The War on Porn Regular Updates about the Assault on The Adult Industry

There’s something quietly disturbing about discovering that a tool meant to help people wrestle with their most private habits accidentally left the blinds wide open. An app that claims to help users stop consuming pornography ended up exposing intensely sensitive personal data — the kind of stuff most people wouldn’t even admit to a close friend. Ages. Masturbation frequency. Emotional triggers. How porn makes them feel afterward. And tucked inside that data were a lot of minors, which makes your stomach drop a little when you really sit with it.

One user profile, for instance, listed their age as “14.” Their “frequency” showed porn use “several times a week,” sometimes up to three times a day. Their “triggers” were logged as “boredom” and “Sexual Urges.” The app had even assigned a “dependence score” and listed their “symptoms” as “Feeling unmotivated, lack of ambition to pursue goals, difficulty concentrating, poor memory or ‘brain fog.’” It reads less like analytics and more like a vulnerable diary entry — something that was supposed to stay locked away.

The app isn’t being named because the developer still hasn’t fixed the issue. The problem was uncovered by an independent security researcher who asked to remain anonymous. He first flagged it to the app’s creator back in September. The creator said he’d fix it quickly. That didn’t happen. The flaw comes from a misconfiguration in how the app uses Google Firebase, a popular mobile app development platform. By default, Firebase can make it surprisingly easy for anyone to become an “authenticated” user and access backend storage — the digital attic where all the private boxes tend to live if you’re not careful.

Overall, the researcher said he could access information belonging to more than 600,000 users of the porn-quitting app, with roughly 100,000 identifying as minors. That number lands heavy. It’s not abstract. It’s classrooms. It’s school buses. It’s kids who probably assumed they were talking into a void, not a wide-open window.

The app also invites users to write confessions about their habits. One of them read: “I just can’t do this man I honestly don’t know what to do know more, such a loser, I need serious help.” You can almost hear the frustration in that sentence — the messy spelling, the emotional spill. That’s not data. That’s a human having a rough night.

When reached by phone, the creator of the app said he had spoken with the researcher but claimed the app never exposed any user data due to a misconfigured Google Firebase. He suggested the researcher may have fabricated the data that was reviewed.

“There is no sensitive information exposed, that’s just not true,” the founder said. “These users are not in my database, so, like, I just don’t give this guy attention. I just think it’s a bit of a joke.”

When asked why he previously thanked the researcher for responsibly disclosing the misconfiguration and said he would rush to fix it, he wished me a good day and hung up. One of those conversations that ends abruptly, leaving a strange quiet buzzing in the room.

After the call, an account was created on the app. The researcher was then able to see that new account appear inside the misconfigured Google Firebase environment — confirmation that user information was still exposed and accessible. Sometimes reality has a way of answering arguments faster than any debate ever could.

This type of Google Firebase misconfiguration isn’t new. Security researchers have been talking about it for years, and it continues to surface today. It’s one of those problems that feels boring until it suddenly isn’t — until someone’s real life data is sitting out in the open.

Dan Guido, CEO of cybersecurity research and consulting firm Trail of Bits, said in an email that this Firebase issue is “a well known weakness” and easy to find. He recently noted on X that Trail of Bits was able to build a tool using Claude to scan for this vulnerability in just 30 minutes.

“If anyone is best positioned to implement guardrails at scale, it is Google/Firebase themselves. They can detect ‘open rules’ in a user’s account and warn loudly, block production configs, or require explicit acknowledgement,” he said. “Amazon has done this successfully for S3.” S3 is a cloud storage product from AWS that previously struggled with similar data exposure issues due to misconfigurations.

The researcher who uncovered the app’s vulnerability added that this insecure setup is often the default in Google Firebase. He also pointed a finger at Apple, arguing that apps should be reviewed for backend security issues before being allowed into the App Store.

“Apple will literally decline an app from the App Store if a button is two pixels too wide against their design guidelines, but they don’t, and they don’t check anything to do with the back end database security you can find online,” he said. It’s one of those comments that lands with an uncomfortable kind of truth — polished surfaces, shaky foundations.

Apple and Google did not respond to requests for comment.

And that’s the part that lingers. People trusted this app with their most awkward truths, their late-night regrets, their quiet attempts at self-control. Some of them were kids. They weren’t posting for an audience. They were whispering into what they thought was a locked room. Turns out the door was never really closed.

A new ban on VPNs could hit web users in the UK following a vote on a law change. And yeah, that sentence alone makes you pause for a second. It has that quiet, slightly unsettling “wait… what?” energy — the kind that sneaks up on you between inbox refreshes and half-finished cups of coffee. You don’t expect something as invisible and ordinary as a VPN to suddenly become headline material, yet here we are.

The House of Lords has now passed a vote which would, if approved by the government, see an amendment to a law which would ban under-18s from using a Virtual Private Network (VPN). On the surface it sounds tidy and well-intentioned. Underneath it, though, sits a tangle of questions about privacy, enforcement, and how much digital freedom anyone — especially young people — should actually have.

VPNs have increasingly been used in the UK since the Online Safety Act was put in place. Often used by employers to create a network to share resources, VPNs can also be used to spoof or hide your browsing location, thereby sidestepping geographical restrictions. A VPN is a system which connects somebody’s device – normally a computer or smartphone – to a server in a different location. This means that the websites that person visits cannot see their IP address. Think of it like slipping on a digital disguise — not to vanish completely, but to move through the internet without leaving your name tag on every door you open.

It is used by many people for privacy or getting around restrictions that websites put on who can visit a page. It can also be useful for allowing people to work from home and still access their workplace’s resources. I’ve leaned on a VPN more times than I can count while traveling or working remotely — one of those quiet tools you only notice when it breaks, or when someone suddenly tells you it might disappear.

Last week, a Conservative-led amendment in the House of Lords called for a change to the Children’s Wellbeing and Schools Bill following calls from campaigners including Hollywood star Hugh Grant. It’s one of those oddly modern moments where celebrity advocacy bumps into legislative machinery, and suddenly a policy debate has a familiar face attached to it.

Peers backed by 207 votes to 159, a ban on providing VPN services to children over concerns they can be used to bypass age verification restrictions on accessing adult content. The logic is straightforward enough: if age gates exist, lawmakers don’t want easy digital side doors around them.

Changes made by peers to the Bill will be considered by MPs during the process known as ping-pong, when legislation is batted between the Commons and Lords until agreement is reached. The name sounds playful, almost harmless. The outcomes, of course, rarely are.

Separately, in a heavy Government defeat, peers supported a ban on social media for under 16s too. That’s not a small add-on — that’s a tectonic shift in how young people would experience daily life online.

Supporters of the Australian-style ban have argued parents are in “an impossible position” with regard to the online harms their children are being exposed to. And honestly, that rings true. Anyone who’s watched a teenager scroll endlessly into the night knows the uneasy mix of concern, resignation, and quiet panic that can creep in.

Technology Secretary Liz Kendall announced a three-month consultation this week, which will consider the advantages and disadvantages of a ban, as well as possible overnight curfews and actions to prevent “doom-scrolling”, before reporting back in the summer. It sounds like a collective deep breath — gather the facts, test the ideas, try not to rush into something that reshapes daily habits for millions of families.

However, Tory former schools minister Lord Nash, who has spearheaded calls for a ban, argued the late concession simply represented more delay. You can almost hear the frustration between the lines, the sense that patience has already been exhausted.

He said: “The Government’s consultation is, in my view, unnecessary, misconceived and clearly a last-minute attempt to kick this can down the road.”

Proposing an amendment to the Children’s Wellbeing and Schools Bill, the Conservative peer told the upper chamber: “Many teenagers are spending long hours – five, six, seven or more a day – on social media.

“The evidence is now overwhelming as to the damage that this is causing.

“We have long passed the point of correlation or causation. There is now so much evidence from across the world that it is clear that by every measure, health, cognitive ability, educational attainment, crime, economic productivity, children are being harmed.”

He added: “This is going to happen. The only question is when. We have the opportunity to do it now in this Bill, and every day which passes, more damage is being done to children. We must act now.”

A Government spokesperson said: “We will take action to give children a healthier relationship with mobile phones and social media.

“It is important we get this right, which is why we have launched a consultation and will work with experts, parents and young people to ensure we take the best approach, based on evidence.”

And that’s the uneasy tension humming beneath all of this. Everyone wants kids safer online — that part isn’t controversial. But once you start tightening the screws on tools like VPNs and access itself, you’re not just nudging behavior. You’re redefining privacy, autonomy, and who ultimately controls the shape of the internet inside everyday life. The line between protection and overreach gets thin fast.

Maybe this really is the moment lawmakers draw a harder boundary. Maybe it’s another long rally of legislative ping-pong before anything truly changes. Either way, it’s hard to shake the feeling that this debate isn’t really about VPNs at all. It’s about who gets to decide how much freedom we’re willing to quietly trade away — and whether safety, once promised, ever really knows when to stop.

Something strange is about to happen when a curious UK user types a familiar orange-and-black URL into their browser after Feb. 2. Instead of the usual scroll-and-click routine, the door quietly closes — unless they already built a verified account before the cutoff. Aylo, the parent company behind Pornhub and several other free platforms, says new UK visitors won’t be getting in.

Aylo explained in a statement, “New users in the UK will no longer be able to access Aylo’s content sharing platforms, including Pornhub, YouPorn, and Redtube. UK users who have verified their age will retain access through their existing accounts.”

During a press conference, Aylo VP of Brand and Community Alexzandra Kekesi clarified that anyone who already completed the age verification process — which requires creating an account — will still have access to Pornhub and Aylo’s other free sites. What won’t exist anymore is the on-ramp. No new accounts will be allowed after Feb. 2.

“You will have to use credentials to log in and access your account,” Kekesi said. “Anyone who has not gone through that process prior to February will be redirected elsewhere. Their journey on our platform will start and end there.”

Back in June 2025, Aylo had rolled out age assurance tools designed to meet government requirements under the UK’s Online Safety Act. At the time, Kekesi even praised Ofcom’s framework, calling it “the most robust in terms of actual and meaningful protection we’ve seen to date.” There was cautious optimism then — the kind you get when a system feels imperfect but workable.

That optimism has faded. At Tuesday’s press conference, Kekesi said Aylo now views the OSA as fundamentally broken. Sites remain “very accessible” to minors, she said, while traffic simply flows to noncompliant platforms that dodge enforcement altogether. Scale becomes a mirage. She also pointed out that most adult sites still don’t comply with the law, and warned that the system raises “considerable privacy issues” and exposes users to data breaches. It’s one of those uncomfortable moments where a rule meant to protect ends up creating new vulnerabilities.

“We can no longer participate in the flawed system that has been created in the UK as a result of the OSA,” Kekesi said.

Solomon Friedman, partner and VP for compliance at Ethical Capital Partners — the firm that acquired MindGeek in 2023 and rebranded it as Aylo — took a more hands-on approach during the briefing. From a UK IP address, he searched “free porn” to show how quickly unverified sites appear, even as Pornhub requires age verification. It was a simple demo, but the kind that lands like a thud.

“As new sites continue to pop up that are noncompliant, they simply repopulate and move higher in the Google ranking,” Friedman said.

He added that sites ignoring age assurance rules often ignore other safeguards as well — including measures meant to prevent CSAM and intimate image abuse. The problem doesn’t stay neatly contained in one policy lane.

“This law by its very nature is pushing adults and children alike to the cesspools of the internet,” Friedman warned.

In regions where Pornhub has already been forced to implement age verification, the platform has seen traffic drop by as much as 80%, as users chase free content elsewhere. Anyone who’s ever watched internet habits shift overnight knows how fast a crowd migrates when friction shows up.

Friedman stressed that Ofcom itself isn’t the villain in this story, saying the regulator has been acting in good faith, consulting with industry stakeholders and taking enforcement seriously.

“You have a dedicated regulator working in good faith,” he said. “But unfortunately, the law they are operating under cannot possibly succeed.”

He returned to a position Aylo has been repeating for some time: the only realistic way to keep minors away from adult content is device-level age assurance, not site-by-site gates.

“Microsoft, Apple and Google all have very robust built-in parental controls,” he pointed out. “Those are device-based controls that operate regardless of whether or not the site that is being accessed is compliant. The only thing needed is a mandate that these controls be activated by default.”

Right now, he noted, those protections are still “opt-in, not opt-out.” In other words, they exist — but only if someone actively turns them on. Human nature being what it is, that’s a fragile bet.

Friedman demonstrated how device-level tools like Google’s SafeSearch can block access to adult content even when a VPN is in use, and urged major tech companies to “do the right thing proactively” or risk being “forced to do the right thing by government.”

When asked whether shifting responsibility to big tech simply pushes the problem onto someone else, Friedman framed it as a question of what actually works in the real world.

“This is not a matter of shifting responsibility to anyone,” Friedman said. “When access is controlled at the device level, it’s efficient, it’s effective, it’s privacy-preserving, it gets the job done. It just works.

“Human behavior is why these laws are failing,” Friedman added. “Legislate not contrary to human behavior, but consistent with human behavior online — and that is at the device level.”

A company representative also confirmed that outside the UK, Aylo still plans to participate in the European Commission’s pilot program for its “white label” age verification app — a reminder that this debate isn’t settling anytime soon. If anything, it’s just changing shape, like water finding the next crack in the pavement.

Ah, Arizona – my home state. Famous for the geological splendor of the Grand Canyon, the ancient beauty of the Petrified Forest, the marvel of engineering that is the Hoover Dam – and some of the dumbest legislative proposals ever to see the light of day.

Right about seven years ago, an Arizona State Senator proposed to tax porn to fund the construction of a wall on our southern border. Thankfully, that bill died on the vine, deemed a non-starter even by a legislature that once seriously toyed with the notion of making it illegal to “offend or annoy” people using an “electronic or digital device.”

Here’s hoping that HB 2900, one of the latest brain farts to emanate from the state’s socially conservative corner, meets the same fate as some of its even dumber predecessors, never making it to the floor for a full vote. Because, while I’d like to say I’m confident the bill would wither under court scrutiny if it made it all the way to being signed by the state’s current governor (a doubtful proposition, itself), who the hell knows anymore?

The ‘good news’ about HB 2900, if there is any, is that the bill at least wouldn’t make it a crime punishable by prison time to make or sell porn in the state. It would merely make it prohibitively expensive to do so and potentially ruinous for any business charged with having the temerity to sell porn to those who wish to watch it, through its onerous fines of up to $10,000 per day (and $10,000 per instance).

Oh, and it’s not just the attorney general who could bring action against those who run afoul of the law; the state’s private citizens could get in on the act, as well. I can just imagine how enthusiastic the state’s judiciary must be about the prospect of hearing dozens of lawsuits with titles like Johnson v. Hustler or Peters v. Pornhub because clearly these judges have nothing better or more important to do than sit in a courtroom and hear testimony about how pornographers are ruining the state almost as surely as the undocumented immigrants who handle everyone’s landscaping and roofing needs.

Look, I get it: A lot of people in Arizona (and elsewhere) don’t approve of porn and several of those people are highly religious and socially conservative folks who also happen to hold seats in the state’s legislature. I happen to be an atheist, but you don’t see me going around advocating for suing people for proselytizing, or banning sale of the Bible, or (shudder) running for office so I can attempt to impose my libertine values on the rest of my fellow citizens under the color of state law.

As I mentioned earlier, one small silver lining in the heaping pile of shitty cloud that is HB 2900 is this bit of limiting construction: “This section does not…Impose civil liability on an individual solely for the private possession, private viewing or private receipt of pornography.” But this stipulation raises questions for me, too.

If porn is so awful, morally ruinous and threatening that legislature must take measures to dissuade businesses from making and selling porn in Arizona, why would the legislature allow people to freely possess and view it? Or, to position the same sort of question in reverse, if it’s OK to posses and watch porn, why are this bill’s sponsors so eager to punish the people who make it possible for the state’s citizens to possess and view it?

Also, if this bill is limited to “commercial entities,” as it appears to be, does that mean I can film and distribute porn in Arizona, so long as I don’t charge anything for my product? Can I now finally fulfill my lifelong dream of being a mass porn donor?

Ideally, I will never have occasion to learn the answers to any of the above questions because HB 2900 quietly slips into the dustbin of history, alongside its wall-funding and anti-annoyance predecessors. I suppose we’ll know soon enough, as the Arizona legislature will close its current session sometime this summer.

WASHINGTON—There’s something oddly quiet about a room that’s supposed to be filled with experts. You can almost hear the missing voices echo. That’s the feeling hanging over the Federal Trade Commission’s upcoming expert panel on age verification and its federal implications — a conversation that, on paper, looks serious and important, but somehow feels strangely incomplete.

Taking place at the Constitution Center, 400 7th St SW, Washington, D.C. 20024, on January 28, the panel will feature experts in age verification and online child safety, including representatives from organizations that have been openly critical of existing age verification proposals currently before Congress.

Glaringly, no companies or stakeholders from the adult entertainment industry or adjacent sectors were invited to sit on the panel.

Juliana Gruenwald Henderson, deputy director of the FTC’s Office of Public Affairs, declined to elaborate on why the panelists don’t include adult industry stakeholders, such as the Free Speech Coalition. She simply said in an email, “No comment.” It’s the kind of answer that lands with a thud — short, closed, and oddly loud in its silence — and it inevitably raises the question of whether bias is at play.

An anonymous source at the FTC confirmed that the decision not to involve adult industry firms was due to bias.

Further speculation only grows when key stakeholder groups share that the adult industry was iced out of planning and programming for the panels tied to the FTC event. That kind of exclusion has a way of shaping outcomes before the first microphone is even turned on.

A spokesperson for the Free Speech Coalition confirmed that the FTC never reached out to senior leadership at the coalition for input or to appear on Jan. 28. Not even a courtesy call. Nothing.

Expanding on the concerns of bias at the FTC, First Amendment attorney Corey Silverstein said in a text that the agency’s behavior in this situation doesn’t exactly come as a shock.

“This is a long-expected and goes hand in hand with the eventual federal age verification law,” Silverstein warned. “The FTC will be tasked with being the enforcement arm for federal age verification, and they want to be ready to hit the ground running.”

“I have no doubt that the FTC wants to determine for themselves which age verification technologies and providers they will deem acceptable,” he added.

Panelists named include several experts connected to organizations that have actively lobbied for age verification laws under the banner of “protecting minors.” That phrasing always sounds comforting — who could possibly argue with protecting kids? — but the motivations and downstream effects tend to get a lot messier once you zoom out.

For example, Clare Morell sits on a panel session called “Navigating the Regulatory Maze of Age Verification.” Morell is a fellow at the Ethics & Public Policy Center.

The center played a central role in Project 2025, an effort organized by the conservative Heritage Foundation. Project 2025 — tied to the administration of President Donald Trump — has openly pushed proposals aimed at banning pornography and revoking First Amendment protections for the category altogether. That context matters, even if it sometimes gets tucked quietly into the footnotes of policy discussions.

Also featured on the panel is Iain Corby, executive director of the Age Verification Providers Association (AVPA). Corby has long been a divisive figure in the adult industry space. He’s publicly supported free expression for adult companies — yet frequently aligns himself with anti-pornography groups. It’s the kind of tightrope act that leaves both sides uneasy.

Some stakeholders on the FTC panel include state-level regulators and lawmakers. For instance, Katherine Haas, director of the Utah Department of Commerce Consumer Protection Division, will speak on the same panel. Haas played a key role in the FTC complaint that was later settled against Aylo, the parent company of Pornhub, which maintains a U.S. headquarters in Austin, Texas, and operational hubs in California, primarily Los Angeles and San Diego.

Last September, Aylo reached a $5 million settlement with the FTC and the State of Utah tied to CSAM allegations stemming from compliance issues that predated the company’s acquisition by Ottawa-based private equity firm Ethical Capital Partners. Aylo did not respond to a request for comment on whether the company had been invited to speak on the FTC panel. It’s also worth noting that the only other stakeholders involved appear to be representatives from major technology firms and trade organizations, including officials from Google, Meta Platforms (Facebook and Instagram), Apple, and age verification companies such as industry heavyweight Yoti.

One expert, however, stands out from the rest of the lineup: Jennifer Huddleston, a technology fellow at the libertarian-leaning, free-market Cato Institute in Washington, D.C. True to the organization’s long-standing commitment to the First Amendment, Huddleston has openly raised concerns about age verification and the quiet social contract we’re being asked to sign — trusting massive corporations with deeply sensitive personal data just to exist online.

“There are broader debates about how to encourage the potentially beneficial uses of technology while protecting kids and teens from potential harms, but an approach that would require all users to verify their age or identity when logging on not only fails to resolve the concerns about kids’ and teens’ technology use but also creates a range of pitfalls related to privacy and speech for users of all ages,” Huddleston wrote in a 2025 op-ed for the Dallas Morning News.

And that’s the tension humming underneath this entire event: protection versus privacy, safety versus speech, certainty versus the uncomfortable gray areas we’d rather not sit with. When certain voices never make it into the room, the conversation doesn’t just become narrower — it risks becoming rehearsed. Sometimes the loudest warning isn’t shouted at all. It’s the silence you can’t quite ignore.

PHOENIX — There’s something jarring about waking up to the idea that an entire category of human expression could suddenly become illegal. Not regulated. Not filtered. Not nudged behind another age-gate wall. Just… gone. That’s the direction Arizona may be staring down after a member of the state House introduced a bill Wednesday that would make it illegal to produce or distribute adult content anywhere in the state.

Republican Rep. Khyl Powell’s HB 2900 would impose civil penalties for producing, publishing, selling, offering for sale, or commercially distributing pornography in Arizona, including via websites or digital services. It’s written in that broad, sweeping legislative language that always makes me pause — the kind that doesn’t just touch the margins, but tries to redraw the whole map.

The bill allows for civil penalties of up to $10,000 per violation, or per day in violation of the law. While the bill assigns enforcement to the state attorney general, it also allows private individuals to pursue civil action “in the name of” Arizona, in cases where the attorney general does not do so first. That little clause is the one that tends to keep lawyers up at night — the quiet invitation for citizens to become enforcers, neighbors to become watchdogs, and courtrooms to become battlegrounds.

Arizona already has an age verification law on the books, which took effect Sept. 26. But a total ban? That’s a different animal entirely. It bumps straight into long-standing legal precedent recognizing adult content as protected speech under the First Amendment. You can almost hear the constitutional gears grinding as soon as the idea hits the page.

Still, the push to ban adult content hasn’t come out of nowhere. Over the past year, it’s been popping up like political whack-a-mole across the country. In January 2025, an Oklahoma state senator introduced a bill that would criminalize all adult content and authorize the state to imprison those who create or even view it. In May, Republican Senator Mike Lee of Utah rolled out federal legislation aimed at redefining nearly all visual depictions of sex as obscene and therefore illegal — a goal also laid out in the Heritage Foundation’s Project 2025 policy blueprint, which has heavily guided the Trump administration’s agenda. Then in September, Michigan lawmakers floated a bill that would ban distributing pornography online in that state and require internet service providers to install filtering technology to block access for residents. It starts to feel less like coincidence and more like a coordinated drumbeat.

So far, though, reality has had a way of slowing the march. All three of those proposals appear to have stalled in their respective legislatures. HB 2900 has now been referred to the Arizona House Commerce and Rules committees, where it will either gather momentum — or quietly fade into the familiar legislative limbo. Either way, the bigger question lingers in the air: how far can lawmakers push before the Constitution pushes back? Sometimes the laws we propose say just as much about our fears as they do about our values.

Add Congressman Jimmy Patronis (R-Fla.) to the list of elected officials hellbent on repealing Section 230 of the Communications Decency Act.

In a press release issued January 14^th, Patronis celebrated his introduction of H.R. 7045, AKA the “Promoting Responsible Online Technology and Ensuring Consumer Trust” (PROTECT) Act.

The argument Patronis made in support of his proposal is a well-worn one, rooted in the notion that Section 230 is enabling evil tech platforms to ruin America’s children by shielding them from liability for things published by third parties on those platforms.

“As a father of two young boys, I refuse to stand by while Big Tech poisons our kids without consequence,” Patronis said. “This is the only industry in America that can knowingly harm children, some with deadly consequences, and walk away without responsibility. Big Tech is digital fentanyl that is slowly killing our kids, pushing parents to the sidelines, acting as therapists, and replacing relationships with our family and friends. This must stop.”

There’s a reasonable argument to be had about whether the courts have extended Section 230’s coverage too far in some cases, but to hear people like Patronis tell it, the statute’s safe harbor provision allows “Big Tech” to do anything it pleases with total impunity.

“These companies design their platforms to hook children, exploit their vulnerability, and keep them scrolling no matter the cost,” Patronis added. “When children are told by an algorithm, or a chatbot, that the world would be better without them, and no one is being held responsible, something is deeply broken. I bet they would actually self-police their sticky apps and technologies if they knew they would have to pay big without the Big Tech Liability Protection of Section 230.”

In his press release, Patronis claims that “Section 230 shields social media companies and other online platforms from liability for content published on their sites.” This claim is a half-truth, at best. Section 230 shields social media companies from liability for content published by others on their sites. That’s an important distinction, not a distinction without a difference.

Let’s try a thought experiment here: Let’s suppose you’re a congressman whose website permits users to post comments in response to things you post on the site. Let’s further suppose one of your site’s users decides to post something defamatory about another of your colleagues. Would you want to be held directly liable for that comment? How about if instead of something defamatory, the user posted something patently illegal, like an image of a child being sexually abused; is Patronis saying my hypothetical congressman ought to go to prison in that scenario?

There are many reasons why groups like the Computer and Communications Industry Association (CCIA) are against the repeal of Section 230 – and yes, one of those reasons is that the CCIA is funded by everyone’s current favorite boogeyman, Big Tech. Another more important reason is the people behind the CCIA can see where this is all heading, if Section 230 is outright repealed and no safe harbor at all is provided for those who offer forums in which users can publish their content and comments.

“In the absence of Section 230, digital services hosting user-created content, including everything from online reviews to posts on social media, would risk constant litigation,” the CCIA asserted in an analysis published January 12^th. “Continuing to provide services optimized for user experience would require massively increased legal expenses.”

How massively would those legal expenses increase? The CCIA said, given the sheer volume of user-generated posts published in a year, if “just one post or comment in a million led to a lawsuit, digital services could face over 1.1 million lawsuits per year following a Section 230 repeal.”

“A single lawsuit reaching discovery typically costs over $100K in fees, and sometimes much more,” CCIA correctly noted. “If companies face 1.1 million lawsuits, that’s $110 billion in legal costs annually.”

I suppose those who say Big Tech is the devil (while using the platforms enabled by Big Tech to say so) might think this is a good thing, I’m not sure they’ve thought this all the way through. If social media platforms can’t operate due to overwhelming legal costs, we lose all the good things about social media, too – not to mention a whole lot of jobs when those platforms inevitably go out of business.

From the perspective of the adult industry and those who enjoy adult entertainment, repealing Section 230 would likely spell the end of platforms allowing adult content creators to post self-produced content, as well. What platform would want to risk being held strictly liable for anything and everything depicted in the videos and photos adult creators produce? It would be absolute madness for platforms like OnlyFans and its competitors to maintain their current business model in the absence of Section 230 safe harbor.

Again, for those who think porn should be abolished, that development might be seen as a feature and not a bug where the idea of repealing Section 230 is concerned. But extend that same outcome to some platform they DO like – YouTube, TikTok, Facebook, Instagram, X or what have you – and they might not like the collapse quite as much.

From where I sit, the idea of repealing Section 230 should be accompanied by that old standby of a warning: “Be careful what you wish for, because you might just get it.”

It starts with that familiar little jolt in the gut — the kind you get when a political idea lands a little too close to home. WASHINGTON — Rep. Jimmy Patronis of Florida has become the latest member of Congress to float legislation that would repeal Section 230 of the Communications Decency Act, the rule that shields interactive computer services — including adult platforms — from being held responsible for user-generated content. One of those moments where you pause mid-scroll and think, Oh… this could get interesting. Or messy. Or both.

Patronis introduced HR 7045 in the House of Representatives earlier this week, slipping it into the legislative bloodstream where big ideas tend to either explode or quietly mutate over time. Sometimes you can almost hear the gears grinding behind the scenes.

A statement posted on his website declared, “For too long, the law has prevented parties harmed by online content from obtaining relief. Instead of protecting our younger generations from sensitive content, these sites prioritize profit over safety while continuing to push out harmful, explicit, and dangerous materials without any accountability.” Strong words, the kind that land heavy and don’t really leave much room for nuance.

Would-be reformers on both sides of the aisle have been taking swings at “Big Tech” for years now, accusing platforms of profiting off illegal and harmful content while hiding behind legal shields. The idea is to force companies to moderate more aggressively by making them legally responsible for what users post. Meanwhile, right-wing critics argue the same rule lets platforms censor conservative voices, and they want limits placed on how much moderation power these companies can wield. It’s like watching two very different fires being fueled by the same match.

Back in December, two other repeal bills were already making their way through Congress: HR 6746, the Sunset to Reform Section 230 Act, which would amend the law by simply adding, “This section shall have no force or effect after December 31, 2026,” and S 3546, which calls for a full repeal of Section 230 two years after enactment. The clock imagery alone makes you feel like something is quietly counting down in the background.

Industry attorneys and advocates, though, have been sounding alarms. They worry that once lawmakers start tinkering with Section 230, it opens the door to a patchwork of carve-outs — the kind that slowly chip away at protections, much like what happened with FOSTA/SESTA and its exemptions targeting sites that “unlawfully promote and facilitate” prostitution or sex trafficking. It’s rarely just one small change, is it? It’s the domino effect.

A carve-out aimed at — or even loosely touching — the adult industry would effectively gut Section 230 for those platforms. That would suddenly make sites hosting user-generated content legally responsible for what users upload, inviting a flood of civil lawsuits and uncertainty. And once that door cracks open, it’s hard not to wonder how wide it eventually swings.

Fifty percent. Just saying it out loud makes your eyebrows climb a little. Half of someone’s income — gone in the name of morality, politics, and a campaign soundbite. That’s the idea a Florida gubernatorial candidate tossed into the air this week, announcing plans to slap a 50 percent “sin” tax on OnlyFans creators if he wins in November.

James Fishback, an investor and a member of a far-right wing of the Republican Party, floated the proposal during an interview on a right-wing podcast called NXR Studios, released earlier this week. It wasn’t exactly whispered. It landed with the kind of confidence that suggests he wanted people arguing about it before the episode even finished buffering.

During the interview, Fishback framed the tax as punishment for what he called the “sin” of being an online sex worker, arguing that content creators on OnlyFans should be paying a special levy for existing in that space.

“As Florida governor, in year one, I would push for the first-of-its-kind OnlyFans sin tax,” Fishback said during the interview. “If you are a so-called OnlyFans creator in Florida, you are going to pay 50 percent to the state on whatever you so-called earn via that online degeneracy platform.”

He went on to say that part of the revenue from the proposed tax would be used to fund a “czar” for men’s mental health. Fishback explained, “Men have been told for far too long that they are guilty of masculinity, that they are guilty of all of society’s ills.” It’s one of those lines that sounds designed to travel fast on social media, whether people cheer or cringe.

Additional funds, he said, would also support education and religious nonprofit “crisis pregnancy centers” that aim to discourage women from having abortions. The list of beneficiaries reads like a snapshot of his political priorities.

In what felt very much like a social media provocation, Fishback later posted about the proposal on X, reposting another user who highlighted the idea of an OnlyFans tax. He didn’t stop there.

He tagged popular Miami-based OnlyFans creator Sophie Rain and wrote, “Hey Sophie Rain, Pay up or quit OnlyFans. As Florida Governor, I will not allow a generation of smart and capable young women to sell their bodies online.” Rain, known for her viral presence and softcore content, fired back shortly after.

“

There’s a certain tension in rooms like this — the kind where lawmakers sit around long tables, coffee going cold, talking about the internet as if it were a living thing that keeps slipping out of their hands. That mood hovered in the air Wednesday as Ireland’s Joint Committee on Arts, Media, Communications, Culture and Sport gathered to wrestle with online platform regulation and digital safety, including renewed calls for tougher age verification rules for adult sites.

In a written statement submitted ahead of the session, Detective Chief Superintendent Barry Walsh, who leads the Garda National Cyber Crime Bureau, didn’t mince words about what he described as “the widespread and unrestricted availability of pornography.”

“As an overarching observation, it is difficult to understand why robust age verification is not yet a standard operating procedure in respect of any platform where pornography or other child inappropriate content is either readily accessible or where there is a realistic danger that it could be accessed,” Walsh argued. “This would appear to represent a very simple, yet robust, safeguard.”

He went further, pointing to what he called “very extreme pornography that is serving to corrupt teenage males in particular into regarding this as normal, acceptable sexual behavior to be expressed in practice” — language that mirrors recent arguments from U.K. lawmakers who’ve pushed to outlaw depictions of “choking” in adult content. It’s the kind of claim that lands heavy in a room, even if everyone hears it differently depending on where they’re standing.

Ireland already has an Online Safety Code, which took effect in July 2025 and includes a requirement that adult sites headquartered in the country implement age assurance measures. On paper, at least, the framework is already there.

Sites based outside Ireland aren’t off the hook either. They fall under the European Union’s Digital Services Act (DSA), with digital service coordinators across member states working together to enforce rules, including age assurance obligations. It’s a bit like a cross-border relay race — everyone’s running, but the baton keeps moving.

The European Commission has already launched formal proceedings against several adult sites for suspected DSA breaches, though the spotlight has largely been on higher-traffic platforms so far.

In December, however, a representative from Irish media regulator Coimisiún na Meán told legislators that regulators across the EU were preparing to widen enforcement to include smaller adult sites as well. Some Irish lawmakers reportedly pushed for even tougher age verification laws, pointing to France’s Law Aiming to Secure and Regulate the Digital Space (SREN) as a possible template.

That sentiment surfaced again during Wednesday’s meeting when Senator Rónán Mullen doubled down, telling fellow committee members: “Strict age verification is necessary to shield children from the harmful effects of pornography.”

“That’s the only thing that has worked,” Mullen said. “Look at certain states in the USA where, with bipartisan support, pornography providers have gone offline because they were civilly or criminally liable if they did not ensure strict age verification.”

His argument echoes a familiar line from U.S. lawmakers who often point to site withdrawals as proof that these laws are “effective” or “working” — a claim that quietly assumes the real goal is stopping everyone from accessing adult content, not just minors. It’s one of those uncomfortable subtexts nobody quite says out loud, but you can feel it humming under the conversation.

Not everyone in the room was convinced the strategy holds up in the real world. Deputy Peter Cleere raised the practical problem of virtual private networks, which can make age verification systems easy to sidestep.

“It makes a mockery of all the regulations we want to put in place,” Cleere said. “We’re going in circles.”

And maybe that’s the lingering question — are these policies actually building safer digital spaces, or are they just drawing tighter circles around a problem that keeps slipping through the cracks?