A new US bill requires age verification to occur directly on user devices rather than through centralized servers. The measure aims to balance content restrictions with privacy concerns.
The proposed legislation mandates that age verification systems operate locally on devices, preventing user data from being transmitted to third-party verification services. This approach addresses privacy concerns while enabling platforms to enforce age restrictions on certain content categories.
Under the bill's framework, devices would verify age through existing identification methods without storing verification results centrally. The requirement applies to platforms offering age-restricted content, including adult material and services.
Key aspects:
- Verification happens on-device, not on external servers
- Reduces data collection and privacy risks
- Applies to multiple content categories
- Shifts compliance burden to platforms
The proposal has generated significant discussion in tech circles, with 117 points and 55 comments on Hacker News. Implementation details remain under review, including technical standards and exemptions for smaller platforms.
The bill represents an attempt to modernize age verification without creating centralized databases of user information.
Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.
Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.