Re: Minimum Age verification from Richard Dunne on 2016-10-03 (public-wicg@w3.org from October 2016)

From: Richard Dunne <richarddunnebsc@gmail.com>
Date: Mon, 03 Oct 2016 18:04:19 +0000
To: "Mike O'Neill" <michael.oneill@baycloud.com>, Doug Turner <dft@google.com>, David Singer <singer@apple.com>
Cc: Dave Longley <dlongley@digitalbazaar.com>, public-wicg@w3.org
Message-ID: <CALeLyAdToeRQUibUquL=kVfsyrO9-Ctghg=DG6D8Q+-_ycCExg@mail.gmail.com>

After fleshing out an idea for age profile verification, I can say it has
no bearing on the workings of the www.

Regards,

Richard.

On Fri, 30 Sep 2016 at 08:45 Mike O'Neill <michael.oneill@baycloud.com>
wrote:

> The creation of the attribute token should be at the device/OS level
> (where only the device purchaser can initiate a change). The user agent
> need only communicate it, in a way that ensures it cannot be used to track
> or identify.
>
>
>
> *From:* Richard Dunne [mailto:richarddunnebsc@gmail.com]
> *Sent:* 29 September 2016 23:25
> *To:* Doug Turner <dft@google.com>; David Singer <singer@apple.com>
> *Cc:* Dave Longley <dlongley@digitalbazaar.com>; public-wicg@w3.org
>
>
> *Subject:* Re: Minimum Age verification
>
>
>
> If adults were able to control privileges on all devices and content
> providers/publishers agreed to control users' access to content based on
> the those privileges, that could in theory at least solve part of the
> problem.  That would depend on minors not being able to circumvent those
> privileges.
>
>
>
> On Thu, 29 Sep 2016 at 22:01 Doug Turner <dft@google.com> wrote:
>
> Somewhat related, there is an ietf draft that uses a HTTP header to signal
>
> that the user agent prefers "safe" content.  See:
>
>
>
> https://tools.ietf.org/html/draft-nottingham-safe-hint-06
>
>
>
> This obviously is not a binding confirmation of age of consent, but rather
>
> a simple approach to asking the publisher/server to not send content that
>
> is "unsafe" for some meaning of "unsafe".
>
>
>
> On Thu, Sep 29, 2016 at 1:16 PM, David Singer <singer@apple.com> wrote:
>
>
> > On Sep 29, 2016, at 12:56 , Dave Longley <dlongley@digitalbazaar.com>
> wrote:
> >
> > On 09/29/2016 03:35 PM, Richard Dunne wrote:
> >> On your third point David, a reasonable right to know my age.  If we
> >> take the assumption that all countries have the same age of consent
> >> (18), which I know is not the case, a minimum age verification system
> >> should not be telling me your age, only that you are either an adult or
> >> a minor.  That is the scope from my perspective.  Is that achievable?
> >
> > Examples from the Verifiable Claims work have modeled this as
> > essentially asserting that you are "18+" (or over some other important
> > age), not as your specific age or birthdate, etc.
> >
>
> This is probably getting off topic for the mailing lists, but I would urge
> you to think about what might go wrong, unintended effects, and so on. For
> example, would this enable people to target minors (e.g. for scams)?
>
>
>
> David Singer
> Manager, Software Standards, Apple Inc.
>
>
>
>

Received on Monday, 3 October 2016 18:05:00 UTC