Archive for the ‘Age Verification’ Category

Read more uk_internet_censors.htm at MelonFarmers.co.uk

DCMS logoMore than £2m of taxpayers’ money was spent preparing for the age verification for porn censorship regime before the policy was dropped in early October, the government has revealed.

The bulk of the spending, £2.2m, was paid to the BBFC to do the detailed work on the policy from 2016 onwards. Before then, additional costs were borne by the Department for Digital, Culture, Media and Sport, where civil servants were tasked with developing the proposals as part of their normal work.

Answering a written question fromthe shadow DCMS secretary, Tom Watson, Matt Warman for the government added: Building on that work, we are now establishing how the objectives of part three of the Digital Economy Act can be delivered through our online harms regime.

It is not just government funds that were wasted on the abortive scheme. Multiple private companies had developed systems that they were hoping to provide age verification services.

The bizarre thing was all this money was spent when the government knew that it wouldn’t even prevent determined viewers from getting access to porn. It was only was only considered as effective from blocking kids from stumbling on porn.

So all that expense, and all that potential danger for adults stupidly submitting to age verification, and all for what?

Well at least next time round the  government may consider that they should put a least a modicum of thought about people’s privacy.

It’s not ALL about the kids. Surely the government has a duty of care for adults too. We need a Government Harms bill requiring a duty of care for ALL citizens. Now that would be a first!

Report contains little to advance progress in the child safety game, maybe the government needs to buy another and hope for better luck next time

Read more megames.htm at MelonFarmers.co.uk

The argument about loot boxes being gambling is very tiresome. The debate about whether they are akin to gambling has become more important than the debate about how to keep children safe. Surely Loot boxes can be deemed an unacceptable monetisation method for children on its own merits, without trying to match apples to pears.Longfield seems a bit new to the job, she is now calling for small games to be fully vetted by censors when this approach was given up ten years ago due to the unmanageable volume and unviable economics of expensive censors checking small games.

She is also dreaming that age verification is some sort of panacea for all societies ills. Parents generally know exactly what age their kids are, but the knowledge doesn’t magically make for an idyllic childhood.

gaming the system Anne Longfield, the Children’s Commissioner for England, has published a report, Gaming the system’ which looks at the experiences of children who play games online. The Children’s Commissioner’s Office commissioned the research company Revealing Reality to speak to groups of children who play online games like FIFA, Fortnite and Roblox about what they love and what worries them about gaming, both to shine a light on their experiences and to inform policy recommendations.

With 93% of children in the UK playing video games, the Children’s Commissioner is today calling for new rules to tighten up gambling laws and to address the worries children have expressed about how they feel out of control of their spending on online games.

However, it also reveals the drawbacks, in particular highlighting how many children are spending money on ‘in-game’ purchases because they feel they have to in order to keep up with friends or to advance in the game.

The report also shows how some children feel addicted to gaming and do not feel in control of the amount of time they spend playing games. Younger children told us they are playing games for an average of two to three hours a day, whereas older children are playing for three or more hours.

To address the concerns raised by children in the report, the Children’s Commissioner makes a number of recommendations, including:

  • Bringing financial harm within the scope of the Government’s forthcoming online harms legislation. Developers and platforms should not enable children to progress within a game by spending money and spending should be limited to items which are not linked to performance.

  • All games which allow players to spend money should include features for players to track their historic spend, and there should be maximum daily spend limits introduced in all games which feature in-game spending and turned on by default for children.

  • The Government should take immediate action to amend the definition of gaming in section 6 of the Gambling Act 2005 to regulate loot boxes as gambling.

  • The Government’s age appropriate design code must include provisions on nudge techniques and detrimental use of data, as proposed in the draft code.

  • Games that are distributed online should be subject to a legally enforceable age-rating system, just as physical games are. There should be a requirement for an additional warning to be displayed for games which facilitate in-game spending. The Government should consult on whether age ratings of all games should be moderated pre-release, just as physical games are.

  • Online games should be a key focus of digital citizenship lessons in schools, rather than lessons focusing exclusively on social media. Teachers involved in the delivery of these lessons should be familiar with how key online games that are popular with children work.

Read more uk_internet_censors.htm at MelonFarmers.co.uk

nicky morgan Nicky Morgan, Secretary of State for Digital, Culture, Media and Sport, issued a written statement cancelling the government’s current plans to require age verification for porn. She wrote:

The government published the Online Harms White Paper in April this year. It proposed the establishment of a duty of care on companies to improve online safety, overseen by an independent regulator with strong enforcement powers to deal with non-compliance. Since the White Paper’s publication, the government’s proposals have continued to develop at pace. The government announced as part of the Queen’s Speech that we will publish draft legislation for pre-legislative scrutiny. It is important that our policy aims and our overall policy on protecting children from online harms are developed coherently in view of these developments with the aim of bringing forward the most comprehensive approach possible to protecting children.

The government has concluded that this objective of coherence will be best achieved through our wider online harms proposals and, as a consequence, will not be commencing Part 3 of the Digital Economy Act 2017 concerning age verification for online pornography. The Digital Economy Act objectives will therefore be delivered through our proposed online harms regulatory regime. This course of action will give the regulator discretion on the most effective means for companies to meet their duty of care. As currently drafted, the Digital Economy Act does not cover social media platforms.

The government’s commitment to protecting children online is unwavering. Adult content is too easily accessed online and more needs to be done to protect children from harm. We want to deliver the most comprehensive approach to keeping children safe online and recognised in the Online Harms White Paper the role that technology can play in keeping all users, particularly children, safe. We are committed to the UK becoming a world-leader in the development of online safety technology and to ensure companies of all sizes have access to, and adopt, innovative solutions to improve the safety of their users. This includes age verification tools and we expect them to continue to play a key role in protecting children online.

The BBFC sounded a bit miffed about losing the internet censor gig. The BBFC posted on its website:

BBFC logo The introduction of age-verification on pornographic websites in the UK is a necessary and important child protection measure. The BBFC was designated as the Age-verification Regulator under the Digital Economy Act 2017 (DEA) in February 2018, and has since worked on the implementation of age-verification, developing a robust standard of age-verification designed to stop children from stumbling across or accessing pornography online. The BBFC had all systems in place to undertake the role of AV Regulator, to ensure that all commercial pornographic websites accessible from the UK would have age gates in place or face swift enforcement action.

The BBFC understands the Government’s decision, announced today, to implement age-verification as part of the broader online harms strategy. We will bring our expertise and work closely with government to ensure that the child protection goals of the DEA are achieved.

I don suppose we will ever hear the real reasons why the law was ditched, but I suspect that there were serious problems with it. The amount of time and effort put into this, and the serious ramifications for the BBFC and age verification companies that must now be facing hard times must surely make this cancelling a big decision.

It is my guess that a very troublesome issue for the authorities is how both age verification and website blocking would have encouraged a significant number of people to work around government surveillance of the internet. It is probably more important to keep tabs on terrorists and child abusers rather than to lose this capability for the sake of a kids stumbling on porn.

Although the news of the cancellation was reported today, Rowland Manthorpe, a reporter for Sky News suggested on Twitter that maybe the idea had already been shelved back in the summer. He tweeted:

When @AJMartinSky and I broke the news that the porn block was being delayed again, we reported that it was on hold indefinitely. It was. Then our story broke. Inside DCMS a sudden panic ensued. Quickly, they drafted a statement saying it was delayed for 6 months

Read more uk_internet_censors.htm at MelonFarmers.co.uk

nicky morgan House of Commons, 3rd October 2019.

The Secretary of State for Digital, Culture, Media and Sport (Nicky Morgan):

THon. Members will be aware of our ongoing work to keep people safe online and our proposals around age verification for online pornography. I wish to notify the House that the standstill period under the EU’s technical services and regulations directive expired at midnight last night. I understand the interest in this issue that exists in all parts of the House, and I will update the House on next steps in due course.

Read more uk_internet_censors.htm at MelonFarmers.co.uk
ICO’s Data Protection Training
The Pavlov Method
nodding dog
 ☑  Yes I won’t read this message. and yes you can do what the fuck you like with my porn browsing data
 ☑  Yes please do, I waiver all my GDPR rights
 ☑  Yes I won’t read this message. and yes, feel free to blackmail me
 ☑  Yes you can do anything you like ‘to make my viewing experience better’
 ☑  Yes, no need to ask, I’ll tick anything

With callous disregard for the safety of porn users, negligent lawmakers devised an age verification scheme with no effective protection of porn users’ identity and porn browsing history.The Government considered that GDPR requirements, where internet users are trainer to blindly tick a box to give consent to the internet companies doing what the fuck they like with your data. Now internet users are well conditioned like Pavlov’s dog to tick the hundreds of tick boxes they are presented with daily. And of course nobody ever reads what they are consenting to, life’s too short.

After a while the government realised that the total lack of data protection for porn users may actually prevent their scheme form getting off the ground, as porn users simply would refuse to get age verified. This would result in bankrupt AV companies and perverse disinsentives for porn websites. Those that implement AV would then experience a devastating drop off in traffic and those that refuse age verification would be advantaged.

So the government commissioned a voluntary kitemark scheme for AV companies to try and demonstrate to auditors that they keep porn identity and browsing history safely. But really the government couldn’t let go of its own surveillance requirements to keep the browsing history of porn users. Eventually some AV companies won the right to have a scheme that did not log people’s browsing history, but most still do maintain a log (justified as ‘fraud protection’ in the BBFC kitemark scheme description).

well Now it appears that those that try to avoid the dangers of AV via VPNs may be not s safe as they would hope. The Henry Jackson Society has been researching the VPN industry and has found that 30% of VPNs are owned by Chinese companies that have direct data paths to the Chinese government.

Surely this will have extreme security issues as privately porn using people could then be set up for blackmail or pressure from the Chinese authorities.

The government needs to put an end to the current AV scheme and go back to the drawing board. It needs to try again, this time with absolute legal requirements to immediately delete porn users identity data and to totally ban the retention of browsing logs.

Anyway, the Henry Jackson Society explains its latest revelations:

henry jackson society logo Chinese spies could exploit Government’s new porn laws to gather compromising material on businessmen, civil servants and public figures, say think tanks.

They say Chinese firms have quietly cornered the market in technology that enables people to access porn sites without having to register their personal details with age verification firms or buy an age ID card in a newsagent.

The new law require those accessing porn sites to prove they are 18 but the checks and registration can be by-passed by signing up to a Virtual Private Network (VPNs). These anonymise the location of a computer by routing its traffic through a server based at remote locations.

It has now emerged through an investigation by security experts that many of the VPNs are secretly controlled by Chinese owned firms 203 as many as 30% of the networks worldwide.

It means that a VPN users’ viewing habits and data can not only be legally requested by the Chinese Government under its lax privacy laws but the VPNs could themselves also be state-controlled, according to the Adam Smith Institute and Henry Jackson Society.

Sam Armstrong, spokesman for the Henry Jackson Society, said:

A list of billions of late-night website visits of civil servants, diplomats, and politicians could 203 in the wrong hands — amount to the largest-ever kompromat file compiled on British individuals.

Those in sensitive jobs are precisely the types of individuals who would seek to use a VPN to circumvent the trip to the newsagent to buy a porn pass.

Yet, the opaque ownership of these VPNs by Chinese firms means there is a real likelihood any browsing going through them could fall into the hands of Chinese intelligence.

Read more uk_internet_censors.htm at MelonFarmers.co.uk
ICO’s Data Protection Training
The Pavlov Method
nodding dog
 ☑  Yes I won’t read this message. and yes you can do what the fuck you like with my porn browsing data
 ☑  Yes please do, I waiver all my GDPR rights
 ☑  Yes I won’t read this message. and yes, feel free to blackmail me
 ☑  Yes you can do anything you like ‘to make my viewing experience better’
 ☑  Yes, no need to ask, I’ll tick anything

Digital Minister Margot James has apologised for the six-month delay on the so-called porn block, which had been due to take effect today (16th July). It is designed to force pornography websites to verify users are over 18.

But the law has been delayed twice – most recently because the UK government failed to properly notify European regulators. James told the BBC:

I’m extremely sorry that there has been a delay. I know it sounds incompetent. Mistakes do happen, and I’m terribly sorry that it happened in such an important area,

Of course the fundamental mistake is that the incompetent lawmakers cared only about ‘protecting the children’ and gave bugger all consideration to the resulting endangerment of the adults visiting porn sites.

It took the government months, but it finally started to dawn on them that perhaps they should do something to protect the identity data that they are forcing porn users to hand over that can then be pinned to their porn browsing history. They probably still didn’t care about porn users but perhaps realised that the scheme would not get of the ground if it proved so toxic that no one would ever sign up for age verification at all.

Well as a belated after thought the government, BBFC and ICO went away to dream up a few standards that perhaps the age verifiers ought to be sticking to try and ensure that data is being kept safe.

So then the whole law ended up as a bag of worms. The authorities now realise that there should be level of data protection, but unfortunately this is not actually backed up by the law that was actually passed. So now the data protection standards suggested by the government/BBFC/ICO are only voluntary and there remains nothing in law to require the data actually be kept safe. And there is no recourse against anyone who ends up exploiting people’s data.

The Open Rights Group have just written an open letter to the government to ask that government to change their flawed law and actually require that porn users’ data is kept properly safe:

The Rt Hon Jeremy Wright QC MP Secretary of State for Digital, Culture, Media and Sport

Re: BBFC Age Verification Privacy Certification Scheme

Dear Secretary of State,

open rights group 2016 logo We write to ask you to legislate without delay to place a statutory requirement on the British Board of Film Classification (BBFC) to make their privacy certification scheme for age verification providers mandatory. Legislation is also needed to grant the BBFC powers to require compliance reports and penalise non-compliant providers.

As presently constituted, the BBFC certification scheme will be a disaster. Our analysis report, attached, shows that rather than setting out objective privacy safeguards to which companies must adhere, the scheme allows companies to set their own rules and then demonstrate that these are being followed. There are no penalties for providers which sign up to the standard and then fail to meet its requirements.

The broadly-drafted, voluntary scheme encourages a race to the bottom on privacy protection. It provides no consistent guarantees for consumers about how their personal data will be safeguarded and puts millions of British citizens at serious risk of fraud, blackmail or devastating sexual exposure.

The BBFC standard was only published in April. Some age verification providers have admitted that they are not ready. Others have stated that for commercial reasons they will not engage with the scheme. This means that the bureaucratic delay to age verification’s roll-out can now be turned to advantage. The Government needs to use this delay to introduce legislation, or at the least issue guidance under section 27 of the Digital Economy Act 2017, that will ensure the privacy and security of online users is protected.

We welcome the opportunity to bring this issue to your attention and await your response.

Yours sincerely,

Jim Killock Executive Director Open Rights Group

10th July 2019. See article from ispa.org.uk and article from techdirt.com

villain The villains of ISPA have withdrawn their nomination of the heroic Mozilla as an internet villain. ISPA writes:

Last week ISPA included Mozilla in our list of Internet Villain nominees for our upcoming annual awards.

In the 21 years the event has been running it is probably fair to say that no other nomination has generated such strong opinion. We have previously given the award to the Home Secretary for pushing surveillance legislation, leaders of regimes limiting freedom of speech and ambulance-chasing copyright lawyers. The villain category is intended to draw attention to an important issue in a light-hearted manner, but this year has clearly sent the wrong message, one that doesn’t reflect ISPA’s genuine desire to engage in a constructive dialogue. ISPA is therefore withdrawing the Mozilla nomination and Internet Villain category this year.

TechDirt noted that the ISPA nomination was kindly advertising Mozilla’s Firefox option for DNS over HTTPS:

ISPA nominated Mozilla for the organization’s meaningless internet villain awards for, at least according to ISPA, undermining internet safety standards in the UK:

Of course Mozilla is doing nothing of the sort. DNS over HTTPS not only creates a more secure internet that’s harder to filter and spy on, it actually improves overall DNS performance, making everything a bit faster. Just because this doesn’t coalesce with the UK’s routinely idiotic and clumsy efforts to censor the internet, that doesn’t somehow magically make it a bad idea.

Of course, many were quick to note that ISPA’s silly little PR stunt had the opposite effect than intended. It not only advertised that Mozilla was doing a good thing, it advertised DNS over HTTPS to folks who hadn’t heard of it previously. Matthew Prince P (@eastdakota) tweeted:

Given the number of people who’ve enabled DNS-over-HTTPS in the last 48 hours, it’s clear @ISPAUK doesn’t understand or appreciate @mmasnick’s so-called “Streisand Effect.”