| ▲ | goda90 5 hours ago |
| Age verification can be achieved without destroying anonymity and privacy online using anonymous credential systems, but it has to be designed that way from the ground up, and no one pushing age verification is interested in preserving privacy. |
|
| ▲ | Aurornis 5 hours ago | parent | next [-] |
| This comes up in every thread, but the purpose of the laws is not to verify that someone can access an anonymous token. If we had a true anonymous token system then everyone would just share tokens around. The real world analog would be if you could buy beer at the store with anyone's ID because they didn't make any effort to reasonably check that the ID was yours or discourage people from sharing or copying IDs. The systems enforce identity checking because that's the only way age verification can be done without having some reason to discourage or detect credential sharing. The retort that follows is always "Well it's not perfect. Nothing is perfect." The trap is convincing ourselves that a severely imperfect system would be accepted. What would really happen is that it would be the trojan horse to get everyone on board with age verification, then the laws would be changed to make them more strict. |
| |
| ▲ | miloignis 4 hours ago | parent | next [-] | | Matthew Green talks about this in his blog on the subject: https://blog.cryptographyengineering.com/2026/03/02/anonymou... The two methods that seem feasible are making it hard to copy (putting it in the secure element in your phone, for example, which I don't love) or doing tokens that can only be used a limited number of times per day, like in : https://eprint.iacr.org/2006/454 | |
| ▲ | nitwit005 3 hours ago | parent | prev | next [-] | | Continuous age verification isn't possible, so you'll have to store some sort of proof of age somewhere, and that proof will always be sharable. Let's say Facebook has verified my age somehow. I could share my Facebook login credentials, or the token that their authorization server sends back in response. You can create some hurdles to doing that, like requiring a second factor, but I can just share that too. You might as well go down the route of accepting that possibility. These systems are never going to hold up in the face of a determined enough teenager. | |
| ▲ | goda90 5 hours ago | parent | prev [-] | | Make it a duplication resistant hardware token that you can get for free then. The stakes just aren't high enough to worry about these kinds of edge cases. | | |
| ▲ | dpark 5 hours ago | parent | next [-] | | Yeah, right. So the government is going to spend billions on “porn tokens”. That’s going to get through the legislature. I’m sure there wouldn’t be a brisk illicit trade in these tokens either. Certainly no one would be incentivized to sell these tokens to teenagers for easy profit. | | |
| ▲ | snackbroken 4 hours ago | parent [-] | | Further, "porn tokens" are the pointy end of the wedge, because it's easy to misconstrue any opposition as advocating for "kids should have access to porn, actually". The broad end that is being hammered towards is "kids aren't allowed on social media because it's harmful to them" AKA "free speech tokens". |
| |
| ▲ | akersten 5 hours ago | parent | prev [-] | | The stakes just aren't high enough for us to implement any of this crap for the Internet in the first place. Let alone an entire government-administered hardware supply chain. |
|
|
|
| ▲ | dpark 5 hours ago | parent | prev | next [-] |
| No it really can’t. Age verification requires identification. Even if you could anonymously verify age to issue a “confirmed adult” credential, the whole chain of trust breaks down if one bad actor shares their anonymous credential and suddenly everyone is verifiably an adult. The solution to that attack is naturally to have some kind of system for sites to report obviously-shared credentials. Which means tracking. |
| |
| ▲ | goda90 4 hours ago | parent | next [-] | | There's already authorities that know your age, so verifying age with them to get the credential isn't the part that needs to be anonymous. The issue is them knowing what you do with your credential, which anonymous credentials solves by making it impossible to track tokens back to the credential holder. As far as sharing, there are some possible mitigations. | | |
| ▲ | dpark 4 hours ago | parent [-] | | Right. And the possible sharing mitigations generally amount to tracking. This isn’t even getting to the issue that mandating government-issued credentials is the “foot in the door”. If you mandate the use of government creds for accessing websites, it’s an obvious step to turn around and demand that sites report credential use to “fight credential fraud”. |
| |
| ▲ | armchairhacker 4 hours ago | parent | prev [-] | | But likewise, someone can share (or have stolen) their ID https://news.ycombinator.com/item?id=47951372 |
|
|
| ▲ | wesselbindt 5 hours ago | parent | prev | next [-] |
| The destruction of privacy is the whole point. |
| |
| ▲ | 2ndorderthought 3 hours ago | parent [-] | | Yep look who is backing these regulations. It's absolutely for no other purpose than to further enable surveillance capitalism and the surveillance state. |
|
|
| ▲ | everdrive 5 hours ago | parent | prev | next [-] |
| This is something that's technologically feasible, but will never happen in practice. |
|
| ▲ | nonethewiser 3 hours ago | parent | prev | next [-] |
| Yes, but this is not popular among technologists (see the average sentiment towards age verification here). Legislators aren't going to build technology. This will happen if age verification actually becomes a widespread requirement. But until that point the prospective builders will be fighting the entire premise of such systems. |
| |
|
| ▲ | wmf 2 hours ago | parent | prev | next [-] |
| Apple and Google have already implemented private age verification. |
|
| ▲ | devmor 5 hours ago | parent | prev | next [-] |
| They are interested - interested specifically in opposing it. These groups don't care about age verification - it is a trojan horse for censorship. |
| |
|
| ▲ | bigbugbag 5 hours ago | parent | prev | next [-] |
| the EU is. but their verification age process shows the design flaw that preserving privacy means the system can be easily circumvented with a mitm allowing to circumvent the age verification process. |
| |
| ▲ | kro 4 hours ago | parent [-] | | Young people setting up a MITM and getting deeper into tech rather than consuming short-form-content is something I'd appreciate as a nice bonus effect. Of course the EU solution isn't perfect and there are bypasses (there will always be and have always been), but let's appreciate it that way rather than too many PII, if it must come. I'd prefer the Age/RTA header and parental responsibility too. |
|
|
| ▲ | intended 5 hours ago | parent | prev | next [-] |
| AFAIK there are designs in the EU that respect privacy. There is a range of options being pushed around the world, and theres definitely a few of them which are more technically defensible than others. |
| |
|
| ▲ | Forgeties79 5 hours ago | parent | prev [-] |
| And they continue to act like opposition just wants a wild west/don't care about kids, which is the oldest trick in the book. We just don't want "protect the kids" leveraged to tear up our rights. It's addressing a real problem in a bad way. |
| |
| ▲ | jMyles 5 hours ago | parent [-] | | I mean, it's more than that. I _want_ to protect kids' right to be part of the human connectome. The "protect the kids" (by disallowing them their freedom of thought on the internet) is just naked ageism. | | |
| ▲ | dpark 5 hours ago | parent | next [-] | | So do you want 5 year olds driving on the highway and 8 year olds doing shots of tequila or are you ageist? Or perhaps protecting kids isn’t really ageism at all. | | |
| ▲ | pseudalopex 3 hours ago | parent | next [-] | | Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize.[1] [1] https://news.ycombinator.com/newsguidelines.html | | |
| ▲ | dpark 3 hours ago | parent [-] | | I did. Restricting children’s access to certain things is not ageism. We can argue the merits of restricting children’s access to the internet, or certain books, or alcohol, or pornography, or whatever else. We can debate the merits of those various restrictions based on the benefits and costs to both the children and society at large. But it is not ageism to attempt to protect children. It is not ageism even of the restriction is a bad idea. To claim it is ageism is an emotional appeal (“ageism bad!”), not a logical one. | | |
| ▲ | array_key_first an hour ago | parent | next [-] | | It depends on what you're restricting and why. Restricting access to things based on age can absolutely be ageism if the thing does not need to be restricted. | | |
| ▲ | dpark 24 minutes ago | parent [-] | | I don’t think it’s ever “ageism” in the normal sense to restrict children’s activities for their safety. But even if that’s the right term in some cases, it hinges on “if the thing does not need to be restricted”. The burden is still to demonstrate that a restriction is wrong. If that can’t be demonstrated, then labeling it ageism is a purely emotional appeal. |
| |
| ▲ | Forgeties79 2 hours ago | parent | prev [-] | | You jumped to children behind the wheel of vehicles and doing tequila shots. There is no way that was a serious effort at good faith discourse. | | |
| ▲ | dpark 2 hours ago | parent [-] | | I used a rhetorical device to demonstrate why restricting children’s activities is not simply ageism. I don’t know how you can seriously come here and accuse me of engaging in bad faith when I’ve taken the time to make my viewpoint explicit multiple times in this thread now, including directly to you. | | |
| ▲ | Forgeties79 an hour ago | parent [-] | | Hyperbole is a rhetorical device, if that’s what you mean. Just because I had a hard time following your logic doesn’t mean I didn’t engage in good faith. You also seem to be arguing in a heated way with every person who responds to you. Either way it’s probably best if we both move on | | |
| ▲ | dpark 41 minutes ago | parent [-] | | I did not accuse you of not engaging in good faith. You accused me of that. I don’t think I responded to anyone in a heated manner, though I will readily admit to being annoyed when you accused me of bad faith. Agree we should move on. |
|
|
|
|
| |
| ▲ | kps 3 hours ago | parent | prev | next [-] | | If the 5-year-old has passed a proper driving test, why not? | |
| ▲ | IAmBroom 4 hours ago | parent | prev | next [-] | | Quit arguing as though the topic is binary. It's not. | | |
| ▲ | dpark 4 hours ago | parent [-] | | I’m not saying anything is binary. I’m saying it’s not ageism to restrict child access. It could be a bad idea but that doesn’t make it ageism. |
| |
| ▲ | Forgeties79 4 hours ago | parent | prev [-] | | It depends on what you're depriving them of too. Those are very extreme examples with little to no upside. | | |
| ▲ | dpark 4 hours ago | parent [-] | | Disagree. We can discuss what restrictions are appropriate or reasonable without calling it ageism. Calling it ageism is an emotional appeal, not a principled stance. | | |
| ▲ | Forgeties79 3 hours ago | parent [-] | | Ageism is a legally defined form of discrimination as well as the subject of ethical discussions. It's a real, defined thing. Just because we disagree on what qualifies as ageism doesn't mean you get to call foul and say it's irrational/emotional. | | |
| ▲ | dpark 3 hours ago | parent [-] | | This is literally a “think of the children[‘s freedom]” appeal. You’re not arguing for or against the restriction on its merits. In the US at least there’s also no such thing legally as age discrimination against minors so far as I’m aware. Edit: Let me frame this differently. “Ageism” is basically by definition bad, so applying the term “ageism” to a restriction is a an attempt to label the restriction bad without establishing that on its own merits. If you try to provide a consistent definition of “ageism” that applies to restricting access to the internet but not restricting access to alcohol, you will most certainly have to resort to phrases like “reasonable restrictions” (if not, I’m very interested in your definition), which means that there’s still a need to establish what is reasonable. Applying the label “ageism” without establishing reasonableness is then a circular argument. | | |
| ▲ | Forgeties79 2 hours ago | parent [-] | | You’ve lost me. | | |
| ▲ | dpark 2 hours ago | parent [-] | | You* are using “ageism” as a synonym for “bad”. You are also labeling restrictions as “ageism” without establishing that they are actually bad. In effect you are saying “that’s bad!” without accepting the burden of establishing why it’s bad, but hiding this behind a different term that carries more emotional weight. It’s a very politically effective strategy but it’s not logically sound. * actually jMyles |
|
|
|
|
|
| |
| ▲ | Forgeties79 5 hours ago | parent | prev [-] | | Fair point |
|
|
