|
Thank you for writing this. Of all the topics I’ve had to work with in my career, this one has caused me by far the most frustration. I like to think the hacker community is generally scientifically-minded and open to rational debate, but online discussion of this subject uniquely tends to cause people to hunker down, refuse to engage productively, and resort to name-calling. This might feel righteous, but ultimately leads to own-goals from us. Firstly, to make one thing clear, it’s _absolutely_ possible to do age verification in a privacy-preserving manner. A technology called Privacy Pass exists that separates the roles in the age-verification question. This would make it possible to have a solution where the government can attest to your age without knowing what website you’re trying to visit (e.g. pornography, or an online casino, or just purchasing alcohol online). This is just a matter of fact. I’d recommend reading RFC 9576 for more details on the separation of roles here, it’s a really nice protocol. There seems to be some misconception that privacy-preserving solutions for age verification aren’t permitted under various legislations. I don’t know where this comes from, but certainly Ofcom _mandates_ the minimisation of unnecessary data collection. This doesn’t mean that suboptimal technologies aren’t in use, but there’s certainly nothing precluding the use of fully privacy-preserving solutions. We should be pushing for privacy-preserving age verification. It’s easy and convenient to say it’s the job of parents, and label anyone who doesn’t use parental controls as a bad parent, but at the end of the day, a government’s job is to look after its citizens regardless of whether they have good parents. If instead of engaging productively we stonewall the topic based on a vaguely-directed-but-intense distrust of Government, then governments will implement it anyway, and the solutions will be bad. We know this is the case, because it already happens. I participated in a very productive workshop last year with representatives from government as well as various privacy-conscious companies, including Mozilla. I was pleasantly surprised at how productive we could be when we all worked together on this. We all walked away with a much better understanding of some of the problems, some of the nuances involved, and some possible paths forward. |