There’s a lot of discussion of Mississippi’s age verification law for social media today, after Bluesky announced they’re blocking the state.
Note that Mississippi’s requirements go far beyond the Online Safety Act, MIssissippi’s law, HB 1126, requires age verification for all users, and parental consent for users under 18., no matter what the content of the site is. Last week the US Supreme Court declined to block the law while it’s being challenged in the courts, even though Kavanaugh described it as “likely unconstitutional”.
The law clearly should be found unconstitutional - the amicus brief from @CenDemTech, @eff et al discusses why. Still, with the current Supreme Court, who knows; they just the (somewhat narrower) Texas age verification law also should have been found unconstitutional, but SCOTUS said it was okay. So who knows. And of course this is exactly the kind of chilling effect they’re aiming for, which is why it’s so disappointing that SCOTUS didn’t block its enforcement until the case is heard.
As far as I know there isn’t any guidance yet for people running fedi instances (or message boards, which are also covered). If you’re running a US-based fedi instance, it’s might well be worth talking to your lawyer about this. Here’s the legislation, and here’s the langauge from Section 4 (1)
“A digital service provider may not enter into an agreement with a person to create an account with a digital service unless the person has registered the person’s age with the digital service provider. A digital service provider shall make commercially reasonable efforts to verify the age of the person creating an account with a level of certainty appropriate to the risks that arise from the information management practices of the digital service provider.”
That’s easy.
Don’t enter into an agreement to create an account. Accounts owned by service providers on behalf of users are a scam anyway.
Instead, let users create their own credentials and allow them to interface with a service. That makes more sense for users anyway, and it sidesteps this sort of nonsense.
deleted by creator
So, if I understand the whole Bluesky thing correctly, there are apps that don’t respect Bluesky’s limitations (like having to log in to view certain posts).
Would those apps skip this as well or is this an actual geo-block?
Other apps can ignore the geoblock. From the Bluesky announcement:
This decision applies only to the Bluesky app, which is one service built on the AT Protocol. Other apps and services may choose to respond differently.
Any recommendations for a good Android app that would ignore things like this?
I’m currently using the Bluesky app because the ones I tried didn’t want to auto open Bluesky links.
not sure, sorry. i tend not to run mobile apps, so mosf of the apps I know of are web apps (deer.social, zeppelin.social, deck.blue etc). there may well be some Android apps out there though!
Other sites should join to show the citizens how a blacked-out internet looks like.
I’m exhausted with all this. And it’s not my fight. The fight belongs to the people of Mississippi. They elected their “leaders.”
Until I know for sure that I am not on the hook to pay a $10K penalty for each person on my servers, I’ve blocked all Mississippi IP addresses from logging in and registering on my Mastodon, Piefed, and Friendica servers.
Wyoming will probably be next.
Thanks for the update. It really is exhausting, and depressing; you’re right about Wyoming being next, and there’s loads of others out there as well.
And It really is our fight to. Laws like this are part of a worldwide attack on independent social media, as well as trans and queer people, people looking for reproductive health care, youth in general, and sex workers. It’s a really challenging situation.
Thanks for posting about this thenexusofprivacy@infosec.exchange
I’m interested (in a tired defeatist way) in what I need to do to stay on the right side.
It sounds like geoblocking is probably the quickest legally safe course of action, so perhaps it’s bye Mississippi too…
yeah it really is tiring and depressing. It isn’t clear what the risks really are right now, and how that might change over time. It’s also not completely clear how much geoblocking will reduce the risks’ at least with the Online Safety Act, regulators said earlier this year that geoblocking is sufficient – although of course they could change their minds at some point. Really hard to know what to do …
Considering many countries are implementing this at the same time, I’m not sure there will be any countries left to run an instance from or set a VPN connection at.
This probably shouldn’t be marked NSFW?
@naught101 it shouldn’t, but anything posted on Mastodon with a CW is marked as NSFW on Lemmy. Similarly when the post bridged to Bluesky it got marked as “graphic media” lol. Not sure there’s anything I can do about it in either case.
Oh wow, did you post this direct from mastodon just by tagging the community? Didn’t realise that works, that’s super cool.
You can tell when posts are from mastodon as they are full of twitterisms like hashtags and @User to reply to comments
Yes and these comments also show up on mastodon.
@naught101 yeah, I just tagged the lemmy community … and yes it is super cool! although, as the NSFW highlights, somewhat clunky around the edges … if I don’t include a CW here then it figures out the title on its own, and it’s not always what I want.
Usually Lemmy/PieFed use the first line of a Mastodon post as the title. You shouldn’t need a CW for that.
US states are turning into legal trolls - that’s how you know the empire is done for.
“It’s decentralized! It’s open!” they’ve said. But, despite all doubts from the very beginning, Bluesky is no option for an open and decentralized web at all. There ARE reasons for protecting users under 18, but cutting a whole state off the platform is simply a certain kind of censorship.
There was hope for this service but the crypto-bro-background and the current state of the USA did a complete disservice to the platform, disqualifying it as an alternative for any federated, decentralized and free network like Mastodon and Co.!
https://bsky.social/about/blog/08-22-2025-mississippi-hb1126
#fediverse #mississippi #ageVerification
If you run any instance that is federated and has users that could sign in from that state it makes complete sense to block their IP addresses. Why on earth would someone running a Mastodon instance take on risk unlless they were in another country where there was no risk of repercussions.
If you’re just hoping that small fish won’t get fried that’s possibly true. But admins likely won’t want to find out if they will just on principles.
It‘s not only the registration, it‘s the complete usage of the service. Tricky thing.
In my eyes, this will be just the tip of the iceberg. Mississippi now, what reason comes next? DJT wanting to exclude specific groups of users? Cut off whole countries? Who knows… There will be additional reasons and if you ask me, this is just the beginning with the ugly potential to turn into censorship.
Got the point, but surely they will have more legal tools than I do with my single-user Mastodon-instance - which has registrations disabled, but doesn‘t prevent any country from reaching it. 🤷🏼♂️
The way I view it is that Bluesky is a new company that is growing fast, while a site like Pornhub has been around longer and I’m sure has a large legal team that monitors laws all the time. If Pornhub said it was better to cut their losses and see if waiting out and or not seeing a good legal standing to fight with these states, Bluesky likely didn’t have much of a chance.
Why is this post NSFW???
Joys of federation. https://lemmy.blahaj.zone/post/30731823/16032284
But I thought BlueSky was open source and decentralized? /s
EDIT: In case it’s not obvious (as it apparently isn’t to OP) if BlueSky was either of those things then it could not be simply shut down by a CEO.
@Kirk It is. As their announcement says,
“This decision applies only to the Bluesky app, which is one service built on the AT Protocol. Other apps and services may choose to respond differently.”
Of course, today 99.9%+ of the people using AT Protocol-based services are using Bluesky’s app. But that was already in the process of changing, and stuff like this – and the Online Services Act, and the (very justifiable) desire by Canadians and Europeans and everybody else not to be depending on US company’s infrastructure are just giving it more momentum. So, it’ll be interesting to see how it works out.
But that was already in the process of changing
That appears to be you avoiding explaining how a CEO of a for-profit company could censor an entire “decentralized” “open source” app for millions of people.
