[jdthedisciple]

And as a result have everyone upload their personal identification to some untrustworthy corporate database?

Thanks but no thanks.

There ought to be better solutions.

My view is that it's a question of culture. In particular, the eradication of any sort of authority (parents, teachers) and the worshipping of "I want, therefore it's good and my right" are among the root causes for this epidemic.

[iakov]

A government API / website to do the verification can work similar to OpenID - the end application doesn't know any PII, receiving a JWT with some basic info (name, age email) instead.

Just something on top of my head, I'm sure that there are solutions to this. It's the political will and balls that are nowhere to be found...

[uncletammy]

Sorry, no. I don't trust a government API/website with my personal information. They collect and abuse the private data that I DON'T willingly give them access to. Imagine what they'd do with the data I do.

[mrweasel]

The government already have all your personal information. If you mean that you don't trust a government API to do age verification, then that's already an option in some countries and it doesn't have to expose anything.

Denmark have MitID, which is a sort of government OIDC/OAuth2 thing. There's no issue in having it expose only a single claim, such as age, or adult=true/false in age verification scope. You don't have to open the floodgates to government data, in fact Denmark has navigated that pretty well through the last three iterations of our government issues online ID scheme. There's even laws preventing cross referencing data from different database, in the case that you for some reason have access to it.

[iakov]

Where do you live where the government does not have your basic information - name & date of birth? You're being unreasonably paranoid IMO.

[triceratops]

> And as a result have everyone upload their personal identification to some untrustworthy corporate database?

What about having IRL stores sell one-time use age verification tokens after showing ID? Just like tobacco or alcohol they can make it illegal to provide them to a minor. Whereas if you're worried about privacy you can still buy with cash.

[AgentK20]

And what prevents a Malicious Actor (older student? friend who already graduated? someone who wants to sell them?) from acquiring multiple of said age verification tokens from different vendors? Well, now there has to be a database somewhere of all of the tokens that have been created along with the ID number of the person who acquired the token. Who maintains this database? The government? The companies who we don't want storing our data?

Sure, it adds more steps than just "click this checkbox if you're an adult" but kids/teens are a crafty bunch and, unlike drugs and sex, a) the penalty for violation of the rules is not immediately obvious (to the youth, OR even to society) and b) the act of violating the rules is not obvious in itself to people who aren't on that person's phone: there's no physical items left behind for parents to notice.

Effectively what we're talking about here is trying to solve the Sybil Problem, which has no widely-accepted solution.

[triceratops]

You're asking what prevents straw purchases. Same thing that prevents straw purchases for alcohol and tobacco. Plus once it's the norm to not have kids on social networks there will be greater societal enforcement, just like with smoking and drinking.

There's no database of alcohol or tobacco buyers. The sales clerk just checks your id and forgets about it. It's a code good for use on exactly one account on one service, and expires in maybe a year. If you have multiple accounts on multiple services, buy separate codes for each one. They should be reasonably priced - no more than $5 each.

You don't need a perfect solution. Despite laws against underage drinking, smoking, and drug use it still happens.

[micromacrofoot]

this already exists in some places and they have to keep a log of checks so they can be audited

[triceratops]

So do it without the log. There's no log of alcohol and tobacco buyers, and also no need for "audits" there. Have some undercover inspectors do spot checks to make sure all retailers are checking ID. Fail the test, lose your license.

[micromacrofoot]

“we have no record of this user gaining access”

[triceratops]

I don't understand. Who's "we"?

The store sells a scratch card containing a single-use code, after you show them ID. When you sign up with whatever social network, you enter the code and the social network validates it with the code provider service. That's it.

At best the code provider can tell the social network which store the code was purchased in. Drive over to the next state to purchase codes if you're paranoid. Mandate by law that no records of code purchases or copies of ID are kept. We don't require it for alcohol or tobacco purchases so there's no justification here.

[goda90]

The government could provide anonymous age credentials. A private-public key that neither the website nor the government can use to identify the user, but that confirms the user holds a key issued by the government verifying their age.

[filmor]

Have age checking done by a trusted third party that only certifies the age check on the spot without storing any information (post office or sth like that?)?