[HN Gopher] Introducing Age Verification
___________________________________________________________________
Introducing Age Verification
Author : kosei
Score : 94 points
Date : 2021-09-21 19:59 UTC (3 hours ago)
(HTM) web link (blog.roblox.com)
(TXT) w3m dump (blog.roblox.com)
| officeplant wrote:
| This is giving me flashbacks to the VTech scandal where they
| ended up leaking out photos and personal information for over 6
| million kids.
| TedShiller wrote:
| So I'm supposed to trust that they will never have a data breach?
| For the lifetime of the company? And for all subsequent
| acquirers?
| mustyoshi wrote:
| As somebody who used to breach them for rewards. I concur with
| your reasoning, but I imagine their security is much better
| than it was half a decade ago.
| musicale wrote:
| Roblox seems to be a self-correcting problem.
| wtf77 wrote:
| Thanks. Now I have a reason to close my kids account :)
| monksy wrote:
| Something I think that should be mentioned: Everytime you submit
| an image of an id: That gets shared through out the verifying
| organizations communication channels.
|
| Wither it's via database accessibility (even if it's encrypted),
| a web front end, email, or IMs. They'll say all they want, but
| ids do leak.
| donmcronald wrote:
| First off... NOT A FUCKING CHANCE. If a kid came to me with a
| game that was asking for "opt in" age verification by scanning
| government ID, and they wanted to do it, we'd have a long talk
| about privacy and that game would get uninstalled even if it
| means the end result is the kid crying over it.
|
| Second, how is this going to work? I don't know a single kid that
| plays Roblox and has a government issued photo ID. And are they
| _REALLY_ going to roll out a system where they 're trying to
| train minors to scan their ID and submit it to a corporation for
| something as trivial as a _game_?
|
| > When a government-issued ID is scanned for verification, an
| anonymized value is generated, allowing Roblox to safely verify
| identity without risking exposure of the user's real identity.
|
| There are two possibilities here:
|
| 1. It's absolutely bullshit and they store some portion of
| uniquely identifiable identity info, like your name + birthdate,
| somewhere.
|
| 2. It's absolutely useless because someone will create a website
| or app that fools the system by showing fake id and a matching
| "likeness".
|
| So I don't believe _at all_ the glossed over claims of respecting
| privacy on this. This is a bad idea and I hope it fails
| spectacularly.
| q_andrew wrote:
| This is a bandaid measure. Roblox spends most of its time
| convincing young children that they will be successful while
| simultaneously cheesing the 'robux' exchange rate so that these
| children get nothing.
|
| Roblox is undoubtedly responding to backlash from revelations
| that they are exploiting children for economic growth. Here's a
| great summary: https://youtu.be/_gXlauRB1EQ
| nomel wrote:
| > Roblox spends most of its time convincing young children
| that they will be successful
|
| I've never seen this. Could you give an example? Me and my
| kids are pretty heavy players, with a couple games released,
| with one giving my kid a nice stream of Robux.
| judge2020 wrote:
| > Second, how is this going to work? I don't know a single kid
| that plays Roblox and has a government issued photo ID.
|
| Chances are their age verification system only applies if you
| say you're 18+. I doubt they're going to throw away players.
| donmcronald wrote:
| > It will be available globally in over 180 countries on both
| mobile and desktop for anyone 13 years of age or older with a
| government-issued ID or passport.
|
| That's a quick ticket to getting a lot of 13-16 year old
| forbidden (by parents) from playing your game IMO.
| MomoXenosaga wrote:
| In my country everyone from the age of 14 has to have an ID.
|
| I see the logic of it. If you make laws that state kids can't
| have access to services you need a way to verify someone is in
| fact an adult.
| jbigelow76 wrote:
| _2. It 's absolutely useless because someone will create a
| website or app that fools the system by showing fake id and a
| matching "likeness"._
|
| fauxblox.com is available for registration, someone more
| enterprising than myself is welcome :)
| [deleted]
| meepmorp wrote:
| I guess my kids will miss Roblox when it goes away forever.
| void_mint wrote:
| Putting sensitive information about children on the internet, in
| the hands of a major corporation (a gaming company, no less).
|
| What could go wrong?
| garrettjoecox wrote:
| What 13 year old has a government issued ID?
| Symbiote wrote:
| Probably the majority of European children have one, or an
| equally valid national identity card.
|
| But at that age, it's going to be kept somewhere safe by
| parents. The passport probably costs more than the budget
| airline holiday flight.
| gruez wrote:
| For the jetsetting 13 year old, a passport. It's not exactly
| rare, but it's also not common either.
| dmead wrote:
| I've held shares in Roblox since ipo. This is concerning.
| sprite wrote:
| Are there any good identify verification saas?
| devrand wrote:
| I haven't used it but Stripe Identity recently came out:
| https://stripe.com/identity
| throwaway2214 wrote:
| Can't someone train a GAN to do this-id-does-not-exists.com?
|
| I would use it quite often for this kinds of things.
| Shank wrote:
| I mean yeah, you could, but forging identity documents is
| illegal in most places with functioning legal systems, for
| obvious reasons. Forging a government ID and presenting it as a
| real one is a giant minefield that most people probably don't
| want to be in.
| z0r wrote:
| You're suggesting that it should be illegal to lie to Roblox
| about your identity?
| lordlic wrote:
| Yes? Duh? That's the point of anti-forgery laws.
| tgsovlerkhgsel wrote:
| The person offering the site will be from a jurisdiction
| where they don't have to care, and will do it either for the
| lulz or for money.
|
| The 12 year old kid using the site will not care about the
| legal implications.
| kingo55 wrote:
| What happens if/when these systems are hacked and millions of
| users' government-issued identities are freely available to
| anyone on the dark net?
| asperous wrote:
| In the US, how many 13 year olds have id cards? It seems like by
| the time they have a drivers license they might not be into
| roblox anymore.
| scohesc wrote:
| I understand the massive investments into "rolling your own"
| system for ID verification, but I always feel sketched out when
| companies ask you to send your ID and your photo to "a third-
| party" - where the privacy terms of that relationship are so
| obtuse/vague it's not worth reading.
|
| Is it really that hard on the privacy front to hire someone to
| keep watch and manually verify that someone is who they say they
| are? I assume the amount of people verifying will be massive at
| first, but after 2-3 months I could see the amount of people
| signing up (AND verifying their ID) would be in the thousands per
| week - easily handled by humans instead of "a third-party
| service"
| ollien wrote:
| I'd feel _more_ sketched out if a provider was handling it
| themselves. I don't know how much I want someone unqualified
| handling the storage of this themselves...
| macksd wrote:
| It's all down to the specific brand.
|
| Outsourced to Ping? Ok. Outsourced to some identity SaaS I
| never heard of that just closed their series B? Pass.
|
| But then obviously I'd expect Microsoft to own their own
| identity story, and if they ever didn't I would immediately
| suspect I wasn't actually even dealing with Microsoft.
| michaelt wrote:
| What seems really sketchy to me is the third party together
| with a lot of the language in the press release - _Roblox_
| does not store _raw_ ID document nor the selfie data.
| sevenf0ur wrote:
| I didn't have an ID until I started driving at 15. I wonder how
| many of the Roblox player base even has a government ID. Will
| children beg their parents to go to the DMW so they can get
| verified on Roblox?
| davemtl wrote:
| The age verification appears to be opt-in, however they don't say
| what happens if you don't hand over your kids ID. One would hope
| that it would disable or limit communication between players and
| keep the player in a suitable for all category. I wouldn't be
| surprised that because their user base is growing up, they they
| would want to change it into kind of a "second life" for
| teenagers.
|
| Whichever way, they're not getting my kids ID.
| [deleted]
| eps wrote:
| > _nearly 50% of the users on our platform are over the age of 13
| as of Q2 2021_
|
| Hahahaha... jeez... _/ wipes a tear_
|
| They are in for a surprise of their corporate lives.
|
| We have several accounts with them for our kids and I had all of
| them set with the birthday set to some random year between 1960
| and 1990. Because, as every parent knows, any sort of "kids"
| account comes with random restrictions, needing to create parent
| account and all sort of other bullshit that complicates
| everyone's life and prolongs the sign-up process.
|
| They must be smoking crack if they think that a non-trivial
| amount of _teens_ (leave alone adults) are playing Roblox games.
| Because 99.9% of these games is a complete and utter junk that
| makes your eyes bleed and gets traction because of the (way)
| younger kids that play them. That 's it. That's the Roblox secret
| sauce. But, yeah, let's card them. Brilliant, brilliant move.
| davedx wrote:
| Both our teenagers play Roblox
| jjoonathan wrote:
| I long ago aged out of these limits, but I never stopped using
| my fake birthday. Everywhere I thought I could get away with
| it, I did.
|
| Ad networks still figured out my real birthday :/
| monocularvision wrote:
| This is so absolutely spot on. I have my kids' fake birthday
| memorized because I use it so often. As soon as you enter a
| birthday that actually would mean under 13, be prepared for
| _nothing to work_.
| Someone1234 wrote:
| > sort of "kids" account comes with random restrictions,
| needing to create parent account and all sort of other bullshit
| that complicate everyone's life and prolong the sign-up
| process.
|
| I set up one of these for Apple and Microsoft, and boy oh boy,
| has it been an absolute shit-show. There have been tons of bugs
| with both, it is a terrible user experience all around, and it
| has actually cost me more money in very real terms (e.g. IAPs
| needing to be re-purchased three times).
|
| Unfortunately it seems like nobody at tech companies actually
| dog-foods kid/family accounts, and just does it as a butt
| covering exercise to avoid regulation. They do the bare minimum
| and then let it rot.
| donmcronald wrote:
| Yep. It's absolutely brutal. Ex: EA Play won't work with XBox
| Game Pass if it's on a child account.
|
| All the kids I know just use fake info with fake birthdays.
| There's a huge risk of losing the account, but who even knows
| what to do. Obviously these companies don't want to invest in
| moderation, so I think they should focus on moderation tools
| and leave the parent/organizer account holders do the actual
| moderation.
|
| Microsoft does the money handling on child accounts really
| well, but the family sharing is absolutely brutal. It's an
| insanely bad user experience.
| [deleted]
| donmcronald wrote:
| Haha. Yeah. And if they start verifying identity and locking
| accounts that can't prove the identity info provided at signup,
| that's going to be a lot of locked accounts.
|
| I think they're overestimating the importance of a gaming
| account.
| Avicebron wrote:
| Yea..I've always assumed Roblox was at best majority 7-15. I
| haven't set up anyone's account, but isn't the "at least 13 or
| older" a generic checkbox that is sort of used as a default for
| everything from youtube to netflix?
| alkonaut wrote:
| Use some official eID. They are pretty pervasive across the world
| and typically it's just one system per country to intract with
| like Freja in Norway, BankID in Sweden and so on.
|
| That leaves the bad methods for countries that doesn't have a
| good official or de facto standard eID system. But maybe that
| will create public pressure to adopt one.
| kosei wrote:
| Though I applaud the effort to get age right and protect players,
| I'm not sure I'll ever be comfortable having me or my child scan
| our photo ID and selfie to upload it as part of a login flow to
| an application.
| _jal wrote:
| Yeah, I don't do this.
|
| If your service demands my ID, I'll close my account.
|
| If you have KYC requirements, I'll meet you in person or find a
| different vendor.
| LegitShady wrote:
| This happened to me with twitter. made an account, followed
| some people, they locked the account and told me it exhibited
| bot like behaviour and I needed to scan some photo id to send
| to them for them to unlock it.
|
| Never worried about twitter ever again. Probably the
| healthier choice in the long run.
| toomuchtodo wrote:
| A component of my work is in digital identity, so I hope you
| don't mind the question: what would make you comfortable doing
| so? For Roblox, I can see the exception taken, but some
| applications do require this level of identity proofing
| (scanning your passport in an airline mobile app to book an
| international flight comes to mind).
|
| Edit: Thank you everyone for your feedback, it's very helpful!
| michaelt wrote:
| Putting photos of my ID documents online just seems like an
| incredibly bad move for my security and privacy.
|
| The only time I'd even consider sharing photos of my ID
| documents over the internet is if I'm sharing them with an
| organisation I have a multi-year high-trust relationship with
| (like my e-mail provider of 20 years). And even then, I'd
| prefer not to if I can avoid it.
| TedShiller wrote:
| Government agencies only.
| jmkd wrote:
| While I trust my Government to issue me a passport (what
| else can I do), I can't say I trust all their agencies to
| securely store an image of it.
| LegitShady wrote:
| I don't ever want to provide a storable version of my ID to
| you. I don't trust you or anyone else to keep it safe. I
| would expect my identity to compromised over and over as
| companies get breached.
| Symbiote wrote:
| In Britain they proposed an anonymous system for checking age
| before viewing pornography. (It was cancelled.)
|
| The idea was you could show your ID to someone qualified to
| check (like a shop selling alcohol), they'd give some sort of
| pass, and that could be used to access the website. I
| wouldn't mind that, so long at the shop person only looks at
| the ID.
|
| (And I've never been asked to scan a passport when booking a
| flight.)
| cinntaile wrote:
| Built-in watermark support. When the system eventually gets
| hacked and the pictures end up in the hands of hackers, their
| use will be limited due to a "COMPANY + DATE" watermark
| plastered all over.
| LegitShady wrote:
| the company will either go out of business as people claim
| costs associated with the breach, or you would get a $10
| settlement from a class action.
|
| The watermark isn't worth anything, and doesn't add any
| trust.
| nobody9999 wrote:
| >scanning your passport in an airline mobile app to book an
| international flight comes to mind
|
| I'm curious as to why this might be necessary.
|
| Whenever I've traveled internationally, while I've had to
| provide the airline with a bunch of info when booking my
| flight, I've never had to provide a scanned version of my
| passport.
|
| Rather, when I arrive at my destination (at both ends) I need
| to show the nice customs folks my passport.
|
| Which airlines require providing them with a scan of a
| passport to _book_ a flight? I ask so that I can make sure
| _never_ to use those airlines. Thanks!
| scohesc wrote:
| (I think) I feel like I'd be similar in opinion about this
| with the OP, so hopefully you don't mind me putting my
| thoughts here!
|
| The main issue that I have is that it's down to a matter of
| trust. I'm mainly using the article on Roblox as an example
| for my thoughts here, but I'm sure it could be easily
| translated to other services/companies doing digital ID
| verification.
|
| I don't like digital identity verification at all however I
| am open to other options. I have no trust in these identity
| verification companies using my ID for the sole purpose they
| say it will be used for. I have no idea if they're holding
| onto the ID and using it for training their algorithms, or if
| they sell it to a data collection agency, or if they etc.
| etc. etc. - why do I need to read a 10+ page privacy policy
| document to figure that out?
|
| For a company like Roblox - I don't see why they couldn't
| roll out their own system for digital verification. Yes,
| you'd have an absolutely massive influx of users at this
| point since they seem to _just now_ be adding age
| verification, but after a month or two - barring special
| events/promos in game - I'm sure an ID Verification
| department could be handed out to a few people.
|
| That being said - I'm not considering any issues in other
| aspects like Legal issues, Privacy issues, data retention
| issues, number of users, numerous ID types etc. etc. etc. and
| I'm sure those are HUGE factors as to why people aren't
| "rolling their own" solution.
| alex_c wrote:
| Nothing would make me _comfortable_ doing so, any more than
| sharing my bank credentials with a 3rd party for example. The
| only question is whether the benefit or necessity of doing so
| outweighs my discomfort.
|
| I think the discomfort is a good thing here.
| donmcronald wrote:
| I did it for a crypto exchange, but that was for KYC / AML
| verification and I intentionally chose an exchange that's
| regulated by my country's KYC/AML regulator, so I was
| expecting to have to do it.
|
| Giving up that much PII for a game is insane. I'd uninstall
| it without even thinking. Any industry that's not regulated
| to _require_ photo ID when they 're asking for it doesn't
| need to ask for it.
| joe_the_user wrote:
| _Some applications do require this level of identity proofing
| (scanning your passport in an airline mobile app to book an
| international flight comes to mind)._
|
| I don't know about presently but historically, you didn't
| need a passport to buy an international ticket. You needed a
| passport to get on the plane at the airport. So if you buy a
| ticket in a fake name, it's your problem if you can't fly and
| tickets aren't refundable for this.
|
| Which is to say that no app space comes to mind when I think
| of something that needs id scanning - or the only apps like
| this are extensions of state control to the virtual space
| (virtual parole hearings or whatever).
|
| Basically, anything that isn't the state should use it's own
| fricking account system to relate to people online. And the
| state itself is kind of iffy.
| fouric wrote:
| Not OP, but:
|
| If at all possible, I would want a hard guarantee that my
| photo ID and all derived information (e.g. my real name (as
| in the case of Roblox, they don't care about your _identity_
| , just your _age_ )) would be completely deleted as soon as
| possible, as well as a description of exactly when that would
| be (e.g. "we have to contact your federal government to
| verify the authenticity of this ID, and then ensure that they
| know that we've verified your user account, and then we'll
| delete everything immediately - this typically take 4-8
| business days, and we'll email you when the process is
| completed").
|
| Regardless of the above, I would require that no personal
| information linked to my ID would be used for any purpose
| (analytics, marketing, ads, or sale/transfer to a third
| party) except identity verification.
| Avicebron wrote:
| Unfortunately it seems like "hard guarantee" for most
| things in tech is almost laughable, and if there is a
| chance data can be gathered, probably not even worth
| dreaming about
| Someone1234 wrote:
| Indeed. Plus even if they "hard guarantee" it at service
| launch they could and likely would quietly change it
| after the press has moved on, with a TOS update on line
| 194,404,4008 that nobody will read.
| xyzzy21 wrote:
| Which is why "Asking" is an AUTOMATIC "delete the app" or
| "cancel the web account" or similar.
|
| We weren't born yesterday. :-)
| syshum wrote:
| >>scanning your passport in an airline mobile app to book an
| international flight comes to mind
|
| Why? Proof of ID would be required at boarding time, and by
| Security who simply verify the supplied info matches the
| actual ID, but does not actually scan and store the document
| (nor should they)
|
| I am unclear what in a booking process would require a person
| to scan in your passport to book the travel?
|
| How would this work if I am a corporate booker needing to
| book flights for others, do I need to maintain a copy of
| their ID's?
|
| Your example is pretty flawed, as is most examples you will
| come up with because in reality there is no reason to have to
| upload your ID. It is draconian and should be resisted by
| everyone for any purpose
| [deleted]
| [deleted]
| shkkmo wrote:
| This level of identity proof isn't that secure.
|
| If we absolutely need to have software that has this level of
| identity, then we need to build infrastructure to support it.
| That infrastructure already exists to some degree as notaries
| and could be expanded and modernized to allow privacy
| preserving identity verification.
| TaylorAlexander wrote:
| Generally I would be comfortable showing my ID to either an
| established bank or the government which issued the ID. And
| airport security. Otherwise if a private company wants me to
| upload my ID I would probably avoid using their service.
| xyzzy21 wrote:
| Not OP but there is NO SITUATION where I'd EVER do this for a
| web site. There are NONE I trust enough for that kind of
| information and NO web site offers sufficient value to even
| consider the risk.
| gruez wrote:
| >but some applications do require this level of identity
| proofing (scanning your passport in an airline mobile app to
| book an international flight comes to mind).
|
| I never had to do this when booking a flight. The max I had
| to do was provide my personal info (name, birthday, passport
| number). If they asked for a passport scan and a selfie I
| would have noped out.
| legerdemain wrote:
| Kayak asks for ID photos, even for _domestic_ flights.
| Someone1234 wrote:
| But the underlying airlines don't, so just find the
| flights on Kayak then book direct bypassing this invasive
| measure.
| xyzzy21 wrote:
| Never used Kayak but thanks for the tip: I NEVER will use
| Kayak!
| unclebucknasty wrote:
| The worst are those that let you get invested and only _then_
| spring these requirements on you.
|
| NBA Top Shot comes to mind. They allow you to buy with no
| problem. But, to sell on their platform you have to go through
| what is essentially a KYC check.
|
| Your investment is sunk otherwise.
| pvg wrote:
| I don't think I'd be comfortable with this either, certainly
| not to play some game. On the other hand, the bizarre problems
| maintainers of online communities have to deal with are just
| wild and worth keeping in mind as context:
|
| https://www.wired.com/story/roblox-online-games-irl-fascism-...
| TameAntelope wrote:
| To be fair, it's not part of their login flow, it's part of
| their verification flow. It's a one-time thing, not an every-
| login thing.
|
| I also see no problem with this. What could they realistically
| use this information for that would be nefarious? It doesn't
| actually store the ID in any real sense, as they explain in the
| link, and I see no reason for them to lie about that.
|
| It's real easy to scream, "But My Privacy!!!", and probably a
| decent amount more difficult to come up with an actual and
| practical risk there.
|
| Honestly, if your threat model includes "video game companies
| that lie about age verification systems", I don't think you're
| taking your security very seriously.
| modzu wrote:
| one risk is the inevitable data leak and having these
| documents for sale on a darkweb market. how exactly is the ID
| anonymized? who knows?
| MomoXenosaga wrote:
| In the Netherlands we have a government app that blacks out
| the sensitive stuff called kopieID.
|
| Honestly if you are going to ask for identification ask for
| a passport or driver's license not this idiocy of credit
| cards and bank statements. That's just insulting my
| intelligence.
| TameAntelope wrote:
| The documentation says anonymized "value" is generated, so
| likely some kind of hash.
|
| I don't think these are able to be stolen in any meaningful
| sense, based on how they describe their tech stack.
| nomel wrote:
| My full name, physical address, and IP address were leaked with
| another game my kids play. I'm excited for my drivers license
| and picture to be leaked as well.
| [deleted]
| president wrote:
| This is why people are afraid of vaccination ID/passports.
| tialaramex wrote:
| I would much prefer my _government_ to take on responsibility
| for providing this sort of service as they do e.g. driver
| qualification.
|
| Once upon a time the usual thing to get OK'd to rent a van
| (e.g. for students who are moving house) is you rock up to the
| rental place with the legal documents showing you're entitled
| to drive. You're relying on the fact that the person renting
| you a van doesn't much care and isn't keeping the exact details
| from those documents.
|
| But although you can do this today, obviously the documents get
| scanned into a permanent data repository, so, that's not great.
| But, the UK government added a site so you can prove you're
| you, and get codes, which for a limited period show someone
| that yup, this person is legal to drive and so on.
|
| They do this for right to work too. Although, annoyingly _only
| for foreigners_. If you 're a citizen, you can't prove right to
| work this way, you need to be like "Look, I'm a citizen, here's
| proof" to your employer. But if you are foreign you can just go
| "Check this URL, your government says I'm entitled to work
| here" and they needn't know whether that's because your husband
| is a "Cultural Attache" to the Russian Embassy, or you've got
| special refugee status, or you're actually an Italian and you
| just speak and look Russian for some reason, just that you're
| entitled to work here.
| LegitShady wrote:
| I'd rather not subsidize roblox with government systems. If
| they can't figure out an age verification system that works
| thats on them. The government shouldn't be verifying the age
| of people for businesses. It's a waste of tax dollars to
| subsidize a business with major profits.
| wizzwizz4 wrote:
| Roblox _has_ an age verification system that works. It 's
| just not good for the public. Isn't that what governments
| are for?
| bla15e wrote:
| fantastic news. with this, the fate of corporate roblox is sealed
| and the metaverse can evolve further
| watermelon0 wrote:
| Where does the need for hard verification of the age come from?
|
| My friends and I were using the internet when we were under 13
| years old (although not by much), and just clicked the button to
| confirm that we are older than 13 (mostly on various forums), and
| later on the same thing with 18 years old verification screens,
| and we turned out alright (at least from my perspective.)
| Lavery wrote:
| Probably parents realizing their children were making in-app
| purchases beyond what they (the parents) were aware of, and
| charging them back as unauthorized use. The cc processors pass
| that on to the merchant, and will drop them if there are too
| many. Likely Roblox just reached some critical mass where they
| couldn't sustain it any more.
| chipotle_coyote wrote:
| When I read about the age verification system for Roblox, it
| immediately made me think of a post on the official Patreon
| blog from just a few days ago, talking about how they're
| going to have to start asking for identity verification for
| "adult/18+ creators" due to new standards from Mastercard.
| And, yes, this clearly isn't _exactly_ the same thing, but
| the similarity in requirement combined with the timing make
| it at least fractionally more suspicious to me that this is
| driven by payment processor requirements -- or at the very
| least, whatever concerns are driving those requirements.
|
| It's also worth pointing out that unlike Patreon's
| requirement for adult material creators, Roblox's
| verification is optional, which most of the discussion here
| on HN seems to be eliding.
|
| https://www.theverge.com/2021/9/21/22684672/roblox-age-
| verif...
|
| > For now, only one feature requires age verification:
| Roblox's new voice chat feature. During its initial beta, it
| will only be available to players who verify they are at
| least 13 years old. But the implication seems to be that
| other features -- perhaps specific Roblox games or community
| tools -- could be age-gated as the company works to protect
| its relatively young user base.
| tgsovlerkhgsel wrote:
| Pure speculation: Once they build a user base that over time
| crosses the age of 18 (or whatever the age for accessing adult
| material is in the player's country), they can allow them
| access to a separate, premium, age restricted section, where
| they can expand their user generated content model to a
| demographic with a lot more money and a market where that money
| is easily spent.
| Animats wrote:
| According to Roblox's S-1 filing, they want to move their
| customer base up from the current average age of 13. Age
| verification is for older users, so they can be less
| restricted. Roblox has a large outsourced "moderation"
| operation, and is working on an AI system that can bring down
| the ban hammer in 100ms after saying a bad word.
|
| Tencent already does this in China. Tencent owns 49% of Roblox.
| So the technology is available.
| xyzzy21 wrote:
| Fuck China as an exemplar for anything moral or legal!!
| jbigelow76 wrote:
| Given this angle I wonder if Roblox is actually hoping for
| rampant falsifications so they can keep their underage
| players but also tell regulators that they are protecting
| minors from possible exposure to harmful content.
| [deleted]
| [deleted]
| scohesc wrote:
| Wow - I had no idea that Tencent owned that much of Roblox.
|
| Now I'm even more wary of sending my ID to a company that's
| owned by another company that's owned by a repressive
| government and can influence how anyone in the chain can do
| business.
| ProfessorLayton wrote:
| Tencent owns 49% of Roblox's Chinese operations, which is a
| subsidiary, not the entire company.
| Animats wrote:
| Ah, right. I just checked the S-1.
| donmcronald wrote:
| > According to Roblox's S-1 filing, they want to move their
| customer base up from the current average age of 13.
|
| I'm guessing that's because things like COPPA don't apply to
| 13+ and identity verification lets them start building
| accurate PII profiles for children the day they turn 13. What
| a nasty business.
| toomuchtodo wrote:
| Children's Online Privacy Protection Rule ("COPPA")
|
| https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-...
|
| EDIT: @gruez: An attestion is likely no longer sufficient for
| Roblox's compliance requirements, and identity proofing is now
| cheap to perform (~$1-2/per proofing request). Cheaper to get
| ahead of the curve.
|
| https://www.theverge.com/2021/9/21/22684672/roblox-age-verif...
|
| > For now, only one feature requires age verification: Roblox's
| new voice chat feature, Spacial Voice. During its initial beta
| test, it will only be available to players who verify they are
| at least 13 years old. (Roblox didn't say whether it would
| later be available to users regardless of verification status.)
|
| > But the implication seems to be that other features --
| perhaps specific Roblox games or community tools -- could be
| age-gated as the company works to protect its relatively young
| user base. More than half of Roblox's users are still under 13
| (Roblox says "nearly 50 percent" were over 13 as of the second
| quarter of the year).
|
| A business decision was made.
| gruez wrote:
| That piece of legislation was from 21 years ago. What
| changed? In the past a "I'm 13" checkbox would have sufficed.
| scohesc wrote:
| I'm sure it's more of a "cover your ass" scenario where in
| the future, if someone gets past the ID verification system
| and uses an account to commit a crime on their platform,
| Roblox can just say "the ID company verified it!"
| droopyEyelids wrote:
| There are truly unsavory elements that will intrude on a
| virtual environment for children. Roblox corp knows exactly
| what they're dealing with due to their existing support
| requests- and they can imagine the implications of adding a
| spacial voice feature into that mix.
|
| I trust they're not going overboard here.
| zerkten wrote:
| I don't think anything has changed, but COPPA isn't the
| only regulation with age requirements. GDPR also includes
| age requirement (https://gdpr-info.eu/art-8-gdpr/).
|
| From a quick read of the article, I think this is
| intentionally going beyond the requirements. They obviously
| feel that this will build a safer and more trustworthy
| environment at the expense of other issues, including a
| loss of users who don't want to provide identity.
| donmcronald wrote:
| > COPPA imposes certain requirements on operators of websites
| or online services directed to children under 13 years of
| age, and on operators of other websites or online services
| that have actual knowledge that they are collecting personal
| information online from a child under 13 years of age.
|
| I didn't read the whole thing. I plan to one day though
| because I want to see what the rules are, but, to me, that
| summary sounds like the only reason you need to do it is if
| you want to collect personal information for children that
| are 13-17 year old.
|
| Here's a wild idea... How about not collecting the personal
| information of children?
| nobody9999 wrote:
| >Here's a wild idea... How about not collecting the
| personal information of children?
|
| Here's an even wilder one: How about not
| collecting personal information? Full stop.
___________________________________________________________________
(page generated 2021-09-21 23:00 UTC)