Bluesky is implementing age verification. Mike Masnick has commented on this, seemingly throwing his hands in the air about it.
I’m going to say this right off the top: I am not thrilled about having to write this article. A part of me wanted to somehow sugarcoat the situation and find some positive spin on this. The problem is, I’m someone of integrity and lying to the reader, even if it’s just some minor spin just for the sake of supporting someone I have great respect for and find myself agreeing with in so many occasions (GDPR and original network neutrality opinion notwithstanding). I dislike dishonesty and I don’t think I could forgive myself if I decided to be somewhat dishonest in these circumstances either. So, if Masnick decides to hate my guts for this moving forward, well, I guess I can only take solace in knowing that it wasn’t me that put me in this position.
These days, it seems that more and more websites have taken the position of surrendering to government demands as opposed to fighting for the interests of their users. Earlier, Reddit surrendered to the age verification demands of the UK government. This was followed up by Roblox announcing plans to further roll out age verification for its users.
During the course of my research into the Roblox story, I noticed something else. It turns out, Bluesky has also decided to implement age verification for its UK users. From Mashable:
Bluesky users in the UK will soon need to verify their age if they want continued access to direct messages and all of the service’s content. The company will begin rolling out age verification features later this month in order to comply with a UK law that requires platforms that offer adult content to confirm users’ ages, Bluesky said in an update.
The company says it will use Epic games’ Kids Web Services to conduct age verification checks, and that people will be able to choose between several different methods, including face scans, ID scans or using a credit card. Bluesky [users] in the UK who don’t verify their age will no longer be able to access direct messaging or see adult content shared in the app.
Bluesky notes that it’s making the change in order to comply with the terms of the UK’s Online Safety Act, which requires websites and apps that permit adult content to verify the ages of their users. The law, originally passed in 2023, is set to take effect July 25.
(typo corrected in excerpt)
This honestly surprised me. We’re talking about a platform that prides itself on things like decentralization, protocols not platforms, moving away from a structure where the top makes decisions against their own users interests (as seen on X), and looking out for their users interests as opposed to manipulating them into certain beliefs. This centralized decision that sounds like it was made to look out for the interests of those at the top fundamentally goes against the grain of all of this. Like, what happened to putting the power of social media back into the hands of the users?
Of course, there is another dimension to this. I happen to know that Mike Masnick of Techdirt is also a board member of Bluesky. Masnick announced earlier this year that Techdirt is a democracy blog in response to the terrifying totalitarian turn the US has taken thanks to the unfortunate election of Donald Trump – an administration that is ransacking the nation of democratic norms and human rights in ways once thought unrealistic (the effective martial law that has become part of every day life in Los Angeles being one big example of this).
Further, Masnick is not shy about pointing out when companies and organizations make stupid decisions. In fact, in one article Masnick published last month in response to Columbia’s capitulation to the Trump administration, Masnick wrote in the very first sentence, “Appeasing bullies never works.”
To add to this, Masnick himself is not shy about pointing out why age verification is a privacy and security nightmare and is flatly unconstitutional. These are all points I have long agreed with Masnick on.
So, with word that has come down that Bluesky made this decision, I struggled to really make sense as to how Masnick knows why appeasing bullies never works and why age verification is such a problematic piece of technology that is more based on wishful thinking rather than practical solutions is somehow supportive of this in any way (before you jump to conclusions, I know he’s not supportive of this decision). Naturally, I went back to read his previous entries on things, thinking that maybe I had somehow missed a post about him talking about this decision (I’m only one person managing numerous sources for news stories, so something is bound to get missed sooner or later).
When I turned up nothing, I was even more surprised, so I straight up asked Masnick on Bluesky if he had spoken about this decision. As it turned out, he has through his podcast. My hope was that Masnick would have given an answer something along the lines of, “This is something I had thought about for quite some time now and I believe I have found a workable solution that would satisfy the concerns of the government while maintaining the privacy of our users, so here’s how it would work…”
I know that is an impossible ask, but I thought that maybe he thought of something that hadn’t occurred to me about the debates. After all, it would be a way of reconciling all of this that would make me think, “OK, somehow there is a solution to all of this after all that I didn’t think of.”
That was not the answer he gave, however.
Tabbing over to the transcript, Ben Whitelaw made this comment:
Mike is on the border of Blue Sky. As many folks will know, we actually got a, uh, a message from one of our listeners. shout out to Barry who said that he wanted to hear the bell for this story. So we’re kind of, we we’re not mentioning it because of that, but it was in a useful, useful nudge. BL police, police sky are going to adhere to these. Children’s codes by having some form of verification. I don’t imagine you wanna match about it’cause you’re not involved in a day-to-day basis, but, what did you make of that?
Masnick’s response started off with this:
Yeah. And, also we should note Reddit similarly announced that, that they’re going to be enforcing it as well. Um, look, yes. I am not involved in day-to-day decisions. I’m on the board. I am associated with the company. Take everything I say is, biased. Uh, if you want, I’ve made my position clear on age verification. I think it is a silly technology that doesn’t work well. I think it has a whole bunch of problems. I think it doesn’t solve the problems that people think it is solving. and I think that we’re learning that as lots of different places around the world implement laws requiring it, we’re seeing all of the problems with it, including the risks to privacy, all of which I’ve been extremely clear about.
I mean, yeah, so far so good. Masnick has been clear about what he thinks about this technology. There’s a bit of defensiveness in bringing up not being responsible for the day-to-day operations, but I respect that an organization that large means that there are few, if any, people with their hands in every operational pot across the site. I get that. Even running a small website like Freezenet by myself is exhausting and I hope I can someday bring in others to help shoulder the burden of running this website instead of running myself ragged all of the time.
The thing is, that is when Masnick’s answer begins to take a turn. It starts with adding a lot of couching in his answer:
That said, there are laws that any company that wants to operate in certain countries has to comply with. And this is like an ongoing challenge of any internet company and figuring out if you want to provide services in different countries, there are different requirements and how do you balance that and, make those decisions is, an ongoing set of trade-offs. And debates and discussions. and so, anyone who wants to operate in the, in the UK has to do this. blue Sky announced their plans early. Reddit announced soon after. Within the next week, we’re gonna hear from a bunch of others. as you mentioned and as was mentioned in the interview with, Ocom, ALO, which runs PornHub, is agreeing to, do the same thing as well. which is interesting in that they. PornHub has very clearly pushed back in the US on almost every state. In the interview, she says that this is the only jurisdiction that they’ve agreed to comply with. That’s not entirely true’cause they did agree to comply with Louisiana because Louisiana had a very specific implementation that. PornHub was willing to, agree to, but every other state that has introduced, age verification rules, they have not, which to some extent is, depending on how you look at it, a statement that’s saying that Ocom is being somewhat more reasonable in what they consider.
Uh, at the risk of using a tired old catchphrase, if everyone said that it’s a good idea to jump off a cliff, would you do it? In those instances, yes, these other major websites are making their decisions. That doesn’t necessarily mean you should be making those decisions as well. The only reason to bring up these other companies is to start digging around for an excuse. I hate to say it, but “well other people are doing it” is a piss poor excuse. At the end of the day, you are still throwing your UK users under the bus. If Reddit is throwing their UK users under the bus, that is their problem. It doesn’t make it some sort of obligation or permission slip for you to do the same thing. You are still subjecting your UK users to massive levels of surveillance for the sake of appeasing the UK government’s bad law.
From there, Masnick then started going so far as to act as an apologist to the UK law on top of it all. Here’s Masnick defending the UK law (even though he says he doesn’t approve of it):
an acceptable level of age verification, or age estimation or age assurance, which people will say are three different things. In reality, they all sort of blend together. the element that is interesting about the UK approach, again, I’m not approving of this, but the UK approach is effectively allowing companies to experiment. And figure out what is most effective. While in theory, and again, I don’t think there’s a way to do this without causing some privacy risk. that is the most privacy protective, and they’re sort of willing to iterate and allow companies to iterate as that goes. That’s better than many other places that are saying like, you have to do this specific thing. You have to scan faces, you have to upload IDs, or whatever it might be. Ofcom is allowing different companies to try different things. I think we’re gonna learn a lot from those experiments.
A bad law is a bad law is a bad law. It doesn’t matter that one version orders you to violate your users privacy while another version offers you a choice on how you think it’s best to violate your users privacy. You’re still violating your users privacy at the end of the day and I don’t see how adding choice on the companies part makes this any better.
From there, Masnick seems to take on a defeatist attitude (something he encourages his readers on Techdirt to report so those comments can be softly hidden from the main discussion):
would I like it better if this was not a requirement and that if Blue Sky had not, put this in place probably, I think that would’ve been a better world. Um, but this is the world that we live in and companies have to operate under the laws that, they have.
(emphasis to show that the title of this article is accurate)
Well, I guess that’s that, then. That whole ‘appeasing bullies never works’, standing up for users rights, pushing for better government policy on technology, fighting for a better future and the like, ends where Bluesky begins. At that point, it’s all “the government made me do it”, “just following orders”, “other people are doing it”, “company/organization over the customer”, and “nothing I can do”. I don’t think I can articulate just how disappointed I was in Masnick’s response here.
The situation reminds me of the time TechDirt pulled Adsense after getting threatened with demonetization back in 2020. This was followed up by a search to replace the ad network with something else. It’s a fight I was very much interested in. Sadly, in 2021, TechDirt admitted that they were unable to find a replacement network. While it was disappointing, it was understandable. What would you have them do differently in that situation? When you are a website owner, Adsense is literally your only option for an ad network. Your only options afterwards is to obtain alternative revenue streams or go without an ad network. As much as I wanted them to succeed in finding a replacement, I found it understandable because I don’t see how they could’ve done things differently.
This Bluesky case, however, is different. In this case, Bluesky had options they could have explored. One solution that I’m very fond of is blocking UK residents altogether and putting up a notice saying that you can either use a VPN to access the website, join a campaign to have the law repealed, or both. Bluesky ultimately chose not to utilize this rout and, instead, just surrendered the personal information of its UK residents instead. I get that some people out there will respond by saying that Bluesky is only one site and they alone can’t change the law, but it gives resistance to the law a chance. Instead, for those who are resisting, they are left on their own devices without the help of a social media platform and protocol. Success is made much more difficult in the end.
The worst part is that this is where the problems begin, not end. As long as organizations and companies capitulate to these laws being pushed onto them, that will give critics of free speech even more ammunition to pursue even more horrible laws that make these laws seem tame by comparison.
We’ve already been witnessing this movement for some time now. Once upon a time, age verification laws were only for pornographic websites. If you specialize in that kind of material, then you should be expected to implement much more stringent measures. Fools went along with that thinking that this is just for a specific subset of websites and believed the slimy politician’s who said that this was just about porn websites and not the rest of the internet. Once politician’s realized they got away with that (or, at the very least, felt like they got away with it), they started pushing deeper into the open web. We’ve since seen proposals to put age verification technology on video games, app stores, social media, and even search engines – all of this under the excuse that there might be porn to be found there as well. Heck, supporters of these laws even admitted that the age verification laws are little more than a stepping stone for a full porn ban as opposed to putting age restrictions on adult websites being the goal.
None of the above are isolated incidences. That is a trend. Politician’s won’t stop at age gating for explicit material, either. Others will join in and start demanding that other forms of content be censored as well. Some will demand even greater scrutiny of those who access “bad” stuff on the internet by demanding even more in the future. You give politicians an inch on this file, they’ll take a mile every single time. It’s bad enough that politician’s are pushing these laws in the first place, but it’s even worse that online leaders have decided to go along with it and accept that taking in copious amounts of personal information is just a new accepted norm in doing business.
One way or another, Masnick and Bluesky is going to regret this decision. Maybe one or both will someday say that this move may have had unintended consequences or maybe they’ll argue that they are just a smaller player in the grand scheme of things and the events that will inevitably unfold was just not something they could control. Unless this story changes, I can’t help but think that I’ll look at this moment as the moment Masnick and Bluesky had the opportunity to stand for what is right. In this moment, however, they decided that it wasn’t worth their time or energy before leaving the tough battle to someone else.
on a topic tangentially related to age verification, steam was recently forced by payment processors to comply with various restrictions in order to keep using them. causing them to remove several adult games. Not all of them mind you, just the same sort of stuff they forced websites like patreon to remove or deny their ability to do any transaction.
That’s unfortunate. Definitely far removed from the premise of anyone being able to publish their games on Steam. I’ll probably look into that further and possibly do a write-up on it.
yeah looking into it this australian antiporn group is claming responsiablity for bulling payment processors into it. well. considering what they’ve been doing in japan more like “gently nudge”