The way identity wallets work:

The government issues an eID to your wallet. The ID is signed by the government and linked to the device to prevent transferring the credential. A public/private key-pair is generated by the secure enclave in your phone, the public key along with proof of possession of the private key is included in the request for the government eID. The government signs individual attributes combined with the public key with the government private key. The government certificate containing the public key is, well, public.

One of the attributes is ‘over_18’ (In the EU eID scheme countries can add other over_XX attributes if they want, but over_18 is mandatory).

When a website wants to requests attributes, in this case the over_18 attribute, they send a request to the user’s wallet app, including a challenge. The wallet sends back a package including the government-signed attribute, which contains the device public key and the over_18 attribute plus a response to the challenge (proving the credential didn’t get transferred).

The website only sees the ‘over_18’ attribute, which is backed by the government signature. They don’t see any other attributes (the wallet app shows in advance which attributes you are sharing). The government never sees which website wants to know if you’re 18+.

Of course this is all a bit simplified, check OIDC4VCI and OIDC4VP for details.

The only real issue is the wallet app and device binding. Because a compromised device could allow credentials to be transferred some form of attestation of device and wallet app is required. In practice this means no rooted/jailbroken phones.

>Could you be more specific as to what you're imagining?

sure, i'll put my favorite two. though you'll find much more detailed and thought-out versions of these (and others) in the dozens of other giant threads on the same topic.

- buy a card with a UUID from anywhere that sells alcohol/tobacco that is valid for some period of time. most people are comfortable with flashing their ID at the clerk. the UUID card is non-identifying.

- websites issue content tags, browsers consume them, you enter your age into the OS during setup.

That's because you're treating AV as a system that must be 100% correct immediately. This isn't banking or an election.

As soon as you loosen off the requirements to "reasonable effort", you can start looking at account age, facial features, social attestation, and include retrospective tools to revisit someone's verification if they get in and start acting like a child. Heuristically messy but far from impossible to demand a stronger form of verification if their original might have been borderline.

The goal is broad coverage, not complete. Screening doesn't have to get 100% to have an effect.

Using existing parental controls parents could set their kids age and that could be used for the age controls. Could the parents let the kids around the age gate? Sure but they could do that even if a government ID and camera was required. This actually might be more effective than a lot of these systems because other adults could not let the kids use their IDs

Sure here's one example of decentralizing it -- it's going to be overly simple just as a toy example to show how easy it could be:

Whenever you want to prove your adult you go to "am I an adult.gov" and you use your credit card or whatever to prove you are an adult. At which point you get a 1-time 5-digit code that is UNIVERSAL TO EVERY SINGLE HUMAN and good for 1 hour (everybody who uses the site gets the same code that hour).

Then when you want to look at porn or something, you use this code. Boom simple and done.

There are even much better much more private techniques that use cryptography, and AI is happy to explain these graduate-degree level topics to you at your own pace.

Of course there are situations where people steal things, and use deep-fakes, etc, but those exist in every model.

Cryptographically blinded age verification with a government signed digital ID

Perfect is the enemy of the good, right? I mean a page header or some other simple means to identify "adult" vs not is good for most cases? Just thinking about it.. obviously it can be bypassed but is there a good enough?

Make unrestricted devices like alcohol: you need ID to buy (but the box containing the device you’re sold is indistinguishable from any other, so the device may have a UUID but it can’t be traced to your ID); kids caught with unrestricted devices in school have them confiscated; maybe fine parents, but I think discouragement and banning in schools is enough. Kids can have restricted devices, distinguished from unrestricted by appearance in a way that’s hard to fake.

Info-minimized oidc handshakes with certified identity providers could verify age-category of a user with no other information shared.

Consider "log in with apple" as it is today. Depending on what you share, a relying website might not even get your name or email.

If you don't think a checkbox saying "I am 13 or older" is adequate, with all the behavioral tracking available to say Meta, they can tell well enough. OpenAI talks about this too: https://openai.com/index/our-approach-to-age-prediction/

Knowing who someone is in general is different from having a photo of their face or government ID confirmation.

This is a classic case for one time ZKPs. Sure, you can't get around attestation, but the party that needs to verify that you meet age criteria doesn't need to know your age or other private information.

I presume you're concerned by the attesting party's knowledge of both the signature and identify information. Yes, in principle these can be linked, but in practice, it may be difficult or made very difficult, and today, very little of our online activity is really anonymous anyway. It is generally not too difficult to infer identity based on the content someone generates and the bread crumbs they leave behind.

Of course, if the intent is to use age verification as a wedge to monitor everyone, then it will be difficult politically to secure the protections needed to prevent that sort of data fusion.

>What's the point in making this distinction?

we're on a discussion board, so i started a discussion. that was the point.

I don’t know? Maybe its the little give and take that helps build a solution that is mature and limits the kind of harms kid are facing, without sacrificing privacy?

It’s also the very cool, nuanced and technical tooling that people here tend to enjoy figuring out, and building.

It side steps the thought terminating tar pits of “privacy at all costs” or “save the children”.

> half the websites I visit from the UK want me to either scan my face or upload ID documents to access their full featureset.

what kind of websites are you visiting to get age checked on half of the sites you visit? i've only been asked to verify for dating apps and "sexy stuff". and i definitely don't spend 50% of my total browsing time on those sites.

maybe this says more about the kind of content/sites you're accessing if it is really as high as 50%? UK age verification mostly only applies to sites which might end up hosting the content quoted below.

> pornographic images, and content that encourages, promotes, or provides instructions for eating disorders, self-harm, or suicide.

or you're just being hyperbolic? 79% of statistics are made up, after all.

The UK has draconian laws.

But some of the easiest middle ground solutions that solve 90% of the problem are things like simple math problems. Get asked "3+7" and that will pretty quickly filter out almost anyone under the age of 6. If you can accept that there are some smart 4 or 5 year olds who can do simple math, congrats you recognize there's a 10%.

>mythical sweet-spot solutions?

there are thousands of comments on these threads every time it comes up. there's tons of what i consider reasonable solutions proposed. there's examples below, too, which don't require face scans.

>Concretely, half the websites I visit from the UK want me to either scan my face or upload ID documents

yeah, i agree that really sucks.

Government builds a website where you can log in using any government issued ID or using one of the many many many available services that hold your details already(at least in the UK nearly everyone will have a DLVA account, HMRC account, HMPO account, NHS account.....all of these are government services which we can only assume hold our data securely already).

On that website, you can click "give me a verification code", it gives you a code that is single use and only valid 24 hours. You type that into whatever 18+ website you need to, they use a public API provided by the government to just check "yes this is a valid code and the user is 18" - bang, done, verified. The website knows nothing about you at all, except for the fact that you're 18.

In fact, the UK government ALREADY HAS THIS. For the EU settlement scheme, you can give your employeer(or anyone else who needs it) a special magic code that they type in on the government website, and it just says "yet his person has the right to reside in the UK" without spilling any of your personal information at all. The code is single use and valid a limited amount of time. And you can do the same with your driving licence, where anyone can verify you hold a valid licence without actually seeing it or any details on it.

Like, am I being stupid here? It seems like an almost trivial solution to the problem, especially given that it already exists for at least 2 services named above.

And yes, I know people will say "oh but that requires the government having this data on you, and that's bad" or "but then the government will know you've authenticated with pornhub!".

And yes, both of these are true - but on point 1 - like, I'd love some ideal situation where the government can simultaniously give me a passport or a driving licence AND not have any information about me at the same time, but that ain't happening, and on point 2 - yes, but that's still infinitely preferable to the current implementation, and it can be easily solved with legislation saying that the code authentication service doesn't log who requested verification, it just answers with yes/no and that's it.

I don't know about this, stores around me are scanning people's IDs to verify their age.

I guess I could make an ID (not a counterfeit government ID) that uses the same encoding for the birthday.

Not anymore, at least. In these parts your alcohol purchases did require a paper trail once upon a time.

And yet in practice they do.

Well, not every beer but when you shop at Beers-R-Us they know.

To be fair, I buy my beers on CC. If someone really wanted to know the best IPAs and session able beers they could get, they could audit my CC records and then cross check to the breweries and pubs to see what I was buying. Just depends how much someone wants to learns bout good beer.

>Would you mind elaborating on the specific methods you're referencing?

well, i mean, you put a decently reasonable one in your own comment: "client-side parental control software that works based on website/app tags supplied by the server / app creator / etc."

another sibling comment mentions alcohol sales. government could issue a scratch card with UUID that's valid for some time, sold at anywhere alcohol/tobacco is already sold. most people are already comfortable with flashing an id at the beer store.

read any other the other dozen similar threads with hundreds of comments, and there are a handful of other neat ideas usually voted pretty high up.

>Doesn't 90% successful mean you are stepping on 10% toes???

no, it means that <10% of kids under 16 or whatever age will still make it onto instagram

There is also, separately from that, a need to protect kids from growing up into the people in Idiocracy.

>Do you try to insinuate that a little bit of tracking is ok?

no, and you can read through other comments here and on the many threads of the same topic for proposals which have no tracking.

>I believe you are missing the point. "To protect kids" is just a cover, the nightmare dystopia is the real goal.

did i miss the point? because my last sentence literally says this.

Well, some who push it anyway. There is another group whose motive is to get rid of all porn.

In fairness (i.e. looking at the data with an open mind), social media does seem to be the cause of (or at least strongly correlated with) a bunch of ills.

You're wrong, it still matters. It's the first step, and it's an important step in maintaining fairness.

"Fair" doesn't always mean according to everyone's preferences. I might want to have a full cake but getting a slice is fair.

Of course. The lobbyists don't want to be called bribed people, so they only want to monitor the peons. Slavery 2.0.

Those digital surveillance rules passed in Brazil under the Digital Statute for Children and Adolescents law.

Protection of kids is definitely the most common arguments for them.

If the users chooses what they are shown and the order they are shown in, then it's fine. If the platform chooses, then it's not, because they will always choose what creates the most engagement.

That's the problem, recommendation algorithms on networks beyond a certain scale should be publicly auditable.

If they're not, I should be able to opt-out of them.

I think I would be fine with a positive enumeration. Some ideas for serving content:

    - purely random
    - sponsored but without user tracking (like old school TV ads)
       - sponsored for user selected geographical area feed
       - sponsored for user current location geographical area feed
    - follow "friends" or influencers
    - purely timeline

    - discussion boards
      - timeline (IRC like)
      - threaded
      - user votes (not magic platform votes)

    - follow keywords

It's clear by now that the societal impact is significant. I can banish all the social networks from my life and they'll still be corrupting the political process, promoting divisive content, etc.

I assume you are also for heroin vending machines at every school corner if you watch a 30 second ad slot. You don't have to use them, you know.

California's proposal is better than the one you're proposing, so Californian legislators goals are actually to solve GP's problem. Articles like this one that don't consider other proposals like California's are idiotic because voters actually want to solve GP's problem, and pretending they don't exist does not convince voters.

I agree going to the worst-case is a weak technique, and this is what the OP does:

> "Age verification" means that everyone who does anything online will have to submit to fine-grained tracking and recording of all their online activities.