Sending a header is unworkable because nothing obeys it, there are embedded browsers all over, and even if you mandated that every app/browser do so, kids can get a computer/phone for $20 with no restrictions.

There's no requirement for ID retention online either. In fact, unlike in person, it is banned. And a framework where you just say "you are liable for what you provide to children" actually allows for a site employee to briefly eyeball your ID or just look at you and decide you look old enough (though that doesn't really work with realtime video generation).

Record retention is a different question from checking. I think I and the actual relevant laws have been pretty clear that we should disallow that. No, we do not have anonymous cigarette vending machines (at least anywhere I've been in the US). They are always behind a counter with an ID check.

Except for crypto, I don't think I am familiar with any way to pay for something online without revealing my identity. I'm pretty sure 100% of online purchases I've made over the last 20 years have required name/address and usually phone number as part of payment details. Even with crypto, as far as I know common wisdom on darknet markets is (or was?) to use your real name/address as that's the least suspicious. I don't actually know a single place where you don't give that info to your counterparty. I can't imagine it's common.

What parental controls? As far as I know, Safari is the only modern browser that checks RTA headers (if it still does). There are no options for Chrome or more importantly Firefox, which is the only browser that's fit for purpose with malware blocking (especially for children). Similarly Android has no controls.

I don't see what part of being online makes it less practical to check ID. It seems more practical to me. It's just cheaper not to, and online businesses are big on avoiding labor. That's not some fundamental right of theirs.

The browsers don't support it because only a few major sites bother to send it. The issue here is not support by client software it is lack of participation. That could be fixed via legal mandate, no different than requiring ID checks or anything else.

Right now if you want to build out a filtering solution there's nothing to base it on. We could fix that via regulation and then filtering would just work.

> kids can get a computer/phone for $20 with no restrictions.

At that point ID checks are no good either. They can just visit a site from a different country that doesn't respect our legal framework or hop on tor or bittorrent or whatever else.

In fact when it comes to ID checks if you don't enable parental controls and filtering then they will be able to bypass it in the exact same way as above except using their regular device that you gave to them! No need to go purchase a new one!

So you're inevitably going to end up needing a client side filtering solution regardless. As I keep telling you, the solution you're gunning for here is strictly worse than content filtering based on mandatory headers.

> Except for crypto, I don't think I am familiar with any way to pay for something online without revealing my identity.

There are also virtual credit card services. Or gift cards (which you yourself mentioned earlier).

Of course anything shipped needs a name and address (and likely phone number) but there are plenty of services you can pay for that don't involve shipping a physical item.

> That's not some fundamental right of theirs.

Never said or even implied that to be the case. I think I've been pretty clear that I see it as a threat to privacy, that I don't personally want it, and that I don't think it's the best (or even a particularly good) solution for the stated problems.

It's bizarre to me. You are putting all this effort towards advocating for new regulation that would require a change to how services operate. Simultaneously you argue against a less intrusive solution on the basis that no one currently does it. For some reason everyone can start checking IDs but sending a header is a bridge too far? It's inconsistent.