Opening up 'Zero-Knowledge Proof' technology to promote privacy in age assurance

Legislative and Public-Opinion Context

  • Some argue lobbying legislators is futile; others insist technical people must engage in electoral politics and policy debates.
  • Cited polls show strong support in some countries (e.g., Australia, parts of Asia) for banning social media for under‑16s; others contest that this does not represent “the vast majority of the population” overall.
  • Several comments note that politicians are driven by optics around “protecting children,” not by technical nuances or actual effectiveness.

Privacy, Surveillance, and Government Power

  • Strong concern that age assurance becomes a pretext for mass identification and tracking, especially when tied to government-issued credentials.
  • Examples like Australia’s Assistance and Access law are cited: secret orders, possible mandated backdoors, and unclear legal protections for resisting.
  • Fear of a slippery slope: once age‑gated identity is required for adult sites, it may spread to banks, social platforms, then “almost everything,” enabling dynamic, per‑person access control by governments.
  • Some see this as inherently dystopian and argue that no app is “safe” under such powers.

Technical Debates on ZKP Age Verification

  • ZKPs are seen as mathematically sound but not magic. Main issues discussed:
    • Token reuse / “clone” attacks and how to prevent one adult’s proof from being shared widely.
    • Need for revocation, rate limiting, and “double‑spend” style protections (e.g., blind signatures, revocation lists, device‑bound keys).
    • Tension between preventing abuse and avoiding remote attestation that locks users to “approved” devices and software.
  • Some argue properly designed anonymous credentials can hide identity from both issuer and verifier; others stress metadata (IP, browser fingerprinting) and CA–service collusion can still deanonymize users.
  • Skepticism that users can verify whether implementations truly honor zero‑knowledge guarantees.

Child Protection vs Freedom and “Moral Panic”

  • One side: smartphones/social media are likened to cigarettes or meth for kids; heavy restrictions (including bans) are viewed as justified.
  • Other side: evidence of harm is described as weak, p‑hacked, or overstated; past “video nasty” and rock‑music panics are invoked as analogies.
  • Many warn that building surveillance/ID infrastructure to address online harms will cause more damage to civil liberties than the harms themselves.

Motives and Platform Power

  • Deep cynicism about motives of governments and big tech:
    • Age assurance seen as a path to better ad targeting and identity tracking, not child safety.
    • Google’s ZKP libraries are viewed by some as a way to normalize device attestation and a more locked‑down web.
    • Others note that at least ZKP‑style schemes reduce data leakage compared to current ID‑upload models.

Proposed Alternatives

  • Device‑level age settings and parental controls, exposed to websites/apps via simple flags, are widely favored over identity‑based systems; some laws (e.g., in California) reportedly move this way.
  • Suggestions include:
    • Site‑provided content ratings consumed by user agents, with policies enforced locally.
    • Stronger parental filtering tools and education, not centralized age verification.
    • Taxing or regulating engagement‑driven social media, or breaking up large platforms, rather than building identity infrastructure.
  • A vocal contingent rejects age verification entirely, framing it as a sociopolitical problem ill‑suited to technical fixes.