> [..] requires an account holder to _indicate_ [..]

i.e. this doesn't require age verification at all

just a user profile age property

> [..] interface that identifies, at a minimum, which of the following _categories_ pertains to the user [..]

so you have to give apps and similar a 13+,16+,18+,21+ hint (for US)

if combined with parent controls and reasonably implemented this can archive pretty much anything you need "causal" age verification for

- without any identification of the person, its just an age setting and parent controls do allow parents to make sure it's correct

- without face scans or similar AI

- without device attestation/non open operating systems/hardware

like any such things, it should have some added constraints (e.g. "for products sold with preinstalled operating system", "personal OS only" etc.)

but this gets surprisingly close to allowing "good enough privacy respecting" age verification

the main risk I see is that

- I might have missed some bad parts parts

- companies like MS, Google, Apple have interest in pushing malicious "industry" standards which are over-enginered, involve stuff like device attestation and IRL-persona identification to create an artificial moat/lock out of any "open/cost free" OS competition (i.e. Linux Desktop, people installing their own OS etc.).

---

"causal" age verification == for games, porn etc. not for opening a bank account, taking a loan etc. But all of that need full IRL person identification anyway so we can ignore it's use case for any child protection age verification law

----

it's still not perfect, by asking every day daily used software can find the birthdate. But vendors could take additional steps to reduce this risk in various ways, through never perfect. But nothing is perfekt.

---

Enforcement is also easy:

Any company _selling_ in California has to comply, any other case is a niche product and for now doesn't matter anyway in the large picture.

> i.e. this doesn't require age verification at all, just a user profile age property

This is usually how they do it though. First make a dumb law with poor enforcement. People don't push back about it because it obviously won't be enforced. Wait a bit, then say "people are flagrantly violating this law, we need better enforcement". At that point it's a lot harder to say "it shouldn't be a law at all!" because nobody complained when it was brought into law.

Isn’t it more of a reflection of the current law? Age gates have long been self service (e.g., “enter your birthday”), and we have laws on the books for quite some time barring minors.

There is certainly a risk of what you’re describing with KYC tech that coming online, but I don’t know if that means it will happen.

To play devils advocate; It’s a reasonable demand from parents to control what their children are exposed to. This seems to support that.

Uh, your slippery slope argument ignores the part where websites, discord, british things, etc are literally already trying to require facial pictures, license scans, even videos of your body.

This is considerably better than all of those.

It's not privacy-respecting at all to create some side channel between your browser and OS to transmit some information about a "user profile." If this were about browser vendors it might make sense but they're targeting operating systems (presumably for the malicious vendor lock-in type of reasons you cite? idk, it's strange). I would like someone to explain how this would even be implemented securely. It's certainly non-trivial.

I just set up an iPhone and it asked me if I was (roughly) a child, a teenager, or an adult. So some of this stuff is already here.

> many are willing to see him trample

there is little surprising about it

Trump is pushing in the direction of an Oligarchie, billionaires would be the future oligarchs.

So even iff a billionaire is no-okay with this development, if they stick out they

- will lose their status/money iff Trump wins long term

- will make enemies with many other billionaires, but a core trend of billionaires is taking advantage of connections to other powerful people

- will be the prime target to make and example of

So there is a high risk for sticking out. At the same time "mostly passively tagging along" will at worst make them oligarchs. At the same time they are used to crossing ethical boundaries to maximize profits. *This is just another form of that.*

In general its pretty much non-viable to go from sub/barely millionaire to billionaire by keeping to law, moral and ethics.

And it's not a secret either that any extreme concentrations of power or money are fundamental thread of _any_ democratic state of law, the US is no exception. The US has been warned that their system is very prone to populist take over and their checks and balances are quite brittle since _decades_. (At least since end of WW2 when people when people analyzed how Hitler took over post-WW1 Germany and wondered if the US could suffer a similar fate. And instead of improving the robustness, the general response was "nonsense, this is the US". Then after 9/11 thinks got worse, warnings that this can lead to a disaster where also many, but actions where none. And then in recent decades the US pushed in favor of monopolies instead of a (actual, practical) free market(1) to project more power internationally, and things got even worse.

(1): Monopolies and a (actual, practical) free Market are fundamentally incompatible. It also is kinda obvious why once you put away decades of deregulation propaganda.

Given there are only ~1135 billionaires in the USA right now, I'd say it's pretty much non-viable to go from sub/barely millionaire to billionaire period. But Taylor Swift doesn't seem to have murdered any kittens to get where she is nor did Rihanna so it can happen without totally selling out.

yesn't

my argument was more about becoming a billionaire by creating bringing a company to a level of success where they dominate their area of business.

I.e. not getting there by "fame" or "pure luck" (lets say you got 1/42th of early bitcoin from a "fun" project in the very early bitcoin days or similar).

Let's also for simplicity ignore that getting there by "fame" often involve tight cooperation with companies/people which don't care about ethics much. Through you might be able to separate yourself once you reach success, most times they try to make sure you can't.

And even iff you didn't compromise your ethics when becoming a billionaire this doesn't change the core argument.

That is if (as billionaire) you passively go with a push to Oligarchy you are unlikely to suffer from it. But if you don't and the Oligarchy wins, then you likely suffer a lot.

I.e. if you go with a non-emotional/non-ideology considering risk/benefit analysis passively yielding wins. Both for money and power.

In such a situation a lot of people will just go with it, no matter if billionaire or not.

It gets more complicated when commit signing, the widely broken web of trust (for the signing key) and similar are involved.

And not all devs want or need anonymity on github.

In general just because information is publicly accessible in some form doesn't make it okay or legal to abuse it (accessible doesn't mean any form of usage rights are transferred to you weather it's in context of GDPR or in context of copy right).

As a side note unsolicited advertisement of this kind is illegal in Europe.

And them claiming "they didn't know" can be dismissed given that many dev on GH have location information set.

It also in general doesn't change anything. the law doesn't care if you know or didn't.

Startups starting out their journey by committing crime is always a grate sign for their trustability.

I think the term you are looking for is "negligence".

But not in the causal sense of the word but in the legal "the company didn't folly the legal required base line of acting with due diligence".

In general companies are required to act with diligence, this is also e.g. where punitive damages come in to produce a insensitive to companies to act with diligence or they might need to pay far above the actual damages done.

This is also why in some countries for negligence the executives related to the negligent decisions up to the CEO can be hold _personally_ liable. (Through mostly wrt. cases of negligence where people got physically harmed/died; And mostly as an alternative approach to keeping companies diligent, i.e. instead of punitive damages.).

The main problem is that in many cases companies do wriggle their way out of it with a mixture of "make pretend" diligence, lawyer nonsense dragging thing out and early settlements.

yes, but in that cases we are on the "this (should) involve a criminal investigation" level not on a "Google Safe Search" doesn't trust you level

they didn't "just" take down the site, they took down the whole domain

Even google safe search isn't blocking you site per-se, it just adds a very annoying "this site is not safe" dialog you can "somehow" bypass (but most people wont and don't know how).

Like if this where the main site of a company (which it very much could be) this would also have taken down mail, all APIs, all Apps relying on such APIs.

so no this is absurdly unreasonable actions

that they seem to neither know nor care that this makes it impossible to "fix" false positives with google isn't helpful put this in the area of high levels of negligence which can get you into a lot of trouble in the EU

because google safe browsing is only supposed to display a "not safe to browse" warning when using chrome browsers (and maybe some other browsers) wich you can (theoretically) dismiss(1)

it's not meant to have any other consequences

so basically what happens is that because of hearsay of google thinking you site is not bad Radix does what normally should involve a judge order (taking down the whole domain)

(1): Yes that still would cause damages on any site with customers, but like way less and way more fixable then what happened here.

The problem isn't Google Safe Search backlisting the side (I mean that also is a problem, but a very different one).

The problem is the vanity domain registrar Radix using that as a reason to _put the whole domain on hold, including all subdomains, email entries etc._

This means:

- no way to fix accidental wrong "safe search" blacklisting

- if it was your main domain no mails with all the things it entails

- no way to redirect API servers, apps etc. to a different domain. In general it's not just the website which it's down it's all app, APIs, or anything you had on that domain

Google Safe search is meant to help keep chrome users safe from phishing etc. it is fundamentally not designed to be a Authority Institute which can unilaterally dictate which domains are no longer usable at all.

Like basically what Radix did was a full domain take down of the kind you normally need a judge order for... cause by a safe browsing helper service misfiring. That is is RALLY bad, and they refuse to fix their mistake, too.

You normally don't have _that_ level of fundamentally broken internal processes absurdity with the more reputable TLD operators (which doesn't mean you don't have that in edge cases, but this isn't an edge case this is there standard policy).

At the same time given the already terrible reputation of such vanity TLDs, being this hard on abuse might be the only survivable way.

That's not me saying there shouldn't be a warning and a recourse, but the time-to-profit for domain abuse is really short so anti-abuse actions have to be quick.

This isn't being hard on abuse though, this is being lazy and incompetent.

I'm fairly sure that Safe Browsing's false-positive rate is extremely low otherwise it'd be unusable in Chrome. Which also means that acting on positive results is very likely a correct approach.

Safe browsing is meant for websites, not domain names. You really want your registry acting on it and nuking your email services, intranet services, cert renewal automation, et cetera?

You think no bad actor thinks of that, using subdomains or whatnot?

Nor did I say anything about wanting a registry acting on it, it's just that the motivations and reasons are incredibly clear. At least to me.

And let me also reiterate that I clearly said that it should be a thought-out process and they haven't thought it out.

many somewhat intellectual(1), but evil(2), people love to play make pretend of just "summarizing the rational", "playing devil advocate", "just pointing out facts" to endorse their word view while having "plausible deniability" if caught (as they tend to know many people think their ideas are evil).

Idk. if this is happening here but given how some threads devolved and other patterns common for such people emerged (red hearing arguments, false conclusions etc.) it looks quite a bit like it.

This kind people (the also tend to argue endlessly not based on common sense, understanding of the real world and empathy (in questions of ethic/moral) but based on nit picking stuff like as if the word ist just a game you find holes in the rules with to "cleverly win". Because for them the world often is just that.

But a lot of people find such behavior deeply deplorable. hence why if something looks like that it will get a lot of down votes even if it wasn't meant that way.

---

(1): Non intellectual people try that too. But they tend to lack the skill to pull it off. Hence why it tends to be pretty obvious why they are down voted or similar.

(2): Non evil people do that too, they just normally have the decency not to do so with topics like genocide. I also use evil here as a over-generalization but I have mostly seen that behavior with neo-nazis and other groups which are least fascist adjacent (and most times outright fascist).

I think we should avoid suggesting that other people on this forum are evil, even if you think their ideas and arguments are harmful.

I think sometimes people are so certain about their beliefs that they perceive any argument that challenges them to be evil, bad faith trickery. But I think the best way to respond to these arguments is simply to give compelling reasons why they are wrong (and not why the person giving them is bad).

Otherwise, some people will be mislead by these bad arguments and you will have done nothing to help but say “don’t listen to him he’s evil”, which is not very convincing really.