One tweak to the rules and all of a sudden not only do porn sites have to verify the age of their UK visitors but also anyone connecting from something other than a residential ISP.
The more troubling thing about these laws is enforcement. The threat of fines only works against websites that map to a business entity. For anything else there will surely see a ramp up in the size of The Great British Firewall Ruleset, edited by the courts, and distributed to the Big N (5?) ISPs.
What will become of the smaller ISPs that refuse to block illegal sites?
I don't think many people object to blacklisting known sources of child pornography etc.
The fact is you now have to verify your identity (name and photo id) in the UK to access an adult subreddit.
If the vpn endpoint is in Rome or New York City, how will the UK government force that non-British vpn service and that non-British porn site to verify the age of anyone using it?
It's easy enough to get a list of IP addresses from those vpn services and just block them if you're Netflix, but to force compliance on anyone traversing the tunnel is another thing entirely. The UK government would have an easier time banning vpns outright.
I've found Tor is mostly useful for reading, not participating. Exit nodes get blocked from registering on most sites. One workaround is to register at a café or library then use the account over Tor, but sometimes even if you're being civil (see my comment history for a a pretty good picture of the style of discussions I have anonymously) sometimes you'll wake up to find the account nuked.
Which sounds like a silly question ("of course the marketing is BS") but why even bother marketing if the core value proposition of your billed-monthly service doesn't work? Seems like a waste of money since you'll at most get people for one month when they cancel after realizing they can't watch Canadian Netflix from Florida, or whatever.
The UK instructs ISPs to block access to deliberately non-compliant sites, however users want to make connections to the sites and those sites want to receive connections to those users. VPNs will be effective in allowing access to non-compliant sites as long as ISPs can't identify the VPN traffic.
Of course, the British ISPs can initiate the tactics used by China to identify and block illegal traffic. However there are limits to this. Unlike Chinese users, British internet users regularly make connections to international servers so various bridging techniques are possible. Like VPNs, proxies or even Remote Desktop.
Yep, they are all lying to you, but with a wiggle room for a workaround or to point the blame at Netflix. Once you get in, you'll notice that Netflix, Prime Video, Steam, some of YouTube, and pretty much any legitimate service with geo-fencing not working. You then email support complaining that this is not working for you. The answer varies depending on the company. For example:
- Private Internet Access will try to up sell you for your own static IP. That hopefully remains undiscovered by Netflix et al for a bit. (Obviously you're trading anonymity and privacy aspects of a VPN if it's a static ip attached to you, but I don't think people trying to stream Netflix from Italy or where ever care about that)
- Mullvad will tell you: yeah that doesn't work. We never advertised that. Don't renew next month.
- Proton will keep asking you to try endpoints manually (each country has hundreds of endpoints and their app picks a random one. Just keep trying different ones manually. They might give your account access to some "new endpoints" (if they have them) that are not blocked yet. Hopefully once the refund period has passed, they will tell you "sorry we're having trouble with Netflix currently. we're working on it"
Some of them will suggest using "another streaming service??" because "Netflix is having issues in [INSERT_COUNTRY]"
The 1 month period is also usually priced much higher anways. E.g. PIA is currently $11.95/m for 1 month, $39.96 for 1 year, and $79.17 for 3.25 years (instead of half a year @ monthly). With a curve that steep it's obvious they have severe retention issues at short intervals.
They can, it’s just a lot more expensive than a $10 a month VPN. They’re typically metered and you pay by the byte.
I mean, it’s more of a bot network really, but there is a massive amount of bandwidth there.
The UK does not have jurisdictional power over anything outside their country - they can not a foreign site to do age verification of foreign residents.
Now, the UK can say that they need to check for all UK residents, regardless of them using VPNs. But if there are no practical way to do this, I think the UK will have diplomatic issues enforcing anything to non UK companies breaking that laws - as they would need, eg. Germany, to help them enforcing the law on certain providers.
It's up to service provider to implement such involved checks. Not sure about e.g. Netflix allocating resources to implementing this, clearly resulting in customer loss.
I expect service providers to cut corners to both comply with local laws and not frighten customers away.
There are alternatives like Hola VPN, a "free" peer to peer VPN except non-paying users have traffic routed through them. But performance of peer to peer VPNs are not as good.
And is_vpn(ip_address) is a service that's offered by a variety of vendors already.
This is a ubiquitous tactic at the highest level of law enforcement.
These can be wildly effective at such matters. I'm sure most countries can come to some understanding with the UK on the matter; be that foreign aid, trade concessions, assistance with their own law enforcement, or perhaps acknowledgement/support on the international stage.
I mean, it's probably the case that traditional VPNs are also dragnets to some degree, but TOR is a confirmed NSA dragnet.
It's a stupid equilibrium.
Literally - in most of the world terms of service have no legal effect and violating them is not a crime - they are merely a declaration that the service provider feels bad if you do certain things, and if they feel bad they might decide to terminate your account.
Most of them prohibit running servers at home and using p2p apps. Has anyone here ever gotten their connection shut off for either of these?
This is a red herring for authoritarian tyrants in the UK to get more control over their population, which is all they're ever looking for.
The UK can't tell a company in Cyprus or Switzerland to do anything unless they're ready to tell the SAS to put their boots on.
I would add that from my experience with the Gulf, at least, the ME has created one of the gayest places on Earth. The separation between genders has led to a disproportionate number of women and men semi-openly sleeping with their own gender in a kind of "don't ask, don't tell" way.
It feels like the "punish them for being gay" is used, like the poster below you mentions, as a way to turn the screws on you when they need something to use against you for another reason.
The situation is the opposite for age verification laws. In this case, both porn sites and their customers have aligned interests. Both sides want to allow VPNs. Both sides want to abolish age verification laws, and if that is not possible, to circumvent them.
It's conceivable that a VPN provider could change the V6 IP on their server every hour for the rest of time and still get unique addresses.
If the VPN server only has an IPV6 address and no V4 address, can they connect to the target website?
The number of these systems scales in a reasonably tractable way — on the order of the number of ISPs and physical Internet infrastructure around which traffic needs to be routed.
As well as making aggregate routing possible you can use the ISP’s registration details see what location (or legal jurisdiction) a whole chunk of address space has. Hopping around IP addresses will give you unique ones every five minutes but they’ll all still be inside 2001:123::/32 from AS1234 aka Apathetic Onion’s Finest Habidashery and Internet Connections LLC, Delaware, USA.
That would be quite the overreach as those endpoints are no longer under the UK jurisdiction and there is no way for a website to tell if the user connecting through them is or is not in the UK.