BBFC News


Latest

1999   2000   2001   2002   2003   2004   2005   2006   2007   2008   2009   2010   2011   2012   2013   2014   2015   2016   2017   2018   2019   Latest  


 

Tightening the purse strings...

BBFC warns that age verification should not be coupled with electronic wallets


Link Here 4th May 2019
Full story: BBFC Internet Porn Censors...BBFC: Age Verification We Don't Trust
The BBFC has re-iterated that its Age Verification certification scheme does not allow for personal data to be used for another purpose beyond age verification. In particular age verification should not be coupled with electronic wallets.

Presumably this is intended to prevent personal date identifying porn users to be dangerously stored in databases use for other purposes.

In passing, this suggests that there may be commercial issues as age verification systems for porn may not be reusable for age verification for social media usage or identity verification required for online gambling. I suspect that several AV providers are only interested in porn as a way to get established for social media age verification.

This BBFC warning may be of particular interest to users of the porn site xHamster. The preferred AV option for that website is the electronic wallet 1Account.

The BBFC write in a press release:

The Age-verification Regulator under the UK's Digital Economy Act, the British Board of Film Classification (BBFC), has advised age-verification providers that they will not be certified under the Age-verification Certificate (AVC) if they use a digital wallet in their solution.

The AVC is a voluntary, non-statutory scheme that has been designed specifically to ensure age-verification providers maintain high standards of privacy and data security. The AVC will ensure data minimisation, and that there is no handover of personal information used to verify an individual is over 18 between certified age-verification providers and commercial pornography services. The only data that should be shared between a certified AV provider and an adult website is a token or flag indicating that the consumer has either passed or failed age-verification.

Murray Perkins, Policy Director for the BBFC, said:

A consumer should be able to consider that their engagement with an age-verification provider is something temporary.

In order to preserve consumer confidence in age-verification and the AVC, it was not considered appropriate to allow certified AV providers to offer other services to consumers, for example by way of marketing or by the creation of a digital wallet. The AVC is necessarily robust in order to allow consumers a high level of confidence in the age-verification solutions they choose to use.

Accredited providers will be indicated by the BBFC's green AV symbol, which is what consumers should look out for. Details of the independent assessment will also be published on the BBFC's age-verification website, ageverificationregulator.com, so consumers can make an informed choice between age-verification providers.

The Standard for the AVC imposes limits on the use of data collected for the purpose of age-verification, and sets out requirements for data minimisation.

The AVC Standard has been developed by the BBFC and NCC Group - who are experts in cyber security and data protection - in cooperation with industry, with the support of government, including the National Cyber Security Centre and Chief Scientific Advisors, and in consultation with the Information Commissioner's Office. In order to be certified, AV Providers will undergo an on-site audit as well as a penetration test.

Further announcements will be made on AV Providers' certification under the scheme ahead of entry into force on July 15.

 

 

Offsite Article: How the U.K. Won't Keep Porn Away From Teens...


Link Here 4th May 2019
Full story: BBFC Internet Porn Censors...BBFC: Age Verification We Don't Trust
The New York Times takes a sceptical look at the upcoming porn censorship regime

See article from nytimes.com

 

 

Fundamentally flawed and not fit for purpose...

Well known security expert does a bit of a hatchet job on the BBFC Age Verification Certificate Standard


Link Here 27th April 2019
Full story: BBFC Internet Porn Censors...BBFC: Age Verification We Don't Trust

Starting with a little background into the authorship of the document under review. AVSecure CMO Steve Winyard told XBIZ:

The accreditation plan appears to have very strict rules and was crafted with significant input from various governmental bodies, including the DCMS (Department for Culture, Media & Sport), NCC Group plc (an expert security and audit firm), GCHQ (U.K. Intelligence and Security Agency), ICO (Information Commissioner's Office) and of course the BBFC.

But computer security expert Alec Muffett writes:

This is the document which is being proffered to protect the facts & details of _YOUR_ online #Porn viewing. Let's read it together!

What could possibly go wrong?

....

This document's approach to data protection is fundamentally flawed.

The (considerably) safer approach - one easier to certificate/validate/police - would be to say everything is forbidden except for upon for ; you would then allow vendors to appeal for exceptions under review.

It makes a few passes at pretending that this is what it's doing, but with subjective holes (green) that you can drive a truck through:

...

What we have here is a rehash of quite a lot of reasonable physical/operational security, business continuity & personnel security management thinking -- with digital stuff almost entirely punted.

It's better than #PAS1296 , but it's still not fit for purpose.

Read the full thread

 

 

Batman Returns...

Batman Returns reduced from 15 uncut to 12A uncut for 2019 cinema release


Link Here 27th April 2019
Batman Returns is a 1992 USA / UK action crime fantasy by Tim Burton.
Starring Michael Keaton, Danny DeVito and Michelle Pfeiffer. BBFC link IMDb

Cut by the BBFC for a 12 rated cinema release in 1992 and the follow up VHS. Less cut for 12 rated DVD in 2006. Then uncut for 15 rated Blu-ray in 2008 and finally rated 12A uncut for 2019 cinema release. Always uncut and MPAA PG-13 rated in the US.

Tick Small 12A Small UK: Passed 12A uncut for moderate violence, injury detail, sex references, threat, sexual threat ( 126:18s ) :
  • 2019 cinema release

Summary Notes

In the sewers of gotham city to the rooftops of the gotham city the penguin wants to know where he came from well in his villain ways catwoman plans to kill rich man of gotham max shreak but as he battles with millionaire Bruce Wayne both ladies men have their own secrets Bruce Wayne is back as Bat man trying to stop the penguin Max is helping penguin steal gotham city while selina Kyle/catwoman tries to help penguin not knowing her man murder target also her murder is helping him but all four men have their goals taking gotham from crime winning gotham city assassination for two men and more money to be gotham citys number one rich man.

 

 

 

Insight out of sight...

The BBFC tweaks its website


Link Here 26th April 2019
The BBFC has tweaked the look and feel of its website with a new bolder looking typeface set against a white background.

The BBFC has also corrected the previously slow starting search box that used to delete what you typed if you started before the form was ready.

Otherwise the  data presented seems to about the same as before, but I did spot one significant change. The short and long summaries of ratings issues in a film have been changed. They were previously referred to as BBFCInsight but are now labelled: Rating Info

Previously the BBFC has steered away form using the word 'rating' preferring to use the term 'classification'.

 

 

Brightburn...

The latest UK cinema release suffering BBFC advised category cuts for a 15 rating


Link Here 24th April 2019
Brightburn is a 2019 USA Sci-Fi horror thriller by David Yarovesky.
Starring Elizabeth Banks, David Denman and Matt Jones. BBFC link IMDb
Cut Small 15 Small UK: Passed 15 for strong gory injury detail, violence, language after BBFC advised pre-cuts ( 90:12s ) :
  • 2019 cinema release
The BBFC commented:
  • This film was originally seen for advice at which stage the company was informed it was likely to be classified 18 uncut but that their preferred 15 classification could be achieved by making reductions to two scenes featuring both strong gory images and a dwelling on the infliction of pain and injury. When the film was submitted for formal classification these scenes had been acceptably reduced.

For comparison in the US the film was rated R uncut for horror violence/bloody images, and language.

Summary Notes

What if a child from another world crash-landed on Earth, but instead of becoming a hero to mankind, he proved to be something far more sinister?

 

 

Is it safe?...

Does the BBFC AV kite mark mean that at age verification service is safe?


Link Here 22nd April 2019
Full story: BBFC Internet Porn Censors...BBFC: Age Verification We Don't Trust
The BBFC has published a detailed standard for age verifiers to get tested against to obtain a green AV kite mark aiming to convince users that their identity data and porn browsing history is safe.

I have read through the document and conclude that it is indeed a rigorous standard that I guess will be pretty tough for companies to obtain. I would say it would be almost impossible for a small or even medium size website to achieve the standard and more or less means that using an age verification service is mandatory.

The standard has lots of good stuff about physical security of data and vetting of staff access to the data.

Age verifier AVSecure commented:

We received the final documents and terms for the BBFC certification scheme for age verification providers last Friday. This has had significant input from various Government bodies including DCMS (Dept for Culture, Media & Sport), NCC Group plc (expert security and audit firm), GCHQ (UK Intelligence & Security Agency) ICO (Information Commissioner's Office) and of course the BBFC (the regulator).

The scheme appears to have very strict rules.

It is a multi-disciplined scheme which includes penetration testing, full and detailed audits, operational procedures over and above GDPR and the DPA 2018 (Data Protection Act). There are onerous reporting obligations with inspection rights attached. It is also a very costly scheme when compared to other quality standard schemes, again perhaps designed to deter the faint of heart or shallow of pocket.

Consumers will likely be advised against using any systems or methods where the prominent green AV accreditation kitemark symbol is not displayed.

 

But will the age verifier be logging your ID data and browsing history?

And the answer is very hard to pin down from the document. At first read it suggests that minimal data will be retained, but a more sceptical read, connecting a few paragraphs together suggests that the verifier will be required to keep extensive records about the users porn activity.

Maybe this is a reflection of a recent change of heart. Comments from AVSecure suggested that the BBFC/Government originally mandated a log of user activity but recently decided that keeping a log or not is down to the age verifier.

As an example of the rather evasive requirements:

8.5.9 Physical Location

Personal data relating to the physical location of a user shall not be collected as part of the age-verification process unless required for fraud prevention and detection. Personal data relating to the physical location of a user shall only be retained for as long as required for fraud prevention and detection.

Here it sounds like keeping tabs on location is optional, but another paragraph suggest otherwise: 

8.4.14 Fraud Prevention and Detection

Real-time intelligent monitoring and fraud prevention and detection systems shall be used for age-verification checks completed by the age-verification provider.

Now it seems that the fraud prevention is mandatory, and so a location record is mandatory after all.

Also the use off the phrase only be retained for as long as required for fraud prevention and detection. seems a little misleading too, as in reality fraud prevention will be required for as long as the customer keeps on using it. This may as well be forever.

There are other statements that sound good at first read, but don't really offer anything substantial:

8.5.6 Data Minimisation

Only the minimum amount of personal data required to verify a user's age shall be collected.

But if the minimum is to provide name and address + eg a drivers licence number or a credit card number then the minimum is actually pretty much all of it. In fact there are only the porn pass methods that offer any scope for 'truely minimal' data collection. Perhaps the minimal data also applies to the verified mobile phone method as although the phone company probably knows your identity, then maybe they won't need to pass it on to the age verifier.

 

What does the porn site get to know

The rare unequivocal and reassuring statement is

8.5.8 Sharing Results

Age-verification providers shall only share the result of an age-verification check (pass or fail) with the requesting website.

So it seems that identity details won't be passed to the websites themselves.

However the converse is not so clear:

8.5.6 Data Minimisation

Information about the requesting website that the user has visited shall not be collected against the user's activity.

Why add the phrase, against the user's activity. This is worded such that information about the requesting website could indeed be collected for another reason, fraud detection maybe.

Maybe the scope for an age verifier to maintain a complete log of porn viewing is limited more by the practical requirement for a website to record a successful age verification in a cookie such that the age verifier only gets to see one interaction with each website.

No doubt we shall soon find out whether the government wants a detailed log of porn viewed, as it  will be easy to spot if a website queries the age verifier for every film you watch.
 

Fraud Detection

And what about all this reference to fraud detection. Presumably the BBFC/Government is a little worried that passwords and accounts will be shared by enterprising kids. But on the other hand it may make life tricky for those using shared devices, or perhaps those who suddenly move from London to New York in an instant, when in fact this is totally normal for someone using a VPN on a PC.


Wrap up

The BBFC/Government have moved on a long way from the early days when the lawmakers created the law without any real protection for porn users and the BBFC first proposed that this could be rectified by asking porn companies to voluntarilyfollow 'best practice' in keeping people's data safe.

A definite improvement now, but I think I will stick to my VPN.

 

 

Smart phones only for porn viewing?...

VPNCompare reports a significant increase in website visitors in response to upcoming porn censorship. Meanwhile age verifications options announced so far for major websites seem to be apps only


Link Here 20th April 2019
Full story: BBFC Internet Porn Censors...BBFC: Age Verification We Don't Trust
VPNCompare is reporting that internet users in Britain are responding to the upcoming porn censorship regime by investigating the option to get a VPN so as to workaround most age verification requirements without handing over dangerous identity details.

VPNCompare says that the number of UK visitors to its website has increased by 55% since the start date of the censorship scheme was announced. The website also sated that Google searches for VPNs had trippled. Website editor, Christopher Seward told the Independent:

We saw a 55 per cent increase in UK visitors alone compared to the same period the previous day. As the start date for the new regime draws closer, we can expect this number to rise even further and the number of VPN users in the UK is likely to go through the roof.

The UK Government has completely failed to consider the fact that VPNs can be easily used to get around blocks such as these.

Whilst the immediate assumption is that porn viewers will reach for a VPN to avoid handing over dangerous identity information, there may be another reason to take out a VPN, a lack of choice of appropriate options for age validation.

3 companies run the 6 biggest adult websites. Mindgeek owns Pornhub, RedTube and Youporn. Then there is Xhamster and finally Xvideos and xnxx are connected.

Now Mindgeek has announced that it will partner with Portes Card for age verification, which has options for identity verification, giving a age verified mobile phone number, or else buying  a voucher in a shop and showing age ID to the shop keeper (which is hopefully not copied or recorded).

Meanwhile Xhamster has announced that it is partnering with 1Account which accepts a verified mobile phone, credit card, debit card, or UK drivers licence. It does not seem to have an option for anonymous verification beyond a phone being age verified without having to show ID.

Perhaps most interestingly is that both of these age verifiers are smart phone based apps. Perhaps the only option for people without a phone is to get a VPN. I also spotted that most age verification providers that I have looked at seem to be only interested in UK cards, drivers licences or passports. I'd have thought there may be legal issues in not accepting EU equivalents. But foreigners may also be in the situation of not being able to age verify and so need a VPN.

And of course the very fact that is no age verification option common to the major porn website then it may just turn out to be an awful lot simpler just to get a VPN.

 

 

Is it safe?...

Is your identity data and porn browsing history safe with an age verification service sporting a green BBFC AV badge?...Err...No!...


Link Here 19th April 2019
Full story: BBFC Internet Porn Censors...BBFC: Age Verification We Don't Trust
The Interrogator :

Is it safe?

The BBFC (on its Age Verification website)...err...no!...:

An assessment and accreditation under the AVC is not a guarantee that the age-verification provider and its solution (including its third party companies) comply with the relevant legislation and standards, or that all data is safe from malicious or criminal interference.

Accordingly the BBFC shall not be responsible for any losses, damages, liabilities or claims of whatever nature, direct or indirect, suffered by any age-verification provider, pornography services or consumers/ users of age-verification provider's services or pornography services or any other person as a result of their reliance on the fact that an age-verification provider has been assessed under the scheme and has obtained an Age-verification Certificate or otherwise in connection with the scheme.

 

1999   2000   2001   2002   2003   2004   2005   2006   2007   2008   2009   2010   2011   2012   2013   2014   2015   2016   2017   2018   2019   Latest  

melonfarmers icon
 

Top

Home

Index

Links

Email
 

UK

World

Media

Info

US
 

FilmCuts

Nutters

Liberty

Advertise
 


Cutting Edge

Shopping

Sex News

Sex+Shopping

UK Internet
 



Main Cuts:  A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y  

Sex  Cuts: A   B   C   D   E   F   G   H   I   J   K   L               S   T   U   V   W   X   Y   Z   0-9  

Latest Cuts

BBFC News

MPAA News

BBFC Guidelines

Website Ratings

Games Cuts
 

Daily UK Ratings

Weekly US Ratings

Weekly UK Adult Cuts

BBFC Cuts by Year

Cutting Edge


Banned: Cinema

Banned: Video

Banned: Recent

Banned: Self Censored

Banned: World
 

Video Nasties News

Video Nasties List

Section 3 Seizures List
 


List: Future Releases

List: Recent Releases

List Sex Releases

List Hardcore 18s
 

News Future DVD

News Hard 18s

List Books

Recommended by Nutters