GDPR

UK ‘porn block’: everything you need to know

The UK ‘porn block’ is coming into effect on July 15. After this date, all UK-based internet users will have to confirm that they are 18 or older to access adult entertainment sites. Given that Pornhub alone received 33.5 billion visits in 2018, with the UK providing the second-most users after the United States, the coming…


The UK ‘porn block’ is coming into effect on July 15. After this date, all UK-based internet users will have to confirm that they are 18 or older to access adult entertainment sites. 

Given that Pornhub alone received 33.5 billion visits in 2018, with the UK providing the second-most users after the United States, the coming age-verification filter is likely to affect a huge number of people in the UK.

While it’s often called the ‘UK porn block’ that name is not entirely accurate. The age verification law is, in reality, part of section 25 of theDigital Economy Act, which has a number of sections relating to online legislation. 

The process works like this: once July 15 2019 arrives, adult websites will need to show a splash screen to UK users when they arrive on the site. This interstitial screen must contain no adult material at all and should inform visitors that they must prove they are over 18 years old in order to continue.

If a user is able to use an approved age verification system then they’ll enter these details, which will likely be a non-identifying username and password. If they don’t have these details then the site might explain how to get them, but you won’t be able to access the site without providing them…or that’s the idea.

All adult sites, whether hosted or based in the UK or not, will need to support this. Sites which don’t support it may face a fine or be blocked in the UK entirely (or both). Eventually, when the scheme has been running for a couple of months, users will be able to report non-compliant sites. 

The British Board of Film Classification has been chosen to administer the scheme. It won’t provide age ID checks itself but it will approve providers who do. It will be responsible for fining non-compliant sites and, if needed, requesting ISPs block those which don’t verify age adequately.

The stated goal of the UK ‘porn block’ is to protect children. The UK government says that young people are too easily able to see hardcore adult video and there is a need to protect them from stumbling across it by accident. You won’t find many people who disagree with that sentiment.

However, the result will be that all consenting adults will need to jump through hoops to prove that they are old enough to access things they’re legally entitled to.

As with most things like this there’s a very good chance a lot of people won’t know how this will affect them, so expect to see some confused and frustrated people wandering the streets on July 15.

The UK porn block is designed to keep children safer online but there are still many risks (Image credit: Shutterstock)

The UK porn block is designed to keep children safer online but there are still many risks (Image credit: Shutterstock)

(Image: © Shutterstock)

When is the UK ‘porn block’ coming, and how will it work?

We know that from July 15 anyone using a website featuring content unsuitable for minors in the UK will be asked to verify their age. 

To do so users over 18 will need to provide proof that they are old enough to access age restricted sites. The verification can be done online or in a shop where a pass can be purchased that confirms the holder is aged 18 or over. 

The burden of proof in a shop is likely to be somewhat lighter than online. While you may be asked for photo ID, say a passport or driving licence, many shopkeepers will simply apply the common sense rules they currently rely on. If someone looks over 18 they probably won’t be challenged to produce ID. 

From this perspective the shop-based approach might seem more of a privacy concern. People seeking adult content could pop into a shop anywhere in the UK and buy their pass, creating the potential embarrassment of someone they know spotting them. 

Online it’s arguable that the process is more anonymous, but you will need to prove your age by uploading some form of identification. The main provider of age checking for this new legislation, AgeID claims that it won’t retain any personal information, with the site claiming that it sends your data to a third party which it then queries to verify age… and you’ll be able to choose your provider.

Once your ID and password are provided you’ll be free to log in to any age restricted site and personal information should never be exchanged. The question still remains, however, about how secure uploading an image of your passport or driving licence actually is. 

We may see different forms of age verification appear too. One natural way to do this would be for mobile networks to issue IDs to users. These companies already know and have verified your age in many cases, so issuing identification should be simple.

What are the ways someone can verify their age?

This is where things take a turn for the downright shady. Firstly, at the time of this article’s first publication in May 2019, the BBFC is listing exactly zero approved age verification systems. 

However we know there are a couple of different options that will likely be part of the approved list and this is where it starts to get a bit concerning from a privacy perspective. 

The main verification technology is called AgeID and is run by a company called Mindgeek. Looking at Mindgeek’s website you could be forgiven for assuming that this is some sort of internet security firm. It’s not. At all. 

It’s the umbrella brand behind some of the biggest adult websites in the world. Mindgeek runs PornHub, RedTube and YouPorn. It also owns content creators and provides payment and monetisation services to other producers of erotic content.

AgeID will be an online system and visitors to adult websites will need to verify their age by uploading proof that they are old enough. 

The alternative, the PortesCard, will be purchased in shops where the vendor will confirm your age. The card contains a code which is valid for 24 hours after it is purchased. A companion app for mobile will enable you to turn that code into an AgeID and to log in. 

Two kinds of PortesCard are for sale, one for a single device and another for multiple devices. There is, of course, some concern that kids will share AgeID accounts with each other, meaning that if one gets hold of a PortesCard then they will give access to others. Some security will be implemented to prevent this but it’s unlikely it will be entirely effective.

The hassles and worries of both of these systems is just one of the reasons we expect many people to turn to VPN services instead.

So, can you use a VPN to sidestep the porn block? 

Yes, it’s a cast iron certainty that search terms such as ‘best VPN for porn’ will skyrocket in the UK the day the block comes into effect. Being able to skirt around geolo

Read More

Be the first to write a comment.

Leave a Reply

GDPR

Marriott owner facing huge GDPR breach fine

The owner of the Marriott hotel chain is set to face a £99m fine following a data breach that left thousand of customer details exposed.The fine from the UK’s Information Commissioner’s Office (ICO) comes after the personal data of approximately 339 million guest records globally were breachedd following a cyberattack.Amazon Prime Day deals: see all…


The owner of the Marriott hotel chain is set to face a £99m fine following a data breach that left thousand of customer details exposed.

The fine from the UK’s Information Commissioner’s Office (ICO) comes after the personal data of approximately 339 million guest records globally were breachedd following a cyberattack.

Amazon Prime Day deals: see all the best early offers right here.

The breach was referred to the ICO by Marriott in November 2018 as around 30 million of those customers affected were residents of 31 countries in the European Economic Area (EEA) – and seven million related

Read More

Continue Reading
GDPR

Predicting the Future of Internet Privacy

About the authorBrett Dunst is the vice president of corporate communications at DreamHost.Every day, a new headline reminds us that keeping our online data private remains a constant struggle. Ongoing controversies involving Facebook and other social media sites only reinforce the point. It’s become depressingly common to hear of security breaches involving organizations who have…


About the author

Brett Dunst is the vice president of corporate communications at DreamHost.

Every day, a new headline reminds us that keeping our online data private remains a constant struggle. Ongoing controversies involving Facebook and other social media sites only reinforce the point. It’s become depressingly common to hear of security breaches involving organizations who have been given access to our personal data—organizations that we’ve often never even heard of before!

How did we get here? History shows that we’ve come a long way in a short time, and reminds us that we don’t lack for founding principles. History also reminds us that our attitudes toward online privacy and the ways we attempt to control it have evolved. So, where is the next evolution going to take us? We have some ideas.

Amazon Prime Day deals: see all the best early offers right here.

1) Encryption Will Become the New Normal

Encryption is an admittedly big tent. It encompasses everything from the hashing that safeguards passwords to the algorithms that guarantee the authenticity of digital signatures. Whatever form it takes, however, encryption represents the tech industry’s attempt to address the various issues clustering aro

Read More

Continue Reading
GDPR

UAE data protection law, similar to GDPR, likely landing this year

The UAE is looking at implementing a data protection law, similar to EU’s introduction of General Data Protection Regulation (GDPR) in 2008, as part of the UAE National Cybersecurity Strategy.TRA has launched the 2020-2025 strategy as the country is entering the fifth-generation era in a bid to enable swift and coordinated response to cyber incidents…


The UAE is looking at implementing a data protection law, similar to EU’s introduction of General Data Protection Regulation (GDPR) in 2008, as part of the UAE National Cybersecurity Strategy.

TRA has launched the 2020-2025 strategy as the country is entering the fifth-generation era in a bid to enable swift and coordinated response to cyber incidents in the UAE.  “Part of the strategy is that data privacy is crucial to the cyber and the UAE is regulating and drafting a data protection law. We will look at the best performing practices performed worldwide; GDPR will be one of the inputs to it. We want to make sure that whatever regulations are put, are easy to be implemented across different sectors,” Mohammad Al Zarooni, Director of Policies and Programs Department at Telecommunications Regulatory Authority (TRA) of the UAE,told TechRadar Middle East, at an event.

Read More

Continue Reading
GDPR

Security is now a board level issue: how to secure the data supply chain

It has never been more crucial for businesses to implement and demonstrate their commitment to cybersecurity; with data increasingly being used to make significant business decisions. While historically, the major concerns for senior management around IT security have focused on intellectual property theft and reputational risk, ongoing changes in technology and politics have changed today’s business…


It has never been more crucial for businesses to implement and demonstrate their commitment to cybersecurity; with data increasingly being used to make significant business decisions. 

While historically, the major concerns for senior management around IT security have focused on intellectual property theft and reputational risk, ongoing changes in technology and politics have changed today’s business landscape and priorities significantly. With GDPR now in full force, organisations must demonstrate to stakeholders that they are making a credible effort to ensure that security is built into the heart of business operations. 

IT security budgets are falling

  • Half of organizations lack the security talent needed to remain secure
  • Empowering CISOs to strengthen password security
  • Vulnerabilities in the data supply chain

    Organisations must first understand what potential vulnerabilities look like within a data supply chain, so they can be recognised and mitigated. As cyberattacks increase in sophistication, they are likely to be so subtle that they don’t visibly impact a system; providing misleading information to force erroneous decisions. Ironically, whilst this type of attack will be very difficult to detect, early identification is vital in order to prevent significant damage.

    The first

    Read More

    Continue Reading