I was down in Raleigh, North Carolina this week testifying at a big hearing on mandatory age verification for social networking sites. It was quite a heated battle. The legislation, SB 132, was supported at the hearing by North Carolina attorney general Roy Cooper, several of his staff attorneys, a couple of NC senate lawmakers, and some folks from Aristotle, a company that claims it has devised a workable age verification solution for social networking purposes. A vote on the proposal was delayed and we're still awaiting the final outcome.
Down below, I have attached the outline of my remarks in which I argued that age verification mandates would actually make kids less safe online. Here's why:
1) Age verification is not synonymous with a background check.
* Are citizens being lead to believe that age verification guarantees them perfectly safe online environments? After all, even if the verification process gets the age part of the equation right, it tells us little else about the person being verified.
* Incidentally, what happens when the parent being verified is a predator using their child to create false credentials? Unfortunately, we know that some predators have children.
* This gets to the primary concern in this debate: The very real potential exists that we are creating solutions that inject a false sense of security in parents and children alike.
2) Even assuming we do not encounter problems with the initial sign-up phase and procedures, questions remain about follow-ups and subsequent validations.
* Will parents be asked to fill out and submit paperwork routinely to verify their identity (or their child’s) on an ongoing basis? Will parents be expected to take phone calls from dozens of social networking sites (or call sites themselves) to continue authorization? Will parents tolerate that?
* If the sign-up and subsequent authentication process proves cumbersome and time-consuming, will this encourage kids to search out less trustworthy “underground†or offshore websites?
* How are we going to regulate those offshore sites? Also, could new regulations drive domestic operators offshore?
* In sum, the sheer scale of the Net and online activities greatly complicate the enforcement of age verification schemes, especially those of the parental permission-based variety.
3) Will age verification mandates encourage the rise of an illegal black market in credentials?
* Will kids share or even sell their online credentials, such as their user name and passwords, to others who desire them?
* Certainly kids won’t just stop trying to get onto social networking sites. Are we going to punish kids (or prosecute their parents) for evasion? And, again, will kids look to offshore sites?
4) There are serious privacy issues at stake here, and those issues could give rise to other problems.
* Requiring all parents to be verified before their children can go online will obviously be seen by some parents as intrusive and a potential violation of their privacy.
* If some parents resist such regulations or refuse to submit to such verifications, what will their kids do? Again, it might encourage kids to seek out false credentials of to visit offshore sites.
* Incidentally, who has access to all this new information about parents and children that the government is requiring that social networking operators collect? Do we want online operators creating massive new databases of information about us or our kids if better alternatives exist?
Bottom line: The inherent danger of age verification regulation is that it:
• results in unintended consequences or solutions that don’t solve the problems they were intended to address;
• creates a false sense of security that might encourage some youngsters (or adults) to let their guard down while online; and
• creates potential incentives to push mainstream social networking sites offshore. No matter how bad parents or policy makers think social networking sites are today—and, in reality, the sites are not nearly as bad as they imagine—those sites are infinitely superior to potentially shady offshore websites that are completely unaccountable to U.S. officials. And the domestic sites are more accountable to the general public and are responsive to press scrutiny.
In sum, there are no silver bullet solutions. Instead, we need a multi-prong, layered strategy…
Better approach to online child safety = The “3-E Solutionâ€: Education, Empowerment, and Enforcement
> “Education†refers to not only the need for K-12 information literacy efforts but also, more broadly, to the need for comprehensive online safety instruction and awareness-building efforts. Governments at all levels need to take an aggressive role here.
> “Empowerment†refers to the importance of providing parents with more and better tools to make informed decisions about media and communications tools in their lives of their children. Government can facilitate these efforts in partnership with industry and non-profit organizations. For example, helping to make parents more aware of Internet monitoring tools and strategies would be one of the most constructive solutions.
> “Enforcement†refers to stepped up law enforcement efforts to find and adequately prosecute child predators. It is essential that law enforcement officials receive the resources and training necessary to adequately monitor online networks for predators and to bring them to justice when they are found. For example, law enforcement agencies need sophisticated computer forensic labs and skilled experts to help investigate online crimes. And they need to be trained to conduct proper sting operations to find predators before they harm our children. Finally, much longer prison sentences are needed for child predation.
[For additional information, please see my March study, "Social Networking and Age Verification: Many Hard Questions; No Easy Solutions."]