Opening up 'Zero-Knowledge Proof' technology to promote privacy in age assurance
Legislative and Public-Opinion Context
- Some argue lobbying legislators is futile; others insist technical people must engage in electoral politics and policy debates.
- Cited polls show strong support in some countries (e.g., Australia, parts of Asia) for banning social media for under‑16s; others contest that this does not represent “the vast majority of the population” overall.
- Several comments note that politicians are driven by optics around “protecting children,” not by technical nuances or actual effectiveness.
Privacy, Surveillance, and Government Power
- Strong concern that age assurance becomes a pretext for mass identification and tracking, especially when tied to government-issued credentials.
- Examples like Australia’s Assistance and Access law are cited: secret orders, possible mandated backdoors, and unclear legal protections for resisting.
- Fear of a slippery slope: once age‑gated identity is required for adult sites, it may spread to banks, social platforms, then “almost everything,” enabling dynamic, per‑person access control by governments.
- Some see this as inherently dystopian and argue that no app is “safe” under such powers.
Technical Debates on ZKP Age Verification
- ZKPs are seen as mathematically sound but not magic. Main issues discussed:
- Token reuse / “clone” attacks and how to prevent one adult’s proof from being shared widely.
- Need for revocation, rate limiting, and “double‑spend” style protections (e.g., blind signatures, revocation lists, device‑bound keys).
- Tension between preventing abuse and avoiding remote attestation that locks users to “approved” devices and software.
- Some argue properly designed anonymous credentials can hide identity from both issuer and verifier; others stress metadata (IP, browser fingerprinting) and CA–service collusion can still deanonymize users.
- Skepticism that users can verify whether implementations truly honor zero‑knowledge guarantees.
Child Protection vs Freedom and “Moral Panic”
- One side: smartphones/social media are likened to cigarettes or meth for kids; heavy restrictions (including bans) are viewed as justified.
- Other side: evidence of harm is described as weak, p‑hacked, or overstated; past “video nasty” and rock‑music panics are invoked as analogies.
- Many warn that building surveillance/ID infrastructure to address online harms will cause more damage to civil liberties than the harms themselves.
Motives and Platform Power
- Deep cynicism about motives of governments and big tech:
- Age assurance seen as a path to better ad targeting and identity tracking, not child safety.
- Google’s ZKP libraries are viewed by some as a way to normalize device attestation and a more locked‑down web.
- Others note that at least ZKP‑style schemes reduce data leakage compared to current ID‑upload models.
Proposed Alternatives
- Device‑level age settings and parental controls, exposed to websites/apps via simple flags, are widely favored over identity‑based systems; some laws (e.g., in California) reportedly move this way.
- Suggestions include:
- Site‑provided content ratings consumed by user agents, with policies enforced locally.
- Stronger parental filtering tools and education, not centralized age verification.
- Taxing or regulating engagement‑driven social media, or breaking up large platforms, rather than building identity infrastructure.
- A vocal contingent rejects age verification entirely, framing it as a sociopolitical problem ill‑suited to technical fixes.