On a forum im a part of it recently became a topic of interest that discourse requires you to be 13+ to use it as stated i think somewhere in the TOS? which is not uncommen many sights put it that but i was wondering…
Is it truley discourses choice one a person owns a discourse made forum? [1] or can the owner of the forum decide if they want to let younger people can they do that?
Meaning one made from the software so self hosted and with the .discourse.group endings ↩︎
Discourse doesn’t require you to have a certain age to use it. Communities can, depending on their content and applicable law. See Lilly’s answer below!
(this remains true tho… I hope)
The 13 years old thing is a very US-thing; many old-school forums, in other countries stated in their terms of service that you were required to be 13 years old to register, even if there was no reason for this regarding different local legislations. It was probably just because the term of services were originally written in the US, then translated, and used as it is in other language forums. It led communities outside US believe that the 13 years old was a real thing regardless the country…
On CDCK hosted plans we prohibit the furnishing or soliciting of data which is subject to Special Data Regulations, which includes data from children under 13 years old (COPPA). If you plan to use an external hosting service and expect children to access your site, please pay close attention to the terms and conditions under which you are signing up. If you self-host your site you will need to be aware of any data protection and transfer laws which apply.
i would disagree to some extent. for EU organizations, i believe GDPR countries age requirements and verification for online data is 13-16 depending on the EU country. for example, article 8 for UK requires age 13. i think in France it’s 15.
Correct. Please do review our hosting terms, but the relevant clause is:
Customer agrees not to … furnish or solicit Customer Data subject to Special Data Regulations or otherwise do anything that results in CDCK processing Customer Data subject to Special Data Regulations
where Special Data Regulations includes, for example, the Children’s Online Privacy Protection Act.
This topic has many facets. If we goto the root vause. Parents should be the ones restricting their kids and be held liable. Parents can install safeguards by having a white list if approved sites their children can visit/join.
Age verification? How would you do that without compromising the idea of being able to protect one’s identity? By having to use government ID?
Educate parents & install safeguards. Not hard to restrict sites from an access point either in the OS or tinternet access point(ie work, schools often block accessing a variety of sites)
in theory yes! but we are required to follow regulations in places we provide hosting services to, if you live in one of the areas that has an age verification requirement communicating this to your government is more useful than telling us
The EU Age Verification Solution relies on Zero-Knowledge Proof (ZKP) cryptography to deliver its privacy guarantees. A ZKP allows the user’s application to convince a relying party of a single fact — for example, “this user is over 18” — without revealing the user’s identity, date of birth, issuer-assigned reference or any other attribute. The application’s responses to different relying parties cannot be correlated, so a user cannot be tracked across services, and the relying party cannot build a profile from repeated interactions.
"This topic has many facets. If we goto the root. Parents should be the ones restricting their kids and be held liable. Parents can install safeguards by having a white list if approved sites their children can visit/join.
Age verification? How would you do that without compromising the idea of being able to protect one’s identity? By having to use government ID?
Educate parents & install safeguards. Not hard to restrict sites from an access point either in the OS or tinternet access point(ie work, schools often block accessing a variety of sites)"
I guess you can’t we just have to trust them and hope they accept the rules
It’s important to note that regardless of whether you use our hosting or self-host, you are required to meet regulatory compliance standards in the jurisdictions that users may visit from. That means that if EU users may visit, you are required to undertake the necessary OSA risk assessments. That almost certainly means that you will need to restrict children’s access even if you self-host.
That isn’t totally true. Out there is only few countries that are limiting children’s use of social media. Are forums counted as social media… no, not now, but it is a possible scenario. But in general if a forum isn’t a porn site then there isn’t need to do any age checkings. But as usual, that depends. My forum has topics about alcohol and nicotine, so I should keep it adults only — because in Finland there is restrictions. But that s not EU regulation per se.
Your’e correct – I should have said UK rather than EU.
For the purposes of the UK OSA, Discourse as a U2U platform is in squarely in scope and therefore anyone running a Discourse site that may have users from the UK sign up must complete the risk assessments.
Similarly there are requirements for the DSA in the EU. People need to ensure they are undertaking the appropriate level of transparency reporting.
I meant to add we only have had the legal requirement added because of delinquent parents neglecting their responsibility.
Years ago over 10 now. There was some kids playing hockey in the winter in a public park. A kid was struck by the puck & died. A parent commented that the park should maybe have rules about wearing a helmet. When the simple truth is the kids parents let them go out and play without the proper gear. Result? Now parks ban making of ice rinks due to liability. Now it was the community that used to flood it to make the rink.
There needs to be a proper balance. And sure I was from the dumb generation where we didn’t wear helmets for bikes, skateboard or sports protective equipment. With bikes there are now fines for not wearing helmets. They should be going after parents for neglect.
Still better for parents to own their responsibility and restrict their children online be activity via a 3rdparty program that controls what sites are available.
