The EU is currently developing a whitelabel app to perform privacy-preserving (at least in theory) age verification to be adopted and personalized in the coming months by member states. The app is open source and available here: github.com/eu-digital-identity….
Problem is, the app is planning to include remote attestation feature to verify the integrity of the app: github.com/eu-digital-identity…. This is supposed to provide assurance to the age verification service that the app being used is authentic and running on a genuine operating system. Genuine in the case of Android means:
The operating system was licensed by Google
The app was downloaded from the Play Store (thus requiring a Google account)
Device security checks have passed
While there is value to verify device security, this strongly ties the app to many Google properties and services, because those checks won't pass on an aftermarket Android OS, even those which increase security significantly like GrapheneOS, because the app plans to use Google "Play Integrity", which only allows Google licensed systems instead of the standard Android attestation feature to verify systems.
This also means that even though you can compile the app, you won't be able to use it, because it won't come from the Play Store and thus the age verification service will reject it.
So is there a way to apply pressure on the EU to think this through first? Surely they could have different ways that doesn't lock them in to google services.
According to the users in that issue, the mere application of the API is illegal, as is the dependency. Sooo I dunno what kind of PACs there are in the EU but I would be leaning on and contributing to those.
I do feel like that’s a precarious state to leave this in, especially if they’re developing the backend for it.
Is there even enough momentum for a SKG-style wave of coverage? It would need to be justified properly by citing things like the Tea app data leak, to make a strong case (to political pencil pushers) for the danger of tying personal information to profiles or even to platforms. Otherwise the only thing they’ll see is “gamers want to make porn accessible to children”.
I don’t know. This whole situation boils my blood because I really care about online anonymity, and this is kind of nightmare scenario shit for me. I’m not even in the UK or EU.
To avoid people from simply copying the "age proof" and having others reuse it, a nonce/private key combo is needed. To protect that key a DRM style locked down device is necessary. Conveniently removing your ability to know what your device is doing, just a "trust us".
Seeing the EU doesn't make any popular hardware, their plan will always rely on either Asian or US manufacturers implementing the black-box "safety" chip.
It's that "whatever way" that is difficult. This proposal merely shifts the problem: now the login to that 3rd party can be shared, and age verification subverted.
1) the user 2) the age-gated site 3) the age verification service
The site (2) sends the request to the user (1), who passes it on to the service (3) where it is signed and returned the same way. The request comes with a nonce and a time stamp, making reuse difficult. An unusual volume of requests from a single user will be detected by the service.
Strictly speaking, neither needs to know the actual identity. However, the point is that both are supposed to receive information about the user's age. I'm not really sure what your point is.
both are supposed to receive information about the user's age
Yes, that's the point. They should be receiving information about age, and age only. Therefore they lack the information to detect reuse.
If they are able to detect reuse, they receive more (and personal identifying) information. Which shouldn't be the case.
The only known way to include a nonce, without releasing identifying information to the 3rd parties, is using a DRM like chip. This results in the sovereignty and trust issues I referred to earlier.
The site would only know that the user's age is being vouched for by some government-approved service. It would not be able to use this to track the user across different devices/IPs, and so on.
The service would only know that the user is requesting that their age be vouched for. It would not know for what. Of course, they would have to know your age somehow. EG they could be selling access in shops, like alcohol is sold in shops. The shop checks the ID. The service then only knows that you have login credentials bought in some shop. Presumably these credentials would not remain valid for long.
They could use any other scheme, as well. Maybe you do have to upload an ID, but they have to delete it immediately afterward. And because the service has to be in the EU, government-certified with regular inspections, that's safe enough.
In any case, the user would have to have access to some sort of account on the service. Activity related to that account would be tracked.
If that is not good enough, then your worries are not about data protection. My worries are not. I reject this for different reasons.
is being vouched for by some government-approved service.
The reverse is also a necessity: the government approved service should not be allowed to know who and for what a proof of age is requested.
And because the service has to be in the EU, government-certified with regular inspections, that's safe enough
Of course not: both intentional and unintentional leaking of this information already happens, regularly. That information should simply not be captured, at all!
Additionally, what happens to, for example, the people in Hungary(*)? If the middle man government service knows when and who is requesting proof-of-age, it's easy to de-anonymise for example users of gay porn sites.
The 3rd party solution, as you present it, sounds terribly dangerous!
(*) Hungary as a contemporary example of a near despot leader, but more will pop up in EU over the coming years.
The reverse is also a necessity: the government approved service should not be allowed to know who and for what a proof of age is requested.
It would send the proof to you. It would not know what you do with it. I gave an example in the previous post how the identity of the user could be hidden from the service.
If the middle man government service knows when and who is requesting proof-of-age, it’s easy to de-anonymise for example users of gay porn sites.
It would be a lot easier to get that information from the ISP.
If it is about hiding some data handled by the app, that will be instantly extracted. There are plenty of people with full integrity on rooted phones. It's really annoying to set up and keep going, and requiring that would fuck over most rooted phone/custom os users, but someone to fully inspect and leak everything about the app will always be popping up.
If it is about hiding some data handled by the app, that will be instantly extracted.
Look at the design of DRM chips. They bake the key into hardware. Some keys have been leaked, I think playstation 2 is an example, but typically by a source inside the company.
That applies to play integrity, and a lot of getting that working is juggling various signatures and keys. The suggestion above which I replied to was instead about software-managed keys, something handed to the app which it then stores, where the google drm is polled to get that sacred piece of data. Since this is present in the software, it can be plainly read by the user on rooted devices, which hardware-based keys cannot.
Play integrity is hardware based, but the eu app is software based, merely polling googles hardware based stuff somewhere in the process.
I understand. In the context of digital sovereignty, even if the linked shitty implementation is discarded (as it should be), every correct implementation will require magic DRM-like chip. This chip will be made by a US or Asian manufacturer, as the EU has no manufacturing.
Is it tied to my real identity? If not it seems to me that it should be sufficient as to serve as a security this phone is legit and not emulated/compromised.
In the eu, phone numbers by law are tied to state identities. And the phone provider can naturally resolve their sim IDs down to the phone number they are assigned to. Anything related to celltower interactions is PII.
Yeah no. Requiring anything Google for something as basic as this violates the GDPR. If they go through with this, it's one legal case until they have to revise it.
Edit: German eID works on any Android btw., flawless actually. I sure hope I can use that for verification
EID and equivalents are great for a lot of things, but do you want your porn site to know who you are? The new app is supposed to verify your age but not give out your PII. Not sure eID can do that?
Der Personalausweis verfügt seit 2010 über eine elektronische Identitätsfunktion (eID). Welche Daten sind auf dem Ausweis hinterlegt und was ist bei der Nutzung zu beachten?
That Flathub app is unofficial afaik, which is why I don't use it. Normally I wouldn't care, but this seems important enough to not use a repackaged version
I wouldn't be too sure. Data protection mainly binds private actors. Any data processing demanded by law is legal. You'd really have to know the finer points of the law to judge if this is ok.
The GDPR also applies to public institutions as far as I'm aware - but most importantly the concern here is Google and data collected by Google. This data collection is in no way necessary to provide the age verification service. Most of it is not even related to it. The state legally cannot force you to agree to some corporations (i.e. Google's) terms, even if we completely ignore the GDPR.
Data processing mandated by law is legal. Governments can pass laws, unlike private actors. Public institutions are bound by GDPR, but can also rely on provisions that give them greater leeway.
I don't see how that this is in any way necessary, either. But a judge may be convinced by the claim that this is industry standard best practice to keep the app safe. In any case, there may be some finer points to the law.
The state legally cannot force you to agree to some corporations (i.e. Google’s) terms,
I'm not too sure about that, either. For example, when you are out of work, the state will cause you trouble if you do not find offered jobs acceptable.
It's another question, if not having access to age-gated content is so bad as to force you to do anything. Minors nominally have the same rights as full citizens, and they are to be denied access, too.
Apparently this is illegal to implement as of right now, but it’s not helping the feeling of technological doomerism I get whenever I think about this whole identity verification situation.
Someone jumped at me for comparing EU and MAGA to Stalin's and Hitler's regimes, quote, "arguing in newspapers whose worker class has been liberated more". Like they are not equal at all and all such.
What is it with everyone being obsessed with porn censorship suddenly? Why is this a trend?
At first I thought it's about control and data gathering, but this seems like too much of a genuine attempt at such a system. Why is the government so obsessed with parenting and nannying the citizens?
This has been discussed a while back, at least here in NL as far as I know it started because of legalising online gambling for which you need to be identified. Also, due to GDPR, businesses aren't allowed to make copies of ID's/passports/driving licences any more which is required for certain businesses (notaries, accountants, etc). In my office we currently use some kind of identification software, but it isn't anonyms because well we wouldn't be able to do our job.
There is a bit of a conflict between the laws requiring certain companies to identify their clients and GDPR in basis, but there is something in GDPR that allows these companies to still collect the relevant data and use it or to verify the data and not store it depending on the use case.
The whole use case thing is even the reason why companies are allowed to collect data from you. You couldn't get anything delivered if this exception wasn't there, because they wouldn't be allowed to progress your address.
At least that's what I gathered from the Dutch implementation the AVG, when I last read it a couple years ago.
This is just my speculation, so take it as you will. The EU has been pushing for digital ID cards for quite a while, and this is just another attempt. The last serious attempt was the Covid vaccination passport, but so many people still opted for paper certs, and the rest deleted the app when vaccination was no longer mandatory, that it failed again. So, now the authorities are becoming smart and trying to go through the vector that has a proven record of driving technological change: porn.
Too many bots online 😁 I'd like to know if I'm talking to a real sockpuppet when I'm online 😁...but just for that and only share data from my "wallet id" on a strict need to know basis.
Why is the government so obsessed with parenting and nannying the citizens?
I think it's because people from outside the traditional political families are getting popular votes.
For the established politicians, blaming "the internet" and building a supressing censorship machine is easier than looking in the mirror and seeing where the discontent comes from.
Been wondering myself. It's certainly part of the general right-ward trend. Societies are becoming more illiberal. It's not just the right that is moving to the right.
Obscenity laws have always been about enforcing the "correct" sexuality. Protecting minors meant preventing them from becoming "confused"; ie becoming LGBTQ.
You also have growing nationalism. In Europe, people are saying we should enforce "our laws" and "our values" against meddling foreigners (ie Big Tech). It often sounds a lot like the rants against the "globalists" that have been a staple among the US far right for decades. Age verification is part of that.
For example, Germany has long enforced age verification within its borders. It's part of the whole over-regulation thing that makes competitive tech companies almost impossible in Europe. For some reason, Europeans have trouble accepting that. You can see it here on Lemmy. The solution must be to enshittify everything to level the playing field.
The legal precedent for gaining the ability to ban content under the guise of preventing the dissemination of "obscenity" allows the future banning of "obscene" political opinions and "obscene" dissent.
Once the "obscene" political content is banned, the language will change to "offensive".
After "offensive" content is banned, then the language will change to "inappropriate".
After "inappropriate", the language will change to "oppositional".
If you believe this is a "slippery slope" fallacy, then as a counterpoint, I would refer to the actual history of the term "politically correct":
In the early-to-mid 20th century, the phrase politically correct was used to describe strict adherence to a range of ideological orthodoxies within politics. In 1934, The New York Times reported that Nazi Germany was granting reporting permits "only to pure 'Aryans' whose opinions are politically correct".
[5]The term political correctness first appeared in Marxist–Leninist vocabulary following the Russian Revolution of 1917. At that time, it was used to describe strict adherence to the policies and principles of the Communist Party of the Soviet Union, that is, the party line.[24] Later in the United States, the phrase came to be associated with accusations of dogmatism in debates between communists and socialists. According to American educator Herbert Kohl, writing about debates in New York in the late 1940s and early 1950s.
The term "politically correct" was used disparagingly, to refer to someone whose loyalty to the CP line overrode compassion, and led to bad politics. It was used by Socialists against Communists, and was meant to separate out Socialists who believed in egalitarian moral ideas from dogmatic Communists who would advocate and defend party positions regardless of their moral substance.
— "Uncommon Differences", The Lion and the Unicorn[4]
You're right but the example you gave seems to illustrate a different effect that's almost opposite — let me explain.
The phrase "politically correct" is language which meant something very specific, that was then hijacked by the far-right into the culture war where its meaning could be hollowed out/watered down to just mean basically "polite", then used interchangeably in a motte-and-bailey style between the two meanings whenever useful, basically a weaponized fallacy designed to scare and confuse people — and you know that's exactly what it's doing by because no right-winger can define what this boogeyman really means. This has been done before with things like: Critical Race Theory, DEI, cancel culture, woke, cultural Marxism, cultural bolshevism/judeo bolshevism (if you go back far enough), "Great Replacement", "illegals", the list goes on.
I see your point. I should've limited my citation to the phrase's authoritarian origins from the early 20th century.
To clarify, the slippery slope towards "political correctness" I wanted to describe is a sort of corporate techno-feudalist language bereft of any real political philosophy or moral epistemology. It is the language of LinkedIn, the "angel investor class", financiers, cavalier buzzwords, sweeping overgeneralizations, and hyperbole. Yet, fundamentally, it will aim to erase any class awareness, empiricism, or contempt for arbitrary authority. The idea is to impose an avaricious financial-might-makes-right for whatever-we-believe-right-now way of thinking in every human being.
What I want to convey is that there is an unspoken effort by authoritarians of the so-called "left" and "right" who unapologetically yearn for the hybridization of both Huxley's A Brave New World and Orwell's 1984 dystopian models, sometimes loudly proclaimed and other times subconsciously suggested.
I get what you mean. You're saying we're sliding towards something that brings back political correctness in its original definition, and I agree with you.
The idea is to impose an avaricious financial-might-makes-right
This resonates a lot. I'd argue we're already there. All this talk of "meritocracy" (fallaciously opposed to "DEI"), the prosperity gospel (that one's even older), it's all been promoting this idea of worthiness determined by net worth. Totalitarianism needs a socially accepted might-makes-right narrative wherever it can find it, then that can be the foundation for the fascist dogma/cult that will justify the regime's existence and legitimize its disregard for human life. Bonus points if you can make that might-makes-right narrative sound righteous (e.g. "merit" determines that you "deserve" your wealth, when really it's a circular argument: merit is never questioned for those who have the wealth, it's always assumed because how else could they have made that much money!).
In addition to the other answers, I want to add that the anti-porn stuff gives them the reason they need to force you into a more monitored environment. In which, everything you do is tracked. Your instinct is right imo. They want Google monitoring your mobile device as the primary piece. It's legislative market capture and fascism at the same time. No one company has to have all the info on you, but in forcing you to confirm yourself they make it so half a dozen can report on you if your habits trigger something. Half the technology is already in place as it's been built under the guise of better ad targeting.
Govt. say "to protect children, you have to install this app, under these conditions"
You want to protect childrens, so you do so
Govt. say "to protect this or that, we have to impose approved gates on many websites, based on the app you installed before"
You want to protect this or that, so you accept it
Govt. say "fuck you, you whatever is not in line with the fucking biggot at the helm of your country/federation/whatever, now we know what you do, we control what's allowed, and anything to get around the blocks is illegal and will land you in jail. Fuck you again, fucker."
You're a happy little plant in a pot.
Basically, it's not about porn. It's not about protecting kids. It's not about helping "victims of abuse". If anything, it's putting all these in more danger, along with everyone else.
Most western governments look at the ability of some of the more authoritarian places ability to just snap there fingers and make the entire internet go away with great envy.
Excuse me, censorship is not good in any way. The people should have the power to decide what they want to see, and what they want to say. Not government officials nor private platform owners.
What's going on with Europe lately? You all really want GOOGLE of all mega corps in control of your identity?
You're going the opposite way, it should be your right to install an alternate OS on your phone. If anything they should be banning Google licensed Android.
Its not the populace, our politicians just like in the US have gone rogue. People are voting for the nutters due to anti immigration propaganda and so increasingly getting far right. Its happening across the entire western world and its bad news for everyone.
Except this isn't even the right wing nutters doing it. These are mainstream politicians executing their power grabbing neolib agenda, with very little democratic oversight or public debate.
No one is laughing... We're horrified how the people who have been screaming "freedom" and being obnoxious about how much more free they are than anyone else in the entire universe, seem to love getting enslaved while being obnoxious about how cool it is to be enslaved.
Europe has its problems. We've had them for generations, and right now they're getting worse. But at least we have a culture of fighting back, something americans don't.
But at least we have a culture of fighting back, something americans don’t.
Talk is cheap. Prove it in the coming years. I really hope you're right, because I want SOMEWHERE to not be either a coporate fascist hellholle or a collapsed country in the future..
In Hungary, we still have people who think fascism is when "evil people do evil things for the sake of evil", so when fascists want to hurt Roma, LGBTQIA+, etc. people, no one dares to call them fascists as long as said people have "receipts" in the form of cobbled together statistics, and have a not too cruel solution.
Dude, I keep telling my possibly AfD voting cousin we're just a few years behind the US if things continue as they do. Our politicians aren't better people, they're just sneakier for now.
How long before that extends to PCs and non-Windows OSes are blocked? Also, add non-Chrome browsers to that as well (that includes Edge, Chromium, Brave, etc. as well as Firefox and its forks).
artyom
in reply to Gsus4 • • •Please don't link to Reddit. Context below:
The EU is currently developing a whitelabel app to perform privacy-preserving (at least in theory) age verification to be adopted and personalized in the coming months by member states. The app is open source and available here: github.com/eu-digital-identity….
Problem is, the app is planning to include remote attestation feature to verify the integrity of the app: github.com/eu-digital-identity…. This is supposed to provide assurance to the age verification service that the app being used is authentic and running on a genuine operating system. Genuine in the case of Android means:
While there is value to verify device security, this strongly ties the app to many Google properties and services, because those checks won't pass on an aftermarket Android OS, even those which increase security significantly like GrapheneOS, because the app plans to use Google "Play Integrity", which only allows Google licensed systems instead of the standard Android attestation feature to verify systems.
This also means that even though you can compile the app, you won't be able to use it, because it won't come from the Play Store and thus the age verification service will reject it.
The issue has been raised here github.com/eu-digital-identity… but no response from team members as of now.
GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
GitHubAGuyAcrossTheInternet likes this.
dubyakay
in reply to artyom • • •like this
AGuyAcrossTheInternet likes this.
artyom
in reply to dubyakay • • •like this
AGuyAcrossTheInternet likes this.
ggtdbz
in reply to artyom • • •I do feel like that’s a precarious state to leave this in, especially if they’re developing the backend for it.
Is there even enough momentum for a SKG-style wave of coverage? It would need to be justified properly by citing things like the Tea app data leak, to make a strong case (to political pencil pushers) for the danger of tying personal information to profiles or even to platforms. Otherwise the only thing they’ll see is “gamers want to make porn accessible to children”.
I don’t know. This whole situation boils my blood because I really care about online anonymity, and this is kind of nightmare scenario shit for me. I’m not even in the UK or EU.
like this
AGuyAcrossTheInternet e HeerlijkeDrop like this.
Ulrich
in reply to ggtdbz • • •We've had this shit in the US for a while now.
iii
in reply to dubyakay • • •To avoid people from simply copying the "age proof" and having others reuse it, a nonce/private key combo is needed. To protect that key a DRM style locked down device is necessary. Conveniently removing your ability to know what your device is doing, just a "trust us".
Seeing the EU doesn't make any popular hardware, their plan will always rely on either Asian or US manufacturers implementing the black-box "safety" chip.
General_Effort
in reply to iii • • •iii
in reply to General_Effort • • •General_Effort
in reply to iii • • •A phone can also be shared. If it happens at scale, it will be flagged pretty quickly. It's not a real problem.
The only real problem is the very intention of such laws.
iii
in reply to General_Effort • • •How? In a correct implementation, the 3rd parties only receive proof-of-age, no identity. How will re-use and sharing be detected?
General_Effort
in reply to iii • • •There are 3 parties:
1) the user
2) the age-gated site
3) the age verification service
The site (2) sends the request to the user (1), who passes it on to the service (3) where it is signed and returned the same way. The request comes with a nonce and a time stamp, making reuse difficult. An unusual volume of requests from a single user will be detected by the service.
iii
in reply to General_Effort • • •Neither 2 nor 3 should receive information about the identity of the user, making it difficult to count the volume of requests by user?
General_Effort
in reply to iii • • •iii
in reply to General_Effort • • •I must not be explaining myself well.
Yes, that's the point. They should be receiving information about age, and age only. Therefore they lack the information to detect reuse.
If they are able to detect reuse, they receive more (and personal identifying) information. Which shouldn't be the case.
The only known way to include a nonce, without releasing identifying information to the 3rd parties, is using a DRM like chip. This results in the sovereignty and trust issues I referred to earlier.
General_Effort
in reply to iii • • •The site would only know that the user's age is being vouched for by some government-approved service. It would not be able to use this to track the user across different devices/IPs, and so on.
The service would only know that the user is requesting that their age be vouched for. It would not know for what. Of course, they would have to know your age somehow. EG they could be selling access in shops, like alcohol is sold in shops. The shop checks the ID. The service then only knows that you have login credentials bought in some shop. Presumably these credentials would not remain valid for long.
They could use any other scheme, as well. Maybe you do have to upload an ID, but they have to delete it immediately afterward. And because the service has to be in the EU, government-certified with regular inspections, that's safe enough.
In any case, the user would have to have access to some sort of account on the service. Activity related to that account would be tracked.
If that is not good enough, then your worries are not about data protection. My worries are not. I reject this for different reasons.
iii
in reply to General_Effort • • •The reverse is also a necessity: the government approved service should not be allowed to know who and for what a proof of age is requested.
Of course not: both intentional and unintentional leaking of this information already happens, regularly. That information should simply not be captured, at all!
Additionally, what happens to, for example, the people in Hungary(*)? If the middle man government service knows when and who is requesting proof-of-age, it's easy to de-anonymise for example users of gay porn sites.
The 3rd party solution, as you present it, sounds terribly dangerous!
(*) Hungary as a contemporary example of a near despot leader, but more will pop up in EU over the coming years.
General_Effort
in reply to iii • • •It would send the proof to you. It would not know what you do with it. I gave an example in the previous post how the identity of the user could be hidden from the service.
It would be a lot easier to get that information from the ISP.
redjard
in reply to iii • • •There are plenty of people with full integrity on rooted phones. It's really annoying to set up and keep going, and requiring that would fuck over most rooted phone/custom os users, but someone to fully inspect and leak everything about the app will always be popping up.
iii
in reply to redjard • • •Look at the design of DRM chips. They bake the key into hardware. Some keys have been leaked, I think playstation 2 is an example, but typically by a source inside the company.
redjard
in reply to iii • • •That applies to play integrity, and a lot of getting that working is juggling various signatures and keys.
The suggestion above which I replied to was instead about software-managed keys, something handed to the app which it then stores, where the google drm is polled to get that sacred piece of data. Since this is present in the software, it can be plainly read by the user on rooted devices, which hardware-based keys cannot.
Play integrity is hardware based, but the eu app is software based, merely polling googles hardware based stuff somewhere in the process.
iii
in reply to redjard • • •I understand. In the context of digital sovereignty, even if the linked shitty implementation is discarded (as it should be), every correct implementation will require magic DRM-like chip. This chip will be made by a US or Asian manufacturer, as the EU has no manufacturing.
Appoxo
in reply to artyom • • •like this
AGuyAcrossTheInternet likes this.
artyom
in reply to Appoxo • • •Appoxo
in reply to artyom • • •If not it seems to me that it should be sufficient as to serve as a security this phone is legit and not emulated/compromised.
artyom
in reply to Appoxo • • •redjard
in reply to Appoxo • • •And the phone provider can naturally resolve their sim IDs down to the phone number they are assigned to.
Anything related to celltower interactions is PII.
UnfortunateShort
in reply to Gsus4 • • •Yeah no. Requiring anything Google for something as basic as this violates the GDPR. If they go through with this, it's one legal case until they have to revise it.
Edit: German eID works on any Android btw., flawless actually. I sure hope I can use that for verification
like this
AGuyAcrossTheInternet likes this.
boonhet
in reply to UnfortunateShort • • •like this
AGuyAcrossTheInternet likes this.
tribut
in reply to boonhet • • •EID can be used for anonymous age verification. It doesn't even need to give out your birthday and can attest to any "over the age of X" requirement.
Ref: bfdi.bund.de/DE/Buerger/Inhalt…
BfDI - Meldewesen und Statistik - Datenschutz beim Personalausweis mit eID
www.bfdi.bund.delike this
AGuyAcrossTheInternet likes this.
boonhet
in reply to tribut • • •like this
AGuyAcrossTheInternet likes this.
Hawk
in reply to tribut • • •"Government issued app can be used for anonymous age verification."
Doesn't sound like the most trustworthy statement...
SaharaMaleikuhm
in reply to UnfortunateShort • • •like this
AGuyAcrossTheInternet likes this.
UnfortunateShort
in reply to SaharaMaleikuhm • • •gian
in reply to UnfortunateShort • • •Same in Italy... I mean, I can pay taxes with that application but I cannot be verified for my age ? Seriously EU ?
General_Effort
in reply to UnfortunateShort • • •I wouldn't be too sure. Data protection mainly binds private actors. Any data processing demanded by law is legal. You'd really have to know the finer points of the law to judge if this is ok.
UnfortunateShort
in reply to General_Effort • • •General_Effort
in reply to UnfortunateShort • • •Data processing mandated by law is legal. Governments can pass laws, unlike private actors. Public institutions are bound by GDPR, but can also rely on provisions that give them greater leeway.
I don't see how that this is in any way necessary, either. But a judge may be convinced by the claim that this is industry standard best practice to keep the app safe. In any case, there may be some finer points to the law.
I'm not too sure about that, either. For example, when you are out of work, the state will cause you trouble if you do not find offered jobs acceptable.
It's another question, if not having access to age-gated content is so bad as to force you to do anything. Minors nominally have the same rights as full citizens, and they are to be denied access, too.
viking
in reply to Gsus4 • • •like this
AGuyAcrossTheInternet likes this.
ggtdbz
in reply to viking • • •a1studmuffin
in reply to Gsus4 • • •like this
AGuyAcrossTheInternet likes this.
tabular
in reply to a1studmuffin • • •like this
AGuyAcrossTheInternet likes this.
QueenHawlSera
in reply to Gsus4 • • •like this
AGuyAcrossTheInternet likes this.
rottingleaf
in reply to Gsus4 • • •As usual, it's the implementation that matters.
Someone jumped at me for comparing EU and MAGA to Stalin's and Hitler's regimes, quote, "arguing in newspapers whose worker class has been liberated more". Like they are not equal at all and all such.
Geth
in reply to Gsus4 • • •What is it with everyone being obsessed with porn censorship suddenly? Why is this a trend?
At first I thought it's about control and data gathering, but this seems like too much of a genuine attempt at such a system. Why is the government so obsessed with parenting and nannying the citizens?
like this
AGuyAcrossTheInternet likes this.
Vinstaal0
in reply to Geth • • •like this
AGuyAcrossTheInternet likes this.
Prime
in reply to Vinstaal0 • • •Vinstaal0
in reply to Prime • • •There is a bit of a conflict between the laws requiring certain companies to identify their clients and GDPR in basis, but there is something in GDPR that allows these companies to still collect the relevant data and use it or to verify the data and not store it depending on the use case.
The whole use case thing is even the reason why companies are allowed to collect data from you. You couldn't get anything delivered if this exception wasn't there, because they wouldn't be allowed to progress your address.
At least that's what I gathered from the Dutch implementation the AVG, when I last read it a couple years ago.
Bruncvik
in reply to Geth • • •Gsus4
in reply to Geth • • •iii
in reply to Geth • • •I think it's because people from outside the traditional political families are getting popular votes.
For the established politicians, blaming "the internet" and building a supressing censorship machine is easier than looking in the mirror and seeing where the discontent comes from.
WhatAmLemmy
in reply to Geth • • •General_Effort
in reply to Geth • • •Been wondering myself. It's certainly part of the general right-ward trend. Societies are becoming more illiberal. It's not just the right that is moving to the right.
Obscenity laws have always been about enforcing the "correct" sexuality. Protecting minors meant preventing them from becoming "confused"; ie becoming LGBTQ.
You also have growing nationalism. In Europe, people are saying we should enforce "our laws" and "our values" against meddling foreigners (ie Big Tech). It often sounds a lot like the rants against the "globalists" that have been a staple among the US far right for decades. Age verification is part of that.
For example, Germany has long enforced age verification within its borders. It's part of the whole over-regulation thing that makes competitive tech companies almost impossible in Europe. For some reason, Europeans have trouble accepting that. You can see it here on Lemmy. The solution must be to enshittify everything to level the playing field.
Altima NEO
in reply to Geth • • •NeilBrü
in reply to Geth • • •The legal precedent for gaining the ability to ban content under the guise of preventing the dissemination of "obscenity" allows the future banning of "obscene" political opinions and "obscene" dissent.
Once the "obscene" political content is banned, the language will change to "offensive".
After "offensive" content is banned, then the language will change to "inappropriate".
After "inappropriate", the language will change to "oppositional".
If you believe this is a "slippery slope" fallacy, then as a counterpoint, I would refer to the actual history of the term "politically correct":
lemonaz
in reply to NeilBrü • • •You're right but the example you gave seems to illustrate a different effect that's almost opposite — let me explain.
The phrase "politically correct" is language which meant something very specific, that was then hijacked by the far-right into the culture war where its meaning could be hollowed out/watered down to just mean basically "polite", then used interchangeably in a motte-and-bailey style between the two meanings whenever useful, basically a weaponized fallacy designed to scare and confuse people — and you know that's exactly what it's doing by because no right-winger can define what this boogeyman really means. This has been done before with things like: Critical Race Theory, DEI, cancel culture, woke, cultural Marxism, cultural bolshevism/judeo bolshevism (if you go back far enough), "Great Replacement", "illegals", the list goes on.
type of informal fallacy
Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)NeilBrü
in reply to lemonaz • • •I see your point. I should've limited my citation to the phrase's authoritarian origins from the early 20th century.
To clarify, the slippery slope towards "political correctness" I wanted to describe is a sort of corporate techno-feudalist language bereft of any real political philosophy or moral epistemology. It is the language of LinkedIn, the "angel investor class", financiers, cavalier buzzwords, sweeping overgeneralizations, and hyperbole. Yet, fundamentally, it will aim to erase any class awareness, empiricism, or contempt for arbitrary authority. The idea is to impose an avaricious financial-might-makes-right for whatever-we-believe-right-now way of thinking in every human being.
What I want to convey is that there is an unspoken effort by authoritarians of the so-called "left" and "right" who unapologetically yearn for the hybridization of both Huxley's A Brave New World and Orwell's 1984 dystopian models, sometimes loudly proclaimed and other times subconsciously suggested.
These are my opinions and not meant as gospel.
lemonaz
in reply to NeilBrü • • •I get what you mean. You're saying we're sliding towards something that brings back political correctness in its original definition, and I agree with you.
This resonates a lot. I'd argue we're already there. All this talk of "meritocracy" (fallaciously opposed to "DEI"), the prosperity gospel (that one's even older), it's all been promoting this idea of worthiness determined by net worth. Totalitarianism needs a socially accepted might-makes-right narrative wherever it can find it, then that can be the foundation for the fascist dogma/cult that will justify the regime's existence and legitimize its disregard for human life. Bonus points if you can make that might-makes-right narrative sound righteous (e.g. "merit" determines that you "deserve" your wealth, when really it's a circular argument: merit is never questioned for those who have the wealth, it's always assumed because how else could they have made that much money!).
StarryPhoenix97
in reply to Geth • • •cley_faye
in reply to Geth • • •Basically, it's not about porn. It's not about protecting kids. It's not about helping "victims of abuse". If anything, it's putting all these in more danger, along with everyone else.
End-Stage-Ligma
in reply to cley_faye • • •- actively defending child rape
- calls vaccines poison
- calls prenatal care and school lunch subsidy woke
- spends billions bombing brown children
TheFinn
in reply to End-Stage-Ligma • • •DeathByBigSad
in reply to Geth • • •FYI: Most of the world actually restricts, and some outright bans, porn.
Its only western countries that have unrestricted access to porn.
flop_leash_973
in reply to Geth • • •Blackmist
in reply to Geth • • •Electricd
in reply to Gsus4 • • •iii
in reply to Electricd • • •Electricd
in reply to iii • • •Sure, but it has some good sides as well
It's just a shame that they aren't just made of the good sides
TheLeadenSea
in reply to Electricd • • •Electricd
in reply to TheLeadenSea • • •TheLeadenSea
in reply to Electricd • • •Electricd
in reply to TheLeadenSea • • •My bad
My instance could also hint at it ;)
Wolf
in reply to Gsus4 • • •What's going on with Europe lately? You all really want GOOGLE of all mega corps in control of your identity?
You're going the opposite way, it should be your right to install an alternate OS on your phone. If anything they should be banning Google licensed Android.
reshared this
djpanini reshared this.
Gsus4
in reply to Wolf • • •Wolf
in reply to Gsus4 • • •I miss LineageOS so much, my last couple of phones haven't had a build of it and my asshole banking apps wont work on it now.
For my next phone i'm just not going to buy one unless it's already supported and if I have to skip online banking I'll do it.
joel_feila
in reply to Wolf • • •Wolf
in reply to joel_feila • • •I use cards, I don't even have NFC on my phone, but it is nice to be able to check my bank account, lock/unlock the card, deposit checks, etc.
I may be able to do most of that on the website, idk. Guess I'm probably going to find out 😀
Ushmel
in reply to Wolf • • •joel_feila
in reply to Wolf • • •BJ_and_the_bear
in reply to Wolf • • •adr1an
in reply to Gsus4 • • •BrightCandle
in reply to Wolf • • •dreadbeef
in reply to BrightCandle • • •DefederateLemmyMl
in reply to BrightCandle • • •GreenKnight23
in reply to Wolf • • •to hear it from any non-Americans on lemmy they're better than America.
looks like they're just as susceptible to this fascist bullshit to me though...
Nico198X
in reply to GreenKnight23 • • •We invented this bullshit, of course we're susceptible.
Still better than America, though ;P XD
NιƙƙιDιɱҽʂ
in reply to GreenKnight23 • • •SonOfAntenora
in reply to GreenKnight23 • • •I call it effective authoritarianism, it's a sugar coated baton
jabjoe
in reply to Wolf • • •Draedron
in reply to Wolf • • •ZILtoid1991
in reply to Draedron • • •joel_feila
in reply to Gsus4 • • •eleitl
in reply to joel_feila • • •DeathByBigSad
in reply to eleitl • • •eleitl
in reply to DeathByBigSad • • •renamon_silver
in reply to Gsus4 • • •0x0
in reply to renamon_silver • • •samus12345
in reply to 0x0 • • •MBech
in reply to samus12345 • • •No one is laughing... We're horrified how the people who have been screaming "freedom" and being obnoxious about how much more free they are than anyone else in the entire universe, seem to love getting enslaved while being obnoxious about how cool it is to be enslaved.
Europe has its problems. We've had them for generations, and right now they're getting worse. But at least we have a culture of fighting back, something americans don't.
samus12345
in reply to MBech • • •Talk is cheap. Prove it in the coming years. I really hope you're right, because I want SOMEWHERE to not be either a coporate fascist hellholle or a collapsed country in the future..
ZILtoid1991
in reply to MBech • • •Randelung
in reply to samus12345 • • •samus12345
in reply to Randelung • • •carrylex
in reply to Gsus4 • • •looks inside:
Hosted on GitHub in the US 👏
CoffeeTails
in reply to carrylex • • •sexy_peach
in reply to Gsus4 • • •cley_faye
in reply to Gsus4 • • •Zachariah
in reply to Gsus4 • • •Wayback Machine
web.archive.orgBlaster M
in reply to Gsus4 • • •ZILtoid1991
in reply to Blaster M • • •DFX4509B
in reply to Gsus4 • • •