By 25 July, all sites and apps that allow pornography – whether they are dedicated adult sites or social media, search or gaming services – must use highly effective age checks to ensure children are not normally able to encounter it. Online firms who publish their own pornography are already required to protect children from it, and thousands of sites have already introduced robust age checks in response.
Major porn providers operating in the UK have confirmed to Ofcom that they will introduce effective checks by next month’s deadline in order to comply with the new rules. They include PornHub, the most-visited pornographic service in the UK. Other services who are happy to be named at this stage include BoyfriendTV, Cam4, FrolicMe, inxxx, Jerkmate, LiveHDCams, MyDirtyHobby, RedTube, Streamate, Stripchat, Tube8, and YouPorn. This represents a broad range of pornography services accessed in the UK.
Monitoring compliance with these new duties is a priority for Ofcom. If any company fails to comply with its new duties, Ofcom can impose fines and – in very serious cases – apply for a court order to prevent the site or app from being available in the UK. As part of our work enforcing the Online Safety Act, we have already launched investigations into four porn providers and won’t hesitate to take further action from July.
Depends entirely on how it’s implemented, because the website doesn’t need to know who you are, only verify that you are over 18. Which can be done reasonably securely - you generate a random ID on a secure service (e.g here in Finland, we use our online banking stuff for official verification purposes), give that ID to the website, and the only communication between the two of them is “Is id 123 valid and an adult? Yes/No”.
Now, if that “secure service”, most likely a government contract done as cheaply as possible turns out not to be, and they keep logs linking those IDs to the URLs requesting verification, then the entire thing goes belly up.
So your bank now knows you accessed certain websites. And likely one or more middleware services. And you are okay with that?
Was an example of the security, not who is running the service. But I mean, guess who knows if you pay for OnlyFans or stuff like that?
Your bank.
And like I said, it’s only really secure if the service doesn’t keep a database of logs connecting the two.