"
if a parent faced fine or jail for a child having access to the internet you can be sure 90% of the children wouldn't have internet access
I'm no defender of the big social/media sites but I don't see why it's their fault/problem if a minor has internet access when they aren't supposed to
This all feels like the opposite goal of knowing everyone who is online everywhere
Because it's not how you'd make the law, you'd wouldn't go to service by service and make it their problem, you'd make it the adult responsible for the child's problem
There are few things more exciting, in relationship to attempting to restrict access to (data) communications, than a government which thinks geeks won't find ways around such. Now sit back, relax, and let's wait for the next generation of encrypted channels solution development.
This isn't something that can be defeated like this. You are right, there will be ways around this. But we also have to be honest: being able to buy "off the shelf", two click VPN solution for 5$ already puts you into "geek" category. Relatively speaking.
IF they ban the commercial providers, payment processors will be the first to enforce it. And Google and Apple will throw the 1-Click solutions out of their app store for users from those countries immediately. And with that the topic is effectively dead even for most "geeks". At this point the goal is already pretty much achieved, most people are cutoff and under heavier surveillance. Next comes the group that know what a server is, how to rent one, what OpenVPN or Wireguard are. But many of the most used websites already make your life hard if you IP is from such a range.
It goes on. At each step you can argue "there is still a way, as long as you got networking with other countries". Absolutely correct, but at each step the group who knows how and is willing to invest the energy shrinks. And the intended goal will likely already be achieved at the mentioned phase 1 above. The fact that some people still find ways isn't really a gotcha in this matter.
And at some point they will criminalize it. Does it matter that they are unlikely to catch you? Is it worth the risk? And if so, what if you catch strays for it from an unrelated matter. Ultimately they will simply target the devs that help build easy solution for the less tech-savy.
One big reason why you want to keep a bunch of nerds tunneling out around anyway is that you keep useful, defusing attitudes like that floating around. Aka "It's not that bad, there are still ways around it, haha, those idiots".
Oh, they're in motion already. There are other countries that tried to ban VPNs for decades now, that sparked multiple great avenues of development.
It's exciting to think I'll become a dissident like my parents, just because I don't want a slimy, rightwing, greasy friends of Epstein and other known abusers to ID and surveil me.
Perhaps then you could at least vaguely understand the desire of people to avoid having slimy, rightwing, greasy friends of Epstein and other known abusers to ID and surveil their children.
I definitely see both sides of this argument but to pretend the answers here are obvious just means people aren’t being serious. Serious harm is being caused to children and just because that’s a known cliche doesn’t make it not a real concern people have.
Doesn't the UK already have geo-targeted age verification infrastructure in place? A website or app could require the user to submit a live video of themselves quaffing a local beer.
No. It has laws that websites must follow to serve content in the UK. It’s up to the websites to do the age verification themselves, and the majority use third party ID verification services. Reddit used an American company to do it,
While I do support restricting social media to younger minds, the way they go about it, and the collateral damage that will result is unacceptable. For about 500ms I thought I might have found the "one thing" I agree with this government, but nope... I'm considering whether it's time to leave the UK. There is an air of hostility here towards... well everything.
Where would you go to then? European countries, Australia and American states already have implemented or are keen to implement ID requirements/tracking for websites.
Funny how quickly "won't someone think of the children" turns into mandatory government ID for private services, banning necessary and secure (and encrypted) communications systems, and locking children out of access to the de facto communication systems of the modern era.
This is a privacy nightmare on all fronts and a horrible limit on freedom of speech. These kids will be learning how to drive a car, yet unable to contact their extended family over Messenger or follow news on Twitter. For everyone else, it means no anonymity or secrecy which has a chilling effect on free speech at a time when fascism is growing within democratic countries and dissidents are being imprisoned or murdered.
Yes, there are some really big problems with social media, but keeping children away from it doesn't fix the problems - it just leaves them for the rest of us to deal with. Let's fix the root of the problem, starting with the recommendation algorithms that inherently polarize people by building echo chambers around them and pushing divisive content all in the name of "engagement".
That's because the tech industry never made any attempt. It's like you blocked all the good options, now you get the worst one because it's one you can't block.
Just moved back to the UK after many years away, and it's creepy here. Doing the elderly under terror legislation, some crazy kangaroo court antics, a frankly sinister approach to "online safety". VPNs?
The even more concerning thing is that we've got a far right party that have been leading in the polls for most of the last year.
The article below sharply summarizes why all this is a dystopian surveillance setup:
> how, precisely, do you stop a fourteen-year-old from opening Instagram without first checking the age of the forty-year-old?
> You don’t. You can’t. So everyone gets carded. Britain is lifting the system wholesale from Australia, where a computer first scans your face and guesses your age from your cheekbones, then, failing that, surveils you to death, studies your browsing habits and the hours you keep, and then, when the algorithm throws up its hands, simply demands your passport.
Baffling how easy companies like Meta have it with politicians. Fuck them all, I'm leaving for the woods. It's been fun with tech but now it's just so painful,
what if instead of this age gate or whatever government is doing, what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
remove all "reasonable step" shield to hide behind. for example, a shopkeeper can't say they took "reasonable steps" if they sell alcohol to a child so why should a website be any different? if we are going to the absurdity of age-gating VPNs, at least lets make it so that there is an incentive for children to self-report
The end result will be the same. If you face a 10k liability for serving the wrong customer, you end up needing to ID your customers.
If the government isn't going to provide that service you end up with private companies verifying identity and the data security issues that entails.
If you want to shift the responsibility of protecting children away from parents, then you end up in a situation where third parties need to be able to differentiate between a child and an adult. I haven't yet seen a proposal that doesn't entail someone - government or private enterprise - getting access to identifiable information.
Of course, you could have something like a signed certificate, so the identity verifier doesn't see who you are patronizing, and the identity seeking business only gets to see your age, but it still has privacy issues.
You've needed to do that for at least ten years. Mobile internet either requires a contract, or an ID check before you get a sim (pay and go)
Anyone providing internets is liable for what the users are doing. The way you got out of that is responding to legal requests. (originally mostly copyright)
This is the frustrating thing, we have effective and relatively uncontroversial age gated network (mobile data) already. and it worked.
I don’t think that would have worked. Parents buy phones for their kids since the kids can’t buy them. What would the choices be? Give them a phone or not give them a phone. I don’t think society is ready for that kind of choice anymore.
> what if we simply said these big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
All of these proposals probably sound good to people who think the Venn diagram of sites they use and sites covered by these laws are two separate circles.
They probably sound a lot less good when you realize the law covers site like YouTube. The Australian law (which they said they’re modeling this after) also includes social news sites like Reddit.
If they passed a law like this extending to VPN services then you’d have to hand over your ID to use a VPN.
Usually people realize how bad these proposals are once they realize it might impact their internet use, too.
> big companies need to self police and if a child can reach their service they have to pay the child like lets say GBP 10k per instance?
HIPAA has been super effective this way. As we all know, American companies don’t give two shits about user privacy or even security. But wave the HIPAA flag and everyone starts caring real hard and taking extremely cumbersome steps to comply with patient privacy.
Very simple: Each HIPAA violation comes with a financial penalty for the business and personal penalty for every person involved in the leak. Very effective.
I agree the threat is there but I've never seen anyone actually punished for HIPAA violations and my data have been involved in several hospital and insurance breaches.
There's not even a test for HIPAA compliance, so you can't legally prove you were ever compliant in the first place, other than you did what you thought was right. People love to use the term "HIPAA-compliant" but it's technically not a thing.
From my understanding, HIPAA mostly just says that you need to have policies in place for various things, such as rotating passwords or encrypting data, but it doesn't go into explicit detail about what all must be IN those policies, or how you enforce them.
> It's not possible to prevent a person (of any age) from reaching a specific website if they are determined enough. Full stop.
right, and that reveals the absurdity of this "age gate", doesn't it?
because I am sure giving every UK national their very own unicorn would also poll very well but that doesn't mean that's what a functional democracy should be prioritizing
just because a majority of the public supports
because doing so is not possible
yes and we do fine companies that sell alcohol and drugs to children.
lets give everyone an incentive to report companies that allow or encourage children to use these websites.
the children, the parents, bystanders, the employees and contractors of these websites, everyone should get paid from the fines these social media companies would need to pay out for every infraction.
I think GBP 10k per incidence is actually pretty cheap
considering the alternative is life in prison for the CEO and the board
starting with cash incentives all the way to prison terms for the CEO and the board
Ah, yes, the existing research doesn't agree with our biases, so let's fund new "research" that does.