alt Hacker NewsIt's kind of surprising that no-one has really come out with a proper privacy-preserving approach to this yet. It is clearly _possible_; there are reasonable-looking designs for this. But no-one's doing it; they're just collecting photos and IDs, and then leaking them all over the place.
Replies
https://www.apple.com/newsroom/2025/06/apple-expands-tools-t...
What are your thoughts on Apple's approach? You still have to provide your birthdate to apple. But after that, it only only ever shares your age range with other companies that request it, not your birthdate.
> It is clearly _possible_
Is it?
I don't think it is.
I truly don't believe that there's any possible way to verify someone's age without collecting ID from them.
It is only a matter of time before ID verification means the camera is always on watching the face of the person looking at the screen.
They do not want to solve the problem, they want to collect our IDs. If they would have wanted to actually solve it they would not have done this on legislations where it is not a requirement.
As others have said, it’s obvious that no real attempts have been made by anyone to create a privacy-focused solution because the end goal is to collect photo IDs.
Occasionally in my free time I have been tinkering with a certificate-based solution that could fulfill this sort of need for age verification. It’s not the most robust idea but it’s simple enough using most of what we already have. Creating a minimal protocol which doesn’t share actual identifying information nor metadata of the site you’re accessing is trivial. If I can make an 80% solution in less than 100 hours of my free time then some groups with more money and intelligence could propose a dead-simple and easy-to-adopt solution just as easily.
No privacy is simpler and the simpler solution is cheaper. If there's no real incentive to go with another option, companies will go with the cheaper option.
[dead]
Here's my solution: https://news.ycombinator.com/item?id=46447282
The problem is privacy activists and free speech activists (though there's some overlap between the two they aren't the same) oppose age verification by any means since it has the potential to infringe on both ever so slightly. Meanwhile age verification gates are being demanded and thrown up all over the Internet at a frightening pace. So we get only the maximal data collection solutions implemented by people who don't give a shit about privacy or free speech. And the mass surveillance cheerleaders egg them on.
If privacy and free speech activists understood that a proactive, privacy-preserving approach to age verification is the best outcome we'd be better off.