The UK powers that be consider online porn to be akin to cyber matches: you just can’t let kids play with that stuff, lest they set their eyeballs on fire.
It’s a well-established, thoroughly legislated angst, with the most current relevant legislation tucked into the Digital Economy Act. The problem – well, one of many – is that this angst seems poised to set the adult population of the country up for Ashley Madison-esque breaches.
The country is eager to protect children from porn. It’s a worthy goal, mind you, given that research shows that exposing kids to porn can be damaging. Unfortunately, it’s a quixotic goal, given that porn is impossible to block. Nevertheless, the UK is now on the brink of creating a database of the country’s porn habits.
It also seems poised to hand the age verification piece of that puzzle over to an outfit that Vice refers to as “the shady company that controls the majority of free porn tube sites.”
That company is called MindGeek. Vice likens it to the Walmart of porn. Britain’s leading obscenity lawyer, Myles Jackman, says it supposedly owns about 90% of tube sites on the internet, and it didn’t get that way by making friends in the industry.
They’re deeply unpopular within the porn industry because they’re widely blamed for killing the production end of the industry by distributing other people’s paid-for-content for free.
MindGeek got big by distributing free porn, in other words, and thereby choking porn companies that need to sell the stuff to fund its production.
And now, MindGeek, the WalMart of porn, is getting ready to become even more filthy rich by having maneuvered itself into the position of becoming gatekeeper for consumers of porn, be they adults or kids who don’t know how to use a virtual private network (VPN).
It’s not a done deal quite yet, but MindGeek has had several conversations with officials. It’s also currently pushing its own age verification platform, AgeID. If selected, Britons could be dealing with AgeID as the principal gate between themselves and their porn.
Starting in April 2018, part of the Digital Economy Act will force all porn sites operating in the UK to age verify (AV) their users. What if they refuse, or if they can’t afford to comply? Well, then, flip the switch on the way out: it’s lights-out time.
Age verification is tricky. And it will cost money. The Department for Culture, Media and Sport has tendered AV solutions to “whomever can come up with a foolproof plan to vet porn users.” Once the government-appointed regulator – likely the British Board of Film Classification (BBFC), subject to approval by Parliament – approves the plans, porn sites will choose which AV technique to buy into.
Some of the solutions put forth have been to verify age by credit card; to authorize an age verifier to rifle through your social media updates, photos, friend lists, education history, and personal metadata, and to use machine learning to crunch it all to determine if you’re over 18; to send you a text, to which you reply, after which the age verifier asks your telecom provider to verify your age; or to use facial recognition to compare a selfie and another photo: say, from your passport.
Rather than paying third parties to provide those AV solutions, MindGeek’s AgeID offers a package solution of “anything that works” from the list of AV technologies, all bundled up in an easy-to-use interface that porn sites can buy as a service.
Alec Muffett, a security expert, board member of the Open Rights Group, and former Facebook software engineer, says it doesn’t have to stop at porn. According to Vice, the government is already discussing ways such AV technology can be used for online sales of knives, acid, alcohol and other child-unfriendly products.
AgeID would work like this: when you visit a porn site, such as Pornhub, for example, you’ll be shuffled off to choose a third-party regulator-approved service to prove your age. AgeID does the shuffling, then comes back with a “pass” or “fail” verdict. Next time you log into a MindGeek site, or one that uses MindGeek’s service, you simply log in, without further ado.
Jackman says it’s pure genius:
They have gone on public record to say they expect to sign up 20 to 25 million adult consumers in the UK in the first month alone. That’s about a third of Britain’s adult population. In the first month! I mean, wow.
And who, exactly, are the AV companies handling all your personal data? And how well, exactly, are they securing it? After all, we’re looking at what will be a database of the UK’s porn habits. It’s a hacker’s dream.
Digital minister Matt Hancock told the Guardian that this gateway, presumably combined with children being oblivious to VPNs, will keep them safe.
Now we are taking the next step to put in place the legal requirement for websites with adult content to ensure it is safely behind an age verification control.
All this means that while we can enjoy the freedom of the web, the UK will have the most robust internet child protection measures of any country in the world.
Privacy advocates including Jackman, the legal director of the Open Rights Group, don’t see it that way. They see it, rather, as a invitation for huge privacy leaks. Here are remarks that Jackman posted in October:
One of the most serious problems with the Digital Economy Bill is the absence of any serious scrutiny around age verification for adult online pornographic material. We think this creates a huge risk of privacy leaks and also prejudices sexual minorities adversely.
Data collection creates an inherent risk of data loss through hack, breach, or other forms of intrusion. There is a significant risk of an Ashley-Madison style hack to all users of age verification. Personal identifying details linked with their sexual preferences, and this is an enormous risk for almost every consenting adult in this country.
At this point, Jackman said, there’s no imperative as to the privacy and safeguard of users to avoid the risk of private sexual interests being leaked into the public domain.
Muffett stresses that nobody’s arguing that children should be allowed to view online porn. That’s why we call it adult material, he says.
But the way that age verification is being mapped out – i.e, a visitor to a porn site gets redirected to a service where they input private details – just doesn’t make sense with the way the internet works. It’s a weak mechanism, he said, given that any teenager who knows a parent’s password for a bank or credit card or the like can forge the credentials, “prove” they’re older than 18, and get as much porn as they want.
Could the UK government, in its zeal to protect the children, be putting the country on a path that could well lead to more such sexual preference-related data breaches?
Simon
Prohibition doesn’t work. Its too late tom police porn now.
Anonymous
And if someone hosts porn in a country not friendly with the U.K., who’s stopping the kids from looking at that?
BT
ISP’s could do some clever blocking if they really wanted to crack down on it. But it is impossible to tag everything correctly as Adult Content anyway.
Ian H
I thought for ages the porn industry were celebrating having the .xxx so instead of .UK or .com they could have .xxx
Why not just push all adult related content onto .xxx then it would be so easy to block or for adults access without prejudice.
simon
What could possibly go wrong. Especially with Amber Rudd’s vast understanding of the internet
John C
The article speaks of a “risk of privacy leaks.” I would rephrase that “utter certainty of privacy leaks.”
Daniel
It is illegal to supply pornography to minors. Why aren’t there fines for pornographic websites that require no logins or age verification? A minor cannot walk into a newsagent and purchase a copy of playboy without the business owner risking a fine or a criminal charge. Why do pornographic website owners get total immunity? Its pretty simple. Just extend the same laws that we already have to Internet based mediums and put the onus on the supplier like everything else. Who cares how it is enforced. Keep fining pornographers until they find a way.
Max
Because it is the internet. You can’t apply regular local laws to the internet without adjusting them significantly. You may not even have the authority to fine certain sites, depending on where they are hosted from and how the law there is handled. The “who cares how it is enforced” part is the tricky part. And even if you can fine porno sites, they might just decide it is cheaper for them to block your country entirely from access than to keep getting fined or spend a lot on implementing a verification process both your country and their users are happy with.
JD
Just imagine what the world would be like if politicians put as much effort into rooting out government corruption.
kenton
I assume they’ll be putting this same requirement on Flickr, Tumblr, Twitter, etc. Oh, wait, those aren’t porn sites so I guess there can’t be any porn there. I’m sure all the UK parents who don’t have a clue about what their children do will rest easier with these new laws in place.
Andrew
If kids want to access porn, they will – Plain and simple. VPNs, torrents etc will still enable access to the content. There is no way to completely block access to the content. What this fails to address is that the internet is not all in the UK, it is everywhere and nowhere. Some site outside of the UK where they have no jurisdiction is not going to enforce these policies. Agreed, it would be nice to have some controls put on this content but I think the onus is on the parents more than it is the government trying to achieve an impossible goal with a one-size-fits-all solution.
James
The start of a national firewall…. Western countries like to point to China and North Korea (and others) as these despicable repressive regimes that control the information freedoms of their citizens (they are I’m not arguing that) But at the same time we introduce this absolute nonsense. As stated elsewhere are we going to see Twitter, Instagram, tumblr and Facebook added to the block list along side the tabloid sites that regurgitate these social media posts as click bait? My point is that pornographic material is available in most places if you look for it. Have we had guidelines of what is going to constitute this classification?
Surely the first step is to get all “proper” porn sites on the xxx domain with blocks at ISP level when requested by the consumer (this way round as adults shouldn’t have to ask the ISP for permission to look at porn) Once that is an international standard surely we can turn or focus to social media and third party peddlers?
Max
Would be funny to see what country would establish themselves as “porn haven” with filth-friendly laws that let porn continue to exist as it is now, making the laws of every other country regarding porn completely obsolete.
anon
Humanity needs a bigger dose of parenting skills.