• E-mail this page
• |  Print this page
• | 
• | 
• | 

Second Life Adding Age Verification. Identity Thieves Celebrate

Linden Lab plans in mid-May to introduce age verification systems to Second Life designed to keep kids out of adult areas. It's almost certainly legally necessary, to protect the company and adult content providers in-world from civil and criminal prosecution. But, still, it's a bad idea. It won't stop kids from accessing adult content. And it provides tremendous opportunity for identity thieves, creating a rich store of Social Security numbers, driver's license numbers, dates of birth, and other identifying information.

When the age verification system goes in place, users -- known in Second Life jargons as "residents" -- will be required to provide a one-time proof of identity, such as driver's license, passport or ID card, to access mature content in Second Life, according to a statement on the Second Life official blog.

The measure appears to be a Band-Aid. Any kid with enough rebelliousness to want to access porn behind Mom and Dad's back will likely also have the gumption to borrow their driver's license to do it.

Moreover, the repository of identifying information will be a juicy plum for identity thieves. Linden Lab becomes a candidate to join the long, long parade of companies and government agencies that accidently exposed confidential customer data. Linden Lab says it won't store the data after it verifies' a resident's age, but it also says it's using a third-party company -- which it did not identify -- to perform the verification, and Linden Lab didn't say whether the third-party company would store the information. Even if the third party doesn't store the information, the information will be vulnerable to interception in transit between the customer and verification service.

And yet, I don't know any better way to block kids from accessing mature areas. And the measure is almost certainly essential to Linden Lab, and Second Life providers of mature content, from being prosecuted for distributing porn to minors.

In other words: It's a bad idea, but don't blame Linden Lab. It's not their fault. This dumb idea came from Washington.

I've got an interview request with Linden Lab, still waiting to hear back from them.

Linden Lab said in its blog:

Second Life has always been restricted to those over 18. All Residents personally assert their age on registration. When we receive reports of underage Residents in Second Life, we close their account until they provide us with proof of age. This system works well, but as the community grows and the attractions of Second Life become more widely known, we’ve decided to add an additional layer of protection.

In addition to Second Life, Linden Lab runs a second virtual world, Teen Second Life for 13-17-year-olds, which is forbidden to all but a small number of authorized adults.

People who run areas in Second Life (known as "land owners" in in-world jargon) will be required to flag mature content, Linden Lab said.

What's the definition of "mature content?" ""We trust that common sense will prevail. As a general rule, “Adult Content” is any content that is explicitly sexual or excessively violent in nature," Linden Lab said in its blog.

Linden Lab said: "We hope you’ll agree that the small inconvenience of doing this once is far outweighed by the benefits of protecting minors from inappropriate content. Further, this system will assist landowners in engaging in lawful businesses."

Linden Lab said: "The verification system will be run by a third party specializing in age and identity authentication." Oh, good! Another party brought into the fray to create another possible point of failure where information might leak out to identity thieves!

Residents with paid accounts, known as "premium" accounts, will be charged a "nominal" fee in the in-world micropayment system used in Second Life, known as Linden Dollars. The fee will be less than L$10 -- less than a nickel in US currency. Free account members will have to pay a larger amount to access adult areas, but they'll be able to continue to access non-adult content with free accounts without having to go through verification.

Linden Lab said: "Residents will provide a few simple details about their identity – generally, name, date of birth, and address. US Residents will be asked to provide the last four digits of their Social Security Number, while non-US Residents may need to provide a passport or national ID number." Necessary documentation will vary country-by-country, but could include passport, driver’s license, name, address, or a national ID number such as a Social Security number.

After providing the identifying information, residents can continue to remain anonymous in-world, Linden Lab said. I know what they meant to say: They'll keep the information confidential (unless, of course, there's a data leak. Whoops!) But the choice of words is unfortunately Orwellian: Your identity will be anonymous as soon as you identify yourself.

By the way, earlier I described how Second Life is for people age 18 and older, and Teen Second Life is for people aged 13-7. One unfortunate side-effect of this: That means parents can't go into Second Life side-by-side with their kids. That's ironic -- in the name of protecting kids, Linden Lab is separating them from their parents. But Linden Lab CEO and founder Philip Rosedale said last week he'd like to correct that problem by opening a family-friendly Second Life

Update 6:10 pm EDT: Linden Lab clarifies the policy..

« Are You Ready For The $10-Multicore-Cell Phone Future? | Main | Voice Coming To Second Life May 23, Maybe, According To Somewhat-Unclear Statement From Linden Lab »