this post was submitted on 02 Dec 2025
978 points (99.0% liked)

Technology

77847 readers
2695 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
978
Half of the US Now Requires You to Upload Your ID or Scan Your Face to Watch Porn (www.404media.co)
submitted 2 weeks ago by tonytins@pawb.social to c/technology@lemmy.world
400 comments fedilink hide all child comments
 

As of this week, half of the states in the U.S. are under restrictive age verification laws that require adults to hand over their biometric and personal identification to access legal porn.

Missouri became the 25th state to enact its own age verification law on Sunday. As it’s done in multiple other states, Pornhub and its network of sister sites—some of the largest adult content platforms in the world—pulled service in Missouri, replacing their homepages with a video of performer Cherie DeVille speaking about the privacy risks and chilling effects of age verification.

Archive: http://archive.today/uZB13

you are viewing a single comment's thread
view the rest of the comments
[–] Saapas@piefed.zip 52 points 2 weeks ago (27 children)

I'm not against proper age verifications as such, it would be like carding people in a store or a bar. But I just haven't seen an implementation of it that isn't prone to being a privacy nightmare and surveillance state shit.

I know there's some systems that generate a token that verify that you are 18 and you give that to the site, so neither side directly meet so to say. The site knows only that you have a valid token for being 18 and the app or service you use to generate the token knows just that you wanted to token for something. I think Spain was figuring out a system like that.

[–] renegadespork@lemmy.jelliefrontier.net 7 points 2 weeks ago (9 children)

Clearly, no-one involved in making these laws has ever heard of OAuth. Not every single site needs to manage your identity / credentials. The government already has this info, they can be the identity provider and use OAuth to grant access to age-gated resources without giving any personal data to the platform. Someone mentioned id.me, and I'm pretty sure that's how that platform works, though they're a private entity if I understand their site correctly.

I know most politicians are comically tech-illiterate, but it's so frustrating to see them constantly implement terrible solutions to already solved problems without asking a single expert who knows how this shit works.

That being said, California passed a bill with a not perfect, but better approach. User age is configured on the OS level when a user account is set up, and then it will tell platforms what age category the user belongs to, and nothing more:

(a) An operating system provider shall do all of the following:

(1) Provide an accessible interface at account setup that requires an account holder to indicate the birth date, age, or both, of the user of that device for the purpose of providing a signal regarding the user’s age bracket to applications available in a covered application store.

(2) Provide a developer who has requested a signal with respect to a particular user with a digital signal via a reasonably consistent real-time application programming interface that identifies, at a minimum, which of the following categories pertains to the user:

(A) Under 13 years of age.

(B) At least 13 years of age and under 16 years of age.

(C) At least 16 years of age and under 18 years of age.

(D) At least 18 years of age.

(3) Send only the minimum amount of information necessary to comply with this title and shall not share the digital signal information with a third party for a purpose not required by this title.

I think iOS already does this, actually.

[–] fuzzzerd@programming.dev 14 points 2 weeks ago (1 children)

While true, a government IDP would still be able to track what sites you're using your tokens at, which is not great.

[–] renegadespork@lemmy.jelliefrontier.net 4 points 2 weeks ago

Agreed, but you'd think they would prefer that. The way it is now, they have no way of knowing which platforms have your government IDs.

Though, let's be real, all they need to do is pay a data broker for the tracking data that's already being collected everywhere.

load more comments (7 replies)
load more comments (24 replies)