Pornhub and two other adult sites are suing the European Union over a landmark digital content law, the Digital Services Act, which imposes age verification and other obligations on large platforms. The European Commission last year named Pornhub, Xvideos and Stripchat as a category of “very large online platform” under the act, which includes obligations such as age verification measures for minors and creating a library of adverts published on their sites. Companies that fall foul of the law can be fined up to six percent of their global turnover. This lawsuit follows similar legal challenges by online retailers Amazon and Zalando.
I generally like the spirit of the DMA and the DSA, but the age verification policy is utterly garbage. Privacy and age verification are mutually exclusive
You can use the German ID card as a way to authenticate yourself via Internet (by using an open source app), including age. Shouldn’t it be possible to provide a limited interface that e.g. only signals if the person is above a certain age? You already have to enter a PIN in the app so it could also easily show which information is asked/transmitted.
In essence, if that where possible someone could build an api and donate his ID into it that answers all the authentication requests for everyone. There needs to be a way to ensure different users use different IDs, which necessitates a bunch of tracking.
And that in the ideal case
A system doesn’t have to be perfect to accomplish most of its goals. I mean, mass usage could be easily caught. Smaller scale abuse would be like giving your younger friend a beer - technically against the rules but not really a huge problem.
To be able to catch that, you need tracking. Some identifier to determine if you had 1000 authentications from the same source or different ones.
Yes, correct. You have to assume that each party will be tracking everything they can, otherwise it doesn’t make sense. So the age verifier will know that you have requested many authentication in a given time.
