profile

A Verification Alternative

Frederick Lane
On July 3, 1995, a Time magazine cover featured a green-faced boy, eyes agog, staring at a computer screen with a huge caption that blared, "On a Screen Near You: Cyberporn." The article caused an instant uproar across the country, but nowhere was the reaction more intense than in Washington.

Sen. Charles Grassley, R-Iowa, had the article reprinted in the Congressional Register, and less than six months later, Congress adopted the Communications Decency Act, which made the transmission of "indecent" materials a felony.

The Time magazine article was widely debunked for its reliance on flawed science, and the CDA was unanimously rejected 18 months later by the U.S. Supreme Court as unconstitutional. Nonetheless, Congress has repeatedly adopted legislation aimed at limiting children's access to sexually explicit materials.

With just one exception — the Child Internet Protection Act — the federal courts have rejected such legislation on the grounds that it is unconstitutional for Congress to limit adult access to materials, even if the end goal is to protect children.

The best alternative so far — as set out in the still-pending Child Online Protection Act — is the requirement that adult material be hidden behind a credit card screen. But since teens are now being offered credit cards, it is an imperfect solution and one that credit card companies have strenuously protested. Also, such legislation has thus far failed to address the issue of adults using youth-oriented websites and chatrooms to prey on children.

The answer to Congress's dilemma may lie in a new type of digital technology. Shmuel Levin, an electrical engineer with experience in artificial limbs and the founder of an Israeli technology company called i-Mature, has developed an ultrasonic device that can measure the structure of a bone in a person's hand — specifically, the proximal phalanx, the bone of the middle finger closest to the palm.

The information collected from the bone scan is transmitted to a computer that calculates the individual's likely age. According to i-Mature's U.S. patent application, the sonic scan gathers information about the degree of ossification of the proximal phalanx and compares it to the potential for further bone growth — the extent to which there is an "open" epiphyseal or growth plate at the end of the phalanx. The application goes on to claim that the epiphyseal plate in the phalanx first opens around age 12 and generally closes by age 18. After age 18, only 2.5 percent of young adults still have an open epiphyseal plate.

As a result, i-Mature believes that it can accurately divide users of the device into three groups: elementary school children under age 13, high school-aged teens between 13 and 17 and adults over 17. i-Mature calls its classification process Age-Group Recognition.

In early February, i-Mature announced that it was entering into a joint research collaboration with RSA Security Inc. to blend "RSA Security's cryptographic expertise into the security architecture of i-Mature's innovative AGR technology and to explore the integration of that technology with user authentication systems."

According to a statement issued by RSA Security, "i-Mature has developed an innovative technology that can determine, through a simple biometric bone scanning test, whether a user is a child or an adult — and thereby control access to Internet sites and content. AGR technology could help prevent children from accessing adult Internet sites and prevents adults from accessing children's sites and chat rooms."

A Reuters reporter, Andy Sullivan, had the opportunity to test a prototype AGR device at the Congressional Internet Caucus tech fair on Feb. 9 and described it as "a metal device that looks sort of like a vise or a miniature lemon squeezer — it measures a segment of your middle finger when you make a fist." Sullivan added that the device "successfully identified me as over 18 years old."

In various media interviews since the invention's announcement, i-Mature's Levin has made it clear that AGR units are at least two years away from the market. The company hopes to develop units that are compatible not only with personal computers but also with a wide range of other electronic devices, including televisions, PDAs, cellphones, DVD players, etc. The company said that its target price for the AGR unit is $25.

Vin McLellan, a consultant to RSA Security, told the listserve "Interesting People" that he had been party to RSA discussions regarding the joint R&D agreement that RSA struck with i-Mature in the fall of 2004.

"The RSA/i-Mature agreement merely calls for RSA to offer its specialized expertise in secure architectural design and crypto implementation to the AGR development team as they explore the potential of their innovative breakthrough in biometric scanning and classification," McLellan wrote. "Predictably, RSA — best known for its commercial cryptography, its SecurID tokens, and its Identity and Access Management software — is also interested in exploring the long-term potential of this technology in both layered multi-factor authentication systems and innovative new authorization schemes which may not require proof of a user's legal identity."

Apart from the technical challenges of developing an effective technology, i-Mature faces the difficulty of crafting a technology that can play a practical role in today's legal climate. In particular, the company's claim that AGR can distinguish between adults and non-adults in the context of adult sites has been strongly questioned.

Bio-Markers
"It's very, very clear that there are bio-markers for age," said Herb Lin, a senior scientist at the National Research Council and a co-editor of the COPA Commission's report on Internet and pornography. "There's no question about it. The fact is, though, that nobody, not even [i-Mature], can detect a difference between someone who is 17 years and 364 days and someone who is 18 years and one day. But that makes a legal difference; the 18-year-old can access adult sites and the 17-year-old can't."

Lin was careful to point out that the AGR system may have some positive uses. He noted that one of the proposals by the company was that its technology could be used to create an "adult-free zone" on the Internet. "If they're trying to keep adults out of kid chat rooms, then fine. That's much more plausible," Lin said. "But are you not going to worry about kids who are 16?"

In its efforts to build market share, i-Mature will face the classic "chicken-and-egg" dilemma, critics predict. The device will only be effective for consumers if enough online sites make use of the data to distinguish between the various age groups. At the same time, however, online sites are going to be hesitant to require a "phalanx-up" from i-Mature if only a small number of consumers actually use the device.

Congress, of course, has a way of cutting through barnyard conundrums and could impose a statutory requirement that online sites check i-Mature data before either admitting or blocking adults, depending on the nature of the material on the site. That's essentially what Congress tried to do in the Child Online Protection Act, when it designated the requirement of a credit card as a defense to a "harmful to minors" charge. However, it is unlikely that even this Congress would be willing to demand the use of such fuzzy technology to enforce a bright line.

More Articles

opinion

Privacy Notices Shouldn’t Be Treated as an Afterthought

Corey D. Silverstein ·
opinion

Legal Issues Pop Up When Filming Sex in Public

Lawrence G. Walters ·
opinion

The Importance of Patents in the Sex Tech Industry

Maxine Lynn ·
trends

The European Legal Scene: Challenges, Opportunities in 2017

Stephen Yagielowicz ·
opinion

Will Your Business Need a Data Protection Officer?

Chad Anderson ·
opinion

A Legal Primer to Help Develop Explicit Brands Previously Off Limits

Lawrence G. Walters ·
opinion

Preventing Data Breaches Staves Off Big Legal Claims

Chad Anderson ·
opinion

Trademark Ruling a Victory for Adult Products, Services

Marc Randazza ·
opinion

Data Privacy Is Tightening Up in the E.U.

Chad Anderson ·
opinion

Preventing Legal Problems Before They Start

Corey D. Silverstein ·
Show More