Tim Cook Goes to Washington to Fight App Store Age Verification Legislation

[mw360]

No, it's parenting. Just like it was at the advent of the radio, movies, television, video games...it's 2025, being a parent very obviously includes monitoring what your children do on their devices and online. Just because it's easier to socialize the burdens doesn't mean its the right thing to do.

Except of course, being not a parent, not having to actually live through any of this stuff for real, you don't know a whole lot about monitoring kids online. You don't know about the research that says monitoring kids full time is ALSO detrimental to their mental health and development. You don't know the stress they suffer having less privacy from their parents that we used to. You don't know how difficult it is for them to understand things like puberty and sexual development when they can't even look up a Wikipedia page without a parent knowing about it.

Kids used to be able to go play in the woods, read books, talk about taboo stuff in a huddle at the bottom of the garden. Now their lives are online and their parents are supposed to 'parent' by watching it 24/7? That doesn't work either. That was never parenting. You could tell a kid not to watch the DVDs on the top shelf and that was that. The DVD shelf didn't have an algorithm pushing the movies on the kids.

 

[macfacts]

The government has been trying to fight internet anonymity since the beginning.

That said, which ID do you use. A birth certificate has no picture. A school ID probably has a picture but doesn't have a birthday. But in any case how would you verify the school ID or birth certificate was real? Most kids don't show up in any of the databases, since it's kind of illegal to track kids in many states.

I suppose they could say "if you're old you have to prove it." It still becomes a problem of verification.

And would Apple be liable if, say, someone presented a fake ID? If there's no way to actually verify an ID (and there actually isn't an "official" way besides a stare-and-compare) then what?

didn't apple solve the ID problem with driver's license in apple wallet?

 

[HMI]

That’s like saying beer companies should be responsible for verifying age versus the store selling it. Not buying it.

The Gub doesn’t care about the kids, they’re just using that as a chisel to force all online activities and devices to be ID verified without any VPNs, so they can start social credit scores and Universal Basic Income.

Or so this one thinks.

 

[surferfb]

didn't apple solve the ID problem with driver's license in apple wallet?

I’m completely talking out of my you-know-where here, but given Apple’s very public and repeated statements about privacy, I suspect Apple doesn’t see the data contained in the driver’s licenses uploaded to wallet, and even if they somehow do, they absolutely don’t link the data to the user’s AppleID.

 

[fmillion]

What I'm truly afraid of is when companies figure out that age verification systems can actually benefit them and decide to just drop any complaints voluntarily...

* You can track ages of users more accurately -> more targeted advertising
* You can get accurate numbers of kids vs. adults, even within households -> "anonymous" data mining and profiling
* ID verification at signup -> You can strictly enforce "one account per person" policies
* A national or international clearinghouse of "undesirables" could pop up that ban you from any participating site once one site decides you're unworthy (the "social credit score" system)
* All companies can now attach interactions to actual real human identities -> HUGE data broker boom (and government data collection)
* Once they have it, they can be subpoenaed for it -> government will finally have the truly invasive per-person monitoring they've wanted

Sadly, the government is unlikely to listen (they just focus on "but the children!") and if companies are forced into it, of course they'll find a way to capitalize on it... and how to do that is already obvious. Responsible companies might choose to use a truly external verifier (only returns a binary true/false - is this person an adult), but the law does not require that level of privacy - very large companies would be free to implement their own in-house age verification systems (and hence, have access to all of that data).

 

[Jeeve Stubbs]

Some organizations like banks or brokerages must see your ID before you can open an account. They've had to do it for decades and none of them complains about privacy risks. Why would giants like Apple - larger than most financial institutions - be treated differently?

 

[macfacts]

What I'm truly afraid of is when companies figure out that age verification systems can actually benefit them and decide to just drop any complaints voluntarily...

* You can track ages of users more accurately -> more targeted advertising
* You can get accurate numbers of kids vs. adults, even within households -> "anonymous" data mining and profiling
* ID verification at signup -> You can strictly enforce "one account per person" policies
* A national or international clearinghouse of "undesirables" could pop up that ban you from any participating site once one site decides you're unworthy (the "social credit score" system)
* All companies can now attach interactions to actual real human identities -> HUGE data broker boom (and government data collection)
* Once they have it, they can be subpoenaed for it -> government will finally have the truly invasive per-person monitoring they've wanted

Sadly, the government is unlikely to listen (they just focus on "but the children!") and if companies are forced into it, of course they'll find a way to capitalize on it... and how to do that is already obvious. Responsible companies might choose to use a truly external verifier (only returns a binary true/false - is this person an adult), but the law does not require that level of privacy - very large companies would be free to implement their own in-house age verification systems (and hence, have access to all of that data).

I suspect apple already does this and freely shares this data between "in-house" companies (I.e. iOS app store, apple music, apple fitness), another disadvantage to companies like Spotify.

 

[surferfb]

I suspect apple already does this and freely shares this data between "in-house" companies (I.e. iOS app store, apple music, apple fitness), another disadvantage to companies like Spotify.

If Apple were actually tracking stuff like that, they’d have to disclose it under GDPR. Their documentation is very explicit about what they can’t use, and this type of data isn’t included.

I know its fashionable to think “Apple isn’t as good as they say they are and Tim Cook will do anything for a buck” but if Apple were secretly doing what you’re claiming, and it ever got out, the regulatory consequences would be catastrophic. GDPR fines can be up to 4% of revenue per violation, per jurisdiction. And even if the EU somehow let them off with a slap on the wrist, the PR consequences of “Apple said your data belonged to you and was private but they lied to you about something they said was a fundamental human right” would also be catastrophic.

Apple would never take that risk without disclosing it, and there’s zero evidence they are. Honestly if they wanted to do that they’d just be upfront about it and sell your data like everyone else. They’d make way more money that way and not risk lawsuits and potentially company-ending investigations from every country on earth.

 

[01cowherd]

I’m completely talking out of my you-know-where here, but given Apple’s very public and repeated statements about privacy, I suspect Apple doesn’t see the data contained in the driver’s licenses uploaded to wallet, and even if they somehow do, they absolutely don’t link the data to the user’s AppleID.

They see the data, but they claim to delete it immediately after the digital ID is issued, and the video selfie is deleted "shortly" after. https://support.apple.com/en-us/118260

 

[surferfb]

They see the data, but they claim to delete it immediately after the digital ID is issued, and the video selfie is deleted "shortly" after. https://support.apple.com/en-us/118260

Thanks for sharing! I had no idea that’s how it worked.

 

[Ethosik]

I've never once had to upload my driver's license or photo ID for any of those. And only two of them have I had to show photo ID (voting and possibly picking up a prescription). In neither case was my photo ID saved.

Agreed. There is a MAJOR difference between physically handing someone your physical ID and uploading it digitally. We will have nonstop data breaches

Like this.

ID photos of 70,000 users may have been leaked, Discord says - BBC News

The platform says hackers targeted a firm that helped to verify the ages of its users.

www.bbc.com

 

[Ethosik]

Mysteriously, parents are no longer able to parent their children and only a kind, loving, (soulless) 3rd party is able to save our children from the dangers of the world!

The government could not care less about the well-being of your child - government and big tech are slowly, generationally, wearing down people’s resistance to being monitored and documented. All the news, all the noise is a carefully crafted distraction designed to keep citizens bickering amongst one another.

Agreed. Parents need to parent. Have a computer in a space where the parents are constantly there. Don’t put a computer in a kids bedroom. Give kids dumb phones instead of an iPhone when they are 8 and they start uploading TikTok’s when they are 13.

 

[Ethosik]

One feels that the current push to age verification will spread, no matter one's opinion this is a case where the Government overrules and does what it wants. Thus unavoidable; I feel that I too would rather the ID is checked in a double blind method from the phone's store.

Absolutely not the app to have ID or even facial scans, too much evil/clumsiness/greed/criminal-risk there.

But I would absolutely prefer it wasn't being rammed in. Sigh, I am getting far too old for this dystopia.

I think Apple should come up with a solution to Apple Pay. Have everything on-device and store things in the Secure Enclave. When an app needs ID verification, the phone should use Face ID etc and submit a secure one-time token. Just like how when you order through Apple Pay the merchant does not see your credit card number. I think ID verification should operate the same way.

No way to track BACK to a user after the fact (so a data breach is meaningless) and the site confirms your age through the one-time “transaction” data.

 

[Ethosik]

Except of course, being not a parent, not having to actually live through any of this stuff for real, you don't know a whole lot about monitoring kids online. You don't know about the research that says monitoring kids full time is ALSO detrimental to their mental health and development. You don't know the stress they suffer having less privacy from their parents that we used to. You don't know how difficult it is for them to understand things like puberty and sexual development when they can't even look up a Wikipedia page without a parent knowing about it.

Kids used to be able to go play in the woods, read books, talk about taboo stuff in a huddle at the bottom of the garden. Now their lives are online and their parents are supposed to 'parent' by watching it 24/7? That doesn't work either. That was never parenting. You could tell a kid not to watch the DVDs on the top shelf and that was that. The DVD shelf didn't have an algorithm pushing the movies on the kids.

Oh give me a break. I openly discussed sex with my parents. They were fine with me looking up stuff to learn.

Yes parents should only allow a kid to use a family wide computer in an open space.

The thought that young kids should be allowed the freedom to participate in the digital world freely and PRIVATELY is insane. As you get closer to adult age (maybe after you get your license) you should be given the privilege of having more privacy.

Digital space is a lot more damaging than before we had the internet.

Yes kids should go back to playing in the woods and actually discussing things in person with their friends.

 

[Ethosik]

Some organizations like banks or brokerages must see your ID before you can open an account. They've had to do it for decades and none of them complains about privacy risks. Why would giants like Apple - larger than most financial institutions - be treated differently?

Because I physically give the bank my ID. Not have it stored in a database and have it exposed after a data breach weeks or months or years later.

 

[gleepskip]

I think Apple should come up with a solution to Apple Pay. Have everything on-device and store things in the Secure Enclave. When an app needs ID verification, the phone should use Face ID etc and submit a secure one-time token. Just like how when you order through Apple Pay the merchant does not see your credit card number. I think ID verification should operate the same way.

No way to track BACK to a user after the fact (so a data breach is meaningless) and the site confirms your age through the one-time “transaction” data.

 

[justanotherdave]

Cowards. They were once happy to scan everyone’s photos for CSAM, but they won’t check ID to help protect young people? Merely proves how much virtue signalling this company is will to throw around.

What a ridiculous comment.

Apple had a privacy focused method of scanning photos that was unique to them and people STILL whined about it. Further, Apple never actually implemented CSAM scanning. They only announced it, delayed after pushback and then cancelled it.

While all this was going on Google, Microsoft and Facebook actively scanned CSAM without protections (for example, Google flagging nude pictures a mother sent to her doctor so they could monitor the child's progress at home).

But do go on about how nasty Apple was over CSAM scanning they never used.

 

[justanotherdave]

A lot of parents don’t know how to use parental controls and many apps don’t require a purchase, yet provide access to adult content.

Why should Apple be responsible for bad parents?

Oh wait, Apple is ALWAYS responsible.

Remember when Apple was sued because kids racked up in-App charges playing games on their parents iPhones? Sounds like fantastic parenting to me. Give Junior my iPhone and let him play so he leaves me alone. Then complain when Junior purchases something.

And yet somehow Apple was on the hook for millions because of stupid parents.

If you can't manage a computing device you have no business giving it to a child.

 

[justanotherdave]

Yes, which is why I said they were once happy. And they backed down because of the immense pressure from the public and industry members who knew it was a double-standard.

No, the double-standard is watching people ignore all the other tech firms doing CSAM scanning with little to no protections for users then complaining when Apple announces a more privacy focused version of scanning and people pretending it's the worst thing ever done.

Edited: Where's all this "immense pressure" to stop Google, Microsoft and Meta from doing CSAM scanning?

 

[East India Company]

Tim does not want anything that could slow down app sales even if it means not protecting children. He could sell his mother and still spend time justifying why.

 

[lusty]

definitely I can't get them to do what I actually want because they are often too binary.

I suspect it’s because there’s more profit in not doing what you want it to do. Same reason Apple are against this, they’ll lose their biggest market.

 

[nt5672]

Why do parents have to be told they are responsible for their (under-age) kids?

Because most kids these days are raised by the government to distrust/ignore their parents. So parents have abdicated that responsibility.

 

[nt5672]

There are adults that can take advantage of kids, or kids make stupid decisions, like talk about their home address or where they live with strangers online.

There is also harmful content online that kids shouldn’t have access to. People seem to forget that the Internet is the entire world, that includes people with bad intentions, people that are not mentally well. It’s everyone.

Kids also might not understand the difference between reality and fantasy.

A teen could see a man degrading a woman in a porn and think that’s how they should act and what is expected.

To raise a kid, rightly or wrongly, is the parents responsibility, not some App Store that will never get it right.

 

[whatnot]

Tim Cook Goes to Washington to Fight App Store Age Verification Legislation

I saw him on South Park last night, didn't look like a work meeting at all.

 

[CapitalIdea]

Except of course, being not a parent, not having to actually live through any of this stuff for real, you don't know a whole lot about monitoring kids online. You don't know about the research that says monitoring kids full time is ALSO detrimental to their mental health and development. You don't know the stress they suffer having less privacy from their parents that we used to. You don't know how difficult it is for them to understand things like puberty and sexual development when they can't even look up a Wikipedia page without a parent knowing about it.

Kids used to be able to go play in the woods, read books, talk about taboo stuff in a huddle at the bottom of the garden. Now their lives are online and their parents are supposed to 'parent' by watching it 24/7? That doesn't work either. That was never parenting. You could tell a kid not to watch the DVDs on the top shelf and that was that. The DVD shelf didn't have an algorithm pushing the movies on the kids.

What a load of copouts. Your kids are perfectly capable of going to play, read books and talk about stuff with their friends. Quit pretending like you're so overwhelmed just because there's a new season of something on streaming and therefore you're simply incapable of NOT buying your kid a smartphone or setting time limits. Furthermore, drop the whole "Oh i would have to be on them 24/7" BS. If you are a GOOD parent, you don't have to do that.