- In case people no longer remember, when China started to require websites to register for a license before be allowed to operate, it was for "protecting the children" too.
This simple policy then goes on to silence most individual publisher(/self-media) and consolidated the industry into the hands of the few, with no opportunity left for smaller entrepreneurs. This is arguably much worse than allowing children to watch porn online, because this will for sure effect people's whole life in a negative way.
Also, if EU really wants "VPN services to be restricted to adults only", they should just fine the children who uses it, or their parent for allowing it to happen. The same way you fine drivers for traffic violation, but not the road.
And if EU still think that's not enough, maybe they should just cut the cable, like what North Korea did.
- Just a recap how it happened in Russia:
1. First, year ~2015 legal framework was created under disguise of banning pirated media(specifically torrents.ru)(legislative push). State-wide DNS ban introduced. Very easy to circumvent via quering 8.8.8.8
2. Then, having legal basis, govt included extra stuff in banned list(casinos, terrorist orgs, etc)(executive push). IP bans introduced, applied very carefully.
3. Legal expanded allowing govt to ban specific media on very vague criterias(legislative push). IP blocks tried on some large websites. DPI hardware mandated to be installed by ISPs to filter by HTTPS SNI(executive push).
4. At ~2019 Roskomnadzor(RKN) created, special govt entity which enforces bans without court orders(legislative push).
5. ~2021 sites become banned if they are not filtering content by Russian laws by request of RKN(executive push). VPN services were obligated to also DPI-filter traffic(legislative push).
6. ~2023 Crackdown on VPN started(executive push). Popular commercial services were IP-banned, OpenVPN and IPSec connections selectively degraded by DPI.
7. ~2025 Heavy VPN filtering(vless, wireguard, etc) introduced(executive push). Performance of certain sites were degraded(youtube, twitter, etc).
- But you are asking logical questions. You are thinking and talking too much for a World citizen in 2026. "Reasoning" is a reserved word for chatbots now, so we humans are not allowed to do that anymore. We can only obey like a bot and pretend all the lies they tell are the truth.
BTW I live in Turkiye where the government banned ALL the adult websites around 2008. Even as an adult you can't access them. This year they are banning VPNs, introduce age controls and ID verification COORDINATED with the rest of the world. Also banning some games, control social media, and basically make it legal to control and track everyone on the internet. What a coincidence that similar attempts are simultaneous in many independent countries.
And no, children have not been really protected in Turkiye since 2008.
- Grab a SIM-card from Bulgaria with roaming enabled. Internet is routed through the Bulgarian ISP even when you are in Turkiye. Full internet access, no VPN required.
- Not only that, sprinkle a bit of hate speech laws on top and then you got rid a lot of political competition that could disagree with you
- Not only in China. Russian internet cenzorship also started as a "children protection" measure.
- You're right
- > This is arguably much worse than allowing children to watch porn online, because this will for sure effect people's whole life in a negative way.
I would like you to make that argument.
- Parents can protect their children. Source: I’m a parent. My kids haven’t seen porn and can’t access the internet. This doesn’t affect the free exchange of ideas that my fellow countrymen enjoy.
Governments getting involved absolutely, unequivocally will be used to clamp down on the free exchange of ideas.
- Nobody thought to protect western millennials from accidentally wandering across porn on the internet, and we mostly grew up ok
- What argument?
You're the one that needs to argue the presence of harm, given you're the one arguing we need to create a surveillance dragnet to shield certain age groups of humans from witnessing how their species procreates.
The default state is that humans procreate via sexual reproduction. You need to argue why we need to take action to hide this, especially given we let children witness other far more brutal activities from the human species like violence.
- > In case people no longer remember, when China started to require websites to register for a license before be allowed to operate, it was for "protecting the children" too.
Indeed I do not remember this, nor can I find corroborating evidence that there was much of an effort to justify the requirement to the public at all. As far as I can tell, the government simply decided that they needed more control over the internet, so they made a law to give themselves more control over the internet. https://www.gov.cn/gongbao/content/2000/content_60531.htm It has no special provisions limited to children that only later got extended to adults. (Meanwhile, restrictions on how long children may play games continue to only apply to children, AFAIK.)
- I don't remember a government push to remove all hedges, or restrict hedge access to over 18s, when it was common to find porn mags dumped in them. They need to close the hedge loophole as well or we will never be rid of this scourge against the sanctity of childhood!
- This title seems misleading.
The EP paper appears to be highlighting the existence of a debate regarding VPN.
Relevant quote:
"Some argue that this is a loophole in the legislation that needs closing and call for age verification to be required for VPNs as well. In response, some VPN providers argue that they do not share information with third parties and state that their services are not intended for use by children in the first place. The Children's Commissioner for England has called for VPNs to be restricted to adult use only.
While privacy advocates argue that imposing age-verification requirements on VPNs would pose significant risk to anonymity and date protection, child-safety campaigners claim that their widespread use by minors requires a regulatory response. Pornhub and other large pornography platforms have reportedly lost web traffic following the enforcement of age-verification rules in the UK, while VPN apps have reached the top of download rankings."
Of course I'm not saying the EU won't regulate VPNs, but nowhere in this paper is "the EU" stating that VPNs need closing.
- These dimwits (and I don't just mean those in EU) seriously want to stop adolescents from watching porn, and are ready to mess with internet infrastructure for that. That's a depressing manifestation of aging society
- > seriously want to stop adolescents from watching porn
no, they want to pretend this is the issue, so that pervasive monitoring or permission and/or deanonymization is normalized. It is to serve the state apparatus, rather than any actual protection.
- If it is possible to "pretend that they want something reasonable", it means that there is something reasonable somewhere.
Maybe some want more control, but most certainly not everybody.
> so that pervasive monitoring
If you haven't gotten the memo, pervasive monitoring already exists. To sell ads.
> or permission and/or deanonymization is normalized
For age verification, it's possible to do it in a privacy-preserving manner. Now people spend their time complaining about the idea and claiming that all who disagree are extremists, so it doesn't help. But we could instead try to push for privacy-preserving age verification.
- guy on website called hackernews, tries to convince everyone more restrictions are good
- As a hacker, I want antitrust to break TooBigTech such that they can't cryptographically lock me out of everything.
Those who want less regulation are not hackers, but rich and powerful assholes.
- Website called "Hacker News" has had zilch to do with the Hacking community for almost a decade now. It's VC and corporate apologist news.
- Are you calling me a corporate apologist? For one, corporations want less regulation.
"Being a hacker" does not mean "being stuck in the 80s", IMO. If TooBigTech cryptographically controls everything, it becomes harder to hack. Are you aware that the biggest restriction against jailbreaking stuff is that it was made super illegal... because it helps corporations?
- > Are you calling me a corporate apologist? For one, corporations want less regulation
Ah yes, so that's why Meta et al are the main ones behind pushes for more "think of the children" ID verification/attestation regulations.
- it's not about porn, it's about power over all citizens.
- Practically all the ills we suffer currently are depressing manifestations of an aging society.
That, and the lack of real issues to solve.
- Without thinking too hard I can name a few?
The rise of authoritarianism? Inequality? Revival of geopolitical "realism"? Decrease in empathy and holistic thinking? Increasing willingness of the general population to engage in political adventurism? Accelerating resource consumption (and decelerating resource stocks).
And if you consider none of those "real" problems, I know some people seem to have forgotten about it, but what about climate change? Given the half-life of CO2 and methane, that's a problem as "real" as they get.
- There's also a worrying trend of education getting less effective across the first world.
- If only we were all privileged enough to believe that the problems in the world today weren't real.
- I was talking about the first world. And yes, I think most if not all of the problems in the first world are gratuitously self-inflicted.
- Where is the cushy insulated bubble you're living? Can I join?
- Believe me, in some EU countries (like my country Poland) people are very sensitive for this kind of bullshit.
Last two times they tried to push other censorship/tracking laws (claiming as always "we have to, EU is making us") there were mass protests in every city and town.
In my own town of 5k people there were several hundred (500 people at least, probably more). And the previous govt backed down.
This topic seems to be coming back everytime certain countries (Denmark etc) hold the rotating EU presidency. Our current PM is certainly in the same EU clique that wants to push this so much, but it's an extremely unpopular position and he is already leading a weak minority coalition govt. It wouldn't take much to topple him, so he will not do anything like that (unless he is convicted people are distracted with some crisis, but that is where normal people come in. To keep watching what is being smuggled in).
I wonder why do voters in those countries that propose these laws tend to allow this to happen again and again.
- It's because it's not about the opinion of voters, but about existing political powers that want to retain their power.
No matter what you (as population) say it will get implemented. If you don't, then they will put sanctions on Poland, withdraw financial partnerships, etc. Like with migrants, they are going to be stuffed in your mouth, even if Polish people vote against.
Sad democracy.
- Your racist drivel is offtopic here.
- It's not really about kids looking at porn, it's about tracking everyone else and making it easier for state surveillance and corporations to identify people.
Kids don't have money and hardly ever manage to do crime without getting caught so they're profoundly uninteresting to surveil in this way, but adults are and here the interests of the state and corporations converge so they'll make a push for tyranny.
But how to make people accept it? Tell them they want to expose kids to gruesome tentacle porn, or else they'd support this. Few adults are willing to admit they even look at porn, let alone argue that this is an important activity that needs to be protected, which it is.
- If you think that there is a need for new technology to identify people, I suggest you wake up and start getting informed about surveillance capitalism.
There is absolutely no need for new technology to track people, it's there already.
Also I feel like a big reason for age verification is social media. Many countries are trying to prevent kids from accessing social media (because we know it's bad for them), and age verification is the way to do that.
Badly implemented, age verification is bad. But there are ways to implement it in a privacy-preserving manner, which wouldn't make the current state of surveillance capitalism worse.
- People who are actually interesting, are often aware of that fact and avoid surveillance at the moment. You can use tor/i2p, proper VPN setups, VMs, alternative mobile ROMs and other tech and cut most of the fingerprints, trackers and identification. Pretty sure the trash from state agencies doesn't like that.
But the current push from all sides to provide id for everything and remote attestation through Google and apple will make the alternatives very hard to use as it basically cuts such people from the economy altogether.
- Need is a very strong word. I'd call it a desire. Currently you can often identify people, sure, but there's hassle involved. What they want to do is to plug in a private corporation separate from whatever service that is likely to be more loyal with the state apparatus than the service, or else it is easily switched out for another.
And corporations are having issues discerning bots from people without making access to their services a fuss or dependent on possibly idealistic and troublesome open source projects, like Anubis.
It's truly, absolutely, not about "age verification". If it were about protecting kids from harm they'd take money from corporations post factum that are offending. Instead they're preparing to spend a lot of money. You could also look at who is heavily lobbying for this, you'll find it is fascist tech oligarchs from the US. They couldn't care less about kids except for obscene or profitable purposes. It would be weird for them to be cosy with epsteinian networks of power and at the same time be mindful about the wellbeing of children.
- > Currently you can often identify people, sure, but there's hassle involved
You vastly underestimate the current state of surveillance capitalism.
> You could also look at who is heavily lobbying for this, you'll find it is fascist tech oligarchs from the US.
Go in the street, and ask a bunch of random people: "If there was a way to prevent kids from accessing stuff that is bad for them, and it had no downsides. Would you want it?". I'm absolutely certain that not only fascists will say they would want it.
- You don't really believe this is about porn?
- Adolescents, or kids? Would you say it's completely stupid to want to stop kids from watching porn, or accessing social media?
Did you grow up with free streaming platforms? Pretty sure many adolescents were accessing porn before those, though it was slightly less accessible.
I personally don't have a definitive opinion about porn (I feel like young kids obviously shouldn't have access to it, but it shouldn't be illegal to adults, but I don't know where the limit should be), but I feel like making it harder for kids to access social media makes sense.
- I dunno, you have experience being a kid, right? Young kids are just not interested enough to look for porn, not to say figure out how to use VPN to access it. Lax restrictions like we have today are enough to stop porn from being forced on children who are not interested in it
- It's not just "look for porn", it's "being exposed to stuff they shouldn't be exposed to".
E.g. the problem of social media is not that kid access information. It's more that kids get harassed by other kids.
- The title is also the exact title for that paper’s chapter.
You are right at pointing out that the paper is overall presenting the subject in a balanced manner, unfortunately it seems a bad choice was made when it came to that specific sentence, that gives a venue for it to be fed in the outrage machine.
https://www.europarl.europa.eu/RegData/etudes/ATAG/2026/7826...
- Showing children naked humans is a horrible crime.
Bombing children is OK and we happily produce and deliver all the weapons needed for that.
Patterns of an ill society.
- "Children's Commissioner for England"... that's not the EU. Really not the EU - they had a whole election and years-long process to leave the EU.
- This needs a new "law of headlines": whenever it's the EU saying something, it's never the EU that said that.
- This is how waters are tested and potential negative reactions are probed.
- But you single out just one paper. If you include all paper and discussions the picture is super-clear, and the title is not misleading at all. This has to be said.
> Of course I'm not saying the EU won't regulate VPNs
The word choice is quite revealing. You write "regulate VPNs". To me this is not "regulation" at all - it is restriction or factually forbidding it. It is newspeak language here if we dampen it via nicer-sounding words. It also distracts from the main question: why the sudden attack by EU lobbyists against VPNs?
- > why the sudden attack by EU lobbyists against VPNs?
Live sports, they’re already assaulting internet infrastructure in various EU member states (eg. La Liga forcing Spanish ISPs to block cloudflare IPs during matches). With this in mind it seems less a case of surveillance state and more a case of corporate state capture.
- This is the only paper that is presented as a source for this statement. I'm not the one singling it out.
- I think all the identity verification schemes should start with the beneficial owners of companies. Governments have been lobbied to allow complete anonymity for the wealthy that own businesses doing questionable things while regular people are going to have to show id to buy food.
- > Governments have been lobbied to
Yep... and to make it worse, nobody is trying to push them towards looking at privacy-preserving age verification: instead technologists try to convince them that they just shouldn't regulate anything. Which... may not work so well.
- As someone who lives in a jurisdiction which does require such disclosure: it is a significant inconvenience for small businesses, and no benefit to the general public.
- Do small businesses in your area have complicated ownership structures that it's significantly inconvenient to disclose the one family that owns, for an example small business , a plumbing repair company with 4 vans and 6 employees?
- They might? If they don't and it is trivial to identify the beneficial owner, why is it necessary to create a requirement to disclose? The practical experience is that people are quite bad at this sort of requirement, that may well be a source of problems and that on aggregate making it harder to do business has a notable impact [0] on general prosperity. Don't needlessly put barriers in front of people who create wealth.
It isn't a stretch to imagine that a small business owner literally doesn't have enough time in their life to maintain their own health and run their business. There are some pretty grim stories out there, I can tell one based on a friend of mine who was working ... I think 70 hour weeks. Sounded rough. It isn't actually crazy to say they may not have an hour free to figure out what form they need to fill out and where to file it, or that they'd be too sleep deprived to get it right. Assuming that this thing is the only thing they need to disclose and there aren't any other pieces of paperwork that need filing (which we all know there will be).
Sure if they have to they'll probably figure it out in most cases, maybe it is trivial. But the businesses where a straw broke the camel's back don't exist any more to point at as evidence. It is hard to know.
[0] https://www.grumpy-economist.com/p/the-cost-of-regulation
- You get extra spam. Any data that ends up on those public lists will be used to spam you. Some websites will also correlate all the data they have on you too, so you can get that spam at home too.
Basically, you have no privacy if you start a small business under these kinds of rules.
- Precisely what inconvenience does it actually cause those businesses?
- Shell companies for the ruling class, ever decreasing anonymity for the peasants.
- How come tax loopholes aren't as scrutinized?
Mandatory age verification online is a blight imho. It should be outlawed.
- I agree, age verification on the web should 100% banned.
Parents should learn how to be parents; the government shouldn't force companies to do parenting instead.
- Governement should force companies to give parental controls tools. Gaming companies like Nintendo and Steam do that, I can create a kid account with parental controls.
Social media companies (e.g. Meta, Snap) are the first that should provide that but they don't.
- Band and severely punish systematic violations of privacy.
Regulate the poison first, not the access to it. All this age verification nonsense is an admission that some platforms knowingly harm their users. And instead of fixing the issue by cracking down on the proverbial crack, governments make everybody's life worse.
I remain hopeful that one day, humans will regard the online advertising companies with the same scorn we do the tobacco industry and may they be ashamed and disgusted at our inaction.
- So you're implying alcohol and cigarettes should be sold to children?
(Not to mention all the other consent age laws.)
That said, VPN is a national security issue, children are only a pretext.
- Children have always found ways to access age restricted consumables. Whether that was porno mags, alcohol or cigarettes.
They’d just get an older sibling, or stranger to buy it. Or they’d have a fake ID. Or they’d just steal it from a family member.
But you know which kids did this the least? It was the ones where their parents / guardians took their responsibilities as a guardian properly.
- > Children have always found ways to access age restricted consumables
Doesn't mean that it's equivalent to giving them free access to those consumables.
> But you know which kids did this the least?
Source?
- > Doesn't mean that it's equivalent to giving them free access to those consumables.
Why do people on HN always need to look at things as a Boolean state? It’s entirely reasonable to have some preventative measures but acknowledging that there are ways to circumvent them and accept that as a reasonable conclusion.
Things don’t need to be “all or nothing” ;)
> Source?
I grew up pre-WWW. Literally lived and breathed the points I’m making.
But don’t just take my word on this. Ask anyone of a certain age and they’ll tell you the same: they either tried cigarettes or knew lots of kids in school who smoked under the age of 16. They had access to alcohol under the age of 18. And pornographic content was easy to get hold of under the age of 18.
The age at which they gained access and the frequency of the usage depended greatly on their upbringing.
- > It’s entirely reasonable to have some preventative measures but acknowledging that there are ways to circumvent them and accept that as a reasonable conclusion.
I totally agree. That can be used as an argument in favour of age verification, though.
- Sure, if you ignore the other part of my comment where I said parents should be responsible for the upbringing of their own children.
- > VPN is a national security issue
:/
- A tax "loophole" is just a deliberate policy you happen to disagree with.
- What makes you think they aren't? The Double-Irish-Dutch-Sandwich in particular was cracked down on.
- Just the fact that it takes NGOs and journalists to uncover tax evasion practices. The governments and tax offices aren't looking. CumEx was a scandal in 2017, and despite being known since 1992, has only recently led to just a handful of prosecutions.
- Cumex was not a tax loophole it was straight up fraud .
- So imagine the enthusiasm of chasing "legal" practices.
- To be replaced by the Irish tax department making direct deals that are essentially the same. But ONLY for specific companies (principle: big multinationals don't pay tax at all, local companies get big tax raises. Irish companies are dying, multinationals are moving to Ireland)
https://taxsummaries.pwc.com/ireland/corporate/tax-credits-a...
In case anyone wonders: this means the FANG companies don't pay tax in Ireland if they hire enough people in Ireland, which has famously high income tax. It is, in other words, effectively a massive tax increase on the employees while actually reducing total tax income in the EU compared to the "double dutch sandwich".
Note that Ireland signed at least 2 international treaties that they weren't going to do this (OECD minimum tax treaty, EU tax treaty). Of course, there are no consequences to this.
The response to is that EU is exploring company-tax-per-transaction which is so incredibly bad in the massive administrative burden it will generate. It's not final, but it will mean that for every transaction done companies will have to keep (PER transaction) pieces (plural) of evidence for what country they happened in. Every single transaction.
https://joint-research-centre.ec.europa.eu/projects-and-acti...
- Lots of governments give tax exemptions to selected industries (film comes to mind) or even companies (Foxconn/TSMC); I don’t support this behavior, but I don’t see what makes Ireland special in this regard.
- Well, that was the original question of the thread:
> How come tax loopholes aren't as scrutinized?
- How can you define a tax loophole then? Since there isn't a thing you can do called a "Tax loophole", but rather a collection of otherwise totally legitimate practices, just used as an optimization, they are impossible to define, and as such, be scrutinized. It's a neverending whack-a-mole...
- Why? Isn't your age verified when you renew your drivers license? Purchase something on Amazon?
When I was a kid, child programming and commercials were heavily scrutinized. Now any kid can access porn, violence, and scams on the internet. That's a blight. Not age verification.
- I don’t understand, did broadcast TV or cable do age verification? Surely kids could watch content that was for adults very easily.
- Broadcast TV had a very simple solution to this problem: Only air the not-for-kids stuff at times of the day when the kids are already asleep, i.e. late in the evening or at night.
It was still the job of the parents to set the bed times etc, but at least this was something the parents could actually control.
And for pay-per-view stations with actual heavily violent or pornographic content: Yes, they were absolutely age-gated, usually via a PIN.
- and who sets that pin? It's the parents, not the cable company.
- As a kid, you never found a stack of porno magazines in the woods did you?
- That’s the job of parents. No exceptions. OP is right, it needs to be outlawed.
- The people who really want to stop VPNs are commercial streamers, especially for live sports. Regardless of state, or governing party, it always comes back to money.
- This probably needs to be highlighted more.
It isn't just governments.
This is also quietly being backed by some big corporations with money .
- > governments
> big corporations with money
Is there a notable difference between these two in most places? There _should_ be but in practice it feels like more and more places function closer to an oligarchy than whatever form of “democracy” they espouse to practice.
- I have a question that's been going through my mind -
Why is age verification connected with identity verification?
I understand why the former is not possible with the latter, but my question is -
Whichever entity is responsible for the verification can just pass on the age verification confirmation without passing through any of the other details, right?
Am I mistaken here? Because if this was possible, I could still go ahead with using the VPN.
- This seems to be what "double-blind" verification is doing:
> The report highlights emerging approaches, such as “double-blind” verification systems used in France, where websites receive only confirmation that a user meets age requirements without learning the user's identity, while the verification provider does not see which websites the user visits.
- It's a question of blind trust in your government to respect this, when they themselves control the age verification apps, at least in the EU who wants to impose its own system and not rely on an autonomous third party.
- It is cryptography. Just like you don't have to blindly trust Signal with end-to-end encryption (their client app is open source), it could be implemented in a way that you don't need to blindly trust your government.
- From a tech perspective it has been a solved problem since about a decade ago, via DID (decentralised identities) and their Verifiable Proofs.
The EU digital wallet framework is built around those, and your suggested scenario is a first class citizen.
It is now moving from the academic/research world, to the political field, and feedback/pressure from both commercial groups and political agendas is muddling the field.
Here are some links to canonical docs, you can easily find high quality videos that explain this is shorter/simpler terms to get a grasp of it.
https://www.w3.org/TR/did-1.0/
https://www.w3.org/TR/vc-data-model-2.0/
A note: it’s one of the healthy byproducts of the blockchain age, don’t get sidetracked by some hyped videos from crypto bros.
- It's a "solved problem" that didn't ever need solving in the first place.
- You are right, it is possible to do age verification in a privacy-preserving manner. Feels like most people being very vocal against the idea don't know about that.
At least most complaints I see here are assuming that age verification means tracking.
Too bad, there could be interesting discussions about privacy-preserving age verification, if people just bothered getting informed before complaining.
- So a research arm of the European parliament is "the EU" now?
- There was a time that parents control what websites children can access.
Now there is a time politicians control what websites we can access.
- Governments already have everyone's ID, including DOB. They say that the problem is non-adults accessing adult sites and services. So therefore, the sites need to know that users are over 18 (or the selected government age).
There should be a standardized government ID service/API that allows a person to let it disclose their age (or other user selected information) to a requesting site/service. That's all that is needed if the government ID service has appropriate 2FA and security.
Both the request and the response can be appropriately anonymized so that the government doesn't know the site, and the site doesn't know the person's identity.
Why isn't this a thing yet? As far as I know, no one has proposed it.
- The german gov id supports that. They have a PKI and the id is a smart card with a cert and private key on it [0]. It lets you answer the question "are you over 18" with a zero knowledge proof. I guess it only proves you have in your possession a valid id AND know the PIN to it, but that should be fine. France apparently has this, too, according to the article.
[0] https://www.personalausweisportal.de/Webs/PA/EN/government/t..., https://www.bsi.bund.de/EN/Themen/Oeffentliche-Verwaltung/El...
- No. You seem to not understand how government works. It will never be anonymized so it's an awful idea, you basically suggest to link accounts to a passport.
- This has been widely discussed, and initial implementations exist: the EU digital wallets are doing exactly this. https://ec.europa.eu/digital-building-blocks/sites/spaces/EU....
In theory, every EU state will have to support this soon so users can use it to verify age privately online. Still work to do to roll this out for real, but the technological part is very much already happening and I think the rollout plan is committed.
- > Both the request and the response can be appropriately anonymized so that the government doesn't know the site, and the site doesn't know the person's identity.
Yes that's how it's done in France for instance, and generally how it's being discussed in the EU.
- Exactly. Governments that really care about age verification should provide the tools to do so. They have the means to do so without violating privacy. Something like the Dutch DigiD service (the one they're about to sell to the US despite literally everybody opposing that) would be a great basis for this; just add an age verification service to it. They already know who you are in the most legal sense possible.
- > There should be a standardized government ID service/API
Most European country already have one, some are still testing theirs. They're required by the EU to make one accessible to their citizens by the end of this year, in the context of the eID project [0].
[0] https://commission.europa.eu/topics/digital-economy-and-soci...
- > if the government ID service has appropriate 2FA and security.
You're kidding right?
- Why?
In Russia we have gosuslugi.ru (state services), which nowadays requires 2FA and hasn't been compromised in any major way so far.
Among other things they provide a way for a third party to use it as identification service and a user chooses which data about himself he wants to share. No anonymity, though, and I don't see how it can be implemented so that the verification provider doesn't know which service is requiring age verification.
- You seriously think Russia's state services are not compromised by intelligence?
Also, yea, no anonymity is the problem. Why would you want your government to be able to track every single website you've ever visited -- especially considering we're talking about an autocratic regime?
I'm astonished at the naivety on display on a community called "Hacker news."
- These already exist in several eu countries. Imagine that there are governments that is not America and that actually work.
- Just this year, France government ID system hacked: https://www.biometricupdate.com/202604/french-govt-confirms-...
- "hacked", such a shame what happened in the background; it was a teenager who saw some url like "view_my_id_documents?id=1234" and just incremented the number, and could download the documents of other people (did on dozens of millions).
.
- North Korea calls VPNs “a loophole that needs closing” in age verification push
- VPN usage increased, but how to they draw the conclusion that this is children. I think it's more likely that adults are using VPNs to not have to deal with the ID process. I would do that.
As VPNs usually cost some money, which is already a barrier for minors.
- The western great fire wall is reducing its scope..
- Age restrictions + VPN bans + encryption restrictions + client-side monitoring + restricting general purpose computing.. It's just rapid descent into digital fascism set up by people who have no ability to see how the dots will end up connecting.
- I think they absolutely have the ability to see it, it's part of the value proposition for them.
- Speaking from the POV of my country, you absolutely have prime minister + minister level understandings that seem to plainly be based on issues such as "we need to stop children from bullying each other on social media", "we need to help police surveillance to stop crime", "we need to protect people from internet porn" etc, and it seems to be that the political capital and will to create these measures comes from short-term attempts to solve certain problems, without being able to understand how a broader set of these measures will together create digital fascism.
Beyond that I fully believe there are intelligence agencies, advertising agencies, military interests, IP control interests etc that are all working very diligently and in more targeted ways to each achieve their goals better by pushing for specific measures and helping to amplify moral panics to build the necessary political capital.
- I am sorry you see it this way, when the very subject at hand is a practical example of how the EU has planned and built a wallet around the very same ideas you seem to cherish.
Unfortunately, now that it comes to the news cycle, it’s easy to get outraged around misleading headlines.
I encourage you to invest time in researching what the EU has done in the past decade around digital identities and their framing around privacy questions on this. I hope you will find, as I do, that it moved the needle in t he right direction.
- I don't care for a limited and selective best-possible interpretation of a subset of measures viewed in isolation. The point is that a broader set of vectors are being used continuously to gradually ensnare and limit digital freedom.
This is not a misleading headline, this is a document from the European Parliamentary Research Service that calls out VPNs as a technology that may need to be moderated in order to enforce restrictions such as age verification.
https://www.europarl.europa.eu/RegData/etudes/ATAG/2026/7826...
As you are calling me out - specifically answer how restricting access to VPNs would benefit the freedom of thought, communication, and information within Europe, and not be something that - together with other measures - can help facilitate digital fascism.
- VPNs are essential tools against government persecution. Linking identity to a VPN session under any guise (age verification or otherwise) is something out of the playbook of dictatorial states.
- We desperately need a new internet
- Perhaps these legislators are addicted to porn and don't want their children to do to themselves the same they have done. Would explain their obsession and relentlessness to get this done.
It's just a pity they are destroying the internet while doing that. They should be attacking the companies making money from porn instead.
And by the way porn can damage your mind even after 18 so age verification is not a real solution anyway.
- Porn addiction has been shown not to be a real thing.
People who believe they are addicted to porn view porn at approximately the same rate as other people: they just feel more guilty about it, due to being raised to believe that it is shameful.
One source on the topic: https://www.psychologytoday.com/us/blog/talking-apes/202207/...
- I agree that age verification is old perverts addicted to porn simply projecting their problem onto others. Kids after a day of continuous swiping of tiktok and instagram want tattoos and bitcoin.
- Which is why the age restriction would apply to "normal" social media as well?
- Even better! Now teenager can legally buy bitcoin straight in the tattoo parlor one week after their 18th birthday.
- Porn or social media or fake news destroy kids brain more? I can’t even tell
- Parents destroy kids' brains the most.
- ὦ Ευρώπη, this would kick off an arms race. μολὼν λαβέ!
- Over my dead internet connection.
VPN for the VPN with a back-up VPN for the VPN's VPN.
- Ah yes, the most pressing issue of our times. Mandatory surveillance of every person's activities is a reasonable solution to the critical issue of teenagers watching porn, who totally won't be able to bypass this by... grabbing Dad's phone.
Obviously, it's not about the children. It was never about the children. If I had my way every one of these people would be taken to a gulag, because they are evil, have evil intentions, and blatantly lie to further their evil goals. I am tired of the intolerant being tolerated, and by allowing this to fester we are headed for a much worse totalitarian dystopia.
- All accounts and that are important to kids have are being tied to their real identity and they won’t be able to get a new one if they’re banned. The potential for social engineering is insane.
All of these ID laws are going to make it more dangerous for kids online IMO.
“Hi I’m a Roblox moderator. Your account was reported for X and you’ve been temp banned. Come to platform Y to appeal. Start by submitting all your personal info and a selfie.”
And it’ll be completely normalized by big tech. Seriously. WTF are they thinking?
- First, I should say that I am against online age identification. But if we are going to get age verification because the larger population wants it, I definitely prefer the EU's privacy-preserving age verification that uses zero knowledge proofs (yes, they have issues too) over private companies doing age verification, requiring uploading scans of your ID, filming your face, etc. For the reasons that you mention (people can easily be tricked into giving information to the wrong people), but also because I simply do not want my data to be in the hands of random private companies that will sell the data, give it to Palantir, etc.
That makes this fight so annoying, we have to fight age identification, while at the same time also promoting privacy-preserving age verification for the case it happens anyway.
- I think this is folly. You cannot communicate this level of nuance at scale, especially when faced with opposition that actively lies to achieve their goals.
Quoting an older post...
> In a benevolent dictatorship, sure, go for a zero-knowledge proof verification as your solution. In the reality of democracy, where politicians are corporate puppets who cloak surveillance laws in "think of the children" to rally support from the masses, we need to convince people to see through the lie and reject the proposals outright while reassuring them that they can protect the children themselves via parental controls. You will never be able to sufficiently inform 50.1% of the population of any country of what zero-knowledge proof even means, let alone convince them to support age verification laws but strictly conditional on ZKP requirements. That level of nuance is far too much to ask of millions of people who are not technically-informed, and idealism needs to give way to pragmatism if we wish to avoid the worst-case scenario.
- In a benevolent dictatorship, sure, go for a zero-knowledge proof verification as your solution. In the reality of democracy, where politicians are corporate puppets who cloak surveillance laws in "think of the children" to rally support from the masses
I do not (completely) agree with this. This seems like the very typical US-centric view of politics. A lot of members of the European Parliament are not corporate puppets and have ideals (even if they often do not align with mine). Why would the EU come with a ZKP-based verification reference app if they were sock puppets? The corporate sock-puppet politician would just push the narrative that age verification should be left to the market (which is probably what happens in the US, where most politicians are sock-puppets due campaign sponsoring, etc.).
You will never be able to sufficiently inform 50.1% of the population of any country of what zero-knowledge proof even means, let alone convince them to support age verification laws but strictly conditional on ZKP requirements.
We do not have to convince the population. We have to convince regulators and if it becomes necessary the EU/national-level courts that handle human rights violations.
Also, in the case of the EU, they made a reference implementation of ZKP age verification and asked national governments to roll this out in their apps. One of the large issues though is that the reference implementation relies on Google Play Integrity for device attestation (+ the iOS counterpart), so if national software development agencies use the reference implementation as-is, it shuts out competing systems. They should have used AOSP device attestation, which is also supported by GrapheneOS, etc. So, besides protesting age verification, I'm trying to get the message to politicians that how device attestation is done in the reference implementation is an issue. The thing that might help here is that sovereignty is also high on the agenda.
- > We do not have to convince the population. We have to convince regulators and if it becomes necessary the EU/national-level courts that handle human rights violations.
Without the population on your side, it's some insignificant minority's words vs. corporation's power determining where the lines get drawn by regulators. The people can put a leash on politicians who cave too hard to corporations by voting them out of office, but if they don't even understand the issue and have been conditioned to accept age verification, that will never happen.
> One of the large issues though is that the reference implementation relies on Google Play Integrity for device attestation (+ the iOS counterpart)
I am confused as to why you suggest my view is US-centric, and then go on to acknowledge that the EU is currently in the midst of rolling out regulation that de facto enshrines the Google+Apple duopoly in law. The EU bureacracy seems to be just as captured by corporate interests as the US. At times, they put up a token protest against Apple/Google, but generally only insofar as to promote competing European corporate interests where applicable. The EU would certainly prefer to serve European corporations over American ones, but the European people don't seem to factor into the equation at any point.
- the EU is currently in the midst of rolling out regulation that de facto enshrines the Google+Apple duopoly in law
It isn't, it's not enshrined in law, de facto does a lot of work here. IANAL, but I'm pretty sure such a requirement will not hold up in court either. Besides that, the developers of the reference app have stated that national apps do not have to require strong integrity from Google Play Integrity. It seems like they took the standard platform path either because they did not have time the time or knowledge to do anything else.
At any rate, I'm optimistic that it won't require passing strong integrity in my country. Age verification will be added to our national ID app (DigiD), which does not require passing strong integrity, even if it is used for more security-critical applications than age attestation.
- >In the reality of democracy, where politicians are corporate puppets who cloak surveillance laws in "think of the children" to rally support from the masses
Conspiratorial gibberish
- Are you seriously blind? Do you genuinely believe politicians don't legislate in ways that benefit corporations over individuals? Or do you genuinely believe the sudden worldwide push across dozens of countries to surveil all internet access, prevent VPN usage, and lock down devices at the OS level is the result of an organic, grassroots desire to protect children no matter the cost?
- Politicians do things that are likely to get them reelected, e.g, passing legislation that is broadly supported by their voters. Passing legislation that their constituents do not like will not increase the chances of them getting reelected.
If you could link a piece of legislation that has little support among voters, but was passed due to corporate money, I would be interested.
- > cloak surveillance laws in "think of the children" to rally support from the masses
Politicians lie to voters to get them to accept things they would otherwise not accept. That was literally central to the entire comment you were replying to. "But the children" and "But national security" are essentially a free pass to enact any legislation a dishonest politician wants with support from a population that cannot stay fully informed on the nuances of the incredibly complex modern world.
> If you could link a piece of legislation that has little support among voters, but was passed due to corporate money, I would be interested.
I feel like I could gesture broadly at everything. As noted, people will support something when lied to, but even without public support it's obvious that this happens. Off the top of my head, Trump's corporate tax cuts in 2017 might be one of the most clearcut examples of something that benefitted corporations over individuals, was lobbied for by corporations, and was high profile enough to have public polling while being so blatantly unjustifiable that said polling demonstrated the public was clearly against it.
- >Off the top of my head, Trump's corporate tax cuts in 2017 might be one of the most clearcut examples of something that benefitted corporations over individuals, was lobbied for by corporations, and was high profile enough to have public polling while being so blatantly unjustifiable that said polling demonstrated the public was clearly against it.
The 2017 tax cut law was extremely popular among republican voters, so I think that goes towards what I am saying.
- I suppose that was a bad example because Republican voters don't have a single policy they stand by, only party loyalty. eg. Republican voters were staunchly opposed to war in Iran until Trump did it and then support skyrocketed.
- > grabbing Dad's phone
That will only very rarely happen. Do you actually know people that will just give you their phone so you can watch porn? For more than one minute? People are so addicted to their phones.
> it's not about the children
It's also about the children, but there surely are parties which use the process to further their own goals.
> I am tired of the intolerant being tolerated
That's not the right quote for this case.
- > Do you actually know people that will just give you their phone so you can watch porn?
They don't ask for it, they take it when you're busy or sleeping. Teens certainly weren't asking for Dad's VHS tapes or magazines when I was a kid. I suppose this problem is solveable, too, though. Mandatory biometric locks on every device capable of accessing the internet, why not?
> That's not the right quote for this case.
It is. These people are fascists. Their goal is to create a society where the government has a permanent record of everything every person is doing, monitored 24/7 so nobody can defy it. The point about tolerating intolerance is that by abiding such people, you allow them to create an intolerant society, thus it is prudent even in a tolerant society to be intolerant specifically towards those whose goal is intolerance.
- > they take it when you're busy or sleeping
That will be quite noticeable. And tricky if it's face or fingerprint locked, something I see in all phones around me are. Daddy likes his privacy too.
For the rest: rant on, but it'll only reduce your audience. One thing we can learn from history: calling people fascists doesn't work.
- By your logic, my kids are going to find a way to smoke weed anyway so I might as well give them some, right?
- Can you not be disingenuous beyond belief? That is not even remotely close to what I said. What I take issue with is that the solution is worse than the problem (and does not even solve the problem). We can solve all problems of society if we lock everyone in an isolated prison cell 24/7 except under strict supervision when working or studying. That, obviously, is a fucking insane idea. Yet it is what we are creeping towards when you defend government surveillance of every person's device usage. A solution to a problem should not be 100x worse than the problem it allegedly solves, and this is doubly true when it doesn't even solve the problem.
Obviously, not all solutions have to be 100% solutions to problems. Indeed such solutions very rarely exist in the real world. But they do need to be less of a problem than the original problem, and the more invasive they are, the more you'd better expect they solve a serious problem as comprehensively as possible rather than barely addressing a trivial problem.
- Your children would certainly cherish and respect you for it.
Many such cases, in fact! Which you of course don't know about. Because anti-prohibitionist narratives don't cause Number to Go Up.
What's safer: if you were to provide them with secure access to a substance that is risky only when used irresponsibly - or if they had to acquire it illegally off the street, and were to consume it in some sketchy environs away from your oversight?
On the other hand, setting boundaries meant to be crossed - such as a restriction on substance use that "they will violate anyway" - is parental betrayal, and risks bricking your child.
Also many such cases! Which you also "don't know" about. Because you prefer to consider unhappy people less-than-human, and parents are only happy to sweep their failures under the rug. Even if it means giving their child to the torturers.
From one sentence you wrote "as if it's obvious", I can see that your sense of ownership over your progeny trumps your concern for your children's safety.
A lot of resources go into subsidizing your unsustainable lifestyle, which you yourself only tolerate thanks to constantly impairing your cognition but perfectly legally.
Similarly, a lot of resources go into silencing and/or exterminating people like me; yet, last time I checked I was still kicking and spitting.
Both of these economic dynamics, ultimately, serve to perpetuate a multigenerational Ponzi scheme which treats humans as property. Notice people getting into debt younger and younger? Yeah, that.
- If my kid can setup a VPN, then he's old enough.
- The lobbyists are doing what they are paid to do.
People pointed that out quite a while ago already. Age sniffing is a joint attack on the freedoms of people, which explains why these lobbyists also try to abolish VPNs. Their vision for the world wide web is one of authorization. Ultimately they will fail, but a few get rich here in the process.
- Ugh. Here we go again. Europe’s politicians just cannot stop with wanting to control everyone and everything. It’s as if bureaucracy is the actual goal. Privacy and anonymity should be protected by law. Not violated by law.
- I listen to a bunch of (mostly left) podcasts where they sometimes invite members of the European parlement and while I can agree with some of their opinions its downright scary how they think about regulations.
For everything that's wrong in society the answer seems to be more and more regulations. The negative effects (such as the lack of European AI companies) are then waved away (it's because Europe spends their money on American AI instead of investing in EU AI).
It's honestly scary.
- Care to share some of these podcasts?
- The goal is privacy and anonymity. Removing them that is. They don't care about teenagers watching porn, what they want is to know what every person is reading and saying, and being able to punish whoever says things the eurocrats don't like. That's the reason the age limits are not set in the device by the parents, but you must give your id to some entity.
- EU didn't state this for one. The paper they wrote quoted someone else stating this.
- EU enshrined privacy in its charter of fundamental rights. GDPR was and still is a major protection.
US, from its biggest companies to the whole of Silicon Valley culture has done the exact opposite.
Within the EU, multiple attempts at pushing changes in opposition to this have been proposed, debated, voted on (and rejected), as democracies do.
Not perfect, but when you come down to laws, EU bureaucrats gave EU citizens article 8, US gave them the CLOUD act.
- > Within the EU, multiple attempts at pushing changes in opposition to this have been proposed, debated, voted on (and rejected), as democracies do.
If 51% of people want to do something wrong, they should do it to themselves and leave the other 49% alone. Democracy is not an excuse for doing the wrong thing and going "oh well, guess people want it".
- 70% is a more likely figure
https://www.ipsos.com/en-uk/britons-back-online-safety-acts-...
>Almost seven in ten (69%) support age verification checks on platforms that may host content related to suicide, self-harm, eating disorders, and pornography.
Sometimes the majority is going to make a decision that you do not like, oh well, that is the cost of living in a democracy. People in "terminally online" spaces like HN vastly underestimate the popularity of these laws.
- >>Almost seven in ten (69%) support age verification checks on platforms that may host content related to suicide, self-harm, eating disorders, and pornography.
>>eating disorders
I'm genuinely sorry, but... wait, what? Okay, suicide, somewhat understandable (although some forums where people just share their feelings are endangered by this). Same applies to self-harm. Pornography - well, at least I can understand the motive/justification, although I don't welcome such intrusions in personal privacy. But eating disorders? What? I'm sorry, WHAT? Where's the reasons behind this? Any adequate justification? I apologize, again, maybe I don't understand the thing, but how eating disorders ended up in the same line as suicide, self-harm, pornography and similar?
- > EU enshrined privacy in its charter of fundamental rights. GDPR was and still is a major protection.
GDPR does not protect you from governments snooping on you. The same way it does not stop governments from collecting data on you: https://en.wikipedia.org/wiki/Data_Retention_Directive
It sometimes even forces governments to collect more data on their own citizens like in Romania.
The only difference between the US and the EU is that the EU has somehow managed to convince a bunch of useful idiots (not saying that you are part of it) that it is better than the US when in reality its the same shit just with a different color and smell.
- [dead]
- Tiresome surveillance state push
- Yet another «copy protection».
Legislation must call real experts before making any *technical* decisions.
- Sounds more like they should have sand-boxed white-listed school networks for known publishers in each age group.
Then leave the rest of the world out of domestic failed parenting nonsense. However, policy would still likely fail given the cruelty youthful ignorance often brings, and persistent 1:100 child psychopath occurrence rates. =3
- Here we go again with new restrictions on civil liberties. This is Chat Control all over again.
The EU won't stop until it has access to all your data, all your messages, anything you read, save, send will be scrutinized by the the big great EU and it's little minions.
Hey, at least we get the freedom of movement right?
- Too easy to dunk on the EU. The UK, USA and Australia seem to have reached the same conclusions. In UK all young males now have a VPN rather than do whatever you’re supposed to do to see porn. VPNs went from “nerd talk” to “vpn=porn” in the space of weeks. Whatever is next will suffer a similar fate.
- There is no such thing as the EU wants X. There are huge differences between what the European Commission, the European Council, and the majority of the European Parliament want.
Most of the anti-privacy crap hasn't happened thanks to the EU. Particular countries and lobbying groups have been pushing this through the Commission and Council and most attempts have been rejected by the EP.
If we didn't have the EU, some countries would have long introduced this nonsense (like the UK). But in the EU that does not make much sense, since there is a single market, so you have to enforce it EU-wide.
The European Parliament + courts of justice/human rights are one of the last beacons of democracy/freedom worldwide that resist upcoming authoritarianism. We should support them and remind the Parliament over and over again that they should be continuing the good fight.
---
By the way, nearly all your comments on HN are about politics and all trying to sow dissent on Western (and especially European) democracies.
- > By the way, nearly all your comments on HN are about politics and all trying to sow dissent on Western (and especially European) democracies.
Disclaimer first: I'm not trying to protect him and I'm not tied to him in any possible way. But since when constantly expressing your own opinion (that's what I assume given the age of the account; maybe I'm wrong, but this seems rather like a person than a bot) is a deliberately malicious activity (as implied by your "trying to sow dissent" expression)? If their opinion doesn't match yours, it doesn't mean that they're evil or something similar. It just means that your views are different.
- Talking continually about politics is against the HN guidelines.
- Politics and tech are basically intertwined at this point. Tech is also intertwined with Geo-politics, tax policies, mental health, and a bunch of other issues.
One cannot talk about tech without talking inevitably of the second or third order effects that derive from it which is again almost inevitably linked to politics either in the US or elsewhere.
- > There is no such thing as the EU wants X. There are huge differences between what the European Commission, the European Council, and the majority of the European Parliament want.
Of course there is such a thing as EU wants X. The commission drafts laws and presents them to the MEPs who vote on them. The MEPs do not have the ability to propose their own laws. So all these bullshit laws that are voted on originate from the commission.
If I tell you that you can have a red balloon and you only choice is either to accept or reject the balloon, then you don't really have a choice do you? You can't say I want a blue balloon.
> Most of the anti-privacy crap hasn't happened thanks to the EU. Particular countries and lobbying groups have been pushing this through the Commission and Council and most attempts have been rejected by the EP.
Most attempts? And that should somehow reassure me?
Here is another law that was overturned after many years even though everyone knew it was illegal from the start: https://en.wikipedia.org/wiki/Data_Retention_Directive. It only took something like 8 years.
When Romania protested that this was illegal under their constitution, the EU sued them and forced them to spy on their own citizens. So thank you but no thank you.
> If we didn't have the EU, some countries would have long introduced this nonsense (like the UK). But in the EU that does not make much sense, since there is a single market, so you have to enforce it EU-wide.
On the contrary, if we did not have the EU then it would not be such a problem because the same people who are pushing for this crap would have to repeat the same process 27 times, one in each country and they would have to convince/bribe their way into each government. Instead they can now push this stuff through the commission and it gets voted on and if approved gets applied to 450M people in one go.
That is the definition of single point of failure if I have ever seen one.
> The European Parliament + courts of justice/human rights are one of the last beacons of democracy/freedom worldwide that resist upcoming authoritarianism. We should support them and remind the Parliament over and over again that they should be continuing the good fight.
Do we now have to resort to this sort of emotional arguments? The EU as a whole is 27 countries, the world has more than 200 countries today. Are you claiming that most of them are hell-hole under some sort of tyrannical government? You can't be serious.
This is my problem with the EU supporters these days, you guys are so quick to shove in everyone throats the amazing stuff that the EU supposedly does for us every day but as soon as someone complains, you revert to using the same tactics as populists with the US vs Them rhetoric, the emotional manipulative language and what not.
Also your last paragraph is in complete contradiction with your previous statement. Somehow the EU/European parliament is the last bastion of democracy/freedom but it stills wants to access my private messages and emails (for my own good of course), and now it wants to force VPNs to record identifying information of its users (for our own good again).
If what you say is true then we wouldn't be having this conversation because anyone who proposes this sort of law should have been ostracized and kicked out of the commission in no time. Yet here we are.
> By the way, nearly all your comments on HN are about politics and all trying to sow dissent on Western (and especially European) democracies.
Ha, yes, you got me! I can see that when the push comes to shove it's easier to go for the subtle ad-hominem or character attacks.
God forbid someone in Europe could have any issues with the way things are going at the moment. Seems highly suspicious.
Should I send you a copy of my EU passports? Maybe that's whats going to be required in a few years time to post online if the all-mighty EU gets its way but I can understand if you want to start doing the policing early. After all we can never be too careful.
By the way, I love the new definition of democracy theses days: agree with us about everything or we will consider you a Chinese/Russian/Populist/evil (take your pick) troll.
Its perfectly fitting with the way the EU is trending down towards authoritarianism and subtle freedom of speech suppression.
- [dead]
- They EU authorities care for children so much that they haven't noticed almost none are being born anymore in EU.
239 points by muse900 5 hours ago | 171 comments