A friend asked about my zealotry on age-gating social media and why internet anonymity/pseudonymity should be protected.
I sent this through by email, figured I'd share it here too, very lightly edited.
I agree that people are more likely to be jerks when anonymous.
Potential for anonymity is simultaneously important protection when society or governments are too censorious, or could become so, or when someone in one country worries about consequences for family who live in a censorious country.
If Twitter had a magic tech that could undo VPNs and put a note under each tweet specifying the real country of origin of any tweet, that wouldn’t bother me any. Or if another social network decided to only allow real name accounts, and people wanted to chat there, that’s perfectly fine with me too.
Government requirements on these platforms seem like a different matter entirely.
The UK’s rules require that every site whose content could possibly be viewed as harmful to children now require adults to prove that they are not children. One very predictable consequence: Discord was hacked, and 70,000 had their government-issued IDs stolen.
But even without hacks, requirements to provide your ID if you want to look at sensitive content can chill speech and access to information. “Oh, you want to read that article about the STD you think you might have? Just show us your ID. And trust that we won’t tell anybody what you were looking at.” Or, “Oh, I see you’re interested in a very niche form of pornography. Please give me your ID.” “Oh, I see you’re interested in academic journal articles about the heritability of different traits. Papers please.”
Freedom of speech includes the freedom to read. I would consider it a violation of freedom of speech if a librarian came up and demanded to take a record of my ID if I were minding my own business and peacefully reading subversive books.
Did any of the proponents of the UK legislation think that ‘just protecting children’ would mean adults would have to give Wikipedia their ID to read some of their articles, or to every dodgy porn site? Probably not. They’re not good at thinking about tech or consequences or how companies protect themselves against substantial potential liability.
But that’s where the UK now is. As consequence, VPN downloads have massively increased in the UK so people can pretend they’re not in the UK. And the UK government is investigating whether it’s possible to ban VPNs.
And as consequence, I’ve gotten a multi-year subscription to a good VPN, because the obvious way for governments to ban VPNs is to ban domestically issued credit cards from processing payments to them. And New Zealand seems determined to be every bit as stupid as the UK. I understand that Select Committee has asked for advice about the feasibility of banning VPNs as part of their inquiry into ‘just protecting the children’. Great stuff.
Australia’s version will require social media platforms to keep under-16s from having accounts. There are triaging efforts they can take, but a pile of users who are over the age limit will wind up having to prove that they are over the age limit.
The system can then either err on the side of letting youths on accidentally (and suffer penalties for doing so), impose substantial burdens on adult users to avoid letting youths on accidentally (frequent age re-verification to make sure that a youth hasn’t faked being over the age limit with the help of a confederate), or end the potential for anonymous/pseudonymous accounts by requiring real ID.
If I were a Chinese student studying in Australia and had set up a pseudonymous Twitter account for fear that my family in China would be punished for what I might say in Australia – and to maintain the option to go back to China if I wanted to – I would end my account rather than provide ID. Because IDs can be hacked, and the Chinese government is good at that. Sure, they could probably figure out who owned an account if they tried really hard absent that. But having a giant database that just hands over all the IDs you need to check? Risky.
There are ways of doing it that are privacy preserving. But it would be very easy for a fifteen year old, with the cooperation of a seventeen year old friend, to get an account under those methods. And when that becomes obvious, those for whom potential harms to children trump everything else in the world will call it a ‘loophole’, demand the loophole be closed, and the potential for pseudonymity disappears.
The same problem applies to what I’d put up as potential least-bad solution in my submission on this stuff. Government could require that platforms age-restrict at the app-store level such that parental authorisation is required through Family Link or the Apple equivalent.
It would be far from foolproof: not everyone has an age in their phone account (Google or Apple); people could buy cheap phones and not disclose true age. And it would have some harms too: the State would be enforcing the right of a Gloriavale mum to block her son from important aspects of contact with the outside world. Which is a bit odd when a 15 year old can get an abortion without parental notification or consent; doctors are forbidden from telling the parents if the child so-requests. We have very odd and inconsistent rules about what things kids can and cannot do without parental consent.
My solution would also have obvious holes. So I urged that, if parliament picked up that option, it do so very deliberately with recognition of that lots of kids would work around the rule and that that was the least bad alternative – that nobody frame it as being other than very second-best, and that nobody pretend afterwards that kids getting around it was a reason to revise the rules.
It still sucks though and is far more risky than I’m comfortable with.
I guess one bottom line: shouldn't we let the rest of the world have a few attempts at this before jumping into anything we might regret?
Other bits of context:
- Justice Harvey on continued government efforts to exert control over internet content
- My submission on this stuff
- Eric Goldman's piece on the "Segregate-and-Suppress" approach to regulating child safety online. He puts up a very good argument against legislating parental signoff for kids installing the apps. He's right. I just think it sucks less than anything else Parliament might do.
- The Harmful Digital Communications Act has itself been used to abusive purpose.
No comments:
Post a Comment