“The SCOPE Act takes effect this Sunday, Sept. 1, and will require everyone to verify their age for social media.”

So how does this work with Lemmy? Is anyone in Texas just banned, is there some sort of third party ID service lined up…for every instance, lol.

But seriously, how does Lemmy (or the fediverse as a whole) comply? Is there some way it just doesn’t need to?

  • Richard@lemmy.world
    link
    fedilink
    English
    arrow-up
    148
    arrow-down
    1
    ·
    2 months ago

    Why should it affect LW or any other (non-Texan) instance? Any rogue country with populists at the head can implement any arbitrary legislation. That does not affect Lemmy instances hosted in countries with reasonable governments. If Texas wants to enforce their rules (or punish for non-compliance), it is on them to approach instance admins or block the site in their corner of the global internet.

    • FarFarAway@lemmy.worldOP
      link
      fedilink
      arrow-up
      43
      arrow-down
      1
      ·
      2 months ago

      This is a fair view. I’m not sure anyone has gotten that far, especially outside the country.

      Heres an article about a similar bill in Utah, that hasn’t gone into effect yet.

      What’s not clear from the Utah bill and others is how the states plan to enforce the new regulations.

      I mean if the general consensus is that it doesn’t apply, then, cool.

      • protist@mander.xyz
        link
        fedilink
        English
        arrow-up
        84
        ·
        edit-2
        2 months ago

        I live in Texas, and can confidently tell you the people writing these laws have no fundamental concept of what the internet is or how to implement or enforce such a law for consistent adherence.

        I can also tell you with confidence this law will be wielded with impunity against specific companies/sites our corrupt, petulant AG decides to go after. Fuck Ken Paxton.

        As far as users in Texas, this is nothing a VPN can’t fix.

          • Zedd @lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            19
            ·
            2 months ago

            Absolutely. Most “travel routers” have openvpn installed on them. I have one router set up with my normal internet, and another with a full time vpn’d connection. The VPN router was like $60.

            They’re also great to have when traveling. It connects to whatever random wifi, and all of your devices show up as a single device. You turn off the VPN to connect to your hotel’s capture portal, then turn it back on and all of your devices have secure internet.

            • GlendatheGayWitch@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              2 months ago

              Is there a particular VPN router that you suggest?

              Also, is there a subscription fee or something for the VPN usage?

              Thank you so much for the info!

              • Zedd @lemmy.dbzer0.com
                link
                fedilink
                English
                arrow-up
                3
                ·
                2 months ago

                I’m using the gl.Inet 1200 off Amazon.

                There is a monthly fee for your VPN account. I use nordvpn, but there are a ton of options depending on how much you want to pay and what you need.

    • AA5B@lemmy.world
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      2 months ago

      Is there any Lemmy hosted in the US? Texas can put on a stunt against any US instance, but don’t see them even trying for anything from the rest of the world. Too much work/money with too little chance of success.

      • spacecadet@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        2 months ago

        And the state I’m in would tell them to fuck right off and would probably allow me to counter sue Texas into the ground for harassment. I don’t think Texas wants to mess with states that have massive GDPs and contribute lots of money to the federal government.

    • NeoNachtwaechter@lemmy.world
      link
      fedilink
      arrow-up
      13
      arrow-down
      1
      ·
      2 months ago

      Look where it’s hosted? Sorry, but this approach has been outdated for decades. Laws apply when you address the users inside that legislation. No matter where you are, where your server is, etc.

      • dan1101@lemm.ee
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        2 months ago

        Do you have examples of that? From what I’ve seen the laws only apply if a business has a physical presence in that state or country.

    • ninja@lemmy.world
      link
      fedilink
      English
      arrow-up
      21
      ·
      2 months ago

      I can absolutely see Texas looking at it the other way. “Your website can be accessed by our citizens? On you to comply with our laws.” They then spit out a bunch of criminal charges that make things rather inconvenient for some instance hosts. The US reach into international banking systems is uncomfortably long.

      The real problem question is about federation. You can post to an instance from any federated instance. If an account is created in one instance and the user posts to a federated instance are both liable? You have to be able to create accounts AND post to be subject to the law. Can one instance not allow posts but host accounts for participation in other instances to skirt around the law?

      • aesthelete@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        2 months ago

        Interstate commerce is not under the jurisdiction of any state, it’s under the jurisdiction of the federal government. They’d need a federal bill passed.

      • MotoAsh@lemmy.world
        link
        fedilink
        arrow-up
        30
        arrow-down
        1
        ·
        2 months ago

        That would require jurisdiction to charge them anyways. They do not have such power.

  • roofuskit@lemmy.world
    link
    fedilink
    arrow-up
    13
    ·
    2 months ago

    I’m fine with Texas disappearing from the internet. Literally every site with a comment section now has to comply or just block Texas. One of those seems more feasible.

  • ulkesh@lemmy.world
    link
    fedilink
    arrow-up
    33
    ·
    2 months ago

    It’s called the “Fuck Texas” response to such a garbage law. And good luck enforcing it especially with federated sites.

  • sorghum@sh.itjust.works
    link
    fedilink
    arrow-up
    34
    ·
    2 months ago

    If you don’t operate in Texas, do you have you comply? Is the easy fix is don’t have your servers be in Texas?

    • FarFarAway@lemmy.worldOP
      link
      fedilink
      arrow-up
      12
      ·
      2 months ago

      Someone can correct me if im wrong, but, pretty sure its any social media. Similar to what happened with pornhub.

      According to the Texas Office of the Attorney General, this new law will primarily “apply to digital services that provide an online platform for social interaction between users that: (1) allow users to create a public or semi-public profile to use the service, and (2) allow users to create or post content that can be viewed by other users of the service. This includes digital services such as message boards, chat rooms, video channels, or a main feed that presents users content created and posted by other users.”

      • (1) allow users to create a public or semi-public profile to use the service

        So it seems like I’m safe. I run my own single-user instance to federate and post - but I don’t allow others to sign up at all, so they can’t create a public or “semi-public” profile here (and what does semi-public mean?)

        • WhyJiffie@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          I was going to argue that your account is publicly viewable, but I realized that you may still be right. This depends on their definition of what is a user.

          Same with semi-public. May even be used for anything that is not public but they don’t like it.

          • tyler@programming.dev
            link
            fedilink
            arrow-up
            3
            ·
            2 months ago

            The law literally is so broad it applies to every website on the planet with a comment section. This will be struck down immediately.

        • FarFarAway@lemmy.worldOP
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          2 months ago

          I find this interesting. Does one just install software and buy a domain? I would assume theres somewhere you have to register with in order to federate. I mean, if theres no one to go after, this would be a nice work around. At least, until theres a site for every Texan that figures it out.

          I think semi public would be like setting your facebook profile to private. It shows your name, and basic details, but doesn’t show all your posts or interactions.

          Edit: haha, you kinda answered this somewhere else as I was typing.

          • I think semi public would be like setting your facebook profile to private. It shows your name, and basic details, but doesn’t show all your posts or interactions.

            Seems reasonable. It’s good to figure these things out now btw, as courts will adopt the “common definition” if the law doesn’t explicitly define things (including referencing dictionaries for the meanings of words).

            I find this interesting. Does one just install software and buy a domain?

            You don’t even need to buy a domain necessarily, just have a place to install the software and use one of the free services.

            I run my own self-hosted single-user pyfedi instance, and I more-or-less do so for free (I mean I pay for internet and I bought the old laptop that I’m running pyfedi on ages ago, but that’s it).

            After looking at a lot of different options, I decided to go with srv dot us since srv dot us guarantees you a permanent domain name without having to pay (albeit you can’t pick the name). srv dot us actually doesn’t require any signup either - you just follow the instructions, connect, and go - and they only keep records like your ip address for one day, so if you stop using it for longer then poof you’re suddenly that much harder to trace.

            ngrok dot com also offers a free domain name (but you can’t pick - if you want to choose your own then you have to pay). You sign up with your email and all that though (you can also sign up using your github account). I almost went with this (the author of pyfedi, Rimu@piefed.social , mentions (recommends?) using ngrok for this purpose) but at the time I had some other issues and misdiagnosed it as ngrok blocking federation with their silly popup (see https://stackoverflow.com/questions/73017353/how-to-bypass-ngrok-browser-warning for more details)

            You can learn more about pyfedi by visiting the flagship instance at piefed.social

            I would assume theres somewhere you have to register with in order to federate.

            Nope, nothing like that. Verification is done mostly just by making sure you own or otherwise legitimately have access to the domain that you are using (specifically that you have SSL certs that are certified for the given domain for use in HTTPS if you wanna get a little bit technical).

            I mean, if theres no one to go after, this would be a nice work around. At least, until theres a site for every Texan that figures it out.

            So fly-by-night instances it is! It wouldn’t necessarily work for large instances with many users though - pretty much all of these do buy their own domain, for which you have to provide your legal name and address and such (even if it’s not public thanks to domain privacy, it would be available to law enforcement)

            And federation does not play nice with someone’s domain name changing. Meanwhile if one is caught registering for a domain with a fake name etc then the domain registrar is entitled to cancel the ownership of that domain and take it back.

            That said, one might luck out and find a good domain with a registrar that’s in a jurisdiction that is particularly unfriendly to Texas’s ability to enforce SCOPE.

            Edit: haha, you kinda answered this somewhere else as I was typing

            Thought I could enhance my previous answers by adding a little more detail here.

            • FarFarAway@lemmy.worldOP
              link
              fedilink
              arrow-up
              1
              ·
              2 months ago

              Wow! Thank you for such a detailed answer. Even without some weird law, it’s good information to have, and with a little elbow grease, it sounds completely doable. And if it keeps people from getting in trouble / protects privacy, I’m all for it!

      • Lost_My_Mind@piefed.social
        link
        fedilink
        arrow-up
        4
        ·
        2 months ago

        Fuck 'em. They want to do this, let Facebook, and Reddit, and Instagram, and TikTok and the fediverse, and any others that I’m forgetting refuse to serve connections to Texas.

        Make Texas the ONE PLACE where the internet is just yahoo and thehampsterdance.com

        And then when Texans go elsewhere, they realize all they did was punish themselves. The rest of the world moves on without them.

      • sorghum@sh.itjust.works
        link
        fedilink
        arrow-up
        28
        ·
        2 months ago

        I mean my question was addressing the scope of the jurisdiction Texas can have over a server in another state. It feels like the onus is on them (or the ISPs in Texas) to block that server

        • Aha,

          Exemptions Small businesses as defined by the Small Business Administration (SBA);

          Not sure how’d this work overseas, but basically lemmy.world and friends just needs to apply to SBA to get recognized as a small business, and they’re all good. (Or perhaps they could try to apply thru a US Embassy; or apply at a local authority and argue for legal equivalence between the SBA’s recognition and their own country’s).

          As for enforcement, well,

          If someone were to violate the act, the AG’s office may seek … civil penalties of up to $10,000 per violation, and attorneys’ fees

          So yeah basically it comes down to trying to grab money. So as they say about sucking blood from a turnip…

        • FarFarAway@lemmy.worldOP
          link
          fedilink
          arrow-up
          4
          ·
          edit-2
          2 months ago

          Maybe someone is better equip to answer this question. As far as I understand, it is up to the social media company, as it is operating in the state. Sort of the way the corporate office of a national grocery store can be sued.

          https://www.texaspolicy.com/wp-content/uploads/2023/04/2023-05-BillAnalysis-HB18-Updated.pdf

          First, it prohibits digital service providers from entering into an agreement with a known minor unless they have verifiable parental consent.

          It seems its up to whomever is registering the account. If the person is under 18 they see a scrubbed version, of the person is over 18 they have full access. I’m not sure an ISP has control like that. I could be wrong.

          I know with pornhub, the ISP didn’t block the site, pornhub itself did.

          • the ISP didn’t block the site,

            And from the article you posted at the beginning, perhaps the ISP can’t be required to do that. At least it’s not list as an explicit remedy. Others are suggesting that Texas might block the site from being accessible from within Texas, but there’s nothing in the law itself that suggests Texas would legally do this.

            Basically it reads like that they’re restricted to whatever the existing office of the AG of Texas could have already done in terms of enforcement powers, which is largely fines.

            It seems its up to whomever is registering the account. If the person is under 18 they see a scrubbed version, of the person is over 18 they have full access.

            Or, like, not allow registration for under 18s at all, I suppose.

            I’m not sure an ISP has control like that. I could be wrong.

            No, you are right. The site itself must comply.

            • FarFarAway@lemmy.worldOP
              link
              fedilink
              arrow-up
              1
              ·
              2 months ago

              Or, like, not allow registration for under 18s at all, I suppose.

              Problem is, one would still have to find a way to verify the registrant is over 18.

          • ShepherdPie@midwest.social
            link
            fedilink
            arrow-up
            8
            ·
            2 months ago

            In the case of a grocery store, they’d have an actual physical presence in the state along with revenue and employees, so I (a total laymen) don’t see how that’s comparable to a website like Lemmy. Even PornHub would be different IMO since they have paid content and the transaction would be happening in Texas. A site like Lemmy earns nothing from its users and doesn’t sell anything so it seems like it’d be quite the stretch to hold them accountable for the actions of some kid on the other side of the country (or planet) since Texas jurisdiction ends at the border of Texas.

          • MotoAsh@lemmy.world
            link
            fedilink
            arrow-up
            12
            ·
            edit-2
            2 months ago

            “Operating in the state” and “accessible in the state” are different.

            Much like a business doesn’t have to have a specific state’s business license to sell to customers of a different state, a website does not have to comply with all laws everywhere just because the laws exist. If they’re operating in Texas, they will. If they’re accessible from Texas, that’s Texas’ problem.

            • chicken@lemmy.dbzer0.com
              link
              fedilink
              arrow-up
              1
              arrow-down
              1
              ·
              edit-2
              2 months ago

              Pretty sure it doesn’t work that way. Look at what happened to Binance; not a US website, not technically allowing US customers, still successfully prosecuted by the US government for not doing enough to prevent people in the US from using it.

              • MotoAsh@lemmy.world
                link
                fedilink
                arrow-up
                4
                ·
                edit-2
                2 months ago

                That’s because they were facilitating actual, across-the-board federal crimes.

                Not looking at titties.

                I could see states that have such draconian laws working together to attempt to do anything about flagrant violators, but otherwise Texas has yet another pointless, toothless virtue signaling “law” on their hands.

                • chicken@lemmy.dbzer0.com
                  link
                  fedilink
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  edit-2
                  2 months ago

                  The difference between what the laws are trying to enforce is a different issue though. The point is a website can be prosecuted just for being accessible when what it offers is against local laws.

    • My guess is that the law is basically extra-territorial - meaning that in theory it applies no matter where you are based.

      For a for-profit service this is more enforceable - just gotta find a way to seize the stream of money flowing out of Texas for violate of the law.

      For a service based in the US this is more enforceable - just gotta get the federal system and other states to cooperate, and enforce Texas’s court judgement, and then Texas can find a way to seize the stream of money flowing around and out of the US (or perhaps seize the US assets of the company).

      For a non-commercial entity based in the territory of the European Union that has no funds flowing at all from the US (think lemmy.world or feddit.de here) then it’s probably quite a bit harder to do anything at all in terms of effective enforcement.

      • RedSeries@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        I’m gonna petition my state to make a law that if someone is from Texas and tries to enforce Texan laws on my state, they’re executed on the spot.

        Should be about as enforceable as this joke of a law.

    • naonintendois@programming.dev
      link
      fedilink
      arrow-up
      5
      ·
      2 months ago

      If you own an instance it’s better to check with a lawyer. They might give you a warning first or they might go after you immediately. How effective that is depends on what country you live in and which country the server is in.

  • Furbag@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    2 months ago

    Social media is probably a very poorly or very narrowly defined term. Either they called out Facebook, Reddit, Snapchat, etc by name or they gave some broad description of social media that could apply to everything from Facebook all the way down to somebody’s Vbulletin forum and this will be unenforceable for the vast majority of websites. Compliance is likely voluntary for the little fish in social media. I imagine that they aren’t even aware that Lemmy exists.

  • Dasus@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    2 months ago

    Comply?

    “Is there some way it just doesn’t need to” = “Is there some scenario in which Texas laws don’t apply worldwide?”

    Yes. There is.

    • SirEDCaLot@lemmy.today
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      2 months ago

      To expand on this- In general you must comply with the laws of any jurisdiction where you have a business presence. This for example Meta is a USA company, but they have offices in the EU and they sell advertising in the EU from EU offices so they have to comply with EU laws for EU users. They can’t just wave off and say ‘we are a USA company, EU regs don’t apply to us’.

      Lemmy is not a corporation. There is no business presence in Texas, unless an instance admin lives there or hosts the server there. So Lemmy, both as a whole and as individual instances, can simply give Texas the middle finger and say ‘we aren’t subject to your laws as we have no presence or business in your state. We are in the state of California (or whatever) and are subject to the laws of our home state. It is not our job to enforce Texas laws in California on servers hosted in Virginia.’

      Thus Texas trying to enforce their laws on a Cali company is like Hollywood studios sending DMCA notices to Finland.

      • Dasus@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        2 months ago

        Thus Texas trying to enforce their laws on a Cali company is like Hollywood studios sending DMCA notices to Finland.

        My point exactly.

    • FarFarAway@lemmy.worldOP
      link
      fedilink
      arrow-up
      10
      ·
      2 months ago

      Its getting more dystopian by the week. I would say day, but a lot of brains don’t move that fast here.