Won’t somebody think of the European children? Meta and Google put up their hands to help on the same day Google and Meta have independently taken actions to support a safer internet for kids – and given blockchain boosters a moment to celebrate. Meta on Thursday proclaimed its support for a “digital majority age” – a concept that would see parental permission required before teens can use social media. France enacted a digital …
> if it is grounded in three key principles,” Meta wrote.
> Those three are:
> ... for children under 16;
France wanted 15 to be that age. The proposal by these companies is for 16+.
I honestly feel that 15 is much more appropriate. 16 is too late, and deprives the younger, active, getting-adjusted "young adult" type of necessary freedom to discover.
TBH, the part that bothers me most is the Googoyle Wallet: someone has to be the "witness" for these protocols, someone has to *know* _everything_ being attested to. This proposal amounts to giving Googoyle and/or Meta all of your (valuable for marketing) personal information, verified by government ID and/or parental relationship. Just more tracking, cataloging, marketing, spying. Presumably as well, they will know the identity of anyone you're attesting to (because API keys?), and so ever-increasing tracking across the internet, paid for and enacted by the West's largest advertising corporations.
But ehhh safety, because images and words hurt people, right? So lets make it legally mandatory. Gotta keep kids-these-days from snooping around the open woods, the smelly pond, or the back of the abandon factory like they used to do -- for their own safety! Helicopter-parenting for the masses. shrug.
The one thing that they want to avoid most of all is that they are each directly responsible to check the age of their users. On one hand it would make them look like the intrusive bad guys who want your private data (well, even more) and even ask for ID verification to prove your age, and on the other hand that makes them liable if they don't do it well.
By comparison, if there is a generally available method to prove your age, the ID verification can be done by a third party (which could be the government), and Meta can comply with the law by just checking those credentials, absolving them from figuring out whether the ID check is truly secure, whether the ID was faked, etc. Not their problem.
I would argue that it's better for users as well! If it's done properly, you can get an anonymous certificate from one website checking your age, and then use it or not use it to do whatever you want on all other websites, without having to identify yourself on each separate website, and without your activity being tied to your identity. The latter part is obviously really hard to have if it's the same website checking your age and offering the age-restricted services.
Government and "done properly" in one sentence? I don't think so.
And rest assured that governments (and Google and Meta, too) will absolutely find a way to track the users of the age verification services. The former to enforce a police state, the latter to make more money, as usual.
If this nazi idea is enforced, we'll see A LOT of increase in the use of dark web or any other form of "digital smuggling" of contents and information, because no sane person will wilfully submit to such snooping scheme.
Sigh, I still remember when the internet was really free (not as in beer, but as in freedom).
... this seems to be a truck load better than Australia's proposal to have social media companies (including Youtube) each do their own age verification using far more privacy-invasive methods, because that really would turbocharge tracking of everyone; I mean, they wanted to include things like mandatory facescans (of everybody) seemingly shared with each site ... FFS!
If what Google, Meta et al. are proposing really is zero-knowledge, then it would be a more useful/powerful and, obviously, more privacy-friendly approach.
My personal preference would be something like the ZKP approach plus, if not already planned, mandatory 'safe DNS' and web filtering, which ought to dovetail nicely together, e.g. the DNS service on any device would default (unchangeably) to 'safe DNS' if an 'underage ZKP token' (or wallet item, or whatever langauge they decide to use) is detected. Ditto mandatory web filtering and VPN blocking, and since it's only for kids, I'd have no problem with the Govt being in charge of the filtering (and the 'safe DNS') so they can block any nasty new sites that pop up, in near real time.
It also leaves the door open to the decision maker being the parent (my preference again, or to at least allowing the parent to assess 'maturity level' or similar), though legislation on that could vary from country-to-country.
Yes, Google, Meta et al. are fighting for themselves but in a way that better overall solves the problem of creating a 'nice' internet for kids -- and it's much better than doing it the [expletives deleted] 'Australian way'.
Meta is obviously happy about this because they've been wanting to foist age verification off on Apple/Google from the start.
I'm a little unclear exactly how this is supposed to work though. There has to be some identification of you as an individual somewhere to say that you own/use this phone, allowing Apple/Google to either allow or deny the download. You could use this ZKP service operated by your country's government (who already knows how old you are) to approve you as being old enough to install an app. But you have to somehow link your phone or phone's "account" (i.e. Apple ID, Google account) to make that work.
So either you are required to incontrovertibly link your phone to your identity with your government - with all the tracking etc. implications that come from that - or you have to identify yourself to Apple/Google with proof of age for them to use ZKP with third parties (i.e. if some apps have age restricted features) Depending your feelings about the government in the country in which you reside you might prefer to identify yourself to Apple/Google rather than give your country proof to link your and your children's phones to track everyone's movements in real time.
As for the age verification itself, parents already have that ability via the parental controls on the children's phones. People compare this to age restrictions for buying alcohol or tobacco but it isn't the same thing - if a kid is out and about without their parents present the parents can't stop them from buying harmful products if there aren't laws preventing it. Why does the government need to prevent kids from using social media at a certain age? Not that I think social media isn't harmful to kids, but assuming the parents paid for the phone they already have the ability to prevent kids from using apps they don't want by not letting their kids download whatever apps they want even when away from home.
Just not convinced this is all worth it.
Most "parental controls" available are absolutely terrible, and they're getting worse.
Many of them don't really work at all, and none of them are easy to use.
YouTube Kids is being deleted entirely this month, with the functionality folded into the base YouTube.
This effectively deletes parental controls entirely, because now a child's device must have the adult edition installed, and a shared device like a TV can no longer block the adult app behind a PIN or similar.
"makes it possible for people to prove that something about them is true without exchanging any other data"
Examples needed. I have a debit card which means I'm over 18, but how do I prove that without exchanging data?
Here in France there's a thing called FranceConnect which allows you to sign into one government service (like the CPAM) using the credentials of another (like the tax office), essentially it's one service vouching for you to the other service, but I'd imagine the service doing the vouching knows all about what it's vouching for (and potentially shares information, I've not bothered reading the small print as I don't use it). Would people want this to be extended to social media? Yes, the tax office will be happy to verify that the user ImpotsSuxBalls is over eighteen.....right?
Alternatively I could name three eighties songs about The Troubles, would that do it? (Simple Minds, Spandau Ballet, U2)
https://datatracker.ietf.org/doc/draft-google-cfrg-libzk/
> for a given input x and a circuit C, there exists a witness w,
Someone has to know. You have to have been pre-verified. In this case, though, I don't foresee one service vouching for another -- that's not part of this protocol. I see the service you're trying to verify with asking the witness (verifying to the witness their eligibility/identity by providing API keys, 'cause they historically don't make things anonymous), and the witness logging the destination and tracking your moves across the internet.
From a quick skim of the other link I am not sure that is the risk. They claim "Even a colluding issuer and relying party should not be able to link a specific user to a session." However I think it does need the "issuer" to know who owns every phone, and you not be allowed on the internet without a spyware TPM chip. https://eprint.iacr.org/2024/2010
This would be the same Google that has opted-out of Apple's "Screen Time" controls, so while I can limit how long my daughter spends on which sites in Safari, I can't if she uses Chrome?
On balance, trusting Meta and Google to look after my kids is up there with asking Gary Glitter to babysit.
Is setting parental controls that don't let her download any apps, if she wants to install one she has to ask you. Then she can't install apps that will get around the screen time limits you set.
Not that I'm dismissing Google's conduct here, but it is hardly shocking given how far they've traveled from their original "don't be evil" policy. I wouldn't be surprised if they also excuse the Youtube app, and in both cases they'll point to all the educational uses of the internet/YouTube as their "reasoning" behind this.
"but it is hardly shocking given how far they've traveled from their original "don't be evil" policy"
Yeah. I just noticed the GoogleBot spamming my site with requests. Looking at the bot.html file, it claims they have sophisticated algorithms to determine the best speed to crawl a site. Follow through to the information on the robots.txt file, they specifically point out that the GoogleBot does not pay attention to the crawl-delay directive.
Bastards.
I assume this is because teens have been ditching Facebook for competing services for a while now. This kind of regulation hurts Meta's competitors much more than it hurts them.
Also, if we are so dead certain that social media is harmful for kids, to the point that we feel we can legislate about it, why is nobody studying whether it's harmful for adults? I personally know several 40+ years old that appear to have a seriously unhealthy relationship with social media, but I really would like proper scientific studies on this, not just my anecdotes.
Quote: ".....a person visiting a website can verifiably prove he or she is over 18....."
Yup.......Dad "...can verifiably prove he ... is over 18..." and then.........
..............his kid takes over the end point!
..............or indeed anyone else "over 18" can help.......................
How do Meta or Google allow for this sort of shenanigans? Actually.........they can't!!!!!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
