They don't exist because the organizations who lobbied governments were YOTI, Persona, K-ID and others who have a vested interest in collecting data and rent seek by latching through regulations like diseased ticks.

The UK has draconian laws.

But some of the easiest middle ground solutions that solve 90% of the problem are things like simple math problems. Get asked "3+7" and that will pretty quickly filter out almost anyone under the age of 6. If you can accept that there are some smart 4 or 5 year olds who can do simple math, congrats you recognize there's a 10%.

>mythical sweet-spot solutions?

there are thousands of comments on these threads every time it comes up. there's tons of what i consider reasonable solutions proposed. there's examples below, too, which don't require face scans.

>Concretely, half the websites I visit from the UK want me to either scan my face or upload ID documents

yeah, i agree that really sucks.

> half the websites I visit from the UK want me to either scan my face or upload ID documents to access their full featureset.

what kind of websites are you visiting to get age checked on half of the sites you visit? i've only been asked to verify for dating apps and "sexy stuff". and i definitely don't spend 50% of my total browsing time on those sites.

maybe this says more about the kind of content/sites you're accessing if it is really as high as 50%? UK age verification mostly only applies to sites which might end up hosting the content quoted below.

> pornographic images, and content that encourages, promotes, or provides instructions for eating disorders, self-harm, or suicide.

or you're just being hyperbolic? 79% of statistics are made up, after all.

Government builds a website where you can log in using any government issued ID or using one of the many many many available services that hold your details already(at least in the UK nearly everyone will have a DLVA account, HMRC account, HMPO account, NHS account.....all of these are government services which we can only assume hold our data securely already).

On that website, you can click "give me a verification code", it gives you a code that is single use and only valid 24 hours. You type that into whatever 18+ website you need to, they use a public API provided by the government to just check "yes this is a valid code and the user is 18" - bang, done, verified. The website knows nothing about you at all, except for the fact that you're 18.

In fact, the UK government ALREADY HAS THIS. For the EU settlement scheme, you can give your employeer(or anyone else who needs it) a special magic code that they type in on the government website, and it just says "yet his person has the right to reside in the UK" without spilling any of your personal information at all. The code is single use and valid a limited amount of time. And you can do the same with your driving licence, where anyone can verify you hold a valid licence without actually seeing it or any details on it.

Like, am I being stupid here? It seems like an almost trivial solution to the problem, especially given that it already exists for at least 2 services named above.

And yes, I know people will say "oh but that requires the government having this data on you, and that's bad" or "but then the government will know you've authenticated with pornhub!".

And yes, both of these are true - but on point 1 - like, I'd love some ideal situation where the government can simultaniously give me a passport or a driving licence AND not have any information about me at the same time, but that ain't happening, and on point 2 - yes, but that's still infinitely preferable to the current implementation, and it can be easily solved with legislation saying that the code authentication service doesn't log who requested verification, it just answers with yes/no and that's it.