The browsers don't support it because only a few major sites bother to send it. The issue here is not support by client software it is lack of participation. That could be fixed via legal mandate, no different than requiring ID checks or anything else.

Right now if you want to build out a filtering solution there's nothing to base it on. We could fix that via regulation and then filtering would just work.

> kids can get a computer/phone for $20 with no restrictions.

At that point ID checks are no good either. They can just visit a site from a different country that doesn't respect our legal framework or hop on tor or bittorrent or whatever else.

In fact when it comes to ID checks if you don't enable parental controls and filtering then they will be able to bypass it in the exact same way as above except using their regular device that you gave to them! No need to go purchase a new one!

So you're inevitably going to end up needing a client side filtering solution regardless. As I keep telling you, the solution you're gunning for here is strictly worse than content filtering based on mandatory headers.

> Except for crypto, I don't think I am familiar with any way to pay for something online without revealing my identity.

There are also virtual credit card services. Or gift cards (which you yourself mentioned earlier).

Of course anything shipped needs a name and address (and likely phone number) but there are plenty of services you can pay for that don't involve shipping a physical item.

> That's not some fundamental right of theirs.

Never said or even implied that to be the case. I think I've been pretty clear that I see it as a threat to privacy, that I don't personally want it, and that I don't think it's the best (or even a particularly good) solution for the stated problems.

It's bizarre to me. You are putting all this effort towards advocating for new regulation that would require a change to how services operate. Simultaneously you argue against a less intrusive solution on the basis that no one currently does it. For some reason everyone can start checking IDs but sending a header is a bridge too far? It's inconsistent.

> They can just visit a site from a different country that doesn't respect our legal framework

That's called noncompliance. This is why a simpler framework is better: do you demonstrably serve content to children in this jurisdiction illegally? Then you'll incur fines and a warrant here. Better not have revenue or visit here. And we could put the same liability on advertisers funding it so there's just no financial incentive for anyone.

Bittorrent is trivial to block, other countries are easy to block on your router, and it would be simple enough to just say running an open proxy incurs liability for anything you front if you obscure the originating location or allow international traffic. Again the basic principle is "are you providing access to the general public with no gating to restricted material?" In any case, obscure Russian forums you can access through Tor are an afterthought compared to e.g. Reddit, which hosts both Roblox forums and porn today with no wall between them.

Note also that provider liability doesn't mean we can't also have filtering. Liability just creates the correct incentives for providers to help ensure the solution actually works.

As far as virtual cards go, do they not still require payment information? Surely business don't want to deal with anonymous purchases since that's begging for fraud? In any case, service provider liability is still compatible here. I didn't say they need to check ID. Neither does e.g. the Texas law. It says someone needs to verify age. They can use a commercial service for it. The virtual card provider or gift card retailer could provide that service and assume or share liability.

I'm not even necessarily advocating for a new regulation. I'm saying recognize public indecency/lewd behavior for what it is, and ban things like gambling in children's games. Recognize that public websites with no access gates are public spaces and act accordingly. And yes I consider checking ID to be less intrusive than everyone supporting some header. I don't consider the former to be intrusive at all really. The latter is basically impossible if for no other reason than there are already billions of devices that don't. It's a fantasy non solution that basically amounts to "do nothing".

If liability with no prescription for a solution would lead to ID checks and not working with vendors to have working filters, that kind of reveals what we think would actually work.