Ask Experienced Devs

I agree with others here when they say that age-verification laws aren't about children at all, and identification isn't a side effect, it's the raison d'être.

But if I were to earnestly try to solve the problem, I might look to the physical (non-online) world. In every part of the world I've been to, buying alcohol requires one thing; to be of age. So if you very clearly look of age, you are allowed to buy it. If you look younger, you may be asked to provide ID proving you are old enough. While some vendors may take additional precautions such as scanning your ID, it is not a requirement and most do not. They simply look at your ID to verify, then allow the purchase.

One could buy a physical verification token, like one might buy a gift card currently, and the purchase requires the same verification as buying alcohol. Imagine you buy a plastic gift-card-like item branded Roblox and they verify you are of age, when you sign up for Roblox you enter in the details of the gift-card-like item. You are verified to be of age, and no-one has any other details.

No.

Basically, as soon as a web service knows your age, they can tailor their content specifically for you. That's great when the service is Netflix and doesn't want to suggest R-rated movies to pre-teens.

That's not quite so great when the "service" is KidGroomer dot com.

Turns out that having machines automatically report the ages of their users is not such a good idea. Turns out that enabling groomers to identify children from adults is a fair bit worse than kids finding naked people on the internet.

The question you should really be asking: is it even desirable? Teens have been accessing adult content since forever and it is a perfectly natural and healthy part of adolescense. Sex is perfectly natural and healthy. It shouldn't be criminalized.

Very easy: create a law that if minors are caught where they shouldn't be the parents and the minors are going to be held responsible, because raising kids is parent's responsibility.

However, absolutely ZERO percent of the age verification laws are being put in place to protect kids. They are pushing that with sole reason to invade your privacy and monitor your activity, so any mean that doesn't accomplish it missed the point.

What do you mean by government suppression? The government suppressing entities, or you as the authorizing individual?

EU has eIDAS, and Germany has an existing working system. A certified publisher and you with your NFC phone can confirm your age above x without disclosing any other information about your identity. It runs with sophisticated cryptographic negotiation between the three parties. For you as an end user, obviously the government already knows of your existence beforehand and can serve as an authorative entity. The two other parties can then verify their validity to each other through the mutually trusted entity without revealing unnecessary information to any of the parties. Practically, the requesting entity must be certified by the state to confirm their validity and reasonable necessity of what kind of data they plan to request, and the user use their moile phone NFC and an app to read their identity document, and give explicit consent to specific data sharing.

No.

How about we just don't.

Yes, that's what the California and Colorado (not sure about the others) implementations accomplish. Bare minimim exposure of data to consumers who want to verify you, without any need to expose additional data to trusted third parties. The burden of trust is placed on the device owner.

Yes, kind of. In a similar way that we can currently authenticate with OpenID. Basically something like a passkey could be issued by your government that would let you prove your (pseudonymous) identity (and thus age range) through their API to a website.

This wouldn’t allow for anonymous browsing, since the website would have to identify you, but it could allow for pseudonymous browsing, since the website’s identification of you could be just an ID number that is specific to them. They already track you with cookies, so it wouldn’t be any worse than we have now, except that it’s more unnecessary bureaucracy.

Honestly I can't think of any way you could verify age accurately without something identifying being provided.

You could try age based trivia, but anyone could Google an answer.

By the way, people who create accounts without age verification will then have access to the planned children’s versions of social media... A pedophile’s dream come true 🤢🤢🤮🤮🤮

Age verification = digital epstein pedo playground

This is the precise question that Soatok discussed here: https://soatok.blog/2025/07/31/age-verification-doesnt-need-to-be-a-privacy-footgun/

Google recently published an open source library that proves a user’s age in a way that preserves privacy. This library is undergoing two independent security reviews, but should be production-ready in the near future.

If we’re going to force websites to implement some kind of age verification for adult content, we should demand the governments that pass these laws provide the zero-knowledge proof technologies to satisfy the law.

Full disclosure, I'm not a full time dev, but am in IT and do some minor software development work.

Here's my proposal:

Reverse the verification. Don't verify adults. Have extra actions to allow children to access the internet, and make it the legal responsibility of those adults that purchase the devices verify that a device given to a child can only access the child-friendly internet. We already have laws constructed like this and they work pretty well. Cigarettes and alcohol are largely out of the hands of young children. No its not perfect, but no system will be.

The default behavior of any device is full adult access. However, devices will have a service menu that you can put the device in child-friendly mode. However, it's a one way change. Once its in child-mode, there's no going back.

Then, sell devices that are able to access the internet only to 18 year olds and older. An adult can put the device in child-friendly mode and give it to a child. An adult can also let the child use their adult mode device when it is under the supervisor of the adult. Any child found unsupervised with an adult mode device will be treated the same way as if they were found with a fifth of whiskey or a carton of cigarettes. Any adult found giving adult-mode devices to children will be charged the same way as if they were giving alcohol and tobacco to children. Perhaps a repeat offender adult will have their ability to buy electronics capable if internet access made illegal for a time as punishment.