Will the issue of minors' access to pornographic sites soon be resolved?
France should soon be equipped with a tool to prevent minors from accessing pornographic sites. According to Jean-Noël Barrot, Minister Delegate in charge of the digital transition and Telecommunications, it will thus be possible to "enforce the law once and for all".
The application, which has been tested since March 2023, is the culmination of research work which has given rise to a system for controlling the age of Internet users that is both reliable and secure – the majority of users being certified by a trusted third party. This mechanism will make it possible to obtain a digital certificate of majority which must be required by pornographic sites to allow access to the content.
This technique corresponds to the requirements of the CNIL since, as it had expressed the need for it, the application will know the identity of the applicant but will ignore the nature of the sites visited and the site will be assured of the majority of the user but will ignore his identity. .
The final implementation of the system will still require the opinion of the Council of State and the European Union. According to the Minister, these steps could be taken by next september. Once this application is operational, the sites concerned will be forced to comply with French rules for the protection of minors.
Protection will not be 100% guaranteed since the sites will only be obliged to require proof of majority from their French customers and it will therefore be sufficient to use a virtual private network (VPN) to bypass control. Indeed, the VPN makes it possible to encrypt the data, in particular IP address which locates the machine. The use of the VPN makes it possible to choose the location which will be "seen" by the site consulted, which in turn determines the content that can be made available and the regulations to be adopted.
Nevertheless, if the new application does not provide total protection to minors, it will constitute a real evolution in view of the difficulty of its implementation.
Necessary protection
Since its entry into force on 1er March 1994, the Penal Code penalizes the act of allowing minors to access pornographic or violent content. Of many reasons justify this restriction. We can mention in particular the correlation established between the viewing violent pornography and increased aggressive sexual behavior, or the fact that 90% of the most watched pornography scenes contain violence against women.
The advent of the Internet and its use by an increasingly young audience has greatly increased the risk that a minor accesses, voluntarily or fortuitously, this type of content. In France, the first contact with pornography is generally around 13 years old. a investigation report of the delegation for women's rights relating to the pornography industry estimates that two thirds of children under 15 and one third of those under 12 have already been exposed to pornographic images, voluntarily or involuntarily.
En 2020, the law came to clarify that the mere fact of asking the person if they are over 18 does not exempt themselves from criminal liability. In 2021, the legislator entrusted the Regulatory Authority for Audiovisual and Digital Communication (ARCOM) the possibility of giving formal notice to websites that do not comply with legal requirements and of taking legal action to obtain the blocking of the sites.
Block sites?
Faced with the inertia of the main pornographic sites, ARCOM used the formal notice route. In the absence of tangible results, he ended up seizing the President of the Paris Court of Justice in order toblock these sites.
Blocking the site consists of forcing Internet service providers (ISPs) to redirect the Internet user to a page indicating the reasons for the blocking (when the Internet user clicks on a search result leading to the blocked site). This is the sanction that precedes the delisting, which consists of purely and simply deleting the search results referring to the site targeted by the measure.
This legal offensive by ARCOM did not have the expected result. On the one hand, the Parisian jurisdiction did not order the blocking of the sites. This recommended recourse to mediation (an extra-judicial mechanism that does not guarantee a solution, since each of the parties can interrupt it at any time).
On the other hand, one of the targeted companies filed a priority question of constitutionality (QPC) that the Court of Cassation did not not forwarded to the Constitutional Council. The pornographic content offered by the platforms targeted by ARCOM therefore always remains easily accessible to minors.
Better control is technically possible
The main argument put forward by the platforms is technical. They would not have reliable means of verifying the age of the Internet user. They criticize the legislator for requiring control, without specifying the means to be implemented.
Yet technical means of control exist and would make it possible to ensure, more or less reliably, the majority of Internet users wishing to access pornographic content.
The United Kingdom had opted for a control technique that was the opposite of new technologies, since it consisted of withdrawing a code from a store. The complexity of the system and great reluctance from users led to the abandonment of this solution . The transmission of data linked to a credit card can allow the site to verify the age of the holder of the latter – but not with certainty that of the Internet user.
Verification of the identity document, using a scan, can also make it possible to verify the age of the person but, once again, without being certain that the document really belongs to the user of the site.
Advances in artificial intelligence can also be a source of solution. Indeed, from a Selfie, artificial intelligence (AI) software can perfectly estimate the age of the subject. In order to take into account the margin of error, estimated at five years, the software verifies that the subject is over 23 years old. It's this solution adopted in Germany.
Several reasons are given for not implementing these means of control: the degradation of the user experience due to the slowdown in access to the service, the technical complexity, the too relative reliability of the control in view of the complexity of its implementation implemented, etc. But it is above all the risks inherent in the implementation of these means of control that are put forward.
Too sensitive data transfer?
The control means mentioned require a transfer of data, more or less sensitive, to the service in order to ensure the majority of the user.
Therefore, there is a risk of appropriation and fraudulent use of this data. The use of a bank card, for example, generates the risk of fraudulent use of the means of payment.
More broadly, the transmission of data allowing the identification of the user creates the risk of seeing this data fall into dishonest hands. Blackmail based on the threat of publicly revealing the frequentation of pornographic sites could be exercised.
The CNIL itself, in July 2022, recalled its attachment to the need to prevent minors from accessing these sites, while emphasizing the "additional risks" related to some of these age control methods.
The new app appears to be able to meet different security requirements while limiting minors' access to pornography.
It should be noted that, in the same desire to increase the protection of minors, a bill, passed at first reading, provides for the obligation for social networks to verify the age of users and the mandatory installation of parental control software on all devices sold in France.
Jean Claude Planque, Doctor in private law and criminal sciences, Lecturer authorized to direct research at the University of Lille, Former Co-director of the Institute of Criminology of Lille, University of Lille
This article is republished from The Conversation under Creative Commons license. Read theoriginal article.
