California’s law, as written, contributes vastly to privacy and free speech. It is a fundamentally fair and democratic law, which additionally acts as a safeguard against fascism.
Point 1: Age-Verification is coming, whether you like it or not. Multiple states are pursuing such laws. Approaches adopted by Discord and others include techniques such as AI facial scanning with severe privacy concerns. California’s law will set the standard for an 100% robust solution that completely eliminates any pretense that facial scanning, uploading copies of identifying documents to every web service you use, etc. are necessary to implement age validation. This standard explicitly leaks the least possible amount of information about you as humanly possible to achieve this goal. This legislation preempts further attempts to invade user privacy to “protect the children”, by creating an actually effective and pragmatic privacy-preserving age verification scheme, which will undercut any future laws using “protect the children” as an excuse for privacy violations.
Point 2: Good legal standards are beneficial to everyone. Many complain this helps Meta, etc. This helps everyone creating websites, including federated social media like Lemmy. If there is a concern federating with epstein.ml, at least one less concern is threat of legal repercussions potentially affecting large parts of the community-run open internet. This law reduces the burden significantly, avoiding the need to adopt (paid, proprietary) age verification services. This standard absolutely obliterates such commercial offerings in favor of a non-commercial common standard. It even goes so far as to forbid third-party sharing of this data (e.g. for tracking and advertising) and collection of additional information beyond what is necessary to implement the law.
Point 3: You already leak more information that your age bracket through regular web browsing - IP determines approximate location, your cookies tell a whole bunch more, and sophisticated ad trackers have a whole profile on you. In terms of Shannon’s information theory, this new law is leaking less than 3 bits of information about you. Unless you are in the 0.1% of people deliberately avoiding such pervasive tracking, major corporations tracking you online already know your age bracket to fairly high accuracy (but not to sufficient standard to satisfy legal obligations).
Point 4: Fighting fascism has preventative and active measures. Making fascist-resistant technology is an important part of that. This technology has zero potential for fascist abuse. In fact, it undercuts the existence of other tech solutions crafted by your friends at Meta and the NSA. Ensuring quick, near-universal adoption of this standard will solidify an explicitly fascist-resistant piece of technology as a defacto standard.
Point 5: The harm this law aims to address is grave and real. For the 99% of the population who aren’t compiling their own kernels, the ability to “age-lock” a child account to prevent young children from accessing doomscroll brainrot on Instagram is an amazing and valuable feature. Lack of such protections is a compelling enough concern that it has time and time again had enough popular support for sway legislators to take up the issue. The principled “linux source code is free-speech, and no government mandates can compel changes” stance is quite divorced from reality. Are crypto-exchange founders likewise free to implement whatever fraudulent schemes they like, as their source code is their speech to freely dictate? People are sick of strangers shoving content down their children’s throats. In a democratic society, when the wise and ever-just “free market” fails to solve a pressing issue or exacerbates it beyond recognition, it is fair for the state to step in and solve it striking a fair balance, not trampling on anyone’s rights.
Point 6: “Slippery slope” does not apply here - maybe focus more of your attention on ICE, which appears to be slippery when it comes to constitutional rights like due process and privacy and equal protection. We should be proclaiming this law as a paragon, in the way it codifies a clear line beyond which privacy invasions are unjustified. It is a work of legal genius, and society and all of you will come to appreciate how prescient it really is next time an actual bullshit law to “protect children” comes to the table. This law itself is precendent-setting, but in a way that is quite favorable to both privacy and free-speech rights long-term.
The above considerations are not made lightly. I am someone who has put considerable thought into extricating corporate control of communication media, who cares deeply about the ecosystem which can support humanity or drive us into deadly peril and destruction. I honestly thought I would see more nuanced discussion here, but it seems I am alone as of this moment in my perspective.
Agreed. If we had some law like this (but consistent, and how computers work, and universal, but still mandating this is the pursuant source of this information) it’d be the one thing with potential to free us from these other nefarious child safety laws.
The amiunique.org is nice, by the way. I haven’t fooled around with these tools in a while. Thanks for the link. I wish it’d provide me with some form of actual fingerprint, though. I mean it kinda seems it has 100% precision on my regular browsers. And already me preferring German and then en-GB over other English rats me out 100%?! And then I do niche things like use Linux 🤣 But with all the green text, there is no information on it’s recall… So it’s a bit meaningless for tracking purposes?! Could be the case some of all of these many datapoints change with a new tab or new browser session and they lose me all the time, because they’re too specific/sensitive. Maybe I’ll look up browser fingerprinting again and how good it actually is. I mean achieving a 100% green score isn’t difficult. I could just hand out some increasing id number with every page load and that’d satisfy the requirements and be 100% unique as well. However, the interesting part would be whether they can track me somehow, and recall the same number on following page loads by me. That’s the way round it needs to be for tracking (in practice). But that’s not really a part of what’s displayed on amiunique.org
For tracking analysing the data is required. Even if user doesn’t do anything sophisticated, just upgrading the browser will change their fingerprint; services that track users need to be prepared for that. But consider that 34 bits is enough to uniquely identify every person on the planet. If you’re able to collect say 50 bits of information about a request, even if some information changes, you can cluster the requests and attribute to the same user.