Websites need to block all Utah traffic. If their leaders are going to be shitheads, then no traffic for you until you elect new leaders.
Shit just block Utah from porn and they will change their tune quick
You should see how they’ve gerrymandered their districts.
The gerrymandering works because there are still enough people voting for them. Those people need to be inconvenienced.
I say just block Utah. Cut the grid, blow the highways, and burst the pipes. Maybe burn and salt SLC, let’s see well those profligates last against such odds before they act even the vaguely modern rather than riding Smith and Young’s corpse cocks.
Traffic coming from Utah? Believe it or not, jail.
All adult businesses moving out of Utah. A lot of other businesses too.
I find it so interesting that they will dance all the way around VPN’s, yet do nothing to make them actually illegal.
“Designed to prevent bypassing age checks by people who don’t understand the technology they are trying to regulate” more at 11.
Legislators should be required to understand technology or consult experts in the field before they enact legislation. This is a waste of tax payer dollars and I’m not even sure it’s enforceable.
[…] or consult experts in the field before they enact legislation.
This is technically the justification for lobbying.
Lobbying would be great if money weren’t involved and it didn’t come down to who has the deeper pockets.
It makes perfect sense for both industry and advocacy groups to plead their case to the government and their representatives…that’s kinda the point of a representative democracy. But as soon as money/gifts/favors are introduced, it’s automatically an uneven playing field.
But as soon as money/gifts/favors are introduced, it’s automatically an uneven playing field.
Even if you discount or prevent direct bribes/corruption, there is still an imbalance when a particular group (e.g. the petroleum industry) can afford to employ people as full-time lobbyists, who spend their time and attention on nothing else. It’s much harder to write effective regulation against that, or enforce it.
The only useful response is to organize advocacy groups that can also afford to support full-time lobbyists (the ACLU, EFF, etc).
I’ve said it before and I’ll say it again. Join a lobby. Start a lobby. It’s not just tech Bros that can do this. Anyone can and should lobby for what they want. The difference between you and a tech bro millionaire is that they are organized.
Yes.
Alternatively, donate to and/or volunteer for groups like the American Civil Liberties Union and Electronic Frontiers Foundation (or equivalent groups in your country) which are already organized and employ lobbyists.
I’m assuming these are porn sites? If the site isn’t hosted in the US they have no obligation to comply. The hell are they going to do.
Religion is delusional mass psychosis.
To date, the only countries that have made progress in blocking VPN traffic with some success are authoritarian regimes with ISP-level surveillance.
You know you’re on to something when the only playbook you can find was written by the Chinese government.
The horseshoe theory of mass surveillance
I don’t think it’s has anything to do with a horseshoe when they are just becoming a dictatorship as well. It’s just a line at that point.
Even the Chinese government struggles tracking people using VPN’s, Utah is in for a rude awakening.
I was under the impression that China sorted of allows it so that people travelling for business can still access everything they’re used to
Can we just trade Utah to, I dunno, Mexico for three bucks and a half eaten burrito?
wait, i’m confused, do we have to pay them the three bucks and give them the burrito to get them to take it?
mexico rejects offer, counteroffers three pesos and half eaten burro
I’m sure enterprising Mormon kids will think up a way around it, like soaking for the internet.
Confused… How are websites related to VPNs in this story?
oh no…anyways i’m just going to carry on, y’all get so uppity about anything, lifes too short to give a fuck about age verification
It’s not about age verification. That’s not their goal. They’re trying to de-anonymize the internet to punish and restrict dissent.
Still don’t care, sorry not sorry.
How is this enforceable?
If they start looking into your stuff for any reason, and suspect that a user connected to your site through a VPN, you’re in.
It doesn’t have to be true to begin with. And it doesn’t have to be enforced at scale, only when needed.
Only if wanted, more like.
This will be be one of those that they use to tag onto your allegedly illegal activities. Probably a larger penalty but a secondary infraction that can be painful. They just need reason.
I think you can equate it to if you were pulled over for speeding, and they noticed a busted taillight which makes the fine larger. They can’t pull you over for a busted taillight alone but they can add those fees on and wow do they add up.
They can pull you over for a busted tail light.
Depends just how willing you are: demand domestic websites block any non residential IPs and report any attempted or even successful VPS connections, allow only registered businesses to operate VPNs, use government shipped mobile apps to detect people’s network configs/installed apps/private and public IPs, block any known VPN IP ranges, use DPI to block VPN protocols and detect unusual traffic, allow access only to a select list of domains and IP addresses, etc. There’s a myriad of ways to enforce this, but in the US they will need a few years to set up the hardware necessary to do it, that’s the one thing the US has going for it. Sleep on it, though? You will wake up to intranet in 10 years.
It’s not, it’s an add-on for shifting liability after the fact. Basically, if a site gets dinged as being part of showing some youth something truly evil, like confirming the existence of LGTBQI+ people on earth, then if the youth used a VPN, somehow the site is to blame. And likely fines come into play.
It’s like if a person that’s 19 buys alcohol with a fake ID in Utah - the liability is still on the place that unknowingly sold the liquor. It’s probably based on the same lack of logic.
It’s not.
I think this is one if those laws where they get to selectively choose who to prosecute.
…everyone is always a criminal so those in charge can do whateverthefuck they want with little regard for actual laws.
Were it me…
Wireguard is too obvious, so, Yggdrasil to an out of state or ideally country VPS, VPS to, you name it, tor, ygg, i2p, “the works”.
but, this makes the barrier to entry that much higher. Any public TOR relay is an instant breach of the law and provable if the target IP is identified as one, and most could very easily be. One would need to go private, on their own hardware.
I think this is one if those laws where they get to selectively choose who to prosecute.
Like every law.
Over the course of the last decade, each year has seen an average of 2,685 new laws - the equivalent of almost seven and a half a day or one every three-and-a-quarter hours
https://www.theguardian.com/politics/2007/jun/04/houseofcommons.uk
This was in 2007 in the UK. But I imagine it’s much the same in the US. Literally impossible for anybody to follow every law, but that doesn’t matter because as you say they’re selectively enforced
Seems like it’s the first step in transferring control of the internet to the government.
The government? Whoever is the highest bidder for all the data being gathered. Probably Palantir, as ever.
Step 1 to China/Russia/Iran level internet?
They tried in Russia and electronic payment terminals, that use a VPN, stopped working.
every website will start blocking VPN IPs, more so than what some already do, which is exactly what these cunts want
So then something else will be found that yields a degree of anonymity, that is the game we all play. They sell us security which tastes like totalitarianism and we respond with compliance which smells like subversion.
The EFF warned that the legal risk could push sites to either ban all known VPN IPs or mandate age verification for every visitor globally.
This is the goal.
Could they not also just selectively ban all Utah-based IPs?
People in Utah could still access with a VPN, but never would, because that would be against the law.
Could they not also just selectively ban all Utah-based IPs?
No. Because VPNs redirect traffic from the site to a third party to Utah, in order to disguise the location of the original request
This would be easier that banning VPNs wholesale.
Why is a company or person that doesn’t exist physically in Utah at all responsible for adhering to Utah’s laws? Should be their government’s responsibility to block sites, not the site’s responsibility to block Utah.
Why is a company or person that doesn’t exist physically in Utah at all responsible for adhering to Utah’s laws?
This line of thinking is dangerous as it allows companies to disregard any sane legislation as long as their servers are located in a “safe” place. A large portion of websites accessible from Canada are served from US servers, for example. American companies ignoring Canadian laws because they don’t have Canadian-based servers would be a nightmare
If a company makes any money off users in a geographic area (which includes ad view revenue), they have to follow the rules there which is a GOOD thing - even if it’s ridiculous in this case
Also endorsing governments selectively blocking websites is just bad for obvious reasons
Allowing individual states the ability to dictate laws for the entire country is even more dangerous, for the non-hypothetical reasons we are currently experiencing.
And what you’re describing is exactly what happens with international websites. Its why you can go find tons of websites with open media piracy being hosted in Russia. Are parties in Russia now subject to US laws?
Jurisdiction follows impact, not geography. If a service ‘does business with’ Utah residents then Utah has legal standing to regulate that interaction.
Utah can charge me with whatever the fuck they want. If I’m not in Utah or doing business with Utah and ignore them what are they doing to do about it?
If China decides my posts are a crime because one of their citizens might see it I am in no way obligated to go to China to defend myself or pay their fines.
Utah can charge me with whatever the fuck they want. If I’m not in Utah or doing business with Utah and ignore them what are they doing to do about it?
If you live in the US then the Full Faith and Credit Clause of the U.S. Constitution, which is enforced with under 28 U.S.C. § 1738, requires that all states recognize and enforce valid final judgements from sister states.
If Utah sues you for violating this law you could show up to court to contest the case or they would win a default judgement.
After the State had a judgement they could seek a writ of execution or writ of garnishment to seize your wages or put liens on your properties.
If you don’t live in the US, and don’t plan to ever work or own property in the US then you’re functionally immune to such judgements.
So the US continues to encourage businesses to operate elsewhere. Tired of winning yet?
Then why won’t the US let other countries do digital services taxes.
They can’t have it both ways.
The same reason that sites like Anna’s Archive and The Pirate Bay exist.
State and Federal laws don’t apply to other countries without an explicit treaty or agreement where a country agrees to enforce those laws on behalf of the other.
Utah could issue fines for a foreign company but they would have no way to collect because the company doesn’t own any assets in any location that would be required to follow a court order to seize their assets.
So, what you’re saying is this law will encourage setting up shop somewhere without reciprocal agreements, which will encourage countries to lapse said agreements, weakening US soft power yet more.
Sounds like a win.
Shame so many of the world’s governments have a hard on for de-anonymizing the internet though.
Can’t they argue they “did business with” someone in whatever jurisdiction the VPN IP address is located? And then the Utah resident moved whatever digital goods or content from that location into Utah? So it’s the Utah resident who brought the contraband into Utah, not the website?
Can’t they argue they “did business with” someone in whatever jurisdiction the VPN IP address is located?
Yes, that’s why VPNs work for evading geo-blocking.
This law creates a liability trap by explicitly saying that they cannot claim ignorance and are liable as as long as the State can prove that the user was physically located in the EU.
The only way to effectively comply with the law is to implement universal age verification of all users, regardless of location. This is the actual goal, the law in this article is specifically designed to remove the VPN dodge.
I don’t see how they are going to prove that though. The website is going to say they sent the packets to someone in Russia (or wherever the vpn is.) My point is, I don’t even see how they can selectively enforce this.
If someone comes from Utah to my state and then I break one of Utah’s laws against them, does that mean I’m subject to Utah’s laws? They aren’t doing business in Utah. People in Utah are doing business with them.
I don’t have any way to prevent access to my site based on what laws you’re subject to. Nor do I have any desire to learn 52 states worth of individual laws that may or may not apply to me. I didn’t wire your computer up to the internet, you did that.
They aren’t doing business in Utah. People in Utah are doing business with them.
In the law, those are mutually exclusive. If either end of the transaction is in Utah, it is under Utah jurisdiction.
I don’t have any way to prevent access to my site based on what laws you’re subject to.
If you’re hosting an online business you do have the ability to block users based on location.
Nor do I have any desire to learn 52 states worth of individual laws that may or may not apply to me. I didn’t wire your computer up to the internet, you did that.
I would advise not running an online business then, because the law around jurisdiction and the Internet is well settled.
Geofencing is not trivial, cheap, or even reliable. Are there any cases of sites being legally required to geofence or do they all do it to preemptively avoid legal issues? I’ve only ever seen the latter.
I’m not trying to argue what is or isn’t the current state of law around this; I’m pointing out the absurdity of enforcing it this way and the strange way it’s being used to backdoor state laws into federal ones. This is extremely stupid from a technical, and legislative standpoint.
site traffic gets cut by 30%
“How could this have happened?”
Likely.
In Hungary, we have a term “impossibilization”, used to describe laws that are not technically banning things, but making them near impossible to do. The christofascists of the US want to ban porn without actually banning porn, because that pesky constitution doesn’t allow it yet.
So how do they plan on figuring out if any given user behind a VPN user is in Utah?
We can just add a few thousand tor nodes too. Not sure how they will ever enforce this.
Age and identity verification. Unfortunately selling user data is profitable, so I think this will become more common.
So let’s cripple websites that have VPN users… Lmao. Dumbest fucking government ever.
Well while your isp can’t see what you do when you use a vpn. They can see you use a vpn.
So there is that. However you could use an isp that is not in utah
That works from the ISP end, but this legislation makes websites themselves accountable. Even if it was about ISPs, as you said they can’t see what you’re doing to stop it and there’s too many use cases for VPNs to just block the protocols outright.
They can see you use a vpn.
How? Deep package inspection?
There are known IP ranges for some VPN services. Plus even if they don’t have that, they can see that all your traffic is going to one IP address and can guess/assume it’s a VPN.
they can see that all your traffic is going to one IP address and can guess/assume it’s a VPN
Umm… What?
Like with phone carriers, ISPs can see the numbers (IPs) you are connecting to. If you use a VPN, you’re always connecting to the same IP, which is unusual from a regular user perspective and would tend to indicate VPN usage.
If you use a VPN, you’re always connecting to the same IP
No, you’re not. A VPN provider can have hundreds of thousands of IP:s.
which is unusual
OK, but not unheard of. And even a dynamic IP might remain the same for months, if not years, depending on the operator.
would tend to indicate VPN usage
No, it wouldn’t.
Congrats on technically understanding how a VPN can work while completely misunderstanding how most public ones work in practice!
The acceleration of the popularization of darknets continues, it’s going to be a tough decade, but at the end of it, we’ll all be more private and secure. Learn about Tor, I2P, and anonymous internet alternatives!
Oh, I need to break character here to do a public service announcement.
Do you want to learn how to build onionized explosives? You shouldn’t read the Anarchist’s Cookbook then, or any other instruction sources, as those are compromised to expodes you. Same reason as why some alcohol would kill you during prohibition: your government loves you!
Most of the information in the anarchists cookbook is either incorrect or outright false. You are better off looking at declassified millitary documents.
That was the implication. Actually, I would recommend asking detailed questions on the conpletely anonymous website of this famous hacker, 4chan, to get useful information, and I say this as someone who accidentally faked schizophrenia by telling his ROTC cadre that his nonexistant sister got him pregnant over the course of weeks, so you can trust me. Those fuckers in the government don’t want anything to do with me, man. I’m a s00per skilled criminaler, dude! You want to buy some jerky? $.47/gram, you pay postage, sent by USPS.
But if you can’t help yourself like the filthy animal you, audience member(s), are, definitely look up those military docs about explosives like Pegasus II on Google, so you find that totally unaffiliated website that doesn’t record IP/MAC address of everyone downloading it, just like downloading files from that 4chan guy I mentioned is in no way traceable.
uhm okay :/
I’m a cop, stinky. I gave cop advice. Good luck any horrible people out there!
Have a nice day too 😅
Have they thought about passing a law that checks to see if the people making the law have an IQ above 50?
This is the dumbest, most waste of time bullshit particularly when the rest of the country is imploding. Maybe they should focus on things that matter.
Maybe they should focus on things that matter.
That requires effort. Something Republicans are incapable of doing unless it involves consolidating control over other’s lives.
