back to article Facebook is not going to Like this: Brit watchdog proposes crackdown on hoovering up kids' info

The famous "Like" button may be on the way out if a new code for social media companies, published by the UK's Information Commissioner's Office (ICO), has its way. Among the 16 rules in the consultation document [PDF] is a proposed ban on the use of so-called "nudge techniques" - where user interfaces and software are …

  1. veti Silver badge

    Facebook's response makes a good point

    Why shouldn't these measures apply to everyone?

    1. Nick Kew Silver badge
      Thumb Down

      Re: Facebook's response makes a good point

      Once it applies to El Reg, we lose those nice up/downvote buttons. Oh dear.

      Thumbs down to that, not to you ;)

      1. BebopWeBop Silver badge

        Re: Facebook's response makes a good point

        It depends on how they use that information (and explain it) not the up/down action.

        1. Dan 55 Silver badge

          Re: Facebook's response makes a good point

          El Reg's report talks about nudge techniques being disabled for under 18s but The Guardian's report specifically quotes like buttons (and therefore up/downvote buttons too) being considered a nudge technique. So that really would nobble all like buttons, on-site and off-site, unless the user is logged into Facebook (or whichever social network the button belongs to) and has been age verified.

          If El Reg falls under this code, commentards would need to age verify with El Reg to get up/downvote buttons and maybe even just to see the number of up/downvotes.

          1. Nick Kew Silver badge
            Pint

            Re: Facebook's response makes a good point

            It's an obvious ruse to increase your audience's loyalty (or should I say addiction) to your community. That's evil, but in the same sense as booze, chips or chocolates are evil: we're complicit in our own manipulation.

  2. SVV Silver badge

    "we know that teenagers are some of the most safety and privacy users of the internet."

    That's certainly a convincing argument against the risk of "dumbing down".

    1. phuzz Silver badge

      Re: "we know that teenagers are some of the most safety and privacy users of the internet."

      Although it does beg the questions, how do you measure the "most safety and privacy users" [sic], and how many people do the categorise as 'most', and what proportion of those are teenagers (and how sure are they that the ages are correct?).

      Or did they just sort their list by "length of password" (that's basically the same as 'most safety', right?), and find some (purported) teenagers in the top 50%?

      Mind you, I'm assuming that Facebook would say something misleading but technically correct, rather than just straight up lying.

  3. Dan 55 Silver badge

    The code makes it plain that unless the companies enact age-verification systems, the UK government expects them to extend all the changes to all users, regardless of age.

    How would Facebook do this, badger users for a scan of their birth certificate shortly after signing up and close the account down if they don't upload it? They obviously can't let adult users choose to avoid all of Facebook's creepy slurping.

    And as if by magic, by making Facebook' model unsustainable unless they verify everybody's age, we've suddenly got pretty close to China's Internet access card.

    1. mark l 2 Silver badge

      How are Facebook and other platforms supposed to verify whether a user is under 18?

      A lot of under 18s won't have photo ID and a birth certificate is not proof of age as it is probably easy enough to mock one up in Photoshop if you really wanted to.

      Also will these settings only apply while the person is connecting from the UK IP or will they be linked to their account? As if it is account based then it will soon realised that you can sign up via a VPN or proxy from the US or other countries to avoid these restrictions.

      And if they are verifying whether someone is a child or not, then they have to also verify all adults to make sure they aren't a child claiming to be over 18. And before you know it the governments age checks for pr0n sites is expanded to cover a lot more which erodes more of your privacy rather than protects it.

      I can see the next stage will be a issuing all teens with a government issued online ID thus getting them ready for a future where full national ID cards are tried again.

      A national ID card is exactly the sort of thing I expected to start to roll out once the hard brexiteers got there way after we leave the EU.

      1. Anonymous Coward
        Anonymous Coward

        Facebook know a lot more about their users, and a large number of non-users, than their real age - which is sort of the point.

      2. Warm Braw Silver badge

        How are Facebook and other platforms supposed to verify whether a user is under 18?

        The intention, as I understand it, is that the default should be suitable for children (and sane adults) and social media firms will have to demonstrate valid, informed consent before anyone can turn on more aggressive data harvesting.

        The problem for Facebook is not age verification, but that very few people will voluntarily enter their creepy world of slurp-and-stalk - and it's hard to offer incentives to do so as it's not permissible to exchange services for personal data not related to the provision of the service.

        It's difficult to see how Facebook's business model is compatible with GDPR - that's going to be a more significant obstacle.

        1. Jamie Jones Silver badge

          In the future, this will have gone one of two ways:

          Either every company knows everything about everyone (as things have been heading)

          Or, GDPR etc. promote a new awareness, and future generations will look back in horror that companies publically did this sort of thing without employees being thrown in jail. This whole sort of thing will be illegal and morally and socially unacceptable, just like some "old time" activities are to us today. [ Of course, even in this utopia, the governments will still gather everything, for the sake of the children/counter terrorism etc. ]

      3. Jamie Jones Silver badge

        Many of us old farts don't have photo id's either! (paper driving license / passport expired)

        "A national ID card is exactly the sort of thing I expected to start to roll out once the hard brexiteers got there way after we leave the EU.

        I have to agree.

        Incidentally, totally off subject, but why aren't expired passports valid proof of ID? I ain't expired along with it!

        1. gerdesj
          Childcatcher

          "why aren't expired passports valid proof of ID"

          I don't look very much like the photo in my old black (soz, very, very dark blue) passport. For starters, I'm in colour these days.

          1. Jamie Jones Silver badge
            Thumb Up

            Ah... Aging.. I didn't think of that, seeing as I look the same as I did in my 20's... *cough*

            1. Spacedinvader
              Windows

              Aging

              Yet babies require one from birth to travel abroad, that's valid for 5 years...

              I'll hazard a guess and say you look closer to your 20 year old self than your 5 year old self looks like compared to your 5 month old self!

        2. Peter D

          why aren't expired passports valid proof of ID?

          It is to limit the damage done by forgers overcoming security vulnerabilities in passports. As time progresses new printing technologies and RFID technology make newer passports much more difficult to forge. By only allowing unexpired passports you guarantee that proof of ID is accepted only using documents less than 10 years old.

          1. Jamie Jones Silver badge
            Thumb Up

            Re: why aren't expired passports valid proof of ID?

            Ahhh, that's a good point!

            Cheers!

      4. Anonymous Coward
        Anonymous Coward

        A national ID card is exactly the sort of thing I expected to start to roll out once the hard brexiteers got there way after we leave the EU.

        Actually I suspect that this is more likely if Brexit is cancelled ... remainers have made great play of the fact that the UK could reduce number of EU migrants staying in the UK if we (like some other EU countries) strictly enforce the "after 3 months you must have a job or show evidence that you are able to pay for your own health care etc" rule (as free movement applies to workers only) and to implement this will require some way of tracking who is in the country and where they are which could well result in a "European" system of having to register at the local town hall whenever you move location.

        If the UK ends up staying in the EU then I think its inevitable that we'll have to acknowledge that an implication of this is that we are deciding that we are "European" and need to start to align ourselves with the ways things are done in the other EU countries rather than sitting on the edge saying "we're part of the EU but remember we do things differentlly here" ... and id cards (+ requirement to show them on request) are part of that culture (just returned from holiday in Portugal where on occasions we have been stopped by police and asked to show id which as a UK person has to be a passport)

        1. John Brown (no body) Silver badge

          "European" system of having to register at the local town hall whenever you move location.

          Although not compulsory, you already need to do that now if you want to have a vote. If you are a buyer rather than a renter, then you must register with the local town hall. Most normal people are already easily trackable.

      5. Dazed and Confused

        How are Facebook and other platforms supposed to verify whether a user is under 18?

        They've already mandated an age verification requirement for a lot Internet usage, even if getting it working is on hold again. Why should FB be any different to PH. If they require all Internet users to verify their age they'll soon manage to get to a point where they can track all Internet usage by all citizens. Which is surely their goal.

    2. Doctor Syntax Silver badge

      "How would Facebook do this"

      Their problem. No solution? Tough for them.

      1. pmb00cs

        There are online identity verification services that can offer various levels of assurance as to a users identity. These can be paired with more in depth document matching services, for users whose identity is harder to verify automatically. The former are widely available and reasonably priced (for services that actually make money by charging some, or all, of their customers for their products). The latter are somewhat more expensive.

        It's not like there aren't already regulated industries trading over the internet that have strict requirements on knowing who they are dealing with.

    3. Anonymous Coward
      Anonymous Coward

      Facebook already "age verify" people to ensure that they are over 13 before they are allowed an account ... so they already know who's under 18. Of course, this assumes that under 18s don't use the same "put the wrong year in my date of birth field" technique that they used as an under-13 to get an account in the first place!

    4. Chris G Silver badge

      How would Farcebook do this?

      A very good question given the difficulty in ensuring the age given is genuine. Although I am in favour of this kind of regulation, I can see it as providing government with the thin end of an 'ID card for all ' wedge.

      How else to provide proof of age and identity? What would be the format and what info would be passed on to the likes of Farcebook et al?

  4. Solarflare

    head of the ICO, Elizabeth Denham saying in a statement: "We shouldn't have to prevent our children..."

    I read that as "We shouldn't have to parent our children" at first (not had a cuppa yet). But to be honest, it doesn't change the meaning or intention of the statement a whole lot either way. Kids aren't stupid, or at least they are no more stupid than the average adult. People in general will take the path of least resistance, they don't change defaults unless it is to allow something that they are being prevented from doing. If people still get the same 'experience' from their side, thenn tightening up privacy in the background is a good thing. It really should be across the board though, not just for kids.

  5. eldakka Silver badge

    This is the sort of answer that needs to be given to Facebook, as per a Singaporean Government committee last year on this youtube video, which proceed for about 3:30 minutes past the linked point.

    1. Jamie Jones Silver badge

      Wow, if you watch the full video, you'll see that that Facebook representative was an obnoxious arrogant patronising cunt all the way through. He fully deserved that smackdown.

      They think they are above the law. They deserve all the punishment they get.

  6. Bogle

    Or educate them?

    Or we could let the kids know exactly what creepy things these online mobsters are going to do, to them and their friends, and then see if they still want to go on Facebook?

    1. Nick Kew Silver badge

      Re: Or educate them?

      Isn't it customarily the kids who educate their parents?

    2. LDS Silver badge

      Re: Or educate them?

      Did you always listen to your parents?

  7. BebopWeBop Silver badge

    And in a clear poke in the eye to Facebook, the code insists that user are provided with "'bite-sized' explanations about how you use personal data at the point that use is activated" and those explanation be "concise, prominent and in clear language suited to the age of the child."

    So suited to the mental age of most Facebook users?

    1. werdsmith Silver badge

      So suited to the mental age of most Facebook users?

      Probably still a bit of a struggle for them, but they should be able to understand with the help of their carers.

  8. Doctor Syntax Silver badge

    "we know that teenagers are some of the most safety and privacy users of the internet."

    Translation: They lap up everything we feed them.

    NB. What did they intend to say? There seems to be something missing between 'privacy' and 'users'. Or did they deliberately write a meaningless fudge?

    1. Alister Silver badge

      I think they meant to say:

      "some of the most safety and privacy conscious users"

      but they couldn't spell connssccciouuus

  9. LDS Silver badge
    Devil

    "age is an imperfect measure of maturity"

    Is that a direct reference to Zuckerberg? It could be a good point.

    Jokes aside, while imperfect, it has been always used as a measure of maturity - as it is impossible to measure each girl and boy.

    Zuck should be thankfully for that - it would be still be playing with Fisher-Price toys, otherwise - until he learn he can't steal them from other babies.

  10. JimBob01

    How to really poke FB in the eye

    How about changing data laws to make the data collector responsible for any misuse of said data, either by themselves or any party they pass it on to?

    Irrespective of whether the misuser obtains the data legally/consensually or not.

    That should focus a lot of minds on data security

    1. SImon Hobson Silver badge

      Re: How to really poke FB in the eye

      AIUI, under GDPR they sort-of are responsible.

      If you collect data, you are required to say what you are collecting and what you'll do with it. If it gets used for something else then you are on the hook - and that would include if you give it to someone else who misuses it. The latter bit comes from you being required to have suitable measures in place to prevent misuse - including contractual terms with any third parties.

      If the third party misuses it, then you've failed - either your contract wasn't well enough specified, or you didn't have good enough oversight processes to ensure compliance.

      Anyone involved with financial reporting for a company with US parents/owners will be familiar with this concept. Under the US Sarbanes-Oxley act, the head honcho has to sign the accounts as being true and accurate - and if it turns out that they aren't then they can personally be thrown in the clink (that's a powerful motivator !) It was the result of things like Enron and Worldcom and their blatant false accounting. But the end result is that you, as a small UK company, have to put in all the controls and measures so that when the finance numbers are passed up to the US parent, the US finance bods can be sure (as in, stand up in court and say so) that they are correct when they incorporate then into their own financial statement.

  11. AndyFl

    lots of good stuff in the proposal

    To be completely honest I'm surprised how good it is. I've a few doubts about how to implement some of it but that can be sorted out later.

  12. JDX Gold badge

    "language suited to the age of the child"

    Perfect for most adult users too then ;)

  13. Kubla Cant Silver badge

    "age is an imperfect measure of maturity" and the proposals risk "dumbing down" controls for children "who are often highly capable in using digital services."

    Reminds me of "I thought she was up for it - she didn't look like she was under 16".

  14. Rich 2

    Undr 18?

    So, if all of faecesbook's users change their profiles to state they are under 18 then that should stuff them up quite well.

    Of course, many of these recommendations should apply to everyone; not just kiddies.

    And, as has been pointed out many times before, what about people WITHOUT faecesbook accounts? The "like" buttons are still there, so presumably, it must be assumed that ALL users that are presented with one are under 18

  15. Andy The Hat Silver badge

    Why just FaceAche? What about the simple things in life like "Google search", the "BBC App", "CBBC", "Amazon", "Argos", "ITV" and, for those of a certain inclination, "Quest - How It's Made ..."? All of these encourage frequent use and invest in advertising heavily to achieve that goal. Hell, even the AA travel advice and Google maps does that. I'm not quite sure what the difference is between FB as "social media" and the Amazon homepage in the context of encouraging frequent use.

    It does seem that the only successful way of generally implementing the proposed rules would involve, as mentioned earlier, a State ID Card so beloved of Mrs May ( lest we forget she has prior* as Wicked Witch of the West)

    * Or that could be an SG1 reference, and she does expect everyone to toe her line so it is appropriately nasty!

  16. werdsmith Silver badge

    Faecebook? Oh hello Feacebook, you still here?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019