Could you be more specific as to what you're imagining? I don't personally see a way to verify someone's age which doesn't involve either credit card verification, photo id verification, or some sort of facial recognition. If you know enough about someone to verify their age—even to a relatively low degree of accuracy—you probably know enough to pinpoint who they are in general.

Heck—in most cases, we can't even tell the difference between humans and bots anymore! And it's true that we basically accept that some bots will slip through the cracks—but identifying bots also strikes me as significantly easier than identifying children.

Where are these mythical sweet-spot solutions? Concretely, half the websites I visit from the UK want me to either scan my face or upload ID documents to access their full featureset. Now that users have been conditioned to accept this, nobody seems very interested in figuring out how to collect less PII - only insulating themselves from liability by having the data processed by a third party.

Exactly. The same way that selling alcohol doesn’t require a paper trail of every beer I’ve bought.

What's the point in making this distinction? This is HN, 99% of the users here are aware of what zero knowledge proof is and that it's possible to implement it that way.

The general consensus and what the article is alluding to is that it will be probably implemented in a way that allows individual tracking and identification.

> age verification doesn't have to be a nightmare dystopia

But I feel there's not a lot of trust that whatever implementation we could end up with wouldn't be such a dystopia. The real world equivalent would be checkpoints at every intersection verifying the driver's age, the cashier who carded the 20 yo with a beer now does it for everyone, makes a copy of your ID and stores it in a big folder shared with their 427 "business partners".

Imo we should scrap the whole idea of age verification. Kids get a kidPhone with kidOS, whitelist of age-appropriate resources & capabilities. You wouldn't let an 8 yo drive on the highway, yet they can have a supercar to drive unsupervised on the information highway, no biggie. Internet is full of adults doing all sort of stuff while kids need supervision and education: design safe spaces for children, not checkpoints at every corner.

Yeah, and once you have the non-intrusive system in place you can just switch it out for the tracking one without the user knowing.

Or there's probably some kind of correlation trail possible that will track you even with the anonymous systems.

They can track you with cookies , now they have age and identity signals .

> age verification doesn't have to be a nightmare dystopia of 24/7 fine-grained tracking and recording unless you are somehow hoping to achieve 100% success rate

I believe you are missing the point. "To protect kids" is just a cover, the nightmare dystopia is the real goal. So age verification have to be a nightmare dystopia or it would be useless for those, who push for it.

This isn’t about kids at all. The ID requirement is the WHOLE POINT.

That it is technically possible to do age verification in a privacy-preserving way is thus entirely irrelevant.

They want all online activity tied to ID so they can violently, illegally retaliate in the dark of night against protected expression online that they don’t like.

That’s all this is. Privacy-preserving techniques are irrelevant because they do not accomplish this goal.

> age verification doesn't have to be a nightmare dystopia of 24/7 fine-grained tracking

Personally I don't care how much age sniffing is mandatory in that I think it is inacceptable on any level. Do you try to insinuate that a little bit of tracking is ok? Because I can not buy into that premise. To me the whole assumption is wrong from the get go.

Doesn't _have_ to be except not enough voters can tell the difference which is exactly the goal.

It was never about the children. They are rolling this out, so online comments can be tracked to names and addresses.

It's to suppress free speech and arrest people that post anything against the government's narrative.

Many people have already been arrested in the UK for this. This is the next logical step.

Doesn't 90% successful mean you are stepping on 10% toes???

i am convinced that enough people in power know it, too, but see this as their chance to get the full-dystopia version rolled out.

Correct. The goal here isn't "to save kids". That's just one of the Horsemen of the Infocalypse [0] used to market taking away our freedom.

0 - https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...

I am convinced that no one will make any progress on this issue so long as they refuse to understand that their aren't a group of shadowy figures pushing for this but rather a sizeable chunk of the general population, buoyed on by various moral outrage interest groups including a great many HNers who have been happily stoking the narrative that social media is the cause of every negative statistical ill.

Who wants this? God damn everyone. And in so much as Facebook might do something with the data, what they really want is a legal moat of sufficient depth to drown possible competitors.

In tech, 10% unsuccessful today is 100% unsuccessful next week, when everyone learns how to join that 10% who got around it.

The shit is horrible if 100% successful, and yet not worth doing if it isn't.

Would you mind elaborating on the specific methods you're referencing? To me, the entire problem is framing the issue as "age verification" in the first place - this implies the web company is responsible for knowing and controlling who uses their service. Whether this is a full-on demand for drivers' license / face scan / verification can, or whether there can be a technical process that obscures some details doesn't change this underlying dynamic!

The other problem you're up against is in the low-friction online environment, 90% easily turns into a much lower percentage. Which will actually manifest itself as the initial methods that achieved "90%" being declared insufficient in favor of stronger methods of identity verification.

I say this as a parent staring down having to deal with the dumpster fire that is the modern web in the next short year or two - the only sane way to address this problem is through client-side parental control software that works based on website/app tags supplied by the server / app creator / etc. There is indeed a market failure here, so the sensible regulation is to make websites over a certain size publish labels about the suitability of their content for age brackets, whether a site is social media, contains user generated content, has algorithmic feeds, and so on - affirmative assertions about the content that carry legal weight and liability for them not being true. Device manufacturers over a certain size would need to include parental control software that can be enabled during the setup process.

If parental controls are enabled and a website has not published tags (too small, foreign jurisdiction, misconfiguration, etc), then it simply fails closed and refuses to display the site. This keeps decisions about content suitability in the hands of parents where it belongs, rather than putting it in the hands of corporate attorneys who will often make decisions directly contrary to what parents want! Remember this whole topic is being pushed by big tech to absolve themselves of liability for pushing harmful products!