A few days ago, I clicked an age restricted video on Youtube and usually I just state that I am above 18 but now they ask for a credit card number or an identity card to prove it.
I am not going to send this just to watch some random video clip that users have declared not appropriate to a young audience because it features a zombie. Seriously!
You work so hard explaining to your friends good infosec practice like not just typing their credit card in because some site wants to "verify their age" and then Google and Apple just go and fuck around with stuff like this.
At this point the best advice you can give your friends is "stay the fuck away from computers unless you're willing to sit down and read a bunch of FOSSS manuals."
Related anecdote: A few years ago, my father bought a android tablet to my grand parents (both 85+). After watching them use it for a few minutes, I realized how user hostile the technical world has become: tons of ads popping up and asking for your attention (“click me”, “download x”, “make your device run faster”, etc).
This and apps “redesigned” every few month, breaking the workflow they've struggled to learn (they usually needed to follow the hand-written note, they had taken when I showed them how to do).
They've used it a bit more than a year, with occasional breakage, and they now have stopped completely.
This is why my 90++ old completely non-technical mother has been using Linux since the 90s. I set up a very customized fvwm environment with mutt (also customized) and emacs (same) and helped her learn it. The beauty is that nothing has changed at all in over 25 years!
Root it, install a dns level adblocker (either for their network or just the tablet), install appropriate apps for them (preferring FOSS when possible via fdroid) and relock the tablet before giving it to them. Oh, and run a backup of the whole device first.
I can't believe it has to come to this to get a usable device for a growing segment of the population. Old people practically need their own IT department fighting for their best interests with how predatory tech companies have been towards them. They are SOL if their kid isn't a techie.
You should try using android trackphones. The instant it connects to a network it will download gigabytes of crap and launch it in the background. It doesn't matter what you're trying to do, whatever it is will get killed because all the malware needs more memory. Apps you want to install will be added to the end of the long queue. The (expensive!) cellular data will be instantly burned through by Facebook and friends.
It's incredible. Personal computing is well and truly dead for the "consumer."
Apple has become the most valuable company in the world because they own everyone's computers so anyone that wants to publish commercial software has to bend over for them.
They're not valuable because of any service they provide.
iOS ecosystem also has a problem with gratuitous UX changes. E.g. that physical Home button on early models was a godsend for non-tech users - if they found themselves somewhere unfamiliar, it was always there as an escape hatch, without doing anything non-obvious like swiping from the edge. And then Apple killed it.
Another frustrating thing on the notch devices is that they put the control center on top instead of the bottom. Years of muscle memory down the drain.
In fact I did exactly this to solve the ad issue, but they ended up stopping anyway because they couldn't cope with the constant UI change of their apps (Skype & TV replay apps). And there's nothing I could do about it.
On major mobile networks in the UK, SIM cards/data plans by default have an adult content internet filter enabled. Blocks stuff like pornography (obviously) and even some other various adult age-focused content like gaming websites. (I've seen the EA Battlefield/Call Of Duty websites blocked before)
Usually if you try to access, say, pornhub.com, it'll redirect (ala. WiFi captive portal style) to an internal network page and you have to enter a credit card to disable it on your account. A debit/bank card won't work. I'm over 18 now but at the time I came across this (also over 18) I didn't have a credit card but I ended up bypassing this with a Curve (Fintech 1->many card thing) card which seems to identify as a credit card on the network's system.
Alternatively, if you don't mind never seeing the assistant again (jk.), you can go into one of the network's shops and ask the assistant to turn it off by providing some ID like a passport/driving licence.
This only reinforces my image of the UK as a long since resigned totalitarian police state — that, along with the huge 1984-esque CCTV posters with giant eyes hanging watchfully over a dreary autumn midday in London.
It's hilarious. If this technology existed 50 years ago you can be sure they'd be filtering out any homosexual content. "We must protect the children from filth" after all. Good old nanny state.
The posters I referenced were from 2002 [0]... I can only imagine how much worse it's gotten since then.
> Attention Londoners: Big Bobby is watching. That's the message of posters plastered along London's bus routes earlier this week to assuage riders' crime fears.
> But the posters are having the opposite effect on privacy advocates, who say the artwork is creepily reminiscent of the all-seeing authority described in George Orwell's 1984.
> The posters show a red double-decker bus crossing a bridge as four floating eyes stare down from the sky. The eyes' pupils are the symbol of Transport For London, the city's mass-transit provider.
> "Secure beneath the watchful eyes," the poster says. "CCTV and Metropolitan Police on buses are just two ways we're making your journey more secure."
The whole "asbo" thing that they had for a long time was also in a similar vein. And the ability of even fairly low ranking police commissioners to declare some area as having "high chance of violence" temporarily, which allows them to stop and search people without warrants or anything like that - basically like stop & frisk in NYC, but without the pushback.
All that said, it's not really totalitarian. A police state for sure, and an authoritarian uber nanny state, but totalitarianism is a whole different ballgame.
I see much of the hardline Islamic substrate in the UK as deeply totalitarian. See this BBC Panorama documentary on Sharia courts functioning as a separate legal system for an example of what I’m talking about: https://youtu.be/4gZCFdHkd4A.
If the all-powerful, authoritarian UK police and the (currently underground) Sharia courts ever collide or end up working together, that’s going to be one hell of a totalitarian trip. Not good at all.
Though France has similar religious demographics, I think France might at least stand a better chance of holding back the influence of Islam, given the country’s strong and storied secular tradition.
In all Western countries that I know of - including UK - those courts are effectively arbitration courts, so they're very limited wrt the kinds of rulings they can make, and even then both parties have to agree to abide. So they're not really a separate legal system.
Unfortunately, many of them hand down rulings which conflict with UK and other local laws. At the very least they are conflicting systems — to what degree is a point of contention among legal scholars in the UK, as outlined in the linked BBC documentary.
There's no real conflict there, because the proper courts always have priority, same as in any other arbitration arrangement when the parties don't agree to participate.
I set my age to about 3 months old in Skype and got locked out. They need my CC to verify my age because of COPA (child online protection act in the US) or something.
>No, Apple doesn't dictate credit card verification requirements.
that's the point parent was making; Apple made a decision about such things when allowing an app within their ecosystem that makes such choices (Skype, in this case).
> In 2019, the Government of the State of New York sued YouTube for violating COPPA by illegally retaining information related to children under 13 years of age. YouTube responded by dividing its content strictly into "for kids" and "not for kids". This has met with extremely harsh criticism from the YouTube community, especially from gamers, with many alleging that the FTC of the United States intends to fine content creators $42,530 for "each mislabeled video", possibly putting all users at risk.[58][59][60] However, some have expressed skepticism over this, feeling that the fines may actually be in reference to civil penalties, possibly intended for the site's operators and/or warranted by more serious of COPPA violations or specific cases of "mislabeling videos."[61][62][63] As of July 2020, nobody has got the $42k fine.[64]
I had this happen on a gaming forum, they upgraded to new forum software and pushed users through a 'update your account' flow. I accidentally set my year to the wrong number and ended up locked out of what had been a long-term username.
It was bad, actually, because they had developed a system where your username on the system was tied to your in-game nickname as well so I ended up locked out of both and had to create a new username/nick.
The admin of the website literally said "there's nothing I can do". I'm sure this isn't to do with the law specifically but just some limitation of their tools.
> The admin of the website literally said "there's nothing I can do". I'm sure this isn't to do with the law specifically but just some limitation of their tools.
At the gaming forum I helped to run around 10 years ago we consulted a lawyer and this [asking for birthdate but not allowing birthdate changes] was the only way to keep out of serious trouble and to not need ID verification.
Hah, that probably explains all the age-disclaimers on dating sites. I had assumed it was just "login with Facebook" people not being allowed to change their birthdate by Facebook, but as it turns out that may have been unjust (though FB itself might also prevent bday changes for the same reason).
I had to solve these questions back in 95-96 (when I was 15) after buying these games used from a pawn shop. I used various sources from multiple BBS's and teachers at my high school.
Tbh I think this sort of thinng would be harder today, if you took away the internet "for a night", because pop culture is now much more fragmented than it was back then.
On one hand, people have given up their credit card for worse pre-Internet or outside of the Internet (like "free" or nearly free trials that turn into a subscription service).
On another, Google already has a lot of peoples' credit card numbers by way of Google Pay. Does this expose those people to any more risk?
And for those who haven't given their credit card number, as a protection against abuse or "accidental" purchases (in-app, in-game, premium content, etc.), this looks like a suspiciously-convenient-to-Google mechanism for acquiring CC data.
We were previously told that it was advisable to use YouTube under an alias, and that other personal information such as phone numbers would be used only for account verification.
Those policies were rescinded or proved to be lies.
The problem isn't that Google is going to do something bad with your credit card, it's that because it's Google, they are training people to be okay with it everywhere else. Like when my bank sends me an email with a link to an external domain because I have a "secure" message.
Actually Google is going to do something very bad with your credit card - link your online nym to your meatspace identity so they can better surveil you. That's much worse than having to deal with a few fraudulent charges, which at most requires mailing in an affidavit.
Aren't there some credit cards that can create virtual numbers?
Just give them a virtual number and then disable it right after registering. Then have your free trial, and only if you decide to actually subscribe, change it to a credit card number that is active.
Businesses should not be unscrupulously trying to make money off people who forgot about the product during their free trial.
It might not be that dangerous right now, but it sets a bad precedent. It gets users accustomed to that, and gives bad actors a cover for their activities: Look, Google does it!
My favourite is how many sites want you to click on a link in a "verification email" to log in, especially if you take basic precautions like blocking scripts and trackers and deleting cookies periodically. All that work training people not to click links in unexpected emails, and these companies get a bright idea to require that to log in.
It's not required by the EU. If not all the sites that have content not appropriate for children, such as porn sites, or Reddit, would need to implement this. And of course you wouldn't give your ID or credit card to a porn site.
Google is the only company that started to implement this. To me it's not required by law but they decided to do so to get more user data. Also because having a credit card doesn't confirm nothing about your age. I use a credit card to buy things online since I'm 13, you can have a credit card even if you are not 18, simply your parents need to sign for it, but then it can have your name on it.
In 2010, Google required your ID card if you enter a false birth date, and you are locked out of your account in the meantime. Happened to a colleague of mine because we were using Google Apps for Business. Because he didn’t want to give his real info to Google at work, he couldn’t work for 2 days and had to give Google his ID.
> if they know it's false why do they ask for it, they already have the right one
Great question. It seems like it's being used as authentication, rather than authorization, in that it's meant to prove that you are who you say you are.
AFAIK the age restriction credit card thing (inside the EU) is the result of some stupid law change (the Audiovisual Media Services Directive). Google probably doesn't want to validate users' age (because selling ads to impressionable kids is very lucrative) but they have to now.
I'm so tired of tech people saying "it has to suck because the law requires it", when they clearly haven't read it. You hear it all the time when discussing tracking banners or ID verification. NO, the law does NOT require your implementation to suck, and most laws give you plenty of leeway in how you implement it. This is really not personal, but I HATE the argument.
Take this as an example. The AVMSD isn't new, it was codified in 2010. It has a website[1], and on that website you can read the rules (they even simplified them for us). The rules about minors are pretty relaxed[2]. For non-linear content (such as on-demand video) the law requires that content which "might seriously impair the physical, mental or moral development of minors" wont "normally" be seen/heard by kids. Nowhere does it say that YouTube has to require a National ID to show a video of a zombie. It's all interpretation, because that's how we do laws.
It's true that YouTube said that it's "in line with AVMSD"[3], but it's a lazy excuse to shove in a feature.
> I'm so tired of tech people saying "it has to suck because the law requires it", when they clearly haven't read it. [..] The AVMSD isn't new, it was codified in 2010. It has a website[1]
You know, if you were going to rant about people not reading things, you probably should have first validated your own assumptions. AVMSD was just updated ( https://digital-strategy.ec.europa.eu/en/policies/revision-a... ) which just recently went into effect. The updated law requires online video platforms to age gate content for children. How, exactly, do you propose they do that with an implementation that doesn't suck?
> if you were going to rant about people not reading things, you probably should have first validated your own assumptions
I did, but I didn't stumble on this revision. Now that you linked it, I see hints everywhere that I should have noticed the first time around. Thanks for bringing it up. Although, I'm rather unhappy if my rant was taken to be about reading comprehension though. It really wasn't. I'm annoyed at people blaming laws for poor implementation.
To tackle the revision though, lets looks at the revised text. It's kind of hard to get a hold of, since the EU document database is apparently down, but i managed to find a copy[1]. The relevant text seems to be:
establishing and operating age verification systems for users of video-sharing platforms with respect to content which may impair the physical, mental or moral development of minors;
Even here, it only calls for age verification. Again, there's no requirement for checking credit cards or passports. If we look at one of the drafts of the now enacted law[2], we see that they seem way more concerned with the differentiated moderation between platforms than the adequacy of the age verification process. We have to keep in mind that watershed (only showing adult content after a certain time) is considered an appropriate way of deterring minors from watching. The EU commission clearly don't think we should disallow children at any cost.
I don't think it's on my to find a better implementation for YouTube, but with all the smart engineers they have access to, I would think they could come up with something less intrusive.
> I don't think it's on my to find a better implementation for YouTube, but with all the smart engineers they have access to, I would think they could come up with something less intrusive.
The sentiment behind this sentence is the driving motivation for almost every single bad tech law on the Internet. Programmers aren't magic, there are limits to what they can and can't do.
Almost every bad tech law starts out with someone saying, "I don't know how this is going to work, but you're required to make it work, and if it falls apart it's your fault." You see this show up in the encryption debates, in the copyright directives, in debates about moderating content and identifying abuse, in the debates about age restrictions. It's universal, it comes from this belief that if you just require things, they'll magically happen because people can "nerd harder".
It is, of course, usually very good for tech laws to legislate outcomes rather than methodology. However, that doesn't get rid of the obligation to determine whether the outcomes being legislated are actually possible.
> it comes from this belief that if you just require things, they'll magically happen
We should be somewhat sympathetic that non-experts may not know the difference between a possible and an impossible technical goal, and we have to accept that for a politician there isn't much electoral advantage to be gained from trying to explain the difference to their voters.
However, each time I hear an impossible goal proposed, I can't help imagining the politician saying "We managed to land people on the Moon and return them safely, so surely we can do the same with the Sun now."
> I don't think it's on my to find a better implementation for YouTube, but with all the smart engineers they have access to, I would think they could come up with something less intrusive.
So you don't even have any idea what a better implementation might look like, not even a completely technically infeasible one? And the thousands of smart YouTube engineers, whose jobs revolve around making access to content frictionless to the point of being accused of making it addictive, just haven't thought "we should make this not suck?"
> Even here, it only calls for age verification. Again, there's no requirement for checking credit cards or passports.
Age verification offline has always been done by checking IDs. Why would you expect anything different by shifting to online? The law demands age verification, and youtube delivered the de facto standard for age verification in the form of ID checking. That seems to be extremely cause & effect of the most straightforward variety. There's no reasonable expectation for anything different to have occurred unless those creating the law also outlined how to do this in a more privacy-sensitive manner. But they almost certainly didn't, so obviously tech companies would go with what's well established practice instead of trying to skate on legally thin ice to create new precedents for age verification.
I doubt it. I've worked in a couple different social media companies and default age system is ml guessing unless you do something extreme like this. That gives you reasonable accuracy, but still very noticeable error that's a lot worse than id requirements. It's fairly hard to have confident age especially when a very high percent of people lie about there age if you just ask directly. I remember hearing a number like half of people underage just lie at work although unsure how serious that stat was. There were engineers that did spend projects on better age modeling as other ways just seemed unviable. If you make a legal requirement well enjoy id requirements.
The main path I can see around this is if the government/some company became accepted standard place for basic profile information. But that's just another id except a digital one. You can probably make a digital id system with good way of specifying which fields you grant to another company. The actual digital id when created will still need a physical id/government check though.
> NO, the law does NOT require your implementation to suck,
This is kind of an excuse though, because I have never seen an implementation of an age gate online that isn't kind of awful. You either make something that is trivial for kids to bypass, or you make something that is invasive, like Youtube's system.
So we get these laws that say, "solve the problem", and there isn't a way to solve the problem. But criticism of the law or criticism of the law's outcomes aren't allowed because the law doesn't technically require that your solution to be terrible. It just asks you to do something that's impossible to do well without violating someone's privacy.
In the US (at least for a while) this was solved by pretending that self-reported ages are an effective way to protect kids. And we pretended that would at least reduce exposure to this kind of content, even though in practice it has basically no impact at all. But if the law doesn't care about effectiveness, then why have the law in the first place? So we raise the standards a bit so that the law has some teeth. But again, nobody has ever in any context demonstrated a working age gate to me online that doesn't involve violating someone's privacy or collecting identifying information about them like a credit card or ID.
So it doesn't actually matter whether or not the law says the solution has to be terrible. The only outcomes that are possible from these laws are either ineffective solutions or invasive solutions. If there is only one method to accomplish an outcome, then requiring the outcome is effectively the same as requiring the method.
If it was codified in 2010, was is it only going into affect now 10 years later? I'm not an expert in browsing EU law, but I do see a "revision" of AVMSD [0] that passed in 2018 and started going into effect around 2021 in various countries [1]. The two links you posted very clearly say "archived on 2012" so they are not the new version.
How do you even define content that "might" seriously impair the physical, mental, or moral development of minors. This is so subjective I don't see how you could get away with marking anything that wouldn't in the US be rated PG.
At that point in order to ensure that such content isn't shown to minors you have to require a credit card or an ID because any reasonably kid would figure out how to set his or her age to a reasonable age of majority to avoid being pigeonholed into kid stuff.
Can you give me an example of an alternative strategy that would be legal and more reasonable?
> NO, the law does NOT require your implementation to suck,
When the law is "you have to verify a meatspace user's age before showing them content that could arbitrarily be considered 'adult' by some group of lawmakers who most likely have different and more puritan values than you," yes, it does require your implementation to suck, because that law sucks by definition.
I'm glad YouTube implemented it this way, so that the pain of shitty laws can be felt instead of being allowed to proceed. Maybe people will actually try to push back against overzealous Internet regulation at some point.
It's possibly not how they wanted to interpret it (though I see how it helps their ad/tracking business). But it is probably how they have to interpret it because they might get sued if they didn't. At the very least it's an expensive court case to dismiss. All whilst eyeball-thirsty news agencies print articles such as "Google Refuses to Support EU Child-Protection Legislation", and Twitter-personas post tweets like "Uh Google - what about the kids?"
I'm not saying that the law requires that YouTube does this, all I'm saying is that this policy is the result of the AVMSD. Without the extensions to the AVMSD, Google would not have implemented this behaviour. You can argue that they've implemented an intentionally awful way to comply just to spite the politicians, or that they're overthinking the law, but there's still a direct relation between the update of the directive and the change in YouTube's policies.
Apparently you'll need to scan an ID if you don't have a credit card, and I bet the EU has millions of young adults without a credit card. Either way, the end result is that you cannot use a video service without exposing your real identity to the service provider. And for what? Is there an epidemic of video clips wrecking children's minds I'm not aware of? Lacking that, this doesn't seem even remotely justified.
All this is either EU lifers keeping themselves busy to justify their existence to themselves, MEPs wanting something to grandstand on, or something equally vapid. A much better approach would have been to keep the age prompt and leave the rest up to the parents, ie, to do nothing.
> And for what? Is there an epidemic of video clips wrecking children's minds I'm not aware of?
I mean... maybe. I have young children and have no desire to have them anywhere near YouTube for essentially as long as possible _because_ of that very concern.
You can already restrict YouTube on any sort of computing device you might give kids. Parental controls are built in to Android and iOS. There's no need for every website to duplicate that. However, there's a great "need" for the EU to constantly generate massive floods of legislation because they have ~30,000 civil servants they "need" to keep employed, many of whom earn more than the British Prime Minister.
And unfortunately the EU loves coming up with reasons to fine tech firms because they managed to ensure there are none in Europe itself, so it looks a lot like free money, to an organization that's desperate for it (huge budget hole now UK has left + fines go straight into the EU spending pot).
How is 4000 civil servants / 10% of the entire workforce earning more than the PM not many of them? What threshold of the workforce would need such compensation to be considered many, in your view?
> How is 4000 civil servants / 10% of the entire workforce [...] not many of them?
As a raw number, sure, 4000 is "many" but 10% is not really "many of whom" (which is what GP said) - for me, obviously; other people's interpretation may vary.
(e.g. If I said "there's some cats outside; many of them are blue" but only 10% are blue, I would expect people to query the "many".)
That's an interesting take on language. If you said many cats were blue, given that cats are never blue I'd certainly feel you were justified in saying many were if 10% of them were.
I tend to interpret many as a relative term, meaning "a high number relative to what you're probably expecting". The dictionary is no help here as it just defines many as "a lot", but that in turn is also a relative term.
I think if you want to argue with this point, a better tack would be to argue that the British PM is underpaid and EU staff are what "normal" compensation should look like. Quibbling over whether 10% of them being paid more qualifies as a lot isn't that worthwhile.
Being in the situation of currently enjoying* the UK PM's leadership, I'd be more inclined to argue the other way.
(Although, in a more serious tone, I would argue that long-term high level civil servants probably do deserve a higher wage than transients like PM, President, Cabinet Minister, etc.)
Well it should be your responsibility to control what your children see online, on the web there are things fare worse than the one you can see on YouTube.
I don't see why YouTube should ask your ID where most sites that host adult content doesn't.
The 100% adult content sites get blocked by school proxies or sometimes even ISPs. Because youtube is mixed content it has to implement access control on the site.
Are you specifically worried about the 18+ videos that youtube allows? I feel like even a perfect age check wouldn't do much to make youtube safer for young children.
> All this is either EU lifers keeping themselves busy to justify their existence to themselves, MEPs wanting something to grandstand on, or something equally vapid.
Or.. companies being obtuse with their implementation of the law, as they often are with the cookie/GDPR laws.
Well, the devil is in the details. In practice, making sure that kids can't see certain content or making sure that they never get advertised to often involves age validation.
There's some stuff we can do with content that is targeted at kids, I don't think those laws are inherently bad. Although... last time we tried to expand laws around advertising in content directed toward kids, that resulted in a huge number of game streamers and animators getting demonetized, to the point where Youtubers were doing wild things like swearing more in their videos so they could prove that they weren't targeted at kids. We seem to have a lot of difficulty articulating legally what the difference is between "kid appropriate" and "kid targeted" is, particularly when it comes to stuff like video games or "wholesome" (for lack of a better word) content.
To me, it's very much a "who's going to bell the cat" policy. I don't want kids to be subjected to so much advertising, it's a great policy. In theory. But I have not so far seen any practical implementations of age restrictions online that haven't either been completely worthless or really problematic for both privacy and free expression.
It makes total moral sense, but Google has proven that morality is not their top priority when money is at stake. That's why governments fine companies that do undesirable things; it forces shareholders to care about ethics.
And perhaps it shouldn't; America's prudeness around sex but glorification of violence has had an effect around the world through Hollywood for years. Adding that morality to the flow of information might not be what we want.
I would much rather allow kids to watch trailers of Battlefield than to have to give Google pictures of my ID/passport. But that ship has sailed now. This is the new reality and it'll probably be applied to more websites in the future.
My exploration online was effectively unrestricted while I was growing up. The internet had far more objectionable content back then that was easily accessible. I don't feel that it had any real negative effect on me. Why would I worry myself sick over my kids seeing it?
Also, even if there is more objectionable content than a Battlefield trailer, the Battlefield trailer is restricted by the same rules. And if everyone else in your kids' friend group is talking about Battlefield then you'd be excluding your kid from it by limiting access to that. And if you don't limit access to it, then you get all the other 'objectionable' content too.
Well then parents should apply legislative pressure, which should arrive at Google as "fix this or we legislate", and bingo, Google need to do something. That is parents doing parenting. Parenting happens through societal structures.
I have two kids. I don't actually mind when they see advertising because it has given me a great opportunity to explain the tricks being used to sell product. I think they are generally wary of advertising now because of this.
Right, and it's not the tobacco industry's fault that people die of lung cancer, people should just know better than to smoke in the first place.
And if you didn't know, children will eventually start using computers by themselves, probably before they are 12 (probably in first grade or kindergarten, I wouldn't be surprised). A huge portion of internet users are children. That's a fact. The reality is that a huge portion of children are online, and advertisers are specifically targeting children on youtube.
Sounds good. Say I'm a non-technical parent that wants to give my child access to YouTube but not allow them to watch content that they're not old enough to consume on their own. How should I do this? I want to give them the freedom to explore topics they're interested in so downloading some pre-approved videos isn't going to work. And my kid is smart and will realize that any account-specific setting can trivially be bypassed by logging out.
What should I do? Not allowing my kids access to the internet at all is a non-answer in 2020. Hell it was a non-answer in 1995.
Say I'm a regular member of society and want to watch the trailer for a new Battlefield game. How should I do this? YouTube asks me to give them pictures of my ID for that. This is the mechanism that will be used for this right now.
And it's all in the name of "protecting" children. This isn't some future hypothetical - it has already happened. I've been barred from a whole slew of content on YouTube because of this.
Right now it's only used by Google. It's likely that in the future most websites will use this, because it's government regulation.
I mean this already existed prior to YouTube, it's just that before you couldn't access the 18+ trailer at all outside of an R rated movie theater or late night TV because it had to be made for prime time and print where content restrictions were enforced.
I don't see this as any different than a theater asking to see your ID before letting your buy an R rated movie ticket. I sympathize that it's annoying hell but you probably also don't want Google deciding for themselves what your age is.
There is a real different between showing your ID to a person in front of you compared to uploaded a digitized image of it to the internet. The threat vector completely changes once you do that.
If only real 18+ content was the only thing that was affected – unfortunately random other stuff which might at most warrant something like PG (if even that) currently shows up as age-restricted, e.g. the original Tetris God video or the official upload of the Scatmans World music video.
Yes, it existed before and it was moronic even then. But recent EU regulation pushes it onto streaming sites too and that's a different beast altogether considering the enormous amount of tracking that goes on.
The standard we're comparing this to is the past 30 years of Internet Freedom where these invasive nags were nowhere to be found. Nobody was excited about the MPAA in 1995. But we were all excited about the Internet. Now "The Web" has become the MPAA et al. Lame.
The real answer is the behemoths are going to become irrelevant, being inescapably bound to government control and surveillance capitalism. The more hoops and restrictions they add, the more tech people will move to decentralized solutions that don't suffer such bullshit, and eventually the normies will follow. It's just a tragic end to the past few decades of revolutionary energy, pointlessly wasted on centralized dead ends. And in the short term, it's fucking frustrating when trying to get anything done.
You should sit down with your kid and watch it watch the content until it's grown so far that you won't be able to keep it from finding the dirt on the net. By then you've hopefully educated it enough so you can be sure that no harm will come to it after it watched the adult stuff.
Because one thing is sure: your kid WILL see it all because it's 2021.
I mean seriously...you're not closing off all lakes because some kids could drown in them. You teach them how to swim.
Your argument doesn't make sense. There are a huge number of sites that host adult content that are easily accessible by a simple Google search. What can you do?
> What should I do? Not allowing my kids access to the internet at all is a non-answer in 2020. Hell it was a non-answer in 1995.
A non-answer is not allowing everyone else to surf the web without giving their credit card or ID to every website that hosts adult content. It would have a huge impact on privacy of the users and the freedom of the whole internet in general.
A parent should educate their children, but I know that is simpler to set a bunch of restriction, give to the children a computer, and let him sit hours in front of YouTube while you do something else.
I grew up with libraries and video stores for access to analogous materials and didn't have regular internet access until 1999. I really don't see why it's reasonable to expect the internet to supplant parenting duties that would have been reasonably expected in the pre-Youtube state of affairs.
If you want to control what your kids see, don't let them have internet access. This is simply reality. I know that from the time I got internet access, I began to see things that would horrify my parents on a semi-regular basis that they didn't know about. (I had an SA forums account.)
This isn't supplanting parenting duties, it's giving parents the tools to actually parent. Without this your options are basically no YouTube access at all or full YouTube access with zero granularity in-between. The default for logged-out people has to be restrictive or else it's trivial to bypass. The current rules for porn, alcohol, and mature games are a joke and have been since their inception. Everyone being born on Jan 1 1901 is a meme at this point. It's checking a regulatory box without actually doing anything and if YouTube tried it they would be raked over the coals.
Libraries do restrict the materials that can be checked out by minors and I doubt that counted as supplanting parenting. How else could you give your kid any level of independence without the cooperation of other people?
The restriction previously happened at a device level, moving it to google seems like an elaborate justification to move the default to restrictive and break external video viewers and apps like yt-dl.
You should control your kids device and make restrictions there, not place them by default on the entire internet.
Even if you locked them down to YT for kids, do you honestly trust Google to accurately decide what is acceptable for kids? Yeah, no. I don't. (Remember when they had porn in there?)
Lately, they have been good. I don't blame you for mistrusting them because it took at least 4 scandals (I lost track), but they seem to have sorted it out.
Still much worse than just letting parents create an allow-list of channels or videos from any part of YT, including the non-"YouTube Kids" part :-/
It'd be nice to be able to turn them loose on a YouTube that was just educational videos I've curated, no weird toy unboxing shit, without having to, like, maintain my own file server and streaming service.
I suggest that you have a talk with somebody who grew up as a kid with unrestricted Internet access. It might turn out that it's not actually a big problem after all.
This is a tough question and I share it, with two elementary-age kids myself who love youtube. I don't have a good answer either. We put time limits on youtube and require that the kids use common-area computers to access it, but it would be nice if I could feel more confident about the content they're allowed to be exposed to.
It _sounds_ like you're speaking in absolutes though, lacking nuance. If you are, my reply to absolutes would be that we should stop enforcing alcohol sales to minors, as it's the parent's job to ensure kids their don't drink.
Personally i think age verification is good. This implementation is moronic, though. And all around it's very, very difficult. So difficult that it may never be useful.
It's not exactly an age restriction, it's just getting permission from a parent. Either the parent puts in their ID information or they don't. Age restriction would be like movie theaters banning minors from certain movies.
The same argument you are using is the justification for this. “It’s should be the parents decision to allow children to watch this content, not Google”
Selling ads for non-kids stuff to impressionable kids is the opposite of lucrative. Advertisers generally don't want to waste their money on advertising to people who aren't buying.
> now they ask for a credit card number or an identity card to prove it
Related, I can’t install my telco’s app because it’s region-locked to Australia and Google Play Store seems to think I’m in the USA—never mind that my account was created in Australia over fifteen years ago and it’s only been to America twice for a total of less than three months, and that my phone was bought in Australia and set up in Australia, as was my first phone. Seems like a case of an absurd and harmful default. Anyway, the only way to convince them I’m in Australia is to add a billing method. Nope. I’m not giving them billing details. (Now if only the telco would unlock it, as their support staff said they were working on, never mind that the whole process takes less than five minutes and I gave them the help page over a month ago. Or better still, if the telco would just provide a web interface like literally everyone else does, rather than just Apple and Google Android apps. Sigh. If only they weren’t the cheapest for my needs by a large margin.)
Also related to the whole age thing, I just started the Google Settings app half an hour ago for other reasons and it triggered a notification asking me to enter my birthday “to help us comply with the law”, expressed even more strongly on the page the notification takes you to as “Your date of birth is missing. This info is needed to comply with the law.”, with a “learn more about why Google asks for this info” link to https://support.google.com/accounts/answer/1733224?hl=en-GB, where the only sort of thing that they could conceivably be referring to as a legal compliance matter would be the minimum age of 13, and… I’ve been using that account for longer than that anyway.
Create a new account from an Australian IP, sign it in to your Android phone as a secondary account, and then switch to the new account in Play to install the app. (Once installed, use of the app is not tied to the secondary account in any way.)
I had this happen with the old "Ah fuck, I can't believe you've done this" video.
I'm not sure why exactly that has an age restriction, or why I'd give Google some ID to watch a vintage Youtube meme. I presume it's because their ML detected 'fuck' in the audio.
Note to Google: Ah fuck, I can't believe you've done this.
This encapsulates my feelings perfectly. My Gmail account is 17 years old, but I get a notification on my phone every hour or so, that I must verify my age with Google. Nevermind that I've bought plenty of things from them over the years and that all I want to do is watch a YouTube video they happily showed me many times before.
Now I'm shopping for some storage to keep seventeen years of emails etc. so I can do a quick Takeout so that I don't lose access to all my data when I inevitably get unfriended and blocked by them for not being sufficiently compliant.
I had that too. A 14 year old account, with Google Cloud and Google One billing, plus many Google Store purchases and they still wanted me to prove my age. WTF?
That totally makes sense from a software engineering point of view. The age check was probably implemented as a "verified_age" column somewhere, and they didn't bother backfilling it with your existing google account info.
It doesn't make sense for a trillion-dollar company known for some of the best software engineering. There are remarkable lapses in UX with Google products.
Google is the new IBM. There are certainly amazing things being done but 90% of the employees are just doing boring CRUD and have never done anything special.
Someday I hope to read an article or watch a talk explaining Googles approach to UX.
The best UX in a Google apps seems to be Gmail, and that’s honestly not that good either.
Google is able to build insanely complicated infrastructure, design cool languages, they produced fantastic backend software and the they completely forget that people need to interact with it.
Absolutely, but for one of the largest sites on the web, served by one of the richest companies on the planet, being the one company knowing the most about me (and billions more) compared to other companies, and Youtube being probably one of the most profitable sites on the web too, I do expect better.
This, the 2/3 ads being forced down me which are of no interest at all and the constant upselling of YouTube music and the recent shoot down of ad blockers on the desktop browser front really makes it a hostile place to be a consumer of media. I have experimentally uninstalled the YT app off my phone and not used the web site and I haven’t missed it a bit.
> the recent shoot down of ad blockers on the desktop browser
Mobile browsers have been affected as well. uBlock Origin on Firefox for Android has been letting the ads through recently. Fortunately, NewPipe exists, but it depends on youtube-dl so, while it remains free of ads, it's also affected by this change surrounding age-restricted content.
Hopefully people start moving somewhere else within the next few years, maybe PeerTube. Admittedly, YouTube's network effects are disgustingly strong. I wonder what it would take to break them.
Having Android apps could help with people who use an Android device to watch videos on their TV. And if Google does not authorize these kinds of apps on the playstore I think it is more than time to start on an abuse of dominant position suit.
There's also a fork of NewPipe with SponsorBlock support [0], I am hesitant to link it, but I agree that moving off YouTube and centralized networks is the goal.
> Fortunately, NewPipe exists, but it depends on youtube-dl so, while it remains free of ads, it's also affected by this change surrounding age-restricted content.
A friend of mine had trouble with his young kid - he used a youtube video to walk himself through getting a credit card with grandma's birthday money. (I assume the prepaid cards you can get in the grocery store)
They found out when they found a nintendo portable full of games in his closet.
How did everything end up shaking out? Were the parents on the hook for the credit card bill, or was the credit card company on the hook for issuing a card to Santos L. Helpar?
So then what's the issue here? Honest question. He got birthday money and spent it on things. That's how it's supposed to work. If he then finds that he cannot purchase something else that he wanted because he blew his budget on video games, that's a valuable lesson that everyone needs to learn at some point.
Had a video come up as age restricted forcing me to sign into watch. It was a cooking video, they added some form of alcohol to the dish at one point..
Do debit cards work? If so, maybe get a prepaid debit card, buy stuff with it until it has a very low balance, and from then on use it for age verification.
Yep, this happened to me a few weeks ago (even commented about it on a HN thread). I've had this youtube account since about a year after youtube came out and the google account its attached to since about 2005. To not be under 18, I'd have had to be be rather young when I created those accounts.
With all the privacy-invading data google and youtube collect on me, surely they know that I'm old enough to watch whatever I like on youtube. But there's no way I am using either of the available methods to verify my age. I'd rather just not watch stuff on youtube.
I am not going to send my ID card to Google period. Neither will I give them a credit card # unless I'm ... you know ... paying for one of their services. Which isn't likely to happen either.
Edit: especially since it's US age ratings which have no connection to EU age ratings. I ran into it while trying to view some collection of every time Samuel L Jackson says "motherfucker" in a movie. For example Pulp Fiction - which is one of the movies - is rated 18 in the US but ... 12 to 16 in various EU countries?
I doubt it has anything to do with verifying age though. More likely they know people are hesitant to sign up and pay for youtube, but if they can get your credit card in other ways, then later it easier to get you to pay for something because then you just have to press "ok" since your details are already entered.
Plus this gives them your identity, which is relevant because their business model nowadays is based around tracking people.
from YT:
An error occurred. Please try again later. (Playback ID: 5sTGvTkd9YkomV3x)
Learn More
from YT-DL:
$ youtube-dl https://youtu.be/ZIrmxOBnKcs
[youtube] ZIrmxOBnKcs: Downloading webpage
[youtube] ZIrmxOBnKcs: Refetching age-gated info webpage
WARNING: unable to download video info webpage: HTTP Error 404: Not Found
Traceback (most recent call last):
File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/usr/local/bin/youtube-dl/__main__.py", line 19, in <module>
File "/usr/local/bin/youtube-dl/youtube_dl/__init__.py", line 475, in main
File "/usr/local/bin/youtube-dl/youtube_dl/__init__.py", line 465, in _real_main
File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 2069, in download
File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 808, in extract_info
File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 815, in wrapper
File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 836, in __extract_info
File "/usr/local/bin/youtube-dl/youtube_dl/extractor/common.py", line 534, in extract
File "/usr/local/bin/youtube-dl/youtube_dl/extractor/youtube.py", line 1502, in _real_extract
File "/usr/local/bin/youtube-dl/youtube_dl/compat.py", line 2644, in compat_parse_qs
File "/usr/local/bin/youtube-dl/youtube_dl/compat.py", line 2614, in _parse_qsl
AttributeError: 'bool' object has no attribute 'split'
the 404 looks like a take down?
or a hug of death?
As someone else mentioned in the comments, the "get cookies.txt" [0] extension works to circumvent the age restricted measure and i have been using it with success for weeks now.
get the extension, export the cookies.txt file to a folder, then run youtube-dl in that folder with:
it works as of right this minute [1] and in my experience that cookie continues to work even if you log out of your account in the browser and log back in etc
i'm trying to imagine a way to have a more permanent solution, maybe if youtube-dl provided some kind of login prompt type thing to enter some your credentials to virtually log in, although i imagine that would start to be another cat and mouse game of it working and then not working.
But I don't want to use the cookies, I used youtube-dl exactly to watch age-restricted videos without signing-in. I don't want YouTube to track which videos I watch and make history-based suggestions so I never sign-in and reset cookies often. I occasionally stumble upon age-restricted videos and feel curious what's there but I don't want any of them to influence what does YouTube believe my interests are so I just use youtube-dl INSTEAD of signing-in.
And by the way, I always mostly used random birth dates whenever registering anywhere because I consider that personal information and don't want to share it. I don't even know what birth date did I set when I got my GMail back in the days it required invitations.
I don't feel like watching an age-restricted video ever again if this actually requires identification and leaves no workaround.
UPDATE: I'm actually surprised this gets down-voted.
> But I don't want to use the cookies, I used youtube-dl exactly to watch age-restricted videos without signing-in.
Yes, and I want a pony. We can absolutely discuss how useful or harmful age verification on the internet is, (and your points about tracking are certainly valid) - but fact is that Google implemented it.
It is not youtube-dl's job to circumvent that. Their responsibility is letting me download the videos to my hard drive that I can already view in my browser. They never advertised themselves as a tool to circumvent access restrictions.
If the new age verification broke youtube-dl in such a way that you couldn't download the video at all, I think the outrage would be justified - but that isn't the case.
This feels a bit overdramatic. You can remove videos from your watch history and, in my experience, YouTube will cease to give you recommendations based on them. You could also create a separate account used solely for watching videos with YouTube-dl instead of using your main one if you're worried about recommendations. I agree that it sucks that a workaround is necessary, but I don't think this particular one is worth getting too worked up about.
It works for me in practice. YouTube definitely are capable of linking separate accounts in the back end, but in my experience they don't do so for recommendations. I have a separate account specifically for watching a given type of content and I don't receive any of its recommendations on my main account. Now, whether or not they use linking to give advertisements or sell data I'm not sure, but at that point they can link based on IP anyway and we're talking about a separate issue.
Yeah this is a very common strategy of language learners. Have a seperate YouTube account where you only watch content in your target language to keep the recommendations clean
Maybe get a cheap MVNO SIM like Ting Mobile and use that to register?
I know I've had google accounts that didn't require any re authentication in the way of phone numbers for going on years so you can likely discard the number after you show you are human.
I'm sorry, I haven't registered a new account in a while. I tested an account I've had since 2016 that I made with a ex employer's landline phone and I've never registered a credit card to. It is able to play age restricted video by confirming that I want to and nothing else. It's under a fictional name and birthday etc.
Yup, and as per the Internet's one golden rule (of which we have at least a dozen), "Do not (ab)use downvotes to disagree, put your disagreement in writing or stay silent".
It is frowned upon here, but not against the rules. Downvotes on HN should, optimally, only be used to downvote comments that truly do not add anything to the conversation constructively.
qwerty's comment, imo, was constructive, as that is a common use case of ytdl: to watch a video without being explicitly tracked by Youtube; although Youtube still does track you, but in ways that probably violate EU law, and might violate US law too.
1. They have betrayed user trust in the past and continue to do so.
2. They have been sued by the FTC, paid millions in settlements, and failed to prove that they did not break the law.
3. They are currently being sued by the DOJ and many states attorney general.
4. They have made numerous settlements in private privacy-related litigation as opposed to proving they were not liable, despite having enormous cash reserves available for legal costs.
If someone were to suspect Google was "probably" breaking the law, this does not seem like an unreasonable suspicion.
A little while back I posted something about how I found the right wing response to tech censorship funny, given that most sources on the right don't consider it real censorship. I then provided an example. I made no statement of opinion outside of saying I found it funny. The comment itself spent all day flipping between [-2, 2] points. What I found the most odd was that I never even said I agreed with the perspective in the example I cited!
I see the pattern has repeated itself here, how odd.
I don't think it's odd, tbh. People downvote stuff they do not agree with, even though the downvoted statement contains no opinion nor attack. That's just how people behave online.
Normally, there is no issue with people downvoting stuff on the Internet. But on HN, voting results in karma, which results in rights. Downvoting is therefore taking away rights, and as seen, on the basis of just opinions. Since downvoting itself is a right, opinions on HN are shaped by those that hold power with this right over others. HN is, more than any other place, enforcing its own filter bubble.
Not sure if people care about this point on HN. I mean if downvoting someone cost 10 of your own karma, then you bet people would use it more judiciously.
I ran into this earlier this week when I went to watch Kung Fury, a free movie hosted on YouTube which is now age restricted. I pretty much just couldn't. Luckily the Pirate Bay exists, and now I have a permanent copy which is what I probably should've done anyway.
I guess this means I watch less YouTube, which is probably better for me in the long run. But like hell I'm signing in.
I'm born in whatever far back year forms will let me choose in most internet services, over a 100 years old in a lot of cases, I assumed everyone did this.
Three dead trolls in a baggie even made a song about it way back in early 2000s. The privacy song, just fill their database with garbage. Also I'm a 43 year old nun.
I was going to post something very similar, as I would use it specifically to watch videos that want me to give up information and sign in. I don't find that reasonable, thus I adjust accordingly my taking these countermeasures.
You are being downvoted to suppress your well thought out information. It would be nice if HN had a public ledger of who up or down voted a post. You would click on the post and could see which usernames voted and which way. It would bring much needed transparency to combat these information suppression abuses.
Not sure I agree with it, but "Exactly those actions intended to cause publicly visible changes (such as comment graying) should be subject to transparency, which anything else (such as viewing videos or comments) should be subject to privacy." seems like a prefectly self-consistent position.
The moment you participate in voting, you become a participant , even if your participation is really small, instead of being a pure consumer. When the internet came along, so much content has been made available without requiring accounts. Then services appeared that began auth-walling their content. Nowadays you can't even visit someone's linked in page without logging in, and there are major restrictions for places like facebook or instagram. This "must have an account with us" internet isn't the internet the world deserves. And again, requiring accounts for participation is fine. Talking about consumption only.
I am not much of a youtube-dl user (I can download fine from YouTube with a few lines of shell script) but I notice youtube-dl tries to send a "consent" cookie for every video even when not logged in. For example:
maybe one solution might be to create a new youtube account in an incognito browser, and then just use the cookie from that brand new account indefinitely for youtube-dl purposes. that way, the cookie you're using in youtube-dl wouldnt be 'tied' to your real account.
I don’t have a Google account and yet I watch YouTube almost daily. The algorithm still curates a feed for me so why should I have to sign up? I ran into an issue where I was not able to download an age-restricted video last week and just moved on.
Nothing Google does will make me want to create an account.
"... in my experience that cookie continues to work even if you log out..."
Honest question: Should logging out invalidate the cookie for future use. If one of these cookies falls into the wrong hands it grants "evergreen" access to the account. No password needed. I have noticed this behaviour with both Gmail and Facebook. These evergreen cookies makes it very easy to check FB and mail using shell scripts without logging in, which is nice, but it seems like it should be a security issue.
Hmm, it's such a shame that we have a single point of failure for so much of internet culture, not to mention people's actual creative lives.
This is one of the reasons I started using youtube-dl. I wanted to create an independent backup of all my favorite creators and contributors in the event that they have to leave or delete their channels.
This content should belong to everyone. I wish I could trust that all my favorite videos will be there forever, but this is just not the case. Removing the comments on music videos already hurt a lot.
You can't produce value around content without artificial scarcity. In this case, Google/YT centralizes distribution and access, so that in order to consume content you must pay a fee (watch ads, provide personality data, etc.)
This has both good and bad sides to it. On the good side, it means people can make money as YouTube creators. This subsidizes the enormous volume of content that makes the creators no money.
On the bad side, you have a SPOF, and those failure modes can be many and varied. In this case its unwarranted age restrictions, but more usually its fraudulent DMCA take downs, various algorithmic shenanigans, and of course censorship (which can be good or bad, actually).
But you can't have one property (value producing artificial scarcity) without the other (a central point of failure).
The real question is: can content creators host their own content such that they can derive value from it? Will users consume that content, and pay for it, somehow? Theoretically it's possible, but the technical barriers are quite high. YT has capitalized on massive economies of scale to reduce the technical barriers to hosting and monetizing content to zero. This same pattern is repeated again and again: connect computer to the internet, then specialize that computer's software to do one thing really well, attract users/makers, use your control of the platform to extract value from users (inject ads, membership fees, data brokers, etc), profit. The hope is that the value to society outweighs the cost, and honestly I think that's actually the case! I just hope more people get clear-eyed about the trade-offs for-profit internet services make to be viable.
I don’t want to visit independent creators’ websites to find their content - all with different UIs, etc. YouTube gives me a clean, centralized way to access content where I know I will be able to stream 4K and view content offline. This feels massively more convenient to me than having to maintain a catalog of offline videos…
While I think we all agree that centralization of control isn’t great, the consumer gets tremendous value from centralization and this value doesn’t get talked about enough.
Finally your assertion of “this content should belong to everyone” is idealistic. Who is going to pay to store and stream this content? What about the copyright of the actual content creators?
I think you make a good point that centralization provides a lot of value today. However, if the protocols that youtube used where open-source then it would be easier to create generic user interfaces open to all content makers. Similar to what another poster said about RSS feeds.
I think one of the deeper critiques you and several others have made is that someone still has to pay for storage and streaming. Today I am paying. I bought the additional hard disk to store this on. In addition to my time and effort to collect the files. In the future I would pay some amount each month to stream what I have if it gave me access to everyone else's (essentially staking my video files).
I don't mind paying for a good peer-to-peer service. In fact I feel that I am losing a lot more by staying with a legacy system. Hence backing up the videos I like even though I have no method of distributing them.
In my dream world where I have the energy (and time) to devote to writing software outside of work I would love to build something that satisfies this need. p2p creative content sharing which is user friendly so people can just run it and start sharing their work while also helping to distribute the work of others
Well maybe. But the YouTube "protocol" keeps changing. The problems yt-dl has are related to trying to keep up with the protocol's enormous surface area and, as we can see here, sometimes changes have to be made quickly in response to legislation.
That's fine for discovering that an artist has put out a new video, not necessarily great for actually visiting their site and figuring out how to play it.
RSS seems to have worked out quite well for audio content, viz. podcasts; there doesn't seem to be any technical reason why it wouldn't work equally well for video media.
I personally use it for video media as well. One hit on my keyboard and the RSS item opens up mpv with the video playing. Computers are built to parse text, no reason to do it by hand sifting through websites with your mouse.
> Finally your assertion of “this content should belong to everyone” is idealistic. Who is going to pay to store and stream this content? What about the copyright of the actual content creators?
That’s ironic because YouTube beat Viacom in 2013 because “this content should belong to everyone” not us so you can’t sue YouTube go sue the users.
I suppose the next step will be to turn on DRM for age-protected videos, which few will even notice since Widevine is installed everywhere.
Soon after they'll turn it on for all videos, making it nearly impossible for normal people to save any videos and making it illegal to do so in the US.
If there's anything you care about seeing in the future, proactively download it now at the highest quality while it's still possible to do so.
IME it depends on the video. I've encountered videos where the embed workaround didn't work, although I was using the youtube domain not the youtube-nocookie domain.
I am not sure if it's the video itself or if we as 'anonymous' users keep getting in and out of regional a/b testing at youtube.
As an anonymous user I keep seeing different behaviours with both 'forcing' embeddded links and also normal mobile links with latest ublock origin. (On Android with FF + ublock)
"assuming that you have provided YouTube with a scan of your ID card"
I expect that at some point you'll have to prove your identity to use youtube at all, because its in Google's interest to know as much as possible about its users.
Youtube will also probably turn in to a pay-to-view service at some point. They already dominate the video space, and their network effects are enormous, and a huge number of people will pay to continue to get access to that.
It's definitely not in Google's interest to require an action as awkward and engagement-killing as ID verification. They work very hard to not take such drastic steps.
Such requirements are being driven by governments who don't care at all about user convenience, only extending their control over people whilst blaming the private sector for "making" them do it.
I can't confirm without knowing what country you live in. I understand essentially the whole EU requires this, and the US is one example where the checks aren't required.
This is covered by the Audiovisual Media Services Directive 2018/1808. EU member states were supposed to transpose this into national legislation by 19 September 2020, but not all have.
You can see the status for each EU member state here:
Please say which country you're referring to when you say "in my country" on the internet. It allows others to contextualize and verify otherwise useless information.
I bought a bunch of videos for my son to watch on his YouTube account. We can no longer access them as they are age restricted.
I don't have a problem with Google providing parental controls, if I as the parent am in control. But Google have unilaterally decided that for us. Never buying any media from Google (or any other large tech company again). Reverting to second hand DVDs and putting them on Plex.
But the age restriction is due to EU regulation. It's only a matter of time until it filters elsewhere. Switching from YouTube isn't going to make a difference.
>The Audiovisual Media Services Directive (AVMSD) is an EU-wide coordination of national legislation on audiovisual media – both traditional TV broadcasts and on-demand services. Recently, AVMSD was revised to extend certain rules to video sharing platforms (VSPs).
>In line with AVMSD, you may be asked to re-verify your date of birth when watching age-restricted videos. Follow the prompts to submit an image of a valid ID or credit card.
Peertube is a federated platform... running your own instance or using an existing open instance that has some content restrictions would solve the mature content issue.
As far as 'views', in reality the vast majority of Youtube channels also get very few views. You can advertise/promote the Peertube instance just like you would promote a Youtube channel.
Another alternative is to just have Peertube mirror your YouTube channel and link to the instance in every video.
It really depends on the type of content you produce and how your content is 'discovered' but unless you are on the winning side of the Youtube algorithm, peertube isn't that worse.
It's pretty infurating that I've had a Youtube account since 2006 (15 years ago), and now they're asking me whether i'm over 18. A basic calculation on their end could filter the accounts based on age, given the TOS of when they were created (e.g. if the TOS specified that I must be over 13, a 2006 account would mean I'm at least 28, therefore automatically verified).
There's such clause in TOS and I think that's how it worked, unlike Twitter which locked out every account when they added the TOS clause for needing to be over 13 when the account was created.
well I did somehow manage to screw up my dad's linux box like that so anything's possible. (although I suspect it was because I liked to be an asshole and shut his computer off using the power button)
> A basic calculation on their end could filter the accounts based on age, given the TOS of when they were created
I assumed it was a legal requirement, and basic intuition and common sense aren't relevant. Much like the immigration form that says "Are you a terrorist".
I've found YouTube increasingly unusable in general over the last few months. It seems to be pushing absolute rubbish at me. There's a gap in the market for a music-only video service.
If you mean a low resolution, you can use any of several browser extensions (I like Iridium) to automatically "manually" select the resolution right when the page loads for every video, and this will also increase your maximum buffer from 20 seconds (?) to 2 minutes, which is nice if you're on wifi. If you mean on high resolutions the videos still look terrible, that's because the av1 versions of many videos look very bad above 720p on purpose if they're mostly watched in certain countries (can't find the source now, so treat as hearsay) where most viewers are on smartphones. You can mitigate this by going to settings > playback and performance and select "Prefer AV1 for SD."
Thanks for the tips. Will give the AV1 setting a shot. By Iridium do you mean "Iridium for Youtube"? It seems it's not maintained anymore? TBH this functionality was default working on Youtube for me until recently and suddenly stopped. I'm on a 4g based wifi at home (long story) so maybe this is the issue but it 1) only just started happening in the past 2 weeks and 2) really shouldn't be an issue as the speeds are pretty good. Everytime I switch to 1080 or higher even there is no buffering issue at all.
Most frustrating is the YouTube video quality with Chromecast. I can get some 4K to my tiny cellphone, but Chromecast projected to 190" picture on the wall is locked to some unknown SD that is compressed to smithereens making it completely unwatchable.
Are you, by chance, using Brave? I've noticed that recently with Brave as well. Didn't seem to happen in Chrome even when viewing the same videos on the same machine.
I've also been seeing this in Firefox for the past couple weeks or so.
The video quality will default to "Auto-1080p" or similar but it will be visibly much worse than 1080p quality. Switching to 1080p manually seems to be the only way to get good quality.
I strongly suspect that at least part of the reason for these is to discourage people from using Google's properties with browsers other than Chrome (whether it was the reason for creating them, or just noted as a benefit for refusing to fix them once they were identified).
This, and increasing tendency to suggest the same kind of stuff I've already seen, aka feeding the echo chamber. Also quite a bit of stuff that I've actually _have_ seen.
:-) Depending how they used the Music Brainz data could be – there are enough longer songs around on albums at least. (Though American Pie was actually published as a double-sided single, interesting)
While this is admittedly rather handwawy, even outside of this I have the impression that there must have been some lengthening: It feels like basically every Rock & Roll song from the 50s/early 60s mostly is around the two minute mark and very rarely even approaches three minutes. Afterwards however, three or four minutes doesn't seem that unusual to encounter, never mind those really long songs, too.
Given the glut of music streaming services, it seems unlikely to me someone could make money trying to compete with all of those and YouTube simultaneously.
I honestly believe that there's a market for people who want to watch a series of related music videos, and not have "A Vocal Coach Reacts to Silk Sonic!" pushed onto them.
Not sure how it is implemented. It seems to just identify and catalog all of the videos uploaded to normal YouTube where the audio track consists of a single continuous musical track. It's not official music videos.
I remember http://nsfwyoutube.com/ hasn't been working for sometime. Maybe it is related. Is there still a way to anonymously watch restricted videos on youtube? I don't want to login to google to watch videos.
It works for me for maybe 2 out of 3 videos, then about half of those that don't work will work with their backup method (which I guess is maybe a download to their servers and then served from there).
Seems to be video-dependent, tried the one you posted, and it seems to fail, but another one "https://www.youtube.com/watch?v=oY4Gz_Axpew" worked with yt-dlp but not youtube-dl.
Guess it's the beginning of the end of watching youtube for me soon.
youtube-dl https://www.youtube.com/watch?v=oY4Gz_Axpew
[youtube] oY4Gz_Axpew: Downloading webpage
[youtube] oY4Gz_Axpew: Refetching age-gated info webpage
WARNING: unable to download video info webpage: HTTP Error 404: Not Found
Traceback (most recent call last):
File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main
"__main__", fname, loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/usr/local/bin/youtube-dl/__main__.py", line 19, in <module>
File "/usr/local/bin/youtube-dl/youtube_dl/__init__.py", line 475, in main
File "/usr/local/bin/youtube-dl/youtube_dl/__init__.py", line 465, in _real_main
File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 2069, in download
File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 808, in extract_info
File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 815, in wrapper
File "/usr/local/bin/youtube-dl/youtube_dl/YoutubeDL.py", line 836, in __extract_info
File "/usr/local/bin/youtube-dl/youtube_dl/extractor/common.py", line 534, in extract
File "/usr/local/bin/youtube-dl/youtube_dl/extractor/youtube.py", line 1502, in _real_extract
File "/usr/local/bin/youtube-dl/youtube_dl/compat.py", line 2644, in compat_parse_qs
File "/usr/local/bin/youtube-dl/youtube_dl/compat.py", line 2614, in _parse_qsl
AttributeError: 'bool' object has no attribute 'split'
I don't see a mention of yt-dlp in the yt-dl issue tracker, so why is this? Does dlp autocorrect videos to the youtube-nocookie.com embed (as stated https://news.ycombinator.com/item?id=27354423) ?
Nope.
There's two issues being talked about here. If you are in the EU then you have to provide cookies from an age-verified account. Otherwise, the age-gate bypass still works afaik. But the latter is broken in the current youtube-dl release (fixed in yt-dlp).
Also, yt-dl doesn't like yt-dlp to be mentioned on their issue tracker from what I hear.
The whole method that YouTube have used to set this up is worrying to me. In the space that the video is supposed to show there is simply a link to a website that you use to upload your details. It's a phisherman's dream.
Although I'm not sure if this problem is fixed there, you should switch to yt-dlp for more active maintainance and added features/fixes: https://github.com/yt-dlp/yt-dlp
I noticed this yesterday and now I am wondering what to do.
Especially when more and more videos are getting flagged.
ID is out of the question, credit card seems more plausible. However, i wonder what happens when you give the number. I don't want that it sticks after validation...
The only possibility is to get out of Youtube (and other walled gardens) as soon as possible. Talk to your favorite content producers about Peertube, maybe setup an instance with some friends if you're sure you can handle that for the coming decade and not close down in 6 months time.
Both viewers and producers are heavily dissatisfied with Youtube. Time to move on.
If you allow adult videos without age verification you'll get shut down.
YouTube actually allowing adult videos is not something to diss. The fact that they need age verification is the price for it, the alternative is removing all those videos.
According to google ID cards are deleted after age has been proven, but for some reason they might keep credit card information.
>Important: If you enter your credit card info for age verification, Google will retain this data as necessary to meet legal and regulatory requirements.
Must be because of audit laws relating to processing credit cards.
Long time ago I remember reading about some service, that allows using single use credit cards. Last year I was looking for it, as many services cannot ne trusted with this information. But I could nothing like it. Maybe I was just dreaming...
Getting a legit card like that could be possible, but I don't think its worth of hassle and possible costs. Some companies practically throw these cards on you, but usually there is a catch.
My capital one card has virtual cards, and I’ve seen it other places. The only issue is that it’s done by a browser add on that has incredibly high permissions. I handle it by using a separate Firefox profile for the rare occasions I need to use them. I start Firefox with that profile, use it, then go back into my normal profile.
It's not about the limit, but about the tying of identity. If you enter a CC number, Google will then be able to know exactly who viewed the video. If you use youtube-dl, or even ad-blocking, who knows if that violates some T&C, and they could then shut down all accounts connected to you...
That's naive, they will eventually block those kind of virtual cards just like they block virtual phone numbers. The point is to tie the account to a real identity.
Recently, my 15 year old Google account started to nag me for my birthday. If Google was smart, they could have worked out that I'm old enough by now! (The account is older than 13 so definitely not a kid behind it, lol)
Am I the only one who didn't even know that youtube had age-restricted videos? Somehow I have managed to watch it for years without ever getting prompted for age confirmation!
YouTube had to crack down on all kinds of videos because of some laws that congress passed under the pretense of "protecting children". For many content creators it's easier to mark your video as age-restricted than to try and comply with child-friendly guidelines. This is also why so many videos now disable the comments section.
Seeing the incredibly inappropriate content the algorithm (tm) starts suggesting to actual children (I see you like numberblocks, maybe you'll enjoy this fake video of numberblocks killing each other and swearing or this extremely repetitive and epilepsy-inducing flashing video with a couple of numberblocks characters) it’s clear to me they don’t give a crap and just do the bare minimum to tick some legalese checkbox in some compliance form somewhere.
That sounds fine to me; child friendly should mean 'beneficial to children' or at least designed for children and not 'no searching nor nudity [nor extreme violence]'.
I've watched a few channels on retro-gaming where the authors intentionally marked the video as "age-resticted" with the usual disclaimer "the video might contain images that can be disturbing to some people". As in, 8bit gore.
Sadly, the authors need to do this preemptively to avoid getting flagged and potentially taken down.
Needless to say, I was using ytdl to bypass the limit, and I won't be able to watch these videos anymore. I'm not going to log in or give my ID to google.
I noticed this. My android phone is also harassing me for proof of birth date ("to help comply with the law"). I previously just signed out of google, but a couple of weeks ago i signed in for some reason, and can no longer find the way to sign out again. Android is the last google thing I use... looks like it's time to finalise the elimination of google. edit: ah, i think i do a remote sing-out from another device.
I have a credit card linked to my account with Google Pay, and yet they want me to provide it again. That makes no sense. They already have the information.
Gmail recently started prompting saying they need a birthday to “comply with the law”, and that they’ll share it / use it for whatever unless you opt out in account settings.
Under account settings, it only lets you opt out of publishing your birthday to your contacts. There’s no opt out for marketing / sharing it with their business partners, etc.
This is lame. I download stuff with youtube-dl not because of "piracy" (the quality is shit and things like that are available elsewhere), but because I want to make sure I have a copy of important information. This very morning I changed a part on my car using a YouTube video as a guide. I downloaded this when I found it in case it was removed or my Internet connection was down when I needed it. If you go to the library it's perfectly legal to make photocopies of books for personal use. It's just common sense. But these monopolies naturally don't want us to have this right and want to make is think we're evil if we make our own copy of the information.
I feel like these platforms like YouTube are an addiction. We know they have problems but we just can't shake them. I felt this way about Windows and Microsoft on general 15 years ago. I went cold turkey and stopped using those products back then and I've been very happy ever since. But things have become too easy and I've become complacent. I think it may be time for me to shake another addiction.
I got the pop-up a week back or so. I uploaded a photo of my drivers license with everything redacted except my name and date of birth and clearly watermarked it with the purpose and current date.
It was accepted automatically within a few seconds. Can't really complain.
Say there were a command-line or .rc option to confirm you're over age X. How much effort would it be to auto-generate or draw-from a pool of throwaway accounts that over age X?
From the thread, this appears to only apply to EU egress IP addressess, and you can pass in the session cookie of an account which has completed age verification.
This problem may be surmountable, but eventually it seems likely that youtube will be closed to hackers and freeloaders. It's sad in the general sense -- but of course Google is free to modify their services however they like. Hosting all that video is not free and currently they support it via advertising.
This means that any consumer of Youtube should expect that eventually Youtube may stop working for them -- and perhaps all the content they love on Youtube will eventually become unavailable.
An age restricted video could be be one that features mild gore and isn't rated for children, or for example music that originates from an adult rated show... Not everything age restricted is porn.
There are videos that are age restricted because of swearing. Porn isn't the issue here (especially since it's not allowed on YouTube even with age restrictions).
By market forces alone, Chinese censors will eventually gain control of YT and tell people of the world they what they can and cannot post. It's already happened to Hollywood movies.
> it's not about the issue not related to the US, it's that youtube won't allow access to the video when you're accessing a non-embedable age-restricted video from the EU with passing the new age verification requirement, youtube-dl can't simply bypass this condition.
>> I just connected to a US server using VPN, and this is the report i got:
> you didn't pass the cookies.
and fosam amplified[2]:
> If you connect from the EU and have not verified, there is no way without the VPN. If you have already verified your account you can just pass the cookies and download.
Yes, I should have added and verified your age. But none of that is a youtube-dl matter, there is no magic video download link hidden in the page source.
No I've also had age restricted embedded links throw an error with something like "this video cannot be played here" and linking to non embedded player link.
My issue is there is no alternative. I dont want to stop watching or hurt particular creators (not that one person would make much difference, but I enjoy their content) and Youtube is the only option. Even supporting them on Patreon the videos they share are still hosted on youtube... what am I to do about that? For a few (LTT for example has Floatplane) there are alternatives, but there is no app for it to allow me to cast to the TV... so either way I am screwed. The world desperately needs a YouTube competitor. I would be quite happy with a service like Floatplane where I can pick which creators to support, so long as there is a sort of 'preview tier' to help discover new creators which is add based and maybe even time limited.
The economics of it are not good. An ad-supported YouTube competitor won't be able to survive if early adopter ("techie" types) are all using adblockers.
I am not going to send this just to watch some random video clip that users have declared not appropriate to a young audience because it features a zombie. Seriously!