The Age Verification Trap: Verifying age undermines everyone's data protection

Original Article ↗ Hacker News Discussion ↗

Responsibility for children’s access

  • Strong split between “parents should manage kids’ devices and behavior” vs “platforms and states must gate access.”
  • Many argue the internet should be treated like alcohol or cigarettes: adults can buy, but supplying minors is regulated and punishable.
  • Others counter that most parents are overwhelmed, under‑informed about controls, or themselves digitally addicted; relying on parenting alone is unrealistic.

Age checks, ID, and de‑anonymization

  • Repeated concern that “age verification” is actually an identity system: once you prove age with government ID, platforms, governments, and data brokers can eventually link accounts to real people.
  • Critics say that if child safety were the true goal, laws would target addictive design (infinite scroll, recommendation algorithms), not identity collection.
  • Device‑ or browser‑level “I am a child” flags and site self‑rating are proposed as alternatives that don’t require IDs, but doubters say bad actors simply won’t flag themselves.

Technical proposals and limits

  • Suggested architectures:
    • Device‑side age flags passed in HTTP headers or via OS APIs.
    • Government- or bank‑issued digital credentials with zero‑knowledge proofs (prove “over 18” without revealing identity).
    • Token systems bought in person after ID check, then used anonymously online.
  • Pushback: any usable system must prevent large‑scale sharing and re‑use of tokens or credentials, which tends to reintroduce tracking, rate‑limits, revocation lists, or hardware attestation.
  • Several note that “perfect” cryptographic systems are complex, hard to deploy, and will be bypassed in favor of simpler, more invasive vendors.

Effectiveness and workarounds

  • Many argue age‑gating will stop honest users but not determined kids:
    • Borrowing parents’ or older siblings’ devices/IDs.
    • Using school devices, public Wi‑Fi, VPNs, Tor, foreign sites.
  • Analogy: like underage drinking—laws reduce use, don’t eliminate it. Some say “imperfect but better than nothing”; others call it mere security theater plus privacy loss.

Government power and surveillance concerns

  • Strong undercurrent that this is part of a broader push to de‑anonymize and control online speech, using “protect the children” as pretext.
  • Fears include:
    • Linking real‑ID to all social media for political repression and chilling dissent.
    • Expanding device attestation, banning rooted/jailbroken systems, and effectively killing general‑purpose computing and anonymous browsing.
  • Some see coordinated lobbying by age‑verification vendors and large platforms who benefit from verified, targetable users.

Alternatives and tradeoffs

  • Proposals emphasize:
    • Strengthening and simplifying parental controls at OS/router level.
    • Regulating social media design (addiction mechanics, targeting children) and corporate incentives, rather than identity.
    • Accepting an imperfect, more anonymous internet vs a “safer” but tracked and permissioned one.