There are actually ways to verify identity without disclosing identity in any uniquely identifiable way. It's what basically every 2FA app does, so this isn't some obscure or unfamiliar technology.
Since this is possible to do, yet it is never proposed or required whenever discussing age verification online, it's fair to characterize all of these efforts as an attempt to deliberately strip anonymity (for tyrannical purposes).
The precise actors in question are kind of irrelevant to the point here. The GayRaceCommunistZOG dialectic is all about creating, "Heads I win, Tails you lose" situations and this is no better. Either unrestricted access to hardcore porn for minors, or tyrannical speech-control across the entire internet.
Can you give me one example of a 2FA implementation that would work? Where nobody in the login chain can know your identity, but you can still prove you're 18?
Every commercial 2FA app I know is intrinsically linked to verifying a known identity, so they do not provide anonymous verification.
Or they're hardware or secret key based, and their results can be shared and don't actually verify that the holder is 18+ (eg, physical authenticator). That works when your user wants to keep people out of their bank account, but doesn't work when they want to share their account online so everyone can login with it.
Edit: I forgot the third vitar requirement, that it needs to be sufficiently foolproof that the government can cheaply and efficiently implement and administrate it.
Can you give me one example of a 2FA implementation that would work? Where nobody in the login chain can know your identity, but you can still prove you're 18?
Every commercial 2FA app I know is intrinsically linked to verifying a known identity, so they do not provide anonymous verification.
The identity is known at some level, yes. There are actually 2 sides to this.
The identity-verifying service doesn't need to know what websites/services you're accessing. It just needs to verify you once, and then provide some seed for One-Time-Passwords.
A website/service that needs age-authorization doesn't need to know precisely who accesses the site. It just needs to know a Pass/Fail based on a one-time-password-generated key.
If it's done correctly then:
ID-verifier doesn't know what you're doing with your ID
Service-needing-ID doesn't know your ID directly, just whether it's verified or not.
So yeah, you can do this in a privacy-respecting way. It's ultimately not any more difficult than setting up an account with Google and using your Google login on a 3rd party website. (Google probably does track you across sites via their login, but that's not because they have to, it's because they are creepy fucks).
Now is that theoretically game-able? Yeah, any system can be gamed. Credit cards can be gamed, physical IDs can be stolen or faked, photos / biometrics can definitely be faked. There's no 100% system.
There are actually ways to verify identity without disclosing identity in any uniquely identifiable way. It's what basically every 2FA app does, so this isn't some obscure or unfamiliar technology.
Since this is possible to do, yet it is never proposed or required whenever discussing age verification online, it's fair to characterize all of these efforts as an attempt to deliberately strip anonymity (for tyrannical purposes).
The precise actors in question are kind of irrelevant to the point here. The GayRaceCommunistZOG dialectic is all about creating, "Heads I win, Tails you lose" situations and this is no better. Either unrestricted access to hardcore porn for minors, or tyrannical speech-control across the entire internet.
Those aren't the only options.
Can you give me one example of a 2FA implementation that would work? Where nobody in the login chain can know your identity, but you can still prove you're 18?
Every commercial 2FA app I know is intrinsically linked to verifying a known identity, so they do not provide anonymous verification.
Or they're hardware or secret key based, and their results can be shared and don't actually verify that the holder is 18+ (eg, physical authenticator). That works when your user wants to keep people out of their bank account, but doesn't work when they want to share their account online so everyone can login with it.
Edit: I forgot the third vitar requirement, that it needs to be sufficiently foolproof that the government can cheaply and efficiently implement and administrate it.
The identity is known at some level, yes. There are actually 2 sides to this.
The identity-verifying service doesn't need to know what websites/services you're accessing. It just needs to verify you once, and then provide some seed for One-Time-Passwords.
A website/service that needs age-authorization doesn't need to know precisely who accesses the site. It just needs to know a Pass/Fail based on a one-time-password-generated key.
If it's done correctly then:
So yeah, you can do this in a privacy-respecting way. It's ultimately not any more difficult than setting up an account with Google and using your Google login on a 3rd party website. (Google probably does track you across sites via their login, but that's not because they have to, it's because they are creepy fucks).
Now is that theoretically game-able? Yeah, any system can be gamed. Credit cards can be gamed, physical IDs can be stolen or faked, photos / biometrics can definitely be faked. There's no 100% system.