Many might’ve seen the Australian ban of social media for <16 y.o with no idea of how to implement it. There have been mentions of “double blind age verification”, but I can’t find any information on it.
Out of curiosity, how would you implement this with privacy in mind if you really had to?
Could it be maybe a token signed by the verifying party living permanently on your computer (like cookie), and websites can request permission to query it to verify the age?
Since age tends to not decrease, that may make sense: once you reach 18 you get a signed token you can use forever.
Your token might be used by someone else, though
Yeah. I feel like that cool bad influence not-actually-my-uncle is gonna publish their porn access token everywhere.
Porn Access Token lmao
The hard part is browsers. Cookies and local storage are limited by the origin URL. You need it explicitly set on the domains you intend to visit, but those domains don’t know your age. The one that knows the age is the identity provider, but it can’t set it for all domains. There are other techniques that you could use, like a smart card combined with a browser extension to do local based user info attestation, but those are difficult to manage at a nation scale and I suspect people will struggle with them, though there are some countries that do have national smart cards (e.g. Estonia.)