How are photos or scans of ID stored? That’s simple, they are not. Indeed all the states which have passed laws requiring age checks for adult content have included a provision forbidding the retention of personal data used in the verification process. That’s smart – the only non-hackable database is no database at all. So hackers will be disappointed – there is no “honeypot” or personal data
Nor do AV providers keep any record of which sites you visit. This is clearly prohibited by European data protection law (GDPR), and regulators keep a close eye on our industry. While the US may lack an equivalent federal privacy regime, the sites which contract with AV providers will not want to put their users at risk so will do their own due diligene – no adult site wants to be the next Ashley Madison.
The Open Rights Group always switch in “facial recognition” when they are actually criticising “facial estimation”. It is a crucial difference. Estimation requires less data than recognition – not enough data, in fact, to recognize the user again even if it was stored – which, as explained above it is not. Products already exist to process the estimation on a users own device, so their image need never even be transmitted to any other party. So there are no pools, not even small puddles of children’s biometric data – and the UK Information Commissioner would strongly disagree with the suggestion that there are no governance structures in place even if such sensitive data was stored – which in case you have not realised by now IT IS NOT!
Australia has kicked the can down the road. Boris Johnson did the same in the UK in 2019. Like Boris, the Australian government faces an election in the next 18 months. Perhaps they share his view that he “did’t become prime minister to stand between the working man and his porn”. That said of course, no one is proposing to stand between porn and adults – only children – a policy which has widespread, bipartisan support with the public.
None of the state laws have a clause that states “except if kids use a VPN”. Websites may risk using this as a defense when parents sue them for exposing their children to hardcore pornography, but its not a legal strategy we’d recommend. No-one is suggesting government’s ban VPNs – but adult sites may need to apply age checks to traffic emanating from the IP addresses used by VPNs, if not, to be 100% safe, all their users. But shouldn’t they do that anyway if they don’t want kids seeing their material?
We disagree with the BCS. No amount of undersanding of the risks to children online can protect them, short of parent supervising every minute of screentime. For parents who use screen time as their only break, that’s not attractive – and it is also arguably an infringement of the rights of older children to explore the internet without parental surveillance.