In Larry Walters’ article titled “Keeping Children Away From Adult Material – The Time for an Innovative Solution”, he presented an approach to help Webmasters protect themselves from impending federal actions.In Larry Walters’ article titled “Keeping Children Away From Adult Material – The Time for an Innovative Solution”, he presented an approach to help Webmasters protect themselves from impending federal actions. This article serves as a rebuttal to Mr. Walters’ article, responding to key points as well as focusing on age verification issues in general.

My disclaimer is that I am not an attorney, and I am not selling or patenting any Age Verification System (AVS), so my viewpoints are completely biased to my point of view. I may be misinformed or blatantly wrong on any point, but since this is a debate, it’s about open exchange of ideas, facts, opinions, and comments. Should anything I present be inaccurate or incorrect, I am reasonable enough to listen to the opposing point, and if the opposing point is proven to be true, I will freely accept it, and I will alter my thinking. Further, it is not my intention to personally attack or criticize Mr. Walters in any way. I am simply debating some of the opinions he stated in his article.

For those with limited time to read, I’ll first present a summary of the article, again, subject to my own interpretation:

1) Age verification scripts don’t protect children. They are intended to protect the Webmaster.

2) Age verification scripts as Mr. Walters described are not innovative.

3) The “Electronic Signatures Act” involves more technical issues than just the submission of a birth date.

4) Webmasters who check for age at the front door often leave the windows open for side entrances.

5) Implementing an Age Verification System could cut down on traffic.

6) “Age Verification System” is not a suitable name.

I will now address each of my opinions in turn.

Age Verification Scripts don’t protect children. They are intended to protect the Webmaster.

The idea that using an age verification script will protect a child from adult content is one that is overused by so many people. If minors want to look at adult websites, they will enter some bogus birth date to get in. If they were really honest and entered their real birth dates, the age script would block their entry. For the hormone-rampant minor, he’ll just figure this out by entering a birth date that is over 18.

How did this age verification check “protect” this child? It didn’t, but what an age verification check does is offer some level of protection to the WEBMASTER in the event that there is some prosecution involving a minor who was allowed access to an adult site.

Given the situation where a Webmaster is called to court over a minor accessing his site, and being able to show the judge that the minor would have had to perjure himself to gain access leaves open the possibility that the judge may say that minors can’t be held accountable for signing any contract, affidavit, etc. without their parents being involved, or that they had the capacity to fully understand the issues.

Given this court case, the defendant could argue technically that the minor perjured himself, but I think that technical issue won’t stand up. What may stand up is that the Webmaster had implemented additional measures to control access that showed “intent” and “good faith” in implementing a system to restrict minors.

Age verification scripts as Mr. Walters described are not innovative.

Bulletin board systems (BBS – before the World Wide Web) had membership systems that restricted minors from accessing adult-related systems. With the WWW, a perfect example of restricting minors from accessing materials can be found at www.budweiser.com. Notice how there is a birth date check? What was innovative about age verification was Budweiser.com setting up a system back in 1998.

Use the Wayback Machine link to view the archived version of the Budweiser.com website. Notice that on July 9, 1998, it implemented an age verification script.

As I personally verified with Mr. Walters, he is filing a patent application for an age verification script. His patent-pending application goes one step further than just asking for age, so budweiser.com would not be able to invalidate his claims. Given his twist on the idea (I’ll allow Mr. Walters to share his invention when he is ready), it is conceivable that he may be granted a patent, but as you will see from my points in general about age verification scripts, Mr. Walters’ script may not be desirable to most Webmasters.

The “Electronic Signatures Act” involves more technical issues than just the submission of a birth date.

If you have ever signed a contract before, you will note that you got a copy of the signed document and the other party got a copy. In the event that there was a dispute, the plaintiff has the burden of proof to show how and why the person violated the contract.

In this new digital world, documents are becoming electronic and the idea of having an “e-signature” is a new area of law. There are many companies trying to come up with the best “e-signature” solution, but they all have common elements.

For someone to e-sign a document, there must be a way to e-verify what the e-person e-signed in case of an e-dispute.

To engage in conduct applicable to the “Electronic Signatures Act”, I am assuming that you are offering some kind of “contract” that states the acceptable use and the “signing” of the document means the person agrees to the terms. In the past, it was “click here if over 18” as a way of “signing.” Nowadays, we are looking at an added step of entering birth dates.

In looking at age verification scripts, when a minor comes to the website and enters a bogus birth date, the Webmaster could log the IP and the birth date entered. In the event the Webmaster is brought to court, he would first need to be able to find the IP (and ISP) of the minor, and what specific date and time the minor visited the site. This part alone is a difficult task to pinpoint. Assume that you had the exact date and time that the minor accessed your site, and you were able to look up the birth date that was entered. How can you prove what text was written on the web page at the time the minor “signed” the “contract” to enter the website?

A Webmaster could print out a copy of the CURRENT text and then would have to PROVE that the text NEVER changed. I am not aware of any court cases that have tested this process, but it will certainly be a landmark one.

I think that it is plausible that the judge may look at this and agree with the prosecutor that this can’t be a “contract” if you can’t prove what the minor really signed.

Webmasters who check for age at the front door often leave the windows open for side entrances.

Let’s take one of Mr. Walters’ clients as an example from his article: www.bisexualbritni.com.

Enter your REAL birth date (after all… you wouldn’t want to lie). And then notice you can enter the site.

Now open your web browser (I tested this next link by using a different computer in order to prove there was no cookie tracking going on) to this link.

Notice how you can jump directly to an interior page? Search engines could lead minors in via a side door and people who are using link engines, etc. could link directly to these pages (granted “deep linking” is questionable according to the TicketMaster case).

If you do a search in Google using bisexualbritni, you get many listings. (Granted, I am “cheating” to get the Google listing, but it is possible for a minor to be searching for some search word that this website could show up in.)

You can click on this Google result link to take you directly into the site through the side door.

You will see that Google has already indexed the inner “protected” pages, and a minor could easily get in through the side door. Granted, I was very specific in being able to pinpoint a side door entrance, but if a minor were to enter keywords, it is possible that one of the side doors would show up for one of your particular clients that were using your scripts.

In the fictitious example of a Webmaster being in court because a minor had gained access to his website, his defense attorney would point out the age verification script that was used to show that the Webmaster was indeed trying to prevent access by minors.

On the cross-examination, a knowledgeable prosecuting attorney may point out the side door entrances that TGP sites, search engine results, and link engines could allow for the bypass of the front door. His conclusion would be that locking up the front door and leaving the side windows open doesn’t really show intent to stop minors from gaining access.

The prosecuting attorney could go on to say that maybe the Webmaster should have used technology or other methods to ensure that search engines that have already indexed the site don’t permit side door entries, and redirect to the front door.

The prosecuting attorney could also suggest that access to the interior of the website should only be accessible if the birth date check was successful and that a cookie was set and used for each entryway to the site. This would prevent side doors.

The Webmaster would be scribbling feverishly on his defense attorney’s yellow pad the following points:

“If I made it so that my website couldn’t be indexed by search engines, I would lose so much traffic to my site.”

“If I required cookies to be used, I would have to re-code all the pages to use a new system. I could use javascript to do a cookie check, but then if a minor disabled his javascript functionality in his web browser (which some do), then he could bypass the checks. If I use server-side programming (ie. PHP, ASP, Cold Fusion, etc.), it would be a high load on the server to constantly verify every page for the cookie.”

The defense attorney would read these points, and either tell his client that he has no idea what all this means, or tell the Webmaster that he can’t use these as a defense, since the Webmaster could have made these changes to prevent the side doors before he was prosecuted.

Implementing an Age Verification System could cut down on traffic.

Asking surfers to enter their birth dates and/or other information could deter them from entering the site. The ominous reading of the legal disclaimer could make a surfer shy away. The surfer could also feel that his birth date is private information and wouldn’t want it to be databased somewhere with cookies attached to it, etc. An age check question will also stop search engine spiders from entering the site, so this means less SE traffic for the Webmaster who puts these checks in. Blocking side doors will also reduce additional SE traffic.

“Age Verification System” is not a suitable name.

Having a birth date check doesn’t really VERIFY the person’s age like checking a driver’s license. The point of asking for age is to put an added step in the process for someone to CONSCIOUSLY want to enter into an adult site, rather than someone who is just clicking around.

The age question would clearly show INTENT to want to enter the site, since it requires someone to either be honest and put in the real birthday, or a minor to be DECEPTIVE, by putting in a birth date that will allow for access.

I would suggest a name like COPA Compliance (“COPA-C”) instead.

Conclusion

There is no definitive method for age verification protection as of this time. There are many methods ranging from Budweiser’s approach to ones that Hammer and other people have posted on YNOT. Any protection that a Webmaster can use to provide lines of defense in the event of prosecution is very desirable.

What’s important is to show intent to restrict minors and to comply with the law. Leaving side doors open could invalidate your “good faith” efforts.

In the three examples that Mr. Walters presented in his article, what is common is the lack of any potential “obscene” images! I heavily commend Mr. Walters and his clients for doing this, because it is the first page that a minor will access (assuming of course the side doors are closed or are not found by the minor before accessing the front page). By not having adult content material on the front page, it goes further to show the court that the Webmaster is making a concerted effort to keep minors from accessing the site by not including any “enticing” pictures.

A minor may be fully consumed by the images shown on the first page and in a state of sexual frenzy, he may enter a birth date that will allow him access. It will be very interesting to see if a judge will look down upon the minor for his actions, and declare that the minor was not knowledgeable or mature enough to understand the “contract” terms. So what happens next? The first court case will fill in the blanks. As always, consult your attorney about the language to be used on your front door.

Final Tips

1. DO NOT COPY and PASTE anyone’s disclaimer text that you find on a website, as that disclaimer is ALWAYS copyrighted by the person who created it from the date of creation, regardless of whether or not the text was submitted to the Copyright Office (see related article). Hire an attorney to get you the text to use.

2. Use any one of the many age verification scripts out there to show “good faith” and “intent” to comply with the law.

3. Block side doors.

Brandon (FightThePatent) can be reached at brandon@fightthepatent.com and his site can be viewed at http://www.fightthepatent.com.

Further information relating to this article can be viewed in this thread from YNOT’s General Chat Board.