> Mandatory age verification, and with it, mandatory identity verification, is the wrong approach to protecting young people online.
Is there any approach that the EFF would not say is the wrong approach?
> Once information is shared to verify age, there’s no way for a website visitor to be certain that the data they’re handing over is not going to be retained and used by the website, or further shared or even sold. While some age verification mandates have limits on retention and disclosure of this data, significant risk remains. Users are forced to trust that the website they visit, or its third-party verification service, both of which could be fly-by-night companies with no published privacy standards, are following these rules.
So make it mandatory that they use a system that doesn't allow that. You've logically got three parties involved: (1) you, (2) an entity that needs to know your age, and (3) an entity that is able to attest to your age. (Replace "know your age" with "know you are above a specified age" if that is all that is legally required).
In the quoted paragraph above it seems that EFF is envisioning either #2 and #3 being the same (such as the website you want to use) or that they are separate but #2 picks #3. So you either hand ID documents over to the website or to an entity the website picked and neither of those are necessarily entities you trust.
There are ways though it could be designed so you aren't handing any ID information over to an entity you do not trust, as long as we don't forget about the last 50 years of developments in cryptography.
Here's one. Entity #2 asks you to verify your age and hands you some blob of data that is only meaningful to them. You pick a #3 entity of your choice, go through whatever their "proof of age" procedure is, and if it passes you can have them do a blind signature on the blob. You then give the signed blob back to #2. They see it was signed by #3, and accept that you are old enough.
All #2 learns is that you used #3 for age verification. #3 doesn't learn anything about #2. #3 does know who you are and gets to see your ID documents, but #3 can be handled by an entity that already knows who you are and has seen your ID documents. Good candidates for #3 service would be state or national governments, post offices, and major banks.
Note that this even works for anonymous logins.
The above was just a quick outline of one approach, with no doubt many details missing that would need to be dealt with to make it practical and secure. There are doubtless other approaches that would accomplish the same goal.
I'd like to see more advocacy groups working to make sure that if we do get mandatory age verification we get a system that does take advantage of modern cryptography to make it so that verifying your age to a site can work anonymously and does not give the site any information other than your age and does not give the verification service anything they didn't already have about you.
Too many limit their advocacy to just saying that whatever is currently proposed is the wrong approach, without ever offering how to improve those approaches or suggesting different approaches. That can easily mean that if they fail to get it stopped completely, we end up with one of the worst ways it could be done instead of one of the best ways.
Is there any approach that the EFF would not say is the wrong approach?
> Once information is shared to verify age, there’s no way for a website visitor to be certain that the data they’re handing over is not going to be retained and used by the website, or further shared or even sold. While some age verification mandates have limits on retention and disclosure of this data, significant risk remains. Users are forced to trust that the website they visit, or its third-party verification service, both of which could be fly-by-night companies with no published privacy standards, are following these rules.
So make it mandatory that they use a system that doesn't allow that. You've logically got three parties involved: (1) you, (2) an entity that needs to know your age, and (3) an entity that is able to attest to your age. (Replace "know your age" with "know you are above a specified age" if that is all that is legally required).
In the quoted paragraph above it seems that EFF is envisioning either #2 and #3 being the same (such as the website you want to use) or that they are separate but #2 picks #3. So you either hand ID documents over to the website or to an entity the website picked and neither of those are necessarily entities you trust.
There are ways though it could be designed so you aren't handing any ID information over to an entity you do not trust, as long as we don't forget about the last 50 years of developments in cryptography.
Here's one. Entity #2 asks you to verify your age and hands you some blob of data that is only meaningful to them. You pick a #3 entity of your choice, go through whatever their "proof of age" procedure is, and if it passes you can have them do a blind signature on the blob. You then give the signed blob back to #2. They see it was signed by #3, and accept that you are old enough.
All #2 learns is that you used #3 for age verification. #3 doesn't learn anything about #2. #3 does know who you are and gets to see your ID documents, but #3 can be handled by an entity that already knows who you are and has seen your ID documents. Good candidates for #3 service would be state or national governments, post offices, and major banks.
Note that this even works for anonymous logins.
The above was just a quick outline of one approach, with no doubt many details missing that would need to be dealt with to make it practical and secure. There are doubtless other approaches that would accomplish the same goal.
I'd like to see more advocacy groups working to make sure that if we do get mandatory age verification we get a system that does take advantage of modern cryptography to make it so that verifying your age to a site can work anonymously and does not give the site any information other than your age and does not give the verification service anything they didn't already have about you.
Too many limit their advocacy to just saying that whatever is currently proposed is the wrong approach, without ever offering how to improve those approaches or suggesting different approaches. That can easily mean that if they fail to get it stopped completely, we end up with one of the worst ways it could be done instead of one of the best ways.