> Practically speaking, that means that people and organisations running a Matrix server with open registration must verify the ages of users in countries which require it. Last summer we announced a series of changes to the terms and conditions of the Matrix.org homeserver instance, to ensure UK-based users are handled in alignment with the UK’s Online Safety Act (OSA).
At least you can self-host matrix and messages are end to end encrypted, unlike IRC.
> Practically speaking, that means that people and organisations running a Matrix server with open registration must verify the ages of users in countries which require it.
Practically speaking, I would just ignore this requirement. The UK government has no jurisdiction on this side of the pond.
You can try to self-host. Neither Synapse nor Dendrite is in a good state for running a server. I tried Dendrite for a while and it was always playing catchup to Synapse, despite being the supposed successor, and is now not even under development? I can't even tell what's going on over there.
Anyway, my main experience of Matrix is "failed to decrypt message". It's... not great. I wish it were better.
There are a few IRC clients that support OTR. irssi-otr is one [1] weechat-otr is another [2]. Pidgin though I have not used it in a very long time. Hexchat using an always work in progress plugin. There may be others.
OTR could use some updates to include modern ciphers similar to the recent work of OpenSSH but probably good enough for most people.
E2EE aside having chat split up into gazillions of self hosted instances makes it much harder for chat to be hoovered up all in one place. It takes more effort to target each person and that becomes a government scalability issue. Example effort: [3]
- notes left there for work, family organization, etc basically things for which an email is "too much" but a small scrap of text seen by some serve the purpose well
- calls, whether audio-only or audio + video
For social use, I see Lemmy or Nostr/Habla more than Matrix. But for all of this, there's a major lack of a single app that is easy go install-able, pip install-able, or cargo build-able without a gazillion dependencies and a thousand setup problems, to the point that most people just choose Docker, using stuff made by others that they know almost nothing about because setting up and maintaining these solutions is just too complex.
IRC is also most commonly used for open servers where anyone can join whenever they want to without as much as needing to register for an 'account'! You just pick a nickname out of thin air and off you go.
In that kind of environment, end to end encryption really doesn't add value.
I appreciate their effort but isn't Matrix (the company) based out of the UK and primary hosted instances on AWS in the UK? The UK were the first AFAIK to create such internet laws [0]. I could imagine people running their own instances in places where the age laws are not yet active but that number is shrinking fast. [1]
Their solution is for everyone to pay for Matrix with a credit card to verify age. I assume that means there must be a way to force only paid registered accounts to join ones instance? What percentage of the accounts on Discord are paid for with a credit or debit card? Or boosted? I don't keep up with terminology
> isn't Matrix based out of the UK and primary hosted instances on AWS in the UK?
It doesn't matter what country you run your server in or where your company is based; if you're providing public signup to a chat server then the countries (UK, AU, NZ etc) which require age verification will object if you don't age verify the users from those countries. (This is why Discord is doing it, despite being US HQ'd). In other words, the fact that The Matrix.org Foundation happens to be UK HQ'd doesn't affect the situation particularly.
(Edit: also, as others have pointed out, Matrix is a protocol, not a service or a product. The Matrix Foundation is effectively a standards body which happens to run the matrix.org server instance, but the jurisdiction that the standards body is incorporated in makes little difference - just like IETF being US-based doesn't mean the Internet is actually controlled by the US govt).
> Their solution is for everyone to pay for Matrix with a credit card to verify age.
Verifying users in affected countries based on owning a credit card is one solution we're proposing; suspect there will be other ways to do so too. However: this would only apply on the matrix.org server instance. Meanwhile, there are 23,306 other servers currently federating with matrix.org (out of a total of 156,055) - and those other servers, if they provide public signup, can figure out how to solve the problem in their own way.
Also, the current plan on the matrix.org server is to only verify users who are in affected countries (as opposed to try to verify the whole userbase as Discord is).
Matrix is a protocol, not a service. It's likely the UK government can enforce laws against content and accounts hosted on the matrix.org servers, but no single government has jurisdiction over the entire network.
Couldn't you simply set up your own instance and link up with the wider network? I guess you would have to age verify yourself if you live in a country that requires it, but regulating that would be sort of hilarious.
It's an interesting legal question, but I would imagine for a federated service, the burden of proof should be on the individual's home server for age verification. That's where the user account is, after all.
Matrix is basically labeled "adults only" everywhere, so restricting certain servers/rooms due to possible innocent eyes is likely out of scope.
> Since then Australia, New Zealand and the EU have introduced similar legislation
I am not aware that the EU pushed legislation onto us here in central Europe with regards to "Age Verification". I am not saying it has not happened (I simply don't know right now), but this needs a source rather than just a statement. From what I remember, local media in german critisized the UK, so it would be strange to see the same legislation suddenly come into effect here.
Also, it seems we did not really win a lot if a private company operates matrix.
The EU will probably wait until the launch of a digital wallet that can do anonymous age verification. Otherwise it won't get enough political support.
Greece/Austria/Finland/Belgium/Italy also discussing.
The best one for me is Portugal, parliament approved this law all while the country is being devastated by hurricane winds and flooding with several calamity zones. They are really bringing Law into effect by maximum obfuscation.
EU anonimity online is over because ivory tower folks want to speedrun all of us into 1984.
And this is obviously just a stepping stone to mass message scanning. The revolution will not be organizable.
>If it doesn't have enough of the utility, performance, and positive UX, it will never gain enough market share to matter.
That's part of why billionaires will continue to screw people over. They will try and stay in bed with the familiar evil, rather than put up with the temporary inconvenience of freedom.
And it's a negative spiral. Less users means less money to bring in staff which means less means to improve. Discord didn't become discord in a month, but other competitiors don't get that grace period.
Last time I tried matrix (~2022) they still didn't have voice channels--they had voice calls but not a mechanism where people can join/leave a particular voice chat at will. To me this is a must have feature for anyone who has used discord/mumble/ventrilo.
I was actually playing with voice rooms the other day. One can create a standing call room that people can join or leave as they see fit, without having to set up a new call each time. Discord currently has more integrations with streaming and voicechat rooms, but they had a bit of a head start, and even Element (let alone Commet & Cinny) are catching up
I agree with you. The good news is that it looks like some of the alternate clients are focusing on it. https://commet.chat/ has voice channels (video rooms but default to camera off), and cinny's element call support PR defaults to camera off in video rooms as well iirc.
It is really great to see a post from the Matrix Foundation that forthrightly acknowledges it is not ready for mainstream adoption and shows awareness of its limitations. I hope this is a good omen for the future of Matrix.
I cannot even use Discord if I wanted to... every time I try to sign up I get immediately phone-walled and/or banned, and the appeal is always denied with "our automated system is working properly." I have been trying for close to ten(!) years now off and on, with all different combinations of browsers, OSes, ISPs and physical machines. No VPN or proxy either.
And even if I was able to register, that "automated system" still randomly bans people whenever it feels like it. Search the r/discordapp subreddit or just google "discord random ban", it's a widespread problem with no solution and I have no idea how so many other people seem to have no issues, yet at the same time you can find lots of people just as frustrated as me.
"Automated system discriminating against me with no appeal or recourse" may not be the biggest injustice in the world right now, but I fear/loathe that it seems like it's going to keep getting bigger.
A bug blocking functionality is an annoyance, but a Scarlet Letter branded onto a secret dossier is terrifying.
Does phone-walled mean you have to verify with a phone number? Are you unable to do it because it doesn’t work, or because you don’t want to give it your phone number?
On the two occasions I’ve tried to chat with someone on the public Matrix server, I was completely unable to get it to work. I’ve tried with the new Mac app and with some older thing years ago.
So… choose your poison? I’m sure Matrix/Element works for someone or they would be out of business, but it does not work for me.
I had the same issue but in instagram, not for personal use, but few years ago I made few startups, and every time I register the company I create few social accounts, all works well except instagram for some reason, always get flagged and asked to take a selfie with a book or something.. and even after providing that selfie I still get perma banned! I tried to call support, like how you would expect from any company let alone a multi billion one, only to find out that there’s actually no support in anywhere in fecebook wise! And the only way you can get something fixed is through a secret syndicate-like community where you should know someone who knows someone to talk to some person there to fix your issue. Long story short, never bothered with that shitty company again, good riddance.
My security collective is honestly considering going back to IRC.
It's becoming increasingly apparent that if you don't use something truly free and open source and host it yourself, you're just setting yourself up for more of this sort of thing.
You can't trust anyone to properly handle the problem of "how the hell do we keep creeps the f*ck away from kids?" with any amount of common sense.
Even if you self-host matrix there are still multiple ways you could be liable for content you don't even know exists. Especially the last 4 points here:
There are even custom message/media types that people use to upload hidden content you can't see even if you're joined to the same channel using a typical client.
It seems both the Linux desktop and Matrix have the opportunity of a life time now. If they don't rise to the occasion and grab that marketshare, I fear there may never be an opportunity like this again.
Linux won't rise to the occasion because there's no figurehead leading the rise. Linux's greatest strength and weakness is in its breadth of a community. But that's not how you traditionally attract a mainstream audience.
That's why Valve is the best chance here, and why I'm not too optimistic. Valve's incentives are to make its own walled garden, which in my eyes defies the idea of linux. But that seems to be the only thing that works these days.
Totally agree there and they actually talk about that in the post:
> Finally: we’re painfully aware that none of the Matrix clients available today provide a full drop-in replacement for Discord yet. All the ingredients are there, and the initial goal for the project was always to provide a decentralised, secure, open platform where communities and organisations could communicate together. However, the reality is that the team at Element who originally created Matrix have had to focus on providing deployments for the public sector (see here or here) to be able to pay developers working on Matrix. Some of the key features expected by Discord users have yet to be prioritised (game streaming, push-to-talk, voice channels, custom emoji, extensible presence, richer hierarchical moderation, etc).
Same here, tried a couple of years ago. I was drawn to it because of the protocol concept. The experience was not bad, everything worked. But I remember the signup/domain/keys/backups/etc UX was a bit confusing. Happy to see there is more attention going to Matrix lately. Time to give it another go perhaps
As a Discord user myself, I’ve been surprised at how aggressive the recent data collection direction feels, especially given how much of its appeal came from being lightweight and community-centric. This to me seems like a real opportunity for a simpler alternative that preserves core functionality without the additional data surface area.
I didn't see this specifically coming. But I saw this enshittification from a mile away the moment they changed leadership and how they immediately talked about wanting to IPO. It was never going to stop at aggressively pushing Nitro for this sort of c-suite
>a simpler alternative that preserves core functionality
That's practically a contradiction, sadly. The core features people want are all varied. You'd need 4-5 "simple" apps to replicate them all, but people want all their eggs in one basket.
What's the canonical way to block users from age-gate jurisdictions to one's website? I wish Cloudflare had a wizard flow for this. I'm not going to age-gate access to my blog (it's a wiki so it has user-generated content) so I'd rather jurisdiction-gate it.
Perhaps we should have network traffic report its geographic location so that we can comply easily. Would prefer something in an IP packet so that I can just filter at the firewall. Doesn't even need to be implemented in a sophisticated way at clients. Can just have the urgent flag repurposed to mean "respond only if not geo-locked and unconcerned with regulatory" and then I can drop these directly, and regulated source locations could ensure that packet flags are correctly set at the widest peering location out of the UK and so on.
This appeal falls flat when you get to the parts about their homeserver requiring some form of age verification:
> From our perspective, the matrix.org homeserver instance has never been a service aimed at children, which our terms of use reflect by making it clear that users need to be at least 18 years old to use the server. However, the various age-verification laws require stricter forms of age verification measures than a self-declaration. Our Safety team and DPO are evaluating options that preserve your privacy while satisfying the age verification requirements in the jurisdictions where we have users.
Which is actually more strict than Discord's upcoming policy which allows accounts to operate for free without any verification, with some limitations around adult-oriented servers and content.
There has been a lot of FUD about the Discord age verification, so a refresher: The upcoming changes do not actually require you to verify anything to use Discord. It just leaves the account in teen mode by default. This means the account can't join age-restricted channels, can't unblur images marked as sensitive, and incoming message requests from unknown users will go to a second inbox with a warning by default.
You can, of course, run your own Matrix server. Having been there before I would suggest reading up on some typical experiences in running one of these servers. Unless you have someone willing to spend a lot of time running the server and playing IT person for people using it, it can be a real headache. They also note that running a server doesn't actually get around any age requirements:
> Practically speaking, that means that people and organisations running a Matrix server with open registration must verify the ages of users in countries which require it.
it's up to the maintainer of a particular server to moderate what goes on in said server. Now, if the Matrix.org Foundation wants to moderate their servers one way or the other, that's one thing, but to expect the protocol/spec to lay down a content policy is, with all due respect, dumb as hell.
I just don't get why anyone is still arguing against age verification tbh. Large social spaces are required by law to do it, whether its discord or matrix or anywhere that allows strangers to interact.
cuillevel3|17 days ago
> Practically speaking, that means that people and organisations running a Matrix server with open registration must verify the ages of users in countries which require it. Last summer we announced a series of changes to the terms and conditions of the Matrix.org homeserver instance, to ensure UK-based users are handled in alignment with the UK’s Online Safety Act (OSA).
At least you can self-host matrix and messages are end to end encrypted, unlike IRC.
drnick1|17 days ago
Practically speaking, I would just ignore this requirement. The UK government has no jurisdiction on this side of the pond.
phyzome|17 days ago
Anyway, my main experience of Matrix is "failed to decrypt message". It's... not great. I wish it were better.
Bender|17 days ago
There are a few IRC clients that support OTR. irssi-otr is one [1] weechat-otr is another [2]. Pidgin though I have not used it in a very long time. Hexchat using an always work in progress plugin. There may be others.
OTR could use some updates to include modern ciphers similar to the recent work of OpenSSH but probably good enough for most people.
E2EE aside having chat split up into gazillions of self hosted instances makes it much harder for chat to be hoovered up all in one place. It takes more effort to target each person and that becomes a government scalability issue. Example effort: [3]
[1] - https://github.com/cryptodotis/irssi-otr
[2] - https://github.com/mmb/weechat-otr
[3] - https://archive.ph/4wi5t
kkfx|16 days ago
- notes left there for work, family organization, etc basically things for which an email is "too much" but a small scrap of text seen by some serve the purpose well
- calls, whether audio-only or audio + video
For social use, I see Lemmy or Nostr/Habla more than Matrix. But for all of this, there's a major lack of a single app that is easy go install-able, pip install-able, or cargo build-able without a gazillion dependencies and a thousand setup problems, to the point that most people just choose Docker, using stuff made by others that they know almost nothing about because setting up and maintaining these solutions is just too complex.
wolvoleo|17 days ago
In that kind of environment, end to end encryption really doesn't add value.
vonunov|16 days ago
Bender|17 days ago
Their solution is for everyone to pay for Matrix with a credit card to verify age. I assume that means there must be a way to force only paid registered accounts to join ones instance? What percentage of the accounts on Discord are paid for with a credit or debit card? Or boosted? I don't keep up with terminology
[0] - https://en.wikipedia.org/wiki/Online_age_verification_in_the...
[1] - https://avpassociation.com/4271-2/
Arathorn|17 days ago
> isn't Matrix based out of the UK and primary hosted instances on AWS in the UK?
It doesn't matter what country you run your server in or where your company is based; if you're providing public signup to a chat server then the countries (UK, AU, NZ etc) which require age verification will object if you don't age verify the users from those countries. (This is why Discord is doing it, despite being US HQ'd). In other words, the fact that The Matrix.org Foundation happens to be UK HQ'd doesn't affect the situation particularly.
(Edit: also, as others have pointed out, Matrix is a protocol, not a service or a product. The Matrix Foundation is effectively a standards body which happens to run the matrix.org server instance, but the jurisdiction that the standards body is incorporated in makes little difference - just like IETF being US-based doesn't mean the Internet is actually controlled by the US govt).
> Their solution is for everyone to pay for Matrix with a credit card to verify age.
Verifying users in affected countries based on owning a credit card is one solution we're proposing; suspect there will be other ways to do so too. However: this would only apply on the matrix.org server instance. Meanwhile, there are 23,306 other servers currently federating with matrix.org (out of a total of 156,055) - and those other servers, if they provide public signup, can figure out how to solve the problem in their own way.
Also, the current plan on the matrix.org server is to only verify users who are in affected countries (as opposed to try to verify the whole userbase as Discord is).
Zak|17 days ago
Quothling|17 days ago
fooqux|17 days ago
Matrix is basically labeled "adults only" everywhere, so restricting certain servers/rooms due to possible innocent eyes is likely out of scope.
unknown|17 days ago
[deleted]
stevage|17 days ago
shevy-java|17 days ago
I am not aware that the EU pushed legislation onto us here in central Europe with regards to "Age Verification". I am not saying it has not happened (I simply don't know right now), but this needs a source rather than just a statement. From what I remember, local media in german critisized the UK, so it would be strange to see the same legislation suddenly come into effect here.
Also, it seems we did not really win a lot if a private company operates matrix.
throwaway473825|17 days ago
veeti|16 days ago
DoingIsLearning|17 days ago
That's old news, now is all about "think of the children".
This is too synchronous not to be arranged with the Commission. My vote is on Europol and Palantir lobbying.
France - https://www.lemonde.fr/en/pixels/article/2026/01/31/social-m...
Spain - https://english.elpais.com/technology/2026-02-04/is-16-a-goo...
Denmark - https://edition.cnn.com/2025/10/08/tech/denmark-children-soc...
Portugal - https://www.reuters.com/world/europe/portugal-approves-restr...
Greece/Austria/Finland/Belgium/Italy also discussing.
The best one for me is Portugal, parliament approved this law all while the country is being devastated by hurricane winds and flooding with several calamity zones. They are really bringing Law into effect by maximum obfuscation.
EU anonimity online is over because ivory tower folks want to speedrun all of us into 1984.
And this is obviously just a stepping stone to mass message scanning. The revolution will not be organizable.
rockskon|17 days ago
If it doesn't have enough of the utility, performance, and positive UX, it will never gain enough market share to matter.
E2EE encryption doesn't matter if you don't have someone else to communicate over it with!
ddtaylor|17 days ago
johnnyanmac|16 days ago
That's part of why billionaires will continue to screw people over. They will try and stay in bed with the familiar evil, rather than put up with the temporary inconvenience of freedom.
And it's a negative spiral. Less users means less money to bring in staff which means less means to improve. Discord didn't become discord in a month, but other competitiors don't get that grace period.
sregister|17 days ago
xethos|17 days ago
kuschku|17 days ago
wkrp|17 days ago
BrenBarn|16 days ago
dang|17 days ago
Discord/Twitch/Snapchat age verification bypass - https://news.ycombinator.com/item?id=46982421 - Feb 2026 (435 comments)
Discord faces backlash over age checks after data breach exposed 70k IDs - https://news.ycombinator.com/item?id=46951999 - Feb 2026 (21 comments)
Discord Alternatives, Ranked - https://news.ycombinator.com/item?id=46949564 - Feb 2026 (465 comments)
Discord will require a face scan or ID for full access next month - https://news.ycombinator.com/item?id=46945663 - Feb 2026 (2018 comments)`
ranger_danger|17 days ago
And even if I was able to register, that "automated system" still randomly bans people whenever it feels like it. Search the r/discordapp subreddit or just google "discord random ban", it's a widespread problem with no solution and I have no idea how so many other people seem to have no issues, yet at the same time you can find lots of people just as frustrated as me.
Terr_|17 days ago
A bug blocking functionality is an annoyance, but a Scarlet Letter branded onto a secret dossier is terrifying.
cortesoft|17 days ago
amluto|17 days ago
So… choose your poison? I’m sure Matrix/Element works for someone or they would be out of business, but it does not work for me.
anon_cow1111|16 days ago
tamimio|17 days ago
direwolf20|17 days ago
rixtox|17 days ago
They should really rebrand their home server to another name, so the Matrix name is unambiguously referring to the protocol.
notepad0x90|16 days ago
Arathorn|16 days ago
lenerdenator|17 days ago
It's becoming increasingly apparent that if you don't use something truly free and open source and host it yourself, you're just setting yourself up for more of this sort of thing.
You can't trust anyone to properly handle the problem of "how the hell do we keep creeps the f*ck away from kids?" with any amount of common sense.
ranger_danger|17 days ago
https://telegra.ph/why-not-matrix-08-07
There are even custom message/media types that people use to upload hidden content you can't see even if you're joined to the same channel using a typical client.
LAC-Tech|17 days ago
unknown|17 days ago
[deleted]
notepad0x90|16 days ago
johnnyanmac|16 days ago
That's why Valve is the best chance here, and why I'm not too optimistic. Valve's incentives are to make its own walled garden, which in my eyes defies the idea of linux. But that seems to be the only thing that works these days.
puppycodes|17 days ago
I'm hopeful the experience will improve in the future.
cuillevel3|17 days ago
> Finally: we’re painfully aware that none of the Matrix clients available today provide a full drop-in replacement for Discord yet. All the ingredients are there, and the initial goal for the project was always to provide a decentralised, secure, open platform where communities and organisations could communicate together. However, the reality is that the team at Element who originally created Matrix have had to focus on providing deployments for the public sector (see here or here) to be able to pay developers working on Matrix. Some of the key features expected by Discord users have yet to be prioritised (game streaming, push-to-talk, voice channels, custom emoji, extensible presence, richer hierarchical moderation, etc).
kaboomshebang|17 days ago
b_brief|17 days ago
johnnyanmac|16 days ago
>a simpler alternative that preserves core functionality
That's practically a contradiction, sadly. The core features people want are all varied. You'd need 4-5 "simple" apps to replicate them all, but people want all their eggs in one basket.
unknown|17 days ago
[deleted]
daft_pink|17 days ago
It would be nice if we could use these digital wallets as a framework for all these things, annonymously.
MitPitt|17 days ago
arjie|17 days ago
Perhaps we should have network traffic report its geographic location so that we can comply easily. Would prefer something in an IP packet so that I can just filter at the firewall. Doesn't even need to be implemented in a sophisticated way at clients. Can just have the urgent flag repurposed to mean "respond only if not geo-locked and unconcerned with regulatory" and then I can drop these directly, and regulated source locations could ensure that packet flags are correctly set at the widest peering location out of the UK and so on.
veeti|16 days ago
apopapo|17 days ago
xethos|17 days ago
[0] https://tomsitcafe.com/2025/11/06/private-matrix-hosting-a-s...
josefritzishere|17 days ago
ranger_danger|17 days ago
https://news.ycombinator.com/item?id=46982421
https://tech.yahoo.com/social-media/articles/now-bypass-disc...
Aurornis|17 days ago
> From our perspective, the matrix.org homeserver instance has never been a service aimed at children, which our terms of use reflect by making it clear that users need to be at least 18 years old to use the server. However, the various age-verification laws require stricter forms of age verification measures than a self-declaration. Our Safety team and DPO are evaluating options that preserve your privacy while satisfying the age verification requirements in the jurisdictions where we have users.
Which is actually more strict than Discord's upcoming policy which allows accounts to operate for free without any verification, with some limitations around adult-oriented servers and content.
There has been a lot of FUD about the Discord age verification, so a refresher: The upcoming changes do not actually require you to verify anything to use Discord. It just leaves the account in teen mode by default. This means the account can't join age-restricted channels, can't unblur images marked as sensitive, and incoming message requests from unknown users will go to a second inbox with a warning by default.
You can, of course, run your own Matrix server. Having been there before I would suggest reading up on some typical experiences in running one of these servers. Unless you have someone willing to spend a lot of time running the server and playing IT person for people using it, it can be a real headache. They also note that running a server doesn't actually get around any age requirements:
> Practically speaking, that means that people and organisations running a Matrix server with open registration must verify the ages of users in countries which require it.
kennywinker|17 days ago
computersuck|17 days ago
techbrovanguard|17 days ago
unknown|17 days ago
[deleted]
xena|17 days ago
[deleted]
GaryBluto|17 days ago
b00ty4breakfast|17 days ago
aystatic|17 days ago
genghisjahn|17 days ago
mmonaghan|17 days ago
marak830|17 days ago
No thanks, there are other services I can use.