[manytree]

Sounds like exact quandary that the emerging DID spec (Decentralized Identifiers) [https://www.w3.org/TR/did-core/] is hoping to solve. I.e. you can submit your proof of age to an attestation service (in this case, perhaps the australian government itself) and receive an anonymous DID from which you can issue proofs of age without revealing other aspects of your identity.

[tomjen3]

Would that also work the other way around? Ie would it mean the Australian government wouldn’t know anything other than you wanting to prove your age to somebody?

Otherwise it seems a terrible idea.

[manytree]

Yeah, the DID you receive from the attestation service can be used multiple times, and is assumed to be immutable, so you sign messages with your private key to prove ownership of the DID but generally reveal no other information. One concern would be that a backend integration might exist between the Australian government’s attestation service and Google’s system, in which case there might be benefit to the existence of an alternative public institution that is committed to privacy which has the demonstrated authority to verify age.

[klabb3]

Yes, but I find this unlikely to be endorsed by governments in the short term.

It'd be great if the law said that it's (very) illegal for the verifying party to share or store any of the PII, including with the government.