- cross-posted to:
- privacy@lemmy.ml
- cross-posted to:
- privacy@lemmy.ml
Finally it seems the end of Reddit is near.
You must log in or register to comment.
deleted by creator
Time to go to LemmyNSFW
Under the new UK law, lemmynsfw would also need to have some kind of age verification for UK users.
This. Can’t believe we’re seeing “lol Reddit sucks” when this is a country-wide implementation and has nothing to do with Reddit in particular.
So, the UK sucks.
Beware USA :(((
Supreme Court’s ruling practically wipes out free speech for sex writing online (July 4, 2025)
[commented the same a few days back]
This is why many adult sites are banning access if your IP is from TN or any of the other american states that love jesus more than freedom.
But americans don’t love Jesus, they shit all over his teachings and would deport him if he came to their doorstep.
Explains the sudden advertisement in vpns, but I’m afraid they will have to shell out more proxies eventually
Happy birthday, USA
Something similar is coming to Australia as well.
You are correct. But this doesn’t lessen the extent to which reddit sucks.
Real talk - or what? If LemmyNSFW isn’t based in the UK, what can they do?
Block it? I’d rather have that than deal with processing users face data.
Honestly I have no idea. I guess they could just block it if they don’t comply?
deleted by creator
Well as a Lemmy admin I’ll see if they seriously enforce this on international sites. If not, I won’t worry about it. If so, the UK gets blocked. 🤷🤷🤷
I doubt they’ll be going after niche sites anyway. Big dogs like reddit, sure. Sites dedicated to porn probably. Everyone else? Doubt it.
Even though LemmyNSFW is outside of the UK the admins of any instance will be responsible for verification of UK users because of this law. This is why .zip (Lemmy and PieFed) have geoblocked the UK. It’s a lot of work and responsibility to take on.
Here’s the post from Demigodrick explaining this situation better than I can.
Yeah only if the UK can actually manage to enforce any consequences to site admins outside the UK. I’ll wait and watch.
I believe if the UK finds a site that doesn’t comply with the law, they will block it from their side of things. I haven’t read anything about websites needing to be proactive to block the UK if they don’t plan to comply.
Just curious, how would this happen in practice? As I understand lemmy instances are defederated across the globe. Who would they send their demands to? Also there is already some nsfw content in lemmy, are those expected to respond now in some way?
Maybe they’ll just make the Fediverse illegal in the UK. Or all non-corporate sites that can’t afford to pay a company like Persona.
Or it can just defederate from UK based instances.
.zip has already been trying to figure out how to handle this law, its also UK based.
That’s always down when I want to use it :(
It’s always up when I use it … Oh you meant the site, sorry
It’s always down for it :)
It is not just that, I don’t trust Persona security, if a malicious actor installed a silent program that monitors users and sends it to a command and control center they probably won’t know for months or even years. Cyber security is very bad in most companies.
Very careful wording there to switch between Persona and Reddit to conveniently omit one from the justification given by the other.
Presses X furiously
Why doubt, I mean they promised?
Google uses reddit for its AI training. Just saying.
God help us all.
Oh the cute little corpo is promising to delete your data, how can we not trust him🥺🥺
deleted by creator
UK is full blown authoritarian now. They have been arresting journalists who are covering the genocide in Gaza and designated a direct action protest group as a terrorist organisation.
These assholes are all pedophiles and they use it to control the planet. To get to high levels of government, you must enter the shadow contract of pedophilia. It is easy to control people and trust people with that kind of shadow on them, so it is required.
Then they turn around and use pedophilia to control everyone else. Any tech that threatens their power, they can immediately shutdown by pedo-bombing it. The counter to pedobombing is authoritarian moderation. Once you have that, it is over. The government they control now can control the mods, and that means they control the narrative. THAT is one of the core enemies to fight. An alternative to Reddit or any other system is not enough.
Because pedophilia is such a taboo / social death sentence, it is among the most powerful shadow contracts.
“They” who?
Removed by mod
Yes only the powerful Americans are pedophiles, nobody else
Removed by mod
Those that have entered into the shadow contract. A shadow contract is one of few mechanisms to enter large-scale consensus (it isn’t THAT large when compared to a solar or galactic scale, but large enough for planetary control, and with some clever management, can scale larger).
Consensus requires untrusted sovereigns agreeing to collective action. It is a very difficult mechanism to operate. One way is by having a crime so heinous, the mass population block would eviscerate you if it came to light.
Pedophilia is king among these shadow cornerstones. It illustrates a total lack of empathy, no protective nature towards the innocent, no concern for the perceptions of society, high intellect / manipulation abilities, and a willingness to do anything. You can say it is the “panther” among the shadows.
So most leadership is among that tribe, which is why they are the way they are. It is only logical.
There are other tribes as well. Use your imagination and the answers will follow.
Funny thing, Reddit did that “circle” event many years ago. How big did anyone’s circle get? That is an example of what I am explaining. It is nearly game theoretically impossible to have large scale consensus without some mechanism to make sure people are on the same page.
This is a combination of terrible legislation in the UK meets awful social media site.
The Online Safety Act is an abomination, compromising the privacy and freedom of the vast majority of the UK in the name of “protecting children”.
I’m of the view parents are responsible for protecting their children. I know it’s hard but the Online Safety Act is not a solution.
All it will.do is compromise the privacy and security of law abiding adults while kids will still access porn and all the other really bad stuff on the Internet will actually be unaffected. The dark illegal shit on the Internet is not happening on Pornhub or Reddit.
The UK is gradually sliding further and further into censorship, and authoritarianism and all the in the name of do gooders. It’s scary to watch.
The online safety act isn’t actually about protecting children. That’s a smoke screen for a surveillance bill. They want to eliminate anonymity online.
The solution to all of this “think of the children” stuff is that devices owned/used by children should have to be registered as a child’s device, which would enable certain content blockers.
Forcing adults to verify their identity, rather than simply activating some broad based restrictions on devices being purchased for child use, is a waste of time. Kids will still find workarounds. Adult privacy will be compromised.
Its also an easily enforceable policy to require registration of children’s devices. You can hold the parents to compliance. You can hold the carriers to compliance. Its truly the simplest way to keep kids from accessing porn without having to mess with adult use of the internet whatsoever
The solution to all of this “think of the children” stuff is that devices owned/used by children should have to be registered as a child’s device, which would enable certain content blockers.
That’s kinda the case right now already, but the problem is that adult-only sites don’t work with that currently.
So the right solution would be to mandate that e.g. all sites are required to return a header with an age recommendation or something similar, so that a device set to child-mode then can block all these sites. And if a site doesn’t set the header, it will also get blocked on child-mode devices
Wouldn’t be too hard to do, and accidental overblocking would only occur on child-mode devices, so there’s not much of a loss there.
Legislation could then be focussed on mandating that these headers aren’t falsely set (e.g. a porn site setting the header to child-friendly).
Allow listing sounds like the better solution. Ie the device had a list of remotes approved by the parents.
That way there’s no need to police every website in the world in perpetuity.
Listing already exists, but in practice it’s quite impractical, mainly because it’s either not granular enough or too granular.
If the listing feature allows me to allow/deny on a domain basis, then allowing Wikipedia for example would mean that I’d also allow all the non-child-friendly content on there too. Like the literal full-length porn videos or the photographies of genital torture that are on there. And if I block all of Wikipedia, I also block all of the hundreds of thousands of informative and totally child-acceptable pages on there.
If, on the other hand, I allow/deny on a per-page basis, then using the internet becomes nigh unmanageable, because each click of my kid requires me to allow/deny the next page. It’s not that often when using the internet that you access the same exact url every day without clicking to sub-pages.
A header would solve that issue. That way I could e.g. allow all Wikipedia articles that are rated for ages 6 and that’s ok. The rating should of course be like for movies, so that it doesn’t mean that a child would understand the articles, but that there’s nothing child-endangering in there like the videos and images (and accompanying texts) mentioned above.
Adult privacy will be compromised.
Goal achieved. “Think of the children” is subterfuge.
I don’t think this is a good idea…
This is even more invasive - it would mean all the traffic and activity in every device would be traceable to a registration. Whereas now they might have a pretty good lock on individual device ids, they’d then have an actual registry of devices and owners to verify it against
A simple toggle, secured with a password would do it. Child’s device Y/N. If no, proceed. Your browser or whatever app you’re using would only need to see that one setting, and it’s not much different than your browser looking at any number of settings on your device.
Shit with TWO toggles, the other being “is this child under the age of 13?” You could even force sites like YouTube actually to comply with federal law about targeting minors with advertising.
But. These laws aren’t actually about protecting children, they’re about establishing a real identity for every person online.
A simple toggle, secured with a password would do it.
Yea, that’s the thing - I don’t think it would ‘do’ it for legislators. Like you mentioned - it’s not really about protecting children, but also the only way to enforce a law like this would be to log or register devices to specific people or children. This would essentially just shift the point of verification from the individual website to the point of sale of the phone or tablet. Verifying the age is the part that necessitates identification - the only thing a hardware-locked strategy does is centralizes that verification to a governing body instead of individual websites, but it still associates individuals with specific devices.
I get why this might seem preferable, but the problem of online privacy still persists.
Your solution is worse.
As is, it is the responsibility of the content provider to make sure that they are distributing only to people who are legally allowed to have it.
With age-verification the user has to prove that they are allowed to access the content, then the site can distribute it to them.
Your approach is to distribute the content by default and only deny it to ChildDevices. In order for this to work at all, you have to mandate that children can only use ChildDevices. This is soooo much worse than simply requiring that adults who want to see certain content have to prove that they can legally access it. If adults have reservations about providing ID for pornography, the loss of such content seems to be much less than denying children Internet access. (Although, I’m sure that Lemmings would disagree for obvious reasons).
The arguments that I’ve seen against that is that the problem is the hardware. The child can figure out/find a hack to circumvent the restrictions. A determined 11/12 year old could do it. They’re the ones who still need restriction.
So what you’re telling me is you don’t think an 11/13/14 yo could use an LLM to age up a selfie to gain access to subreddits they shouldn’t be accessing (legally or morally). But you do think that same age group of children is going to gain root access to a device in order to flash some software to circumvent a device specific toggle limiting their device by hard coding it as a child’s device.
Tbh I’m surprised they’re not asking for government issued id along with the selfie.
I’m gonna be honest here. I don’t think it would be that difficult for a kid to get both from their parent.
that’s what happens when the uk has had 40+ years of constant tory rule (and yes blue labour are tories)
If a politician says it’s to help the children, it’s almost safe to assume they themselves rape children, at least in America.
Yeah, I will definitely trust an internet stranger with my face so they can verify that I’m not underage to access content which could, in case of being leaked, damage my reputation or even destroy my life.
DEFINITELY
If the UK is going to require adult verification it should be built into your internet contract. Yeah, I’m an adult. I’m paying my bills, of course I’m a fucking adult. I over pay for this garbage internet.
Uploading a selfie? The ai is going to determine if you’re over 18? Can the ai determine if the selfie is also ai?
Yeah, it’s some serious BS. They are forcing you to hand over and trust Reddit with your personal information, yet I wouldn’t trust them if my life depended on it.
At the very least, someone in charge of this legisltion should learn OAuth2 and force the sites they want to comply by only let those OAuth2 accounts access their adult content. If I was in the UK, I’d just pay for a VPN over giving my photo to Reddit. That site is a lobby brigade hellhole whose “we know your dark secrets, we know everything” owner is also probably trading your account details on the side.
Can the AI determine if I’m just uploading photos of Kier Starmer as my ID?
The current answer is that it is very difficult to determine if something was AI generated at scale, and if someone puts some effort in its effectively impossible currently.
it should be built into your internet contract
This works fine with personal contracts like your mobile. (EE has a porn filter that you can disable in your account.)
But it doesn’t quite work for contracts that usually have multiple users. Like your home Internet. Because a child could connect to your WiFi and access that shmutz.
Parental controls exist. Why should single adults be forced to jump through hoops because most parents are lazy fucks who don’t take responsibility for their kids?
because most parents are lazy fucks who don’t take responsibility for their kids
These laws aren’t a response to a real problem. The kids are fine. The parents are usually fine. These laws are posturing at best.
Because it’s always a few fuckwits ruining it for the rest.
Then have the ISPs provide an interface to set which devices can access porn. No ID required.
Or even simples. Just like you have a guest WiFi, have a kids WiFi and an adult wifi
Which has been possible for decades now. People are just so dumb and lazy they rather accept a deep invasion of everyone’s privacy.
Yes. But honestly one of the main complains I’ve seen is not that this is wrong, but that they passed the law without having planned how they should do it while keeping the users safe and private.
Having a WiFi for kids and WiFi for adults could achieve the desired result without really compromising privacy (I think, but I’m not sure), or even enhancing it, since using Facebook on a kids WiFi would mean that Facebook thinks that you are a kids and KONWS they can’t legally track you
Also we could change some dumb rules on other like no posting nudity, since now if a user is using an adult WiFi, they should be treaded as adults. Want to post nudes on twitter? Sure, tag it as such and only adults will see them
In 5minutes on Lemmy we have come up with better ideas than the current law. They didn’t think about this nor heard the critics that have been saying this is a bad idea for years
But then again. What can we expect from people that trus t electronic voting
Edit: forgot this was about the UK. iDK if they have electronic voting
Your ISP doesn’t see which device accesses the Internet. They only see their router.
OTOH, most routers already have features to block websites for specific client devices. But good luck putting the onus on the parents to configure that properly.
They can see and manage the router remotely no reason why they couldn’t do it. Mine let’s me turn off the router lights, change the WiFi password or turn of the WiFi all together.
How do you think this will go down? Parents calling the ISP with “please unblock porn sites for me”? I see various things why this won’t work. From ISPs not wanting to increase the number of service calls over Apple’s Private WiFi MAC addresses to these kind of customers not even knowing how their devices appear on the router. Nah, completely unfeasible.
What if I’m actually a set of traffic lights and the AI can’t work out what I am from my selfie?
Just send an AI selfie problem solved.
Well, I guess i am going to be regularly updating the metadata on my most recent selfie.
Oh dear. What a dreadful business.
Anyway, this is mine.
What’s to stop uploading a random picture of a person? Or even an AI generated person? I get what they’re trying to do, but seems like legislative theater more than anything.
I’ve once attempted to open a bank account where they wanted video proof, and expected me to say a randomly assigned phrase, to solve the issue you mention.
I didn’t do it. Fucking KYC is BS.
Banks are highly regulated so it is not surprising that they would be strict in this, reddit on the other hand has no business doing it.
has no business doing it.
Reddit is doing this as a response to regulation as well (1). Governments all around europe (2) are turning communications into a highly regulated environment (“for the children”), because they’re afraid of people communicating and having thoughts. UK is just one of the early adaptors.
Banks have many safeguard to protect clients for example PCI DSS. On the other hand as far as I know this is a law requiring them to verify people and I don’t think there is a standard for this. Every company will do its own thing. Highy regulated would require them to have some standard, and I don’t see that.
Seems like you use the phrase “highly regulated” differently then me. You use it to describe the “how”, for me the “what” is sufficient.
From my point of view the law heavily restricts, as in highly regulates, people’s freedom to be, that’s the mistake. Doesn’t matter the specific implementation, acronym, task force, …
.
So from my experience of these type of systems (mostly in the context of banking services) they normally want to use your devices camera to take the picture directly, and normally also want a photo of a photographic ID to compare against.
Let’s not forget all that lovely metadata they can harvest by accessing the camera module, including the exact GPS co-ordinates the picture was taken.
Within banking apps it has become the norm, it shouldn’t mean it’s acceptable, but for the wider community it is accepted.
But for a fucking forum?? Christ. Especially at a time when Europe are trying to establish digital sovereignty and all of the stories coming out about the US government having access to data. We already know that they are willing to share that with the highest bidder (s).
People would have to be absolute morons to upload anything personal to Reddit, nevermind your photo ID like a passport or driving licence. But obviously that’s what they’re banking on (people being morons).
Within banking apps it has become the norm
“The fucking fuck?” — America
Not the norm here in Canada. Not with any banking app I’ve used anyway.
The photo will be uploaded to Persona, not Reddit, if their blurb is to be believed. But yes, it’s nuts, and also now required by law.
Sounds like a good area that’s about to get a whole lot better at faking this system. I would just take a picture of a picture if that’s what it takes. Then again, I would never do this and will just look elsewhere.
Like father, like son, I guess.
To follow compliance with the Know Your Customer Pornographic Materials Act, please use the following guidelines for your photograph:
-
The picture must be clear, at least 720x480p.
-
The picture must include your entire body, including your head and toes. Portrait only. *This helps us identify you better.
-
Please remove any articles of clothing, your body must be unimpeded by any obstruction. *Burqas and other headscarves must be removed, no exceptions.
-
If you were assigned female at birth, you will be required to rotate 180 degrees and upload another portrait photograph of your back. *Please use only your valid binary gender at birth, either male or female.
-
Further requests for identification photos are at our discretion, our board has full authority. You may be required to upload alternative photos, such as positions bending over to help us identify your genitalia to ensure it matches your birth gender.
Thank you for using Persona. For any questions or complaints, please direct them to: BigDaddyGuns6969@aol.com. Please allow up to 14 days for an initial response, and 88 hours for subsequent replies.
I know this is a joke but I’m worried it might not be in the future.
Harassment will not be tolerated. Your comment has been sent to the board for review and we will decide whether your identity will be removed from Persona. We are not obligated by law to communicate the outcome. You may receive a writ for violating Amendment 3 C, “Requirement of official identification”, the pecuniary fine is at our discretion.
-
This whole thing is a security disaster waiting to happen.
“Oops, our password was ‘Reddit’ and we’ve had a leak” in coming.
Username: admin Password: admin
They better be NSFW selfies.
Sharpies
Next in the news: “500k Usernames, Passwords and biometric data leaked in the latest hack”
Remember those are just the ones you hear about. Plenty happen and are never talked about by either side for obvious reasons.
Who is not “Rick Rolling” this with a selfie of a stock photo (or a frame from “Never Gonna Give you Up”?)
So…coming soon: an app that can match up images of friends or colleagues with a summary of their pornography preferences.
This could at least liven up some boring meetings or dull parties…
Hm, I’m going to need some software engineers to critique an idea I have that could at least partially solve the fears people have about their personal details being tied to their porn habits.
The system will be called the Adult Content Verification System (or Wank Card if you want to be funny). It’s a physical card, printed by the government with a unique key printed on it. Those cards are then sold by any shop that has an alcohol license (premises or personal). You go in, show your ID to the clerk, buy the card. That card is proof that you’re over 18, but it is not directly tied to you, you just have to be over 18 to buy it. The punishment for selling a Wank Card to someone under the age of 18 is the same as if you sold alcohol to someone under 18.
When you go to the porn site, they check if you’re from the UK, they check if you have a key associated with your account. If not, they ask for one, you provide the key to the site, the site does an API call to
https://wankcard.gov.uk/api/verifywith the site’s API key (freely generated, but you could even make the api public if you want) and the key on the card, gets a response saying “Yep! This is a valid key!” and hey presto, free to wank and nobody knows it’s you! If you don’t have an account, the verification would have to be tied to a cookie or something that disappears after a while for all you anonymous people.As a result, you can both prove that you’re over 18 (because you have the card) and some company over in San Francisco doesn’t get your personal data, because you never actually record it anywhere. All you have is keys, and while yes, the government could record “Oh this key was used to verify on this site”, they’d have to know which shop the key was bought from, who sold it, and who bought it, which is a lot more difficult to do unless the shopkeeper keeps records of everyone he’s ever sold to.
So… Good idea? Bad idea? Better than the current approach anyway, I think.
This would be better than most of the crap being proposed or implemented.
But, since the keys are presumably reusable, they’ll presumably get borrowed shared by and among minors almost immediately.
There could be some “Netflix account sharing” style work to deter that, of course.
Yeah I did consider that people are going to share keys, but people are going to share accounts too so that’s always going to happen. The best thing you can do is stick some safeguards on the keys where if a key is found online, it can be deactivated and potentially investigated since you can tell which shop sold the key. If there’s a shop out there just giving cards away to minors, well they’re in for a world of trouble.
Under the Licensing Act of 2003, it’s illegal to sell alcohol to an adult if you reasonably suspect that they will be then giving that alcohol to a minor. You can assume the same will apply to people selling Wank Cards.
people are going to share keys,
get ahead of it and sell discounted bukkakeys
you could probably even have a bundle called the “family plan” for the real sickos
I should get into masturbation regulation marketing!
Hungry for Adams Apples? Try our limp biscuits!
I’m a security dev and this is a good idea!
How would you solve replay attacks? Like a million people, of age or not, sharing the same key?
Maybe you could limit the number of verifications a key can have in a day? Limit it to say 10 verifications per day. So if you’re on Pornhub and have an account, you can have the key associated with the account, verified, and so you don’t need to re-verify. But if you go on 10 completely different sites and verify for each one, you can’t verify after that 10th one within the same 24hr period?
You could maybe also include guidelines for integration where if a key is associated with an account, that key can’t be used for any other account. You can include that under some requirement that says you have to make ‘best efforts’ to ensure that a key is only ever used by one account at a time. That way, if a million people are sharing the same key, you’d have to trust that all one million of them will never associate that key with their account because if they do, it invalidates that key for every use other than through that account on that site.
Let’s see how much VPN subscription count will go up
You’re overestimating Reddit’s value.
I’m a UK citizen, fuck everything about this law. I’m so sick of the current authoritarian trend amongst some western countries. The UK is one of the worst offenders.
It’s not even about protecting kids. It’s about control and appeasing puritanical elements in society. We’re the 6th richest economy in the world and we can’t even offer some of the poorest kids food security. But at least they can’t see a pair of tits on Reddit.
