Age assurance enforcement concerns raised as porn sites drag feet

A barking dog is alarming, but if it has no legs, it’s not scary for very long. This is particularly true if the dog is barking at Bang Bros – a pornography site that, in our metaphor, represents the larger industry of porn providers facing down the immobile barking dog of age assurance regulation.

So far, it seems, regulatory efforts to crack down on sites that host age-restricted content are not doing much. Writing on LinkedIn, James Bethell, a public health advocate and Member of the UK House of Lords, lays it on the line:

“Parliament’s Online Safety Act is crystal clear: Shielding kids from online pornography harms. Last week, pure-play porn sites were meant to take the first steps. However, a cursory visit to major porn sites suggests little has changed. On ‘Bang Bros’, the mega-porn-site, there are still no real age checks. Click ‘Enter’ and you’re in.”

Moreover, Bethell says, “this isn’t an outlier; it appears to reflect the wider industry.”

Cost key factor in making enforcement count: AVPA

It’s no secret that the porn industry does not believe current options for online biometric age assurance work. It’s also no secret why: when sites such as Pornhub have made honest efforts to comply with local laws by implementing facial age assurance tech, their traffic has tanked.

Regulations are meant to moot the issue – but it’s unlikely that many sites will comply without a clear demonstration that regulators are willing and able to enforce their rules. That means levying fines as mandated. And they are big fines: Ofcom has the power to soak Bang Bros for up to 10 percent of a company’s qualifying worldwide revenue, or a maximum of £18 million (US$23.4M), whichever is greater.

On their LinkedIn account, the Age Verification Providers Association (AVPA) argues that effective enforcement boils down to a simple formula: does the cost to comply outweigh the likely cost of not doing so?

“A regulator must increase both the likelihood of being caught and the penalty,” AVPA says. “[1 percent chance of a fine] x [fine of £10,000] means that if adding age verification costs more than £100 it’s worth risking it and ignoring the law.”

On the other hand, a full application of Ofcom’s authority could look quite different for a massive porn site raking in hundreds of millions in revenue.

Normalizing noncompliance leaves Act dead on arrival: Bethell

Bethell has conveyed his concerns to Dame Melanie Dawes, Chief Executive of Ofcom, in a letter co-signed by “14 concerned parliamentarians.” The letter challenges Dawes to explain the case of the recalcitrant Bang Bros, and makes a compelling point about why enforcement matters: “Non-compliance risks being baked into the culture of the industry. By allowing major players to evade duties without consequence, defiance may become the norm before the July deadline, with smaller providers following suit, threatening the Act’s framework.”

The Online Safety Tech Industry (OSTIA) has also sent correspondence on the matter, in the form of a lengthy open letter to the Department for Science, Innovation and Technology, “drawing attention to the huge gap between the technology actually used to make the internet safer, and the technology that is available.”

In a post on its LinkedIn account, OSTIA says it is “calling on the government to ensure that the Online Safety Act is swiftly and robustly implemented, to encourage Ofcom to use the powers it has been given under the act with more ambition, and to consider the health of the ecosystem around Online Safety Technology.” The letter includes phrases like “slow regulation does not drive swift change” and “unambitious regulation,” and lists a number of currently available options for compliance, including biometric age assurance tech from Yoti.

Social platforms know they have 9-year-old users, don’t care

The message is loud and clear: a legless dog can be kicked about – and not just by the Bang Bros, but also the tech bros. MLex has an interview with Michael Murray, head of regulatory policy for the UK Information Commissioner’s Office, who says that social media platforms “have a duty not to process children’s data, and shouldn’t wait for wide-ranging government solutions such as the EU interim age verification app or new digital ID frameworks.”

Murray says it’s “very likely that under-13s are on these platforms, and then they’ll potentially be processing the personal information of under-13s unlawfully.”

The question is, are platforms waiting for better solutions, or for the right amount of regulatory pressure? Per MLex, social platforms Imgur and Reddit are currently under investigation by the ICO for how they process the personal information of children in the UK and their implementation of age assurance measures, and TikTok is being investigated for potentially using data from people aged 13-17 to feed its recommender systems.

The piece quotes Chelsea Jarvie, a cybersecurity expert and researcher at Glasgow’s University of Strathclyde, who notes that the social media giants will resist change to their business model, “because regardless of the user’s age, targeted ads and user profiling are how free social media platforms make money. If they can no longer monetize child users, it will directly impact their profits.”

Once again, it boils down to profit. Even if they’re willing to try out options for restricting access, social media and porn sites will ultimately do what they have to to keep making money. Until noncompliance tips the cost balance, that’s unlikely to change.

For this reason, there is particular interest in the case of the unnamed platform under investigation by Ofcom for hosting a suicide discussion forum. The regulator has the power to demonstrate just how costly it can be to ignore online safety laws. But is it willing to bankrupt a few firms to get the message across? And if so, just how big a sacrifice will be needed to finally win the dog of regulation its legs?

Google takes proactive approach with blurred nude safety feature

Google “nudes” and you get listings for porn. But the Silicon Valley titan appears to be proactively pursuing measures to limit youth access to adult content. It is participating in Australia’s Age Assurance Technology Trial, and, according to Google 9 to 5, Google Messages is now rolling out opt-in Sensitive Content Warnings that blur nude images on Android. When turned on (by parents or guardians through the Family Link app), the feature first blurs images “that may contain nudity” and offers the option to bail; then reminds “users of the risks of sending nude imagery and preventing accidental shares.”

Google says the on-device Android SafetyCore system (which does not currently work on videos) “doesn’t send identifiable data or any of the classified content or results to Google servers.”

Article Topics

age verification  |  AVPA  |  biometrics  |  children  |  face biometrics  |  Information Commissioner’s Office (ICO)  |  Ofcom  |  Online Safety Act  |  OSTIA  |  regulation