From the article:
"Unsurprisingly, this skyrocketed searches for the best VPNs. According to a SlashGear report sent to Mashable, searches for "Texas VPN" jumped by 1,750 percent in the past day. It also spotted a 1,600 percent increase for the phrase "How to access Pornhub.""
To be fair current age verification is useless. We all know clicking a button does not verify anything.
Also we know that submitting personal data to a website to verify your age is terrible. Big no no.
I'm curious of what will happen in my country. Here in Spain government said that they will implement a new age verification system using Anonymous digital certificates. The government will issue those and you have to give your ID but the certificate itself it's anonymous and the website won't be able to know who is the person behind the certificate. While there's no implementation yet, I hope they use the kind of anonymous certificates that, once expedited, the government also does not know who is using the certificate when serving as a certificate authority to validate its authenticity.
Let's see how it goes. I'm afraid even while being privacy friendly with this system Pornhub will block access here to as a threat to other places. At the end is a private company and blocking minors from accessing their content cost them big money, and, of course, money is the only thing that matters to them.
Right. Why do I have to submit a retinal scan and 3 forms of ID to watch porn because parents can't be bothered to learn basic computer skills and monitor their own children?
The right way to implement this is where they don't even have any persistent identifier that could be used for tracking. They should only ever see a derived single-use signature that after verification gives them a yes/no answer and nothing more.
It IS possible from a technical standpoint to be able to do anonymous age verification. I can think of several methods that would work but the issue is I’d have to trust a company or the government with this information and trust them to not do something stupid with it like using it for nefarious purposes, selling it, or just not protecting it well enough. And with all the data brokerages and security breaches in the news there is no way I’d ever do that. Just not gonna happen. This data is just too valuable to trust any single company with it.
To me this is absolutely a 1st and 4th amendment issue. We are quickly devolving in an American religious state ruled by morality police.
The certificate may be anonymous to website hosts, but it won't be to the Spanish government. Otherwise you copy Grandpa's cert and pass it around school.
In the Netherlands we have this app that could be used for it https://www.yivi.app/en it's open-source, developed by an ngo in collaboration with a Dutch university. It's not very widely used yet, but the idea behind it is really good.
Outside the issue of yet another competing standard to do the same thing, there's an inherent issue with verification in these kinds of apps. That is, how the identity is actually verified for the account. Is it the government itself, a for-profit company partnered in some way with governments, something else? The issue begs the question, is this something we should have in the first place?
I don't think so. And it seems to me that those who do likely don't realize how much of a slippery slope it is to complete privacy erosion. Others are simply trying to live their life and this is very far down on their list of worries. Yet here we are, where services are built around the assumption that every user has a phone (and phone number).
Some relevant media to the topic:
xkcd 927
Electric Dreams S1E9