There's an opportunity for a service like CloudFlare here give people a simple toggle that manages geoblocks on legal liability factors. It's way too much for every organisation to individually track every country's laws day by day in case just by being accessible there you incur a liability. And it sounds like the UK would have just self-selected out of the list of "safe" countries.
If something like this was in widespread use it would have much more impact since countries would see whole swathes of the internet immediately go dark when they make stupid laws.
Wikipedia gets a lot of donations from the uk. I’m not sure how many Brits would continue putting £10-100/mo into a charity that explicitly doesn't operate in their borders.
This has been happening for years but if you're in the US you don't realize. For example I can't access my local Montana newspaper web site from the UK "because GDPR" (even though the UK isn't in the EU).
> in case just by being accessible there you incur a liability.
This is a dangerous precedent though that IMO everyone should fight against.
It's how we get the balkanization of the internet, and the death of it as a global network.
TBH we also shouldn't put the onus on blocking "unsafe" countries on the website owners, nor an intermediary like CloudFlare. If a nation wants to block certain content, let the nation deal with it by getting their own ISPs to block and make sure the citizen's anger gets correctly placed on their government and not the site operators.
> If a nation wants to block certain content, let the nation deal with it by getting their own ISPs to block and make sure the citizen's anger gets correctly placed on their government and not the site operators.
I don’t really understand comments like these. Even if you’re exactly right about how it should work, how would you make this happen in the world we live in? Neither the tech community nor ISPs nor cloud companies decide these things. Just because a matter affects us doesn’t mean we have much of a voice in it especially if it’s legal.
Laws about tech are decided by (idiot) politicians/parties/governments and the consequences are enforced by massive fines, imprisonment, etc. by law enforcement and selective (and often politically motivated) prosecution. In some of the worst places the consequences could include death.
Afghanistan just lost access to the internet almost entirely. China and North Korea are famous for their firewalls. Much of Asia has internet blackouts whenever there are large scale protests. The western world’s government has more legal jurisdiction/economic influence on the companies that run these things and are increasingly leveraging that for their desired censorship.
If the answer to this is democratic influence, the populations of many countries don’t really have that, the majorities in countries that do have it certainly doesn’t know or care about these things and wouldn’t vote for the pro-censorship politicians in the first place if they’d then vote to cut off their nation’s access to uncensored internet while preserving the uncensored variants, and even if the majority ever did care to get the system to work in this way there’s a global trend away from having their opinions on such things matter anyway.
It depends on the kind of website. If you're not advertising, selling anything, or otherwise doing any business through your website you're much more emboldened to not care about every jurisdiction.
But if you're trying to make money through your website... well sorry you're doing business in those countries and I don't have a ton of objection to you needing to follow foreign laws.
I'm fine with "balkanization" (I know some people from the Balkan countries... maybe they'd object to the use of that word) if it means a freedom divide and actual consequences for countries ever eroding freedoms.
It's how we get the balkanization of the internet, and the death of it as a global network.
That ship sailed at least a decade ago.
From small instances like your employer blocking certain web sites (Google Translate, seriously?) to China's Great Firewall to nations restricting access in certain regions (India, many others), to nations restricting access to certain web sites (Turkey, many many others), to entire countries taking themselves entirely offline (Afghanistan, most recently).
The point the parent is making is that you don’t have to manually keep track of the countries you need to block. You just tell Cloudflare what your website does / what type of laws may be problematic, and Cloudflare manages the blocklist automatically.
Makes a lot of sense actually that it’s surprising they don’t have this yet.
Or, just ban children from the internet, same as gun ownership for 12yo's. Fine/imprison parents. This is a parenting problem, not a technical/business problem. Remove the supply of children and things will get better. A business cannot make laws or override laws with ToS and invent their own moral compasses - rather it is the sole responsibility of the parent on what their child gets exposed to (whether politics, porn, weird beliefs, spam, chat/user generated content). The parents have been getting a free pass all this time.
Some parents are awful at parenting, so much so it makes me question why they had kids if they clearly don't care about bringing them up properly.
It's a no brainer that kids should have minimal screen exposure. There's even organisations which specifically state the most ideal screen time (basically none up to 18 months, 1 hour max up to 5 years old). iPad children will be a detriment to the future of any country.
The screen time is bad enough, without the sloppy content you can very easily find online. The best ways to destroy a kid are to saddle them with social media, media consumption and porn/gambling/vices at an early age. Their brain is being fried during development.
I’m consistently shocked at how authoritarian and draconian HN comments can be. Throwing parents in prison if their 12 year old uses the internet? Jail them and send their kids to foster care? This is your plan for improving the lives of children?
> The parents have been getting a free pass all this time
I totally agree but the UK government – particular Labour – doesn't want people to take responsibility really, because that would take from their own 'power'. There's nothing the UK loves more than a stupid population hooked on benefits and devoid of education, critical thinking and financial freedom.
The internet is an extremely useful educational resource. It provides ways of communicating with people you want your kids to communicate with. it needs management by parents.
My kids have learned a huge amount from the internet. I have guided them, discussed what are credible resources, the harms possible etc, who they talk to and what they tell them....
There are solutions that would make it easier for parents - people need tools to manage this. Require that children use child safe SIM cards in their phones (they are available already - EE advertisers them). Home internet connections should be by filtered by default that can then be turned off (or off for particular devices in the ISP supplied router that most people have).
> Or, just ban children from the internet, same as gun ownership for 12yo's. Fine/imprison parents.
It's an interesting idea. I presume that the there would be similar laws to selling guns. So there would need to be the national ID card and checks when selling any internet-enabled device. TVs, phones, cameras etc.
I as, a parent would probably need a phone safe, into which I could place my phone when I wasn't using it (though I suppose conceal-carry would be permissible). I;d probably want to have biometric locks on my TV, Chromecast etc etc and the children wouldn't be able to use the TV unsupervised unless all smart functions were locked down.
I don't think we need to ban kids from the Internet or punish parents that let them use it. It's enough if we make it clear that parents are responsible for what their kids do on the internet, both for harm that comes to the child and for any liabilities the child may incur there.
> Or, just ban children from the internet, same as gun ownership for 12yo's.
wait... wut? Gun ownership for 12yo's? wtf :D
Though the idea of "internet only for adults" is not that bad IMHO. Yes, internet is (well, at least was advertised as) infinite-resource-of-knowledge but we know how it turned out - IMHO minority of underage use it to spend hours reading wikipedia and instead spend hours glued to crap like tiktok (though crap like that should be banned altogether as well :D)
So a service like CloudFlare is the Great firewall of the world and CloudFlare can shut you down if you go against their interests as a supranational gatekeeper.
agreed on that ... I'm not too happy with how CloudFlare tried to flex their influence on AI training, so I certainly wouldn't want them in charge of gatekeeping the whole internet.
But the truth is, we are already there. CloudFlare can already do this, they just won't because the their customers will leave if they violate their trust.
The people turning on the "block UK" button can block the UK regardless of what CDN they use.
Cloudflare just offers a button with fewer false positives than naive GeoIP databases. They're not so much gatekeepers as they are the security guards hired by the stores themselves.
Not really. It's more like Cloudflare is providing an ipset in your iptables config. It's not Cloudflare's decision: they're just making it easier for you to do it.
There are alternatives to cloudflare tho. If the government cuts you off or starts enforcing 24/7 surveillance there's not a lot that can be done other than tossing them out in the next election (if there are elections) or civil disobedience until they renege
Quite the opposite! There's an opportunity for a service like CloudFlare here to give people a simple toggle that manages to circumvent such geoblocks. ;)
Does anyone know what their actual exposure currently is/was in the UK? They actually had offices and staff there?
To your point about the proposed service, isn’t that what cloud providers basically already do in rudimentary ways or could do with finer grain regions?
Also, it seems the internet/WWW is basically being snuffed out right before our eyes as governments start using all manner of specious arguments to censor and control adults… for the children… of course. You as an adult are not allowed to have your rights because children may be harmed if you have your rights. “ No, no, we can’t keep the children from engaging in things that we deem harms them, your rights have to be relinquished instead.”
You can pretty much get rid of the entire internet that way. All across the USA there are "child protection laws" banning pornography (what's pornography? some politicians say it's mentioning that trans people exist!). Countries like China and Russia have legal mandates to store and process data within their borders. China requires a license to even host a website. The UK and EU have the GDPR, and now the UK also has the OSA. Then there are the incompatible privacy laws (for instance, EU courts have considered DNT as a legal measure to deter tracking, while several American states ban explicitly prevent the DNT header from counting). Oh, and of course, any website with any kind of user-submittable content is subject to laws like the DMCA and the recent EU anti-CSAM laws which put site operators in grave legal risk.
I don't even know what laws apply to the Middle East, Africa, or South America, but I'm sure there are enough of them to make most sites culpable in some way.
The UK has been doing this sort of stuff for at least a decade. For example they have the PIPCU which under the guise of copyright threatens 10 years in prison for sites not even in their jurisdiction.
The US has always claimed jurisdiction on foreign-hosted but US-accessible content.
Do people forget the owner of Megaupload being extradited? In many ways this is just catching up to the current US state.
And there's a lot of confusion here between basic consumer data protection laws and (IMHO massively overreaching) "Online Safety" laws. This isn't Imgur making a stand for free speech, this is Imgur wanting to track and sell user data - to which minors cannot consent. Putting on my tinfoil hat you could argue that many of these companies are trying to encourage this misunderstanding intentionally.
> The US has always claimed jurisdiction on foreign-hosted but US-accessible content.
Committing crimes remotely from another country was never a loophole to escape the laws of that country.
When a country requests extradition they’re not claiming jurisdiction over another country. They’re saying that a crime was committed in their country by the person and they’re asking the foreign country for cooperation in prosecuting that person.
The MegaUpload case is not equivalent to what the UK is doing. MegaUpload was operating as a business, taking payments, and exchanging money. Once you start doing explicit paid business in a country you can’t claim you’re not involved with that country.
If a country starts claiming that merely making content accessible globally is a crime in their country, that’s an entirely different issue. Not equivalent to the MegaUpload case.
> Do people forget the owner of Megaupload being extradited? In many ways this is just catching up to the current US state.
Again, false equivalence. MegaUpload was operating as a business with US customers. They also had some hosting in the United States if I recall correctly.
Once you start doing business in a country and have customers there, you’re involved with their laws.
Megaupload is a weird one. He hosted in it the USA, giving USA jurisidction. Also it's still going through the courts in New Zeland and USA and hasn't been proven hes guilty. And if I recall he did alledge he followed the DMCA, which if he ever is extradited might save him if it is in fact true.
> The US has always claimed jurisdiction on foreign-hosted but US-accessible content.
There’s been multiple cases where non-US gambling websites have had their domains confiscated by the American government because they have American users, going back about 20 years.
Europe isn't a cultural monolith. This is an issue of MEP accountability and transparency. Look no further than Chat Control to see how far they're going to ensure that the people in favor of it remain nameless.
> The ICO also confirmed that companies could not avoid accountability by withdrawing their services in the UK.
This is quite a slippery slope. If I host a website in one country, I do not necessarily care where people access my website from. It is not like I actively provide a service to them - they just use internet (decentralised network) to access it. What if I publish a newspaper here, someone takes it where the contents are illegal, am I accountable?
The following paragraph might shed some light on what that means (emphasis mine):
> We have been clear that exiting the UK does not allow an organisation to avoid responsibility for any prior infringement of data protection law
In that context it's completely fair to say "leaving doesn't absolve you of past transgressions".
Edit. If Imgur made any revenue from UK users then it becomes impossible to claim plausible deniability on any definition of "providing a service". If the UK can do something about this is a different matter. They could make CEOs/board personally or even criminally liable for the company's failure to pay a fine but probably won't.
Definition of 'Revenue in the UK' is a bit debatable though isn't it?
I sell a advertising package from my US HQ based self serve advertising portal to a British company who use the service to advertise to customers in the UK. Ok - kinda UK revenue. How about 'To advertise to customers in the US' well it's getting highly debatable.
What about I sell advertising packages to a US company from my US HQ but someone in the UK views and advert on my site and therefore generates me 0.001¢ - debatable.
It's not about "hosting a website", it's about providing services.
If you provide services, like selling a newspaper, in the UK, you need to respect their laws, or you will suffer the legal implications of not doing so.
And regarding the accountability, it refers to the fact that imgur USED TO provide services in the UK:
> We have been clear that exiting the UK does not allow an organisation to avoid responsibility for any prior infringement of data protection law, and our investigation remains ongoing.
Companies providing services outside the UK can infringe all the UK laws they want, the UK doesn't care.
But as soon as you decide to provide services in the UK, you have to follow the law.
And, as they explain in the article, if you break the law, stopping to provide services in the UK will not absolve you for your past wrongdoings.
Does every single website that exists and is available in UK automatically provides services in UK? Isn't it just simpler to completely block every request from UK by default to "not provide services"?
I think it's a conflict that was baked into the Internet at its conception. A non-geographic service overlaid on top of a world with a huge amount of geography and borders.
Yeah. We had a chance to invent our own governance on the internet. But we abdicated, and made the internet a free for all. As a result, national governments have stepped in to provide the governance we didn’t program in. And they do it - of course - in an inconsistent, ad hoc way.
There was a period a couple hundred years ago when it was all the rage internationally to write constitutions. Lots of countries got constitutions within a few decades, and almost no constitutions have been written since then. I wonder sometimes how the internet would be different if it were implemented in an era or culture in which people believed in that sort of thing.
The bordered nature of geography is just as much of a social construct as the borderless nature of the internet is. It's not a given that this war will be won by the former.
"The ICO also confirmed that companies could not avoid accountability by withdrawing their services in the UK.
Mr Capel said: "We have been clear that exiting the UK does not allow an organisation to avoid responsibility for any prior infringement of data protection law, and our investigation remains ongoing."
When read in context, it's obvious the statement quoted in the HN conmment refers to only to accountability for "prior infringement", i.e., acts committed before withdrawing services in the UK
You already need to care depending on what you are serving, and this has been the case for at least 20 years to my knowledge.
The most obvious example of this is websites from the UK or Europe which operate any kind of gambling. [1] This may well be legal (based on licensing) in their jurisdiction, but they still need to restrict access to prevent US people from accessing the service or they will be breaching the US's gambling laws.
Likewise many US firm geofence access for EU residents out of fear of GDPR.
People hosting news sites have often had to geofence to prevent UK residents from accessing their site if they are hosting any kind of reporting of UK court cases that are under embargo or matters that are subject to one of the UK's famous "Super injunctions" [2]
> People hosting news sites have often had to geofence to prevent UK residents from accessing their site if they are hosting any kind of reporting of UK court cases that are under embargo or matters that are subject to one of the UK's famous "Super injunctions" [2]
…and if the site has no UK assets, how enforceable is the injunction?
I agree, but if you sell products or subscriptions to people in a foreign country the situation becomes different. And if you run ads then the situation is more complicated but closer to that than to your personal website.
IMO the question is not if such services should be held accountable by local laws but how they should be held accountable. I think it would make more sense to go after the UK entities profiting from the endeavor: advertizers and financial institutions involved.
This part bothers me. Enforcement seems to be at their discretion. In this case the framing or reality around the fine is very bad, they sort of say it's intentional themselves.
They're leaving and they're getting the fine. Implying if they didn't leave and implemented changes, that there is a chance they may not have been fined.
What they mean, and to take an example that it purposely extreme: If you kill someone in a country you cannot avoid accountability in law by fleeing that country.
If they breached laws and regulations then withdrawing their service from the country afterwards does not change anything regarding those breaches (investigation still ongoing, though).
It's not comparable because the "crime" has been committed in the hosting country (where it's arguably not even a crime) and it's a bad example because there are many incidents of murderers fleeing to non-extradition countries.
> Mr Capel said: “We have been clear that exiting the UK does not allow an organisation to avoid responsibility for any prior infringement of data protection law, and our investigation remains ongoing.
It's clear to me, it's a huge risk for any company to allow access to UK visitors at this stage. All companies should be blocking all UK visitors. It's just too much risk for them to take.
The fault is obviously an incompetent and authoritarian UK government, but that's what the UK overlords have agreed.
It's not specific to the UK: many developed countries are cracking down on Internet businesses. There's going to be an awful lot of regulation, and it will be incompatible between different countries. The one-model-fits-the-whole-world style of business is over: you're going to be confined to national borders again.
The opinion polls are clear: the normies want this.
shouldn't it be the other way round? if the UK doesn't like something a non-UK company is doing it should be them that go through the trouble of blocking it.
If I have a website I'm pretty sure I'm bound to break some random country's law without knowing
Answering my own question, I guess it's exceptionalism of the powerful countries where they can just bully you into following their law
It would be much better to not block them rather serve them a single screen that explains why the rest of the site is unavailable to them citing the specific laws that make the action necessary
It is exactly the same with the EU's GDPR, by the way...
That's the funny or hypocritical thing: Both laws have the same reach but people here tend to praise the GDPR for it while being furious about the Online Safety Act.
I don't think these laws are being made with the will of the people.
There's been no groundswell of opinion, no technically minded authority pushing expert opinion.
The same people lobbying for the online safety act were pushing age verification tools. The government is exceptionally unpopular, even by the standards of already deeply unpopular governments in recent years.
I despair of the situation in the UK. How have we ended up here?
The British people always take any new limitations with the classic stiff upper lip. We could very easily become Russia (without the military and natural resources), because the population has the same say nothing, do nothing mentality.
There's also always been a bit of authoritarianism in the British populace. Just look at how enthusiastic people are about banning things that annoy them. During coronavirus lockdowns, the people living around me constantly reported me to the police for going out for runs (which we were perfectly allowed to do).
We have a national crab in bucket mentality, which doesn't help any country. Intelligence, fitness and success are all things that British people love pulling down. Many people here care more about ripping everybody down than building them up. They live completely mediocre lives and are perfectly fine with the government nannying them.
The two main parties policies have converged, so have the older smaller parties.
The only choices we have that are any different are Reform and The Green Party, and possibly Corbyn's new party that seems busy imploding right now. Of those, Reform has some nasty people in it, and is rapidly attracting the worst of the Conservative party (look at the defecting MPs), The Greens and Your Party have some fairly nuts people and ideas too (in different ways).
I think ordinary British people are pretty decent.
> We could very easily become Russia (without the military and natural resources)
We have a much bigger economy than Russia.
> any people here care more about ripping everybody down than building them up. They live completely mediocre lives and are perfectly fine with the government nannying them.
I agree with the last bit.
People are also negative about their follow citizens. A lot of people believe the country is full of untrustowrthy "gammon". and back the government/establishment against the latter.
At least recently[1] most Australians and an overwhelming percentage of under-16s supported the ban. Similarly in the UK[2]. This is a topic in which it appears it is the online discourse that's wildly out of alignment with broader public opinion and I'd argue potentially one of the reasons may be that it will make it harder for bot-nets to mass-manipulate public discourse so easily.
Except that the policy, in the vacuum it is in right now, is very popular in Australia.
It was one of the most agreed with policies at the most recent Federal election.
I hate it as a concept, but at the moment it is all "don't you want children to be protected?", and nothing of substance that people can meaningfully find objectionable (like imgur getting cut off).
I don't think it is particularly a policy of News Corp, although they're happy to run with populist ideas, and more just an issue the Labor party thought they could wedge the Liberals with.
You're describing virtually every policy for virtually every government, certainly since the coalition. Arguably a lot of what we've seen before.
The UK doesn't have governments, it has a public policy unit for global capital, with the Americans calling the shots on foreign policy, and a knee-jerk taste for authoritarianism at home.
Over the years the amount of safety and speech issues that have cropped up have accumulated into a force. The OSA and DSA were announced years in advance, with multiple opportunities for feedback and analysis (I looked into the outcomes at various points but never contributed)
I would say there has been a groundswell of opinion, it’s not something that is covered here on HN much.
WhatsApp, Telegram and everyone else should pull out of EU in protest of Chat Control. Then EU will be forced to make its own chat app, UX will be terrible, and citizens will finally feel enough pain to contact their representatives ;)
Why are we talking about the EU in this thread? I don't see how draconian UK laws relate to a proposed chat control law in the EU that hasn't even been drafted and would likely not survive a judicial challenge if it were to be approved.
I did contacted them. All of them who didn't yet have a referenced public position on fight chat control for France. By phone. Only two responded with a clear alignment. Good that I did it by phone, because apparently for some of them getting several thousand emails per day can only mean they are victim of a spam attack.
Not only they don't represent anything but there own little interests, but they won't even have the decency to express clearly what they are standing for. Even lip service is not assured anymore.
> getting several thousand emails per day can only mean they are victim of a spam attack
I think of calling my representative as being like proof of work. It takes a modicum of effort to look up their phone number, compose some spiel, and make the call, compared to delivering spam by the truckload.
People who write this stuff still don't understand that big tech IS THE ENEMY. They are quite happy to implement this, even up into the OS Level. It's called Regulatory capture. Now your legal Moat to a true European Alternative has become even bigger.
Even if, for the sake of argument, we grant the premise “big tech IS THE ENEMY”, it does not necessarily follow that the vast mass surveillance national security apparatus is our friend.
> Then EU will be forced to make its own chat app, UX will be terrible,
Why? EU can just tell an LLM to build an alternative app, they can just tell it to make it user friendly and make no mistakes. That's the primary use case of Trillions of dollars of investment in GPUs and electricity to power them.
JK(or am I?), a protest will be a boon for EU, which is growing Anti-American each and every day. The EU alternatives don't exist not because Europeans can't code but because EU market is open to US companies and there's no reason for duplicate effort as winner takes it all thanks to network effects. EU capital just invests in USA based companies that operate in EU. It's much easier, lower taxes lower worker protection standards etc. Also, US has much more capital to burn to corner the markets, they also just go ahead and buy anything European i.e. Skype. and not risk competition.
I hate this so bad. You know that the solution will be that EU will block US companies (who do not comply) so EU users will eventually get their own WhatsApp called MsgMeNow. The result is that nobody can talk to people outside their own jurisdiction.
This is effectively what we see in China. They only use WeChat, I was unable to register because it says I need someone to verify my account when I try to do it (this has been happening since 2018)
We (in most EU countries) don't have representatives. Parties have representatives. To be listed on a ballot you need to be with good standings with your party and get chosen by them. Then various method ensure that you can't be elected if you are not a member of a party (anyone from a party below 5% is not getting in for example).
This means officials only care about what their party leaders tell them to do, not what voters think because voters matter very little to them. That's why American "contact your representatives" does very little here - they are not your representatives, they are representatives of party leaders.
Signal is AGPL licensed, so they would have to publish whatever crude hack they insert in order to install that back door. (not the keys, of course, but if they're this incompetent about tech legislation, I don't trust their QA competence to be top notch)
Sometimes I wonder who builds this stuff. I appreciate at the end of the day that everyone has bills, but I feel like I'd rather apply for public housing before I work on that. They're not even getting rich, just a wagie. I have never met someone in the tech industry that was ideologically anti-privacy. It's always the lawyers and politicians. But someone builds it.
I might be the only one that’s in support of chat control. I would like the internet to be so walled off that it becomes boring and maybe it will stop all the brainrot.
If the EU or companies within did make a chat app and it got widespread appeal, it would just be exactly the same as WhatsApp. WhatsApp isn't special in any way whatsoever, besides having a critical mass of users.
Chat apps were already so oversupplied as to be free even before AI could vibe code them. Or, indeed, before the US relented on export bans for remotely adequate HTTPS implementations.
> feel enough pain to contact their representatives
It doesn't work like that because the European "Parliament" is a joke. For starters, they can't initiate anything, they can only approve or reject (of course that it's almost always approve) stuff that is being passed to them from higher up, most of the times from the European Commission, if I'm not mistaken. Ah, they can pass/generate "resolutions", which are basically empty words put on a piece of paper.
Second, the people there don't "represent" anyone, at most they represent the political parties that have put them on the lists that got them into the European Parliament, but that's it.
>Second, the people there don't "represent" anyone,
I think that's largely down to people not taking EU elections as seriously as national elections.
The ones elected by my country are always largely the most doldrum people from the main parties that aren't charismatic enough to win in national elections (The b-squad basically)
... and a handful of the kind of people that think windfarms generate wind and that we need to leave NATO.. even though we haven't joined NATO. The kind of people you vote to send to the EU so that you don't have to see them.
> "It will be of no loss if it were to fail entirely."
That's decades of the public internet that would be permanently erased; billions of dead links pointing nowhere. HN alone would lose ~32,000 images from its archives,
Is it not hubris to call it "no loss" if, say, 3 hours ago, "Design of a LISP-based microprocessor / Page 22 has a map of the processor layout:" was forever lost to humanity, as collateral damage to some techbros' dispute?
Good - cause the maximum amount of pain, start pulling services across the board - the more it happens the more painful it becomes for the government to defend it.
Likewise, as a Brit, I hope more mainstream sites do this until people realise how stupid or authoritarian (but I repeat myself) the UK's Online Safety Act is. VPN companies must be enjoying these shenanigans.
It would be more effective if this was about the online saftey act. Ironically Imgur is probably already compliant with it (they already have moderation policies that go above what the OSA requires)
This is about a GDPR violation. I'm not sure that cheering for our right to have our privacy respected by companies revoked is really what we want.
Readit News
If something like this was in widespread use it would have much more impact since countries would see whole swathes of the internet immediately go dark when they make stupid laws.
Wouldn't work with somewhere like China, but the UK might still be capable of being shamed.
I wouldn't put it passed them to require the digital ID to access the internet passed curfew.
Dead Comment
Dead Comment
This is a dangerous precedent though that IMO everyone should fight against.
It's how we get the balkanization of the internet, and the death of it as a global network.
TBH we also shouldn't put the onus on blocking "unsafe" countries on the website owners, nor an intermediary like CloudFlare. If a nation wants to block certain content, let the nation deal with it by getting their own ISPs to block and make sure the citizen's anger gets correctly placed on their government and not the site operators.
I don’t really understand comments like these. Even if you’re exactly right about how it should work, how would you make this happen in the world we live in? Neither the tech community nor ISPs nor cloud companies decide these things. Just because a matter affects us doesn’t mean we have much of a voice in it especially if it’s legal.
Laws about tech are decided by (idiot) politicians/parties/governments and the consequences are enforced by massive fines, imprisonment, etc. by law enforcement and selective (and often politically motivated) prosecution. In some of the worst places the consequences could include death.
Afghanistan just lost access to the internet almost entirely. China and North Korea are famous for their firewalls. Much of Asia has internet blackouts whenever there are large scale protests. The western world’s government has more legal jurisdiction/economic influence on the companies that run these things and are increasingly leveraging that for their desired censorship.
If the answer to this is democratic influence, the populations of many countries don’t really have that, the majorities in countries that do have it certainly doesn’t know or care about these things and wouldn’t vote for the pro-censorship politicians in the first place if they’d then vote to cut off their nation’s access to uncensored internet while preserving the uncensored variants, and even if the majority ever did care to get the system to work in this way there’s a global trend away from having their opinions on such things matter anyway.
But if you're trying to make money through your website... well sorry you're doing business in those countries and I don't have a ton of objection to you needing to follow foreign laws.
I'm fine with "balkanization" (I know some people from the Balkan countries... maybe they'd object to the use of that word) if it means a freedom divide and actual consequences for countries ever eroding freedoms.
That ship sailed at least a decade ago.
From small instances like your employer blocking certain web sites (Google Translate, seriously?) to China's Great Firewall to nations restricting access in certain regions (India, many others), to nations restricting access to certain web sites (Turkey, many many others), to entire countries taking themselves entirely offline (Afghanistan, most recently).
Makes a lot of sense actually that it’s surprising they don’t have this yet.
Some parents are awful at parenting, so much so it makes me question why they had kids if they clearly don't care about bringing them up properly.
It's a no brainer that kids should have minimal screen exposure. There's even organisations which specifically state the most ideal screen time (basically none up to 18 months, 1 hour max up to 5 years old). iPad children will be a detriment to the future of any country.
The screen time is bad enough, without the sloppy content you can very easily find online. The best ways to destroy a kid are to saddle them with social media, media consumption and porn/gambling/vices at an early age. Their brain is being fried during development.
I’m consistently shocked at how authoritarian and draconian HN comments can be. Throwing parents in prison if their 12 year old uses the internet? Jail them and send their kids to foster care? This is your plan for improving the lives of children?
I totally agree but the UK government – particular Labour – doesn't want people to take responsibility really, because that would take from their own 'power'. There's nothing the UK loves more than a stupid population hooked on benefits and devoid of education, critical thinking and financial freedom.
My kids have learned a huge amount from the internet. I have guided them, discussed what are credible resources, the harms possible etc, who they talk to and what they tell them....
There are solutions that would make it easier for parents - people need tools to manage this. Require that children use child safe SIM cards in their phones (they are available already - EE advertisers them). Home internet connections should be by filtered by default that can then be turned off (or off for particular devices in the ISP supplied router that most people have).
It's an interesting idea. I presume that the there would be similar laws to selling guns. So there would need to be the national ID card and checks when selling any internet-enabled device. TVs, phones, cameras etc.
I as, a parent would probably need a phone safe, into which I could place my phone when I wasn't using it (though I suppose conceal-carry would be permissible). I;d probably want to have biometric locks on my TV, Chromecast etc etc and the children wouldn't be able to use the TV unsupervised unless all smart functions were locked down.
Doesn't sound particularly cool.
wait... wut? Gun ownership for 12yo's? wtf :D
Though the idea of "internet only for adults" is not that bad IMHO. Yes, internet is (well, at least was advertised as) infinite-resource-of-knowledge but we know how it turned out - IMHO minority of underage use it to spend hours reading wikipedia and instead spend hours glued to crap like tiktok (though crap like that should be banned altogether as well :D)
Smart thinking Batman.
They already can.
> Smart thinking Batman.
“Be kind. Don't be snarky. Converse curiously; don't cross-examine. Edit out swipes.”
https://news.ycombinator.com/newsguidelines.html
But the truth is, we are already there. CloudFlare can already do this, they just won't because the their customers will leave if they violate their trust.
Cloudflare just offers a button with fewer false positives than naive GeoIP databases. They're not so much gatekeepers as they are the security guards hired by the stores themselves.
Deleted Comment
i don't think "compliance" in a micropennies per click market like imgur is a full on "opportunity"
To your point about the proposed service, isn’t that what cloud providers basically already do in rudimentary ways or could do with finer grain regions?
Also, it seems the internet/WWW is basically being snuffed out right before our eyes as governments start using all manner of specious arguments to censor and control adults… for the children… of course. You as an adult are not allowed to have your rights because children may be harmed if you have your rights. “ No, no, we can’t keep the children from engaging in things that we deem harms them, your rights have to be relinquished instead.”
Not Claudflare though, let's not feed another monster monopoly :)
mullvad basically allows me to go around all the censorship in my country: https://mullvad.net/en
I don't even know what laws apply to the Middle East, Africa, or South America, but I'm sure there are enough of them to make most sites culpable in some way.
https://torrentfreak.com/uk-police-launch-campaign-to-shut-d...
And with that, they have at the least gotten registrars not located in their jurisdicrion to transfer domains
https://easydns.com/blog/2013/10/08/whatever-happened-to-due...
Do people forget the owner of Megaupload being extradited? In many ways this is just catching up to the current US state.
And there's a lot of confusion here between basic consumer data protection laws and (IMHO massively overreaching) "Online Safety" laws. This isn't Imgur making a stand for free speech, this is Imgur wanting to track and sell user data - to which minors cannot consent. Putting on my tinfoil hat you could argue that many of these companies are trying to encourage this misunderstanding intentionally.
Committing crimes remotely from another country was never a loophole to escape the laws of that country.
When a country requests extradition they’re not claiming jurisdiction over another country. They’re saying that a crime was committed in their country by the person and they’re asking the foreign country for cooperation in prosecuting that person.
The MegaUpload case is not equivalent to what the UK is doing. MegaUpload was operating as a business, taking payments, and exchanging money. Once you start doing explicit paid business in a country you can’t claim you’re not involved with that country.
If a country starts claiming that merely making content accessible globally is a crime in their country, that’s an entirely different issue. Not equivalent to the MegaUpload case.
> Do people forget the owner of Megaupload being extradited? In many ways this is just catching up to the current US state.
Again, false equivalence. MegaUpload was operating as a business with US customers. They also had some hosting in the United States if I recall correctly.
Once you start doing business in a country and have customers there, you’re involved with their laws.
There’s been multiple cases where non-US gambling websites have had their domains confiscated by the American government because they have American users, going back about 20 years.
Deleted Comment
This is quite a slippery slope. If I host a website in one country, I do not necessarily care where people access my website from. It is not like I actively provide a service to them - they just use internet (decentralised network) to access it. What if I publish a newspaper here, someone takes it where the contents are illegal, am I accountable?
> We have been clear that exiting the UK does not allow an organisation to avoid responsibility for any prior infringement of data protection law
In that context it's completely fair to say "leaving doesn't absolve you of past transgressions".
Edit. If Imgur made any revenue from UK users then it becomes impossible to claim plausible deniability on any definition of "providing a service". If the UK can do something about this is a different matter. They could make CEOs/board personally or even criminally liable for the company's failure to pay a fine but probably won't.
I sell a advertising package from my US HQ based self serve advertising portal to a British company who use the service to advertise to customers in the UK. Ok - kinda UK revenue. How about 'To advertise to customers in the US' well it's getting highly debatable.
What about I sell advertising packages to a US company from my US HQ but someone in the UK views and advert on my site and therefore generates me 0.001¢ - debatable.
It's not about "hosting a website", it's about providing services.
If you provide services, like selling a newspaper, in the UK, you need to respect their laws, or you will suffer the legal implications of not doing so.
And regarding the accountability, it refers to the fact that imgur USED TO provide services in the UK:
> We have been clear that exiting the UK does not allow an organisation to avoid responsibility for any prior infringement of data protection law, and our investigation remains ongoing.
Companies providing services outside the UK can infringe all the UK laws they want, the UK doesn't care.
But as soon as you decide to provide services in the UK, you have to follow the law. And, as they explain in the article, if you break the law, stopping to provide services in the UK will not absolve you for your past wrongdoings.
Meaning that the servers were located in the UK, or that the users were, or both?
UK legal imperialism is self centered and unrealistic and undermines speech the world over.
There was a period a couple hundred years ago when it was all the rage internationally to write constitutions. Lots of countries got constitutions within a few decades, and almost no constitutions have been written since then. I wonder sometimes how the internet would be different if it were implemented in an era or culture in which people believed in that sort of thing.
Mr Capel said: "We have been clear that exiting the UK does not allow an organisation to avoid responsibility for any prior infringement of data protection law, and our investigation remains ongoing."
When read in context, it's obvious the statement quoted in the HN conmment refers to only to accountability for "prior infringement", i.e., acts committed before withdrawing services in the UK
The most obvious example of this is websites from the UK or Europe which operate any kind of gambling. [1] This may well be legal (based on licensing) in their jurisdiction, but they still need to restrict access to prevent US people from accessing the service or they will be breaching the US's gambling laws.
Likewise many US firm geofence access for EU residents out of fear of GDPR.
People hosting news sites have often had to geofence to prevent UK residents from accessing their site if they are hosting any kind of reporting of UK court cases that are under embargo or matters that are subject to one of the UK's famous "Super injunctions" [2]
[1] eg this guy was on the board of a listed UK company operating as far as they were concerned entirely legally who was arrested in NYC https://www.theguardian.com/business/2006/sep/14/gambling.mo...
[2] eg In the "Ryan Giggs" super injunction case https://en.wikipedia.org/wiki/2011_British_privacy_injunctio...
…and if the site has no UK assets, how enforceable is the injunction?
Why not just avoid travel to the US?
IMO the question is not if such services should be held accountable by local laws but how they should be held accountable. I think it would make more sense to go after the UK entities profiting from the endeavor: advertizers and financial institutions involved.
They're leaving and they're getting the fine. Implying if they didn't leave and implemented changes, that there is a chance they may not have been fined.
If they breached laws and regulations then withdrawing their service from the country afterwards does not change anything regarding those breaches (investigation still ongoing, though).
It's not comparable because the "crime" has been committed in the hosting country (where it's arguably not even a crime) and it's a bad example because there are many incidents of murderers fleeing to non-extradition countries.
If you travel to their jurisdiction, yes.
USA (Kim dotcom)
Russia (Skripals)
China (Teng Bio)
Israel (Mordechai Vanunu)
Deleted Comment
Block UK access now just in case.
It'd be interesting to see how fast the policy would get reversed then.
This was always a stupid policy and so protesting it by pulling services is one way to draw attention to that.
The fault is obviously an incompetent and authoritarian UK government, but that's what the UK overlords have agreed.
The opinion polls are clear: the normies want this.
If I have a website I'm pretty sure I'm bound to break some random country's law without knowing
Answering my own question, I guess it's exceptionalism of the powerful countries where they can just bully you into following their law
Deleted Comment
(no, its not the cookie law either.)
That's the funny or hypocritical thing: Both laws have the same reach but people here tend to praise the GDPR for it while being furious about the Online Safety Act.
Deleted Comment
There's been no groundswell of opinion, no technically minded authority pushing expert opinion.
The same people lobbying for the online safety act were pushing age verification tools. The government is exceptionally unpopular, even by the standards of already deeply unpopular governments in recent years.
I despair of the situation in the UK. How have we ended up here?
The British people always take any new limitations with the classic stiff upper lip. We could very easily become Russia (without the military and natural resources), because the population has the same say nothing, do nothing mentality.
There's also always been a bit of authoritarianism in the British populace. Just look at how enthusiastic people are about banning things that annoy them. During coronavirus lockdowns, the people living around me constantly reported me to the police for going out for runs (which we were perfectly allowed to do).
We have a national crab in bucket mentality, which doesn't help any country. Intelligence, fitness and success are all things that British people love pulling down. Many people here care more about ripping everybody down than building them up. They live completely mediocre lives and are perfectly fine with the government nannying them.
The two main parties policies have converged, so have the older smaller parties.
The only choices we have that are any different are Reform and The Green Party, and possibly Corbyn's new party that seems busy imploding right now. Of those, Reform has some nasty people in it, and is rapidly attracting the worst of the Conservative party (look at the defecting MPs), The Greens and Your Party have some fairly nuts people and ideas too (in different ways).
I think ordinary British people are pretty decent.
> We could very easily become Russia (without the military and natural resources)
We have a much bigger economy than Russia.
> any people here care more about ripping everybody down than building them up. They live completely mediocre lives and are perfectly fine with the government nannying them.
I agree with the last bit.
People are also negative about their follow citizens. A lot of people believe the country is full of untrustowrthy "gammon". and back the government/establishment against the latter.
My guess is that the common factor is News Corporation pushing an agenda on behalf of the very, very wealthy.
[1] https://www.reddit.com/r/AustralianPolitics/comments/1nu68je...
[1]https://au.yougov.com/politics/articles/51000-support-for-un...
[2]https://www.independent.co.uk/news/uk/home-news/gen-z-social...
In reality, the technical implementation will undoubtedly be a privacy and surveillance disaster.
In a vacuum, people thought "social media" meant "Instagram and TicToc and Facebook etc."
In reality, the eSafety commissioner thinks "social media" includes platforms like GitHub. Yes, really.
https://www.abc.net.au/news/2025-09-24/digital-dilemna-socia...
It was one of the most agreed with policies at the most recent Federal election.
I hate it as a concept, but at the moment it is all "don't you want children to be protected?", and nothing of substance that people can meaningfully find objectionable (like imgur getting cut off).
I don't think it is particularly a policy of News Corp, although they're happy to run with populist ideas, and more just an issue the Labor party thought they could wedge the Liberals with.
The UK doesn't have governments, it has a public policy unit for global capital, with the Americans calling the shots on foreign policy, and a knee-jerk taste for authoritarianism at home.
I would say there has been a groundswell of opinion, it’s not something that is covered here on HN much.
Dead Comment
The only connection I see is "I don't like UK Internet policy"
Not only they don't represent anything but there own little interests, but they won't even have the decency to express clearly what they are standing for. Even lip service is not assured anymore.
I think of calling my representative as being like proof of work. It takes a modicum of effort to look up their phone number, compose some spiel, and make the call, compared to delivering spam by the truckload.
Why? EU can just tell an LLM to build an alternative app, they can just tell it to make it user friendly and make no mistakes. That's the primary use case of Trillions of dollars of investment in GPUs and electricity to power them.
JK(or am I?), a protest will be a boon for EU, which is growing Anti-American each and every day. The EU alternatives don't exist not because Europeans can't code but because EU market is open to US companies and there's no reason for duplicate effort as winner takes it all thanks to network effects. EU capital just invests in USA based companies that operate in EU. It's much easier, lower taxes lower worker protection standards etc. Also, US has much more capital to burn to corner the markets, they also just go ahead and buy anything European i.e. Skype. and not risk competition.
This is effectively what we see in China. They only use WeChat, I was unable to register because it says I need someone to verify my account when I try to do it (this has been happening since 2018)
This means officials only care about what their party leaders tell them to do, not what voters think because voters matter very little to them. That's why American "contact your representatives" does very little here - they are not your representatives, they are representatives of party leaders.
same as that weird official USgov version hosted by israel
> Sending to your local police dept... OK
> Sending to intended recipient... Failed
> Please open the door
We'll make our own Chat App! With blackjack! And...
If the EU or companies within did make a chat app and it got widespread appeal, it would just be exactly the same as WhatsApp. WhatsApp isn't special in any way whatsoever, besides having a critical mass of users.
Dead Comment
When did the US government make a chat app? Signal?
In other words: What pain?
It doesn't work like that because the European "Parliament" is a joke. For starters, they can't initiate anything, they can only approve or reject (of course that it's almost always approve) stuff that is being passed to them from higher up, most of the times from the European Commission, if I'm not mistaken. Ah, they can pass/generate "resolutions", which are basically empty words put on a piece of paper.
Second, the people there don't "represent" anyone, at most they represent the political parties that have put them on the lists that got them into the European Parliament, but that's it.
I think that's largely down to people not taking EU elections as seriously as national elections.
The ones elected by my country are always largely the most doldrum people from the main parties that aren't charismatic enough to win in national elections (The b-squad basically)
... and a handful of the kind of people that think windfarms generate wind and that we need to leave NATO.. even though we haven't joined NATO. The kind of people you vote to send to the EU so that you don't have to see them.
There was an election in 2024 https://en.wikipedia.org/wiki/2024_European_Parliament_elect...
For people unfamiliar with it https://elections.europa.eu/en/
The parliament is elected by people in each country, those elected them elect the commission. So a form of indirect elections.
…
> service
Money is good for goods and services…
If people give them money or cough ad revenue and get the service they want, that’s called a business.
That's decades of the public internet that would be permanently erased; billions of dead links pointing nowhere. HN alone would lose ~32,000 images from its archives,
https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...
Is it not hubris to call it "no loss" if, say, 3 hours ago, "Design of a LISP-based microprocessor / Page 22 has a map of the processor layout:" was forever lost to humanity, as collateral damage to some techbros' dispute?
Decentralization can't arrive soon enough.
Deleted Comment
Good - cause the maximum amount of pain, start pulling services across the board - the more it happens the more painful it becomes for the government to defend it.
This is about a GDPR violation. I'm not sure that cheering for our right to have our privacy respected by companies revoked is really what we want.