I think the header/metatag is designed poorly. The RTA proposal is that every operator of every site must verify the content and add the header to mark the site as "safe" or "unsafe". This is unnecessary burden that they have to bear if this proposal is given a green light and this is wrong.
Instead, the default should be, that if there is no header or it cannot be parsed, then the content is unsafe. And if there is a header, it describes the page rating, like what kind of dangerous content it may contain. The header may be added to any displayable content like HTML, text, images, audio or videos, but not to machine-readable content like JS files or AJAX responses.
So only those who wants their site to be accessible by minors, have to add headers. For social networks, the user might have an option to mark his content as "safe".
This means that with my proposal existing site operators need not to do anything to mark their sites as "unsafe" - all sites are "unsafe" by default. This means that millions of site operators need to spend 0 dollars to adapt their sites. How great is that?
The browser on a device with parent mode, should not allow displaying any content which doesn't have a header or that is marked as unsafe, or that contains header with invalid value. The parents may whitelist some sites.
There should be a reponsibility for intentionally marking unsafe content as "safe". We should also think what to do with foreign operators, intentionally putting invalid headers for unsafe content. Maybe they should be added to some kind of blacklist that the browsers would periodically update.
Search engines like Google could work by default in "safe" mode, but add "unsafe" header if the user wants to turn off restrictions.
> If a site is not adding the RTA header then progressively fine them into oblivion.
I think my proposal is better because it requires only fining those who intentionally misrepresent content safety.
> Instead, the default should be, that if there is no header or it cannot be parsed, then the content is unsafe.
That's something the client should be doing. You can configure your own device (or your kid's) to have whatever default you want.
The actual problem is that classifying the entire firehose of user-generated content is precarious and uneconomical, so the default tag is going to be whatever minimizes liability. If untagged implies "unsafe" and "unsafe" minimizes liability then the majority of content will be untagged. If untagged implies "safe" then the majority of content will end up explicitly tagged as unsafe, because tagging it as unsafe minimizes liability.
But either way if you disable "unsafe content" you'll end up disabling almost everything, specifically including the huge amount of "safe" content which isn't tagged as safe because accurately classifying it is uneconomical.
If the default wasn't "almost nothing" then you'd be sanctioning exposing some kids to content their parents didn't want them to see. If there's no economic incentive to tag content then it's not valuable content for kids.
Ultimately the problem is the provider knows what category the content is and the parent knows what the content policy is. Providers can't say whether it's "safe" or "unsafe", only what standards it complies with. Some parents will have weird policies like "only G-rated movies or any Jim Carey movie" that can't even be delegated in any reasonable way to providers.
So the header has "PG-13, US-legal" because it's a movie rated PG-13 and constitutionally-protected legal content in the US, and whatever other markets you want to open up. Providers could even include AI ratings so as to mass-tag their content at low cost, and parents can decide if a particular AI rating is okay.
Parental controls could even restrict official ratings to country of origin, so if you approve PG-13 it'll block that content from countries where you can't sue them for lying about it.
> If there's no economic incentive to tag content then it's not valuable content for kids.
Those two things are completely disjoint. In one case you're measuring the value of the content to the platform and in the other you're measuring the value of the content to the kids.
Suppose there is some content that the platform would get $10 in ad revenue to show to kids, would cost $100 to classify, and is worth $1000 to the kids.
In the land of spherical cows you could have the users pay the money, but that gets killed by transaction costs, privacy issues with payment systems, and that kids generally don't have money. So the kids lose access to valuable information because the platform isn't willing to spend $100 to make $10.
And it's still a problem even if the platform could make as much revenue from showing the content as the user receives value from it. Consider the entire firehose of social media posts on some unspecified site. Classifying it all would cost e.g. a billion dollars. So even if the value of kids having the content was half a billion dollars -- a huge sum equivalent to multiple human lifetimes of labor effort -- to the kids and the platform both, it's not happening because the cost of classifying the content is even larger yet.
> Ultimately the problem is the provider knows what category the content is
That's the problem though. The provider doesn't know what category the content is. There are Wikipedia pages that contain nudity etc. Who is going to pay someone to read the millions of articles and classify each one? But if they instead just mark the whole site as adult content, the amount of non-adult content kids lose access to is large.
The cost to the content provider can be reduced to zero by the parents, by allowing it in parental controls.
So the maximum cost to a provider is capped at convincing parents to disable blocking of the content. That could be an unfathomably large sum for pornhub or negligible for wikipedia.
The question then is what's cheaper, paying to have parents enable the content (for instance advertising to make that choice acceptable) or rating the content? If it's the former that's essentially the same value parents place on blocking that content.
You're looking at rating content in this default-block scheme as a cost, but really it's a discount. You're paying a smaller amount to rate the content "G - general audience" then convincing parents to allow unrated content.
> But either way if you disable "unsafe content" you'll end up disabling almost everything, specifically including the huge amount of "safe" content which isn't tagged as safe because accurately classifying it is uneconomical.
I think that's okay. The need for regulation is incentivizing capitalism in its amoralism to favor your regulated morality.
Corporations very much like targetting impressionable kids with content to sell stuff. If that adds a liability cost to moderate and make sure that content is "safe" (whatever that means in your jurisdiction), then isn't that what you would want?
I've never let my kids out on youtube, or the internet without either of us parents (yet at least). I hear you can now whitelist channels on youtube premium for child accounts, which sounds exactly like I want, but of course that doesn't scale. While I'd want to curate the entire internet for them until we've instilled enough judgment/their brains have developed enough to do it themselves, it's obviously impossible. Adding a liability risk or moderation cost to target kids seems like a fairly aligned incentive.
The page having a simple rating assumes there can be one mapping from content to rating for the whole world. I doubt we can even have one for North America and Europe.
Maybe certain headers could be cryptographically signed. So like if your movie is rated PG by the MPA the MPA itself could sign a statement to that effect. Or a government could issue a social media company a license they could use to sign their pages as complying with some regulation and revoke their license if they don't comply.
Come up with a few categories and let the browser/OS decide.
Websites by default are ‘true’ for every category, unless they specify.
Categories are, for example of some: nudity, sexual, violence, etc.
It doesn’t have to be perfect but sites will have to err on the side of caution.
We could even create an html tag <restricted type=violence> for example, and the browser can simply not render that portion of the page of the user has that type disabled.
And we could give companies a pass for best-effort categorization using tech to assess user-generated content, along with allowing users to flag their own content as “safe”
The goal should be to satisfy most reasonable governments. A neutral technical standard and an international organization to maintain the the ontology for content descriptors
But a HTML document could contain a listing of things, that might or might not fall in to these categorize (a search result). A better option would be to just have it as an attribute to elements, like the "lang=..." attribute. That way an UA could even have a policy of show text tagged, but not images. Or images only when clicked per images. Websites wouldn't need to implement spoilers or blurs then, this could be implemented in the UA.
Ah I was proposing the tag as another option - maybe a news article is fine for kids but the comment section is unmoderated. That way they could still read the article but not the comments
Better idea is just tell the server if you want to hide restricted content. Then it can make any changes necessary. Yes it's a fingerprinting bit. Not a new one, because they could already detect whether the restricted tag was rendering or not, anyway.
That's a sorry attempt at an excuse. Companies are expected to collect ID and have related business logic that respects local laws but can't figure out how to tag their content? That's an utterly nonsensical position.
There's no reason a simple, standardized header can't be used to communicate any number of classifications simultaneously.
Edit: It occurs to me that if you oppose all age related measures then my above response isn't entirely fair to you. I still think it's an absurd objection but the comparison I made no longer applies.
Well fair enough. In that case we are actually in agreement. Let the end user (or network admin) sort out what is and isn't acceptable in a given context.
What we need regulation to provide (IMO) is a reliable way of doing that.
We don't need regulation, we need cooperation, analogous to movie ratings. A site could attest that they provide content ratings, and that attestation signed by an authority (MPAA). If they are found to have been dishonest about that, the signature is revoked (or probably easier, it's fairly short-lived and just won't be renewed). Browser makers (theatres) cooperate by only loading sites with a valid, signed attestation when the device's parental controls are enabled.
Sites can choose to have unrated content (adult movies) and those are only available on devices without an enabled parental control option (adult-only theaters).
But we already have that and it doesn't work. Sites don't bother to classify themselves. Whitelists are spotty and out of date. Almost nothing interoperates properly. My expectation given the scenario you describe is that business continues as usual with the vast majority of the internet thus being inaccessible when in "child" mode. As a result no one uses child mode and the vicious cycle perpetuates.
A solution would be browsers refusing to load any site that didn't provide such metadata, not just in child mode but in any mode. I suppose either Apple or Google would likely be capable of unilaterally imposing such a requirement as things currently stand. However I also think that's unlikely to happen on its own for various reasons. Thus legally mandating certain basic content classification categories in addition to an extensible standard protocol for communicating such metadata would (I expect) end the cycle. And rather than the government going after individuals the legislation could be structured to place the onus on mainstream browsers, OSes, and other client software to enforce compliance on their behalf.
We are seeking a solution to a social problem, not just a technical problem. If it fails to achieve most of the social goals, it won't be used and you get something worse. Welcome to the real world.
The standard OP is describing doesn't exist. So whether it "fails to achieve most of the social goals" is yet to be determined. Blocking unrated content seems like a pretty desirable feature to me. Why wouldn't that be one of the "social goals"?
You can turn on filtering and subscribe to a whitelist today. People don't seem to be satisfied with that solution. Why not? The answer to that question is what needs to be solved.
There's no web standard for labeling content, so "subscribe to a whitelist" today means crappy page or network-level content blocks implemented by a third party tool that has no understanding of the actual content on the page or application. That's not at all what's being proposed in this thread.
With a universal labeling standard the UX would be much better, and there'd be a much greater incentive for website owners to participate (they'd be implementing a universal standard, not adding support for one particular parental control tool).
But the expected result here is that parental controls continue not to work very well, parents continue not to use them (at least competently), and people continue complaining that something needs to be done. So I propose that we do something about that rather than sit around continuing to roll the dice on the next half assed turnkey authoritarian solution than an inept legislator fields courtesy of a lobbyist working for a megacorporation whose interests tread well into the realm of the blatantly evil.
It's a hard problem but the key is that it needs to be on the client rather than on the server, because that's what can have any information on jurisdictions, local regulations, religions, or general parental preference.
For example, it would be insane if every website and blog in the world to had to run logic to detect and prevent Elbonian males under 16 lunar years from seeing ankles except on Thursdays.
The problem with your proposal is that it's already the status quo. Various whitelists exist but service operators don't generally bother with these things. What you end up with is a largely unusable experience if you enable whitelist filtering.
The core problem is the lack of buy in. Unfortunately that likely needs to be forced. I think it's not unreasonable to legally require people to make a claim about the nature of what they are serving up. They already need to be aware of the legal status of what they're doing anyway so it hardly seems as though making such a determination should pose a burden when you consider that it's an alternative to either requiring ID, requiring the client send age bracket information, or other heavy handed interventions. The choice here isn't "the status quo vs a header" but rather "some other age related regulation vs a header".
An easy way to enforce this "voluntarily" (ie coerce) without sending government agents after every small time website operator would be to require that mainstream browsers and other client software (based on MAU or similar metrics) refuse to process content that does not send a classification header. Doesn't matter what the header says or what the status of the user account or parental controls or whatever else is, it has to send the header regardless or it will be blocked without exception. That would presumably trigger broad compliance with the relevant regulations.
The difference is one of redressing a concrete dysfunction. Libraries or the local bookstore or whoever aren't trying to sneak into your home, onto your child's school bus, into your child's classroom, while pushing various extremist publications purely for their own profit (ie "engagement"). We do in fact have zoning laws - I can't inadvertently encounter a strip club in a quiet residential area. Meanwhile it's commonplace for children to carry a network terminal around with them with which one can readily access the equivalent of things far worse than that.
What I've described does not restrict one's ability to speak freely. It is most similar to an impressum except it bears no identifying mark thus poses no hazard to anonymous speech.
Impressums cannot be required in the US, once again thanks to that pesky First Amendment. You may be mixing us up with Germany.
Mandates on how speech must be structured are a violation of freedom of speech, Constitutionally speaking.
“Redressing a concrete dysfunction” does not appear in the Constitution as an exemption to guaranteed rights, as far as I am aware. The proper remedy for this kind of problem is an Amendment, assuming you can get enough people to agree with your assessment.
Regulations on speaking to children have ample precident. We rate movies and age-gate admittance, we don't allow children into liquor stores, strip clubs, or adult bookstores. None of those things violate the First Amendment.
“We” (as in the US government) do not do this. There is not, nor can there be, a law requiring such rating.
> we don't allow children into liquor stores, strip clubs, or adult bookstores
These are physical stores/venues, not written speech. “We” do not restrict authors from writing adult books that may or may not be seen by children, nor do we require that the books are labeled as such.
If you want to restrict speech, pass an amendment. That is the allowable path.
You're just vaguely waving towards the first amendment. That's not a cohesive argument in and of itself.
By your own logic would online ID laws not also be a constitutional violation? Ditto for age bracketing laws such as the one under discussion here. After all, they both effectively regulate one half of the exchange necessary for meaningful communication (ie protected speech).
> Impressums cannot be required in the US
Yes but why can't they be required? My (quite possibly flawed) understanding was that SCOTUS previously established that publishing without attribution could not directly be outlawed, recognizing the ability to speak anonymously as an important aspect of political speech. What I have described does not run afoul of that. It neither restricts one's ability to speak nor provides for any form of attribution.
> “Redressing a concrete dysfunction” does not appear in the Constitution as an exemption to guaranteed rights
Regardless of either your or my personal opinion SCOTUS routinely makes exceptions to constitutional rights when a compelling need is presented and the remedy is sufficiently targeted. That said, I don't believe that what I described infringes on the first amendment to begin with so your point is doubly moot.
> By your own logic would online ID laws not also be a constitutional violation? Ditto for age bracketing laws such as the one under discussion here.
Now you’re getting it. Throw them all out along with the idiots who passed the laws.
> Yes but why can't they be required?
The Court has interpreted compelled speech to be almost universally a violation of the First Amendment, outside of the courtroom. I tend to agree. “Shall make no law” is a strong statement.
> SCOTUS routinely makes exceptions to constitutional rights
Prior courts. The present Court seems to be (rightly) rolling back both judicially-granted overexpansion of rights and exceptions to rights, although this is a slow process.
We have to stop relying on the courts to grant new rights and/or exemptions to rights. Passing unconstitutional bills and hoping for a favorable interpretation is clearly not the intended process, yet it’s become increasingly common.
We need to figure out how to pass amendments again or we are going to lose our republic. (It may already be too late due to an out of control executive and corrupt Congress, but that’s another matter.)
I don't think you're giving fair treatment to the complexity of the issue at hand. When SCOTUS came out in favor of anonymous political speech I do not understand it to have been on the basis of forced speech.
We require for example nutrition labels on food products. So clearly metadata of various sorts can be required for an interaction within the marketplace if there's a good enough reason for it. I'm not sure where that leaves personal blogs but it certainly applies to Amazon and PornHub.
The present court is rolling back some things but certainly not all. From the very beginning constitutional rights have never been absolute. One of the basic principles that comes up repeatedly and supersedes almost everything else is that the government must be able to carry out its duties. The contention is generally whether something is truly necessary for that and if so whether the law in question is overly broad.
> So clearly metadata of various sorts can be required for an interaction within the marketplace if there's a good enough reason for it.
Marketplace being the key word here. Interstate commerce may be regulated.
> I'm not sure where that leaves personal blogs but it certainly applies to Amazon and PornHub.
That’s the point. I also care about restrictions on smaller businesses and want to prevent regulatory capture, but personal/nonprofit/community sites must not be burdened above all else. They face enough challenges as it is. If a website or software project is noncommercial, their speech is not subject to regulation, Constitutionally speaking. What’s more, the Constitution has the correct take here—this is as it should be.
> One of the basic principles that comes up repeatedly and supersedes almost everything else is that the government must be able to carry out its duties.
Then you get the question, what are its duties? Enforcing unconstitutional laws is not one of them.
For what its worth this header has been around for a very long time. It's actually the second iteration and much simpler than it's predecessor.
Parents today can accomplish what you are suggesting by installing parental control software and only allowing access to things they explicitly approve.
This can also be done via headers explicit blocking of all the things and was suggested in another thread. [1] Some people liked the idea.
Again, RTA header doesn't work because it's a blacklist, not a whitelist, and also because it's only granular enough to say "this is a porn website" and nothing else.
Again, RTA header doesn't work because it's a blacklist, not a whitelist, and also because it's only granular enough to say "this is a porn website" and nothing else.
None of that is true. Not even close. It will work if there are laws with big teeth as the government can have contractors that scan for the header. Header missing? Adult content? User provided adult content even if it violates the rules? Well darn, there goes 10% of revenue. Also it is not "this is a porn site". RTA stands for restricted to adults. That can include literally anything that is not appropriate for small children including but not limited to social media, forums, gallery sites meant to be SFW but users content is not pre-moderated meaning people can see it before a moderator does. What Restricted to Adults ultimately means will depend oh the laws behind it.
That's incorrect. The existing RTA header is for marking porn as porn.[1][2] (In case English isn't your first language, "adult website" is a euphemism.)
An actually useful standard would need to be much more granular, and be designed as a whitelist not a blacklist, as I and previous commenters said.
I disagree. Restricted To Adults means Restricted To Adults. The header can literally be used on any website that one is self describing as for adults. One could put it on a site that sells firearms for example. It could be applied to a siteThere are no restrictions. Team Dang could put it on hackertimes.com if they so desired. There is nothing and nobody that could stop them. I put it on my blogs even though there is no porn. The header can be used on anything that serves up HTTP and the meta tag can be put on any HTML page that may not be appropriate for children.
Here [1] is the only external link that is relevant and don't take their banner out of context. This was originally by the adult entertainment industry to self label and self regulate but is now used on any site that is not appropriate for minors. Entertainment could be inappropriate humor for example. That does require porn. I would link to some inappropriate humor but that would be inappropriate.
"The RTA Label is free to use, voluntary, and universally available to any website that wishes to clearly and effectively label itself as being inappropriate for viewing by minors."
Okay, you're right, I'm overstating my case. Realistically though, in the vast majority of cases where that tag is used it's used for porn. Trying to re-purpose such a tag to label all content that isn't strictly kid friendly isn't viable. (And again, it's not granular, and a blacklist rather than whitelist, which isn't ideal for this use case.)
The point is that it is unrealistic to expect millions of people to mark the content. Also, the header is better than the metatag because it can be added to images, videos and other non-HTML content as well.
I tend to agree - making folks intending to interact with minors comply makes more sense.
That said, outside of the merits of this approach, I am dubious of any actual implementation given 2 points.
1) Protecting the youths will always be a leaky bucket. With disadvantaged youths possibly more at risk. Those exposed to non-compliant parents ("cool" parents who are ok with sharing unsuitable content) or lacking strong parental involvement, likely won't benefit a great deal from any implementation.
2) Anti privacy social networks stand to gain the most from targeting ads utilizing signals from most child safety acts. They also might be able to reduce some costs from moderation if they can make it someone else's problem. I'd argue the net social impact from these social networks is likely both more normalized and strongly negative for our youths than any smut.
On the balance I'd say we are better off investing our energy in other places.
> "cool" parents who are ok with sharing unsuitable content
Or simply parents who won’t agree with the government on what is suitable for their children.
We already have parental control on all mainstream operating systems, why cannot this simply be the responsibility of the parent as are so many other things regarding what children do, watch, eat etc?
We don't have parental control on any mainstream operating system that actually works. In fact, California just removed the law that said operating systems have to have working parental control.
Because what parents have access to now is extremely ineffective unless they prevent their kids from going outside or going to school. Right now the onus is entirely on parents too keep their kids off the Internet equivalent of smoking cigarettes, and it’s a losing battle. What we’re looking for is for the liability to shift off the parent and onto the people intentionally communicating with children. Frankly the proposal above was very reasonable. If you don’t want to intentionally communicate with kids then do nothing and you have no liability.
I want to intentionally communicate with kids, because kids have always been valued members of the online communities I frequent. Right now, it is easy for social media giants to exploit children, easy for child predators to get access to abuse children, and increasingly-difficult to maintain online spaces in which children are allowed to safely exist. That is surely not what we are intending to accomplish, here.
The header (for videos and other) was mentioned in [1]. I agree that is the way to go.
Adding a header to a web server or load balancer or app server if done globally can be done in a minute or two. Maybe 5 minutes for the intern not counting QA testing.
But you are right, the inverse is easier. I like that too. That was debated in the other recent thread.
Yes, exactly, this should be really simple as a foundation: by default the Internet is for adults. All of it. Where it's desirable for things to be available for kids, create the economic incentive and easy tools for parents to use and run on a white list, not a black list.
I'd actually go somewhat further though and ask whether it's a good idea to even do this via web pages at all. We have a great potential system for this already: DNS. Do something useful amongst all the ridiculous vanity and spam TLDs for once and set up a ".kids" gTLD, or ccTLD for that matter so that different countries can set their own regulatory standards naturally (ie, .kids.us, .kids.uk etc). Domains could also be used for some broad buckets for people who don't want to drill in, ie, .1-6.kids, .7-12.kids, .13-17.kids, or whatever is deemed appropriate, but simple age brackets that would offer some sane defaults. 1-6 could simply not allow any ads, user generated content or algorithmic feeds whatsoever for example. There are a lot of knobs to turn. And then at the registry level it can be ensured from the get-go that anyone getting a .kids domain is fully identified, located in the country in question, has valid ID, has specific credentials or is an accredited organization, or whatever other criteria makes sense.
But ultimately the point would be to create something that is built right from the ground up, and in turn that doesn't interfere with what has already been built at all. Something that can also be worked with at the gateway and thus cover every device on a LAN, and for that matter can easily be plugged into the vast number of powerful tools we have for working with that stuff. It'd be easy to put a nice UI on all this, even to make it higly automated. For example, have a setup wizard where you enter children, put in date of birth for each, and it'll spit out a password for each one. This then auto-provisions the network such that each kid has their own VLAN (password for PPSK or even wired connection) and is automatically limited to the domain groups of their age bracket, which then changes as their age changes.
Parents should be able to dig further in and get more granular with content categories, metadata for which could be required for anyone hosting a site within that domain, but I think there is the potential to make something both pretty bullet proof and pretty accessible, using existing tech stacks, and without impinging on the present internet at all including privacy and anonymity.
The vast bulk of the internet is child neutral. For example my church a web site, the bakery down the road has one, the local pro sport team has one. They're not designed "for kids", but kids are welcome.
Does StackOverflow need to register a .kids domain just so children might get answers to programing questions?
If my-bakery.co.uk and my-bakery.co.au both want to be visible to 16yo there needs to be at least kids.uk and kids.au.
Does OpenSSL.org or OpenSSL.com get to be OpenSSL.kids?
Sorry but duplicating the entire neutral internet domain space with yet another tld isn't a helpful approach.
That's the trouble though - those friendly neighborhood sites can generally be assumed to be appropriate for kids, but if we create the expectation that they must ensure they are appropriate for certain age brackets simply by virtue of being online, those sites will cease existing.
Instead of running their own websites, they'll migrate to a platform like Facebook. That way Meta handles the burden of moderation and the legal complaints for the inevitable moderation failures.
I surprisingly seriously disagree, and think you're perhaps missing a lot of the contention in this whole societal debate. The point is to give people workable tools with some level of agreed sane defaults they can make use of, tweak, or ignore entirely, without imposing any burden at all on the existing internet and its adult (or children with parents who wish it) users.
>The vast bulk of the internet is child neutral
First: by who's standards is one of the core questions! What's neutral to one parent may not be to another. You illustrate this with your very first example in fact, "For example my church a web site". There are religious parents (and no doubt atheist ones as well) who would quite strongly not want their young child to visit your church's website.
Second: there is a difference between simply wanting to be child friendly and taking on a legal obligation and liability to be child "safe" to some given standard. Parents would be perfectly free to whitelist whatever additional sites they liked, or to subscribe to lists that curated whitelists of various sorts, or to use other controls. But a politically significant number of parents clearly want assurance that their child will near-never (with actual enforcement mechanisms for failure) encounter something outside of bounds. Meeting that need requires either whitelists or the sort of restrictions that would wreck the current web (and probably still not work very well).
>Does StackOverflow need to register a .kids domain just so children might get answers to programing questions?
If the parents of said kids want it to, then yes? Why would that be a big deal? I'd be surprised if like most places SO doesn't already have piles of domains purely for defensive purposes, and as something nationally regulated I certainly envision such a domain registrar being dirt cheap (or even free, paid for by tax dollars) for domains. Given the context and that it'd be very much not open to all there isn't any need to worry about cost to dissuade scammers and such, they'd be prevented from ever registering in the first place. Rules around use of trademark, business names and so on could also be very strict.
>If my-bakery.co.uk and my-bakery.co.au both want to be visible to 16yo there needs to be at least kids.uk and kids.au.
Yes? DNS is not expensive. And again, parents don't need to make use of it. This would be for those who do, who are right now pushing for ID for everything. It's a safe default walled garden, but one with doors any parent can open.
>Does OpenSSL.org or OpenSSL.com get to be OpenSSL.kids?
Which one chooses to get accredited by a regulator or child protection organization with insurance and so on first? Why are you asserting either would even bother? Which one would be happy about having to verify ID of users right now?
>Sorry but duplicating the entire neutral internet domain space with yet another tld isn't a helpful approach.
Sorry but you haven't thought about this very clearly at all. This proposal is very explicitly a small subset of the entire neutral internet! Duplication is never something I suggested, rather the very opposite! The "entire neutral internet" is by default adult here, but parents would be able to allow children to browse it just as now. However, some are clearly unhappy with that, enough that we're seeing politicians respond with things that would be very bad.
Instead, the default should be, that if there is no header or it cannot be parsed, then the content is unsafe. And if there is a header, it describes the page rating, like what kind of dangerous content it may contain. The header may be added to any displayable content like HTML, text, images, audio or videos, but not to machine-readable content like JS files or AJAX responses.
So only those who wants their site to be accessible by minors, have to add headers. For social networks, the user might have an option to mark his content as "safe".
This means that with my proposal existing site operators need not to do anything to mark their sites as "unsafe" - all sites are "unsafe" by default. This means that millions of site operators need to spend 0 dollars to adapt their sites. How great is that?
The browser on a device with parent mode, should not allow displaying any content which doesn't have a header or that is marked as unsafe, or that contains header with invalid value. The parents may whitelist some sites.
There should be a reponsibility for intentionally marking unsafe content as "safe". We should also think what to do with foreign operators, intentionally putting invalid headers for unsafe content. Maybe they should be added to some kind of blacklist that the browsers would periodically update.
Search engines like Google could work by default in "safe" mode, but add "unsafe" header if the user wants to turn off restrictions.
> If a site is not adding the RTA header then progressively fine them into oblivion.
I think my proposal is better because it requires only fining those who intentionally misrepresent content safety.