The internet wants to check your ID
73 comments
·August 6, 2025advisedwang
Far better to promote device controls than service ID checks.
* It allows parents to decide what age to allow kiddo to see certain content, not the state.
* It allows others to restrict content too. E.g. a gambling addict who doesn't want to see gambling content.
* It has no risk of leaks etc for adults.
I'd like to see laws mandating that service provides respect a new content restriction header or something like that.
trinix912
But wouldn’t that be too easy to counterfeit? Or if it were handled by a special government-approved piece of software that’s then just DRM all over again.
stebalien
Counterfeit what? This is about labeling and filtering: the device doesn't present an ID, the device prevents the user from accessing content with/without specific labels if so configured.
Specifically, governments mandate that:
1. Websites/apps/etc. MAY label content (via headers) indicating when their content/service is/isn't appropriate for some specific audience (e.g., children) according to X/Y/Z regulations. Websites/apps/etc. MUST NOT incorrectly label their content.
2. Devices that can access the internet must not be sold directly to miners without parental consent.
3. Devices that can access the internet must include parental control software can be configured to allow/forbid all apps/content that may contain content not deemed suitable for children (in the jurisdiction where the device is sold).
Importantly, this kind of solution solves the "borderless internet" problem:
1. Device sellers are regulated in the jurisdiction where they sell the device.
2. Service providers take no (additional) per-jusrisdiction responsibility until they start labeling their content. By labeling their content, they are claiming to abide by specific regulations.
Zealotux
Is there any serious investigation or a good article that explain how these ID check laws got simultaneously rolled out in the UK, EU and Australia? As well as the main payment processors heavily restricting adult content? It seems like there are remarkably powerful groups pushing for these things, or maybe it really is just happenstance.
donmcronald
Canada too. It’s corporate interests that want a government mandated customer base with a legal requirement to participate. Get ready for verified id on everything, and to pay for it via taxes.
trinix912
An additional consequence is it’s going to be significantly harder to set up an alternative social media site, as you’ll have to play by these rules which might end up favoring a certain provider’s implementation, or delegating the government the ability to shut down your site on a whim (even if through a court). This, I think, is way more concerning than having to ID your account on Meta.
stego-tech
I’ll say it again: the fact an adult has to sign up and pay for internet service and devices that can access those services should be all the age verification needed, full stop.
If parents don’t want kids getting into mischief online, then they need to restrict device and network access appropriately.
The internet was never intended for children, and we need to stop placing the onus on other adults to police themselves instead of on parents to police their children.
jajuuka
I disagree. The internet was intended for children. It was intended for everyone. Getting access to information, learning material, how to's, class work, doing class work, research, etc are just as much a part of the internet as surfing Pornhub or gambling.
I do agree with everything else though. The onus is on the parents to do their job as a parent. If the goal is to protect children then improve the tools available to parents. They already have tons but the work is never done.
stego-tech
The internet was never intended for children. It was intended for everything you said above, but with the intention for adults to access that content and self-moderate.
For kids, we had services like Prodigy and Compuserve that distilled the internet into approved content suitable for minors. We can - and probably should - go back to that, rather than throwing youth onto the regular internet and letting them fend for themselves online.
antonymoose
I disagree with your agree. While the “buck stops (t)here” with a parent, we also live in a society with rules and expectations around what a youth can access and what there is expectation on all of us to play by those rules.
My child cannot walk into a gas station and buy beer or cigarettes, cannot buy liquor, cannot buy a machine gun, cannot walk into an adult book store or a strip club, cannot operate a motor vehicle.
If you, an adult, aid and abbet my child in any of these activities you’re likely going straight to jail.
You do not magically get a pass because “the internet.” We live in the real world, with laws, with rules, with social expectations. It’s time for the free pass to end.
atmavatar
A child also can't obtain a credit card and pay to hook up an internet connection on their own.
If you want a true apples-to-apples comparison using your list - you've already purchased beer, cigarettes, liquor, a machine gun, adult books, and a motor vehicle and brought them all home. At that point, it is your responsibility as a parent to ensure your children do not use any of them. Why should internet access be any different?
What you're really asking for is an adult other than you to be present in your house to ensure your children don't use things that you don't want them to. That's called a nanny. Unfortunately, the way in which you want this to work is for every house hooked up to the internet to be required to have a nanny.
No thank you.
dfxm12
As a child I did most of those things offline. Hell, I bought tickets to R rated movies too. I know people who made fake ID's. I've been to parties where the hosting parents didn't care if we had a screwdriver before we were 21. No one went to jail. I could have bought cigs, too, but I was never interested. I had a few family members die horrible smoking related deaths. I'm not sure how this fits in with your analogy, but I dunno, beside accessing free adult material, it's probably easier for a child to do all of those things offline.
It's not a pass, it's just a reflection of the real world, which is not as rigid with rules and expectations as you are making it out to be. In any case, I'd rather the Internet remain as free, as in speech, as possible. If the cost of that is little Billy sees a nipple on a computer screen while daddy isn't watching, I think we'll be OK with the consequences. The consequences of the alternative is likely worse, and the article goes into this.
throwawayqqq11
Your argument is a slippery slope bc there is alot of complexity to adress, you are effectively trying to black-list, so putting the burden on the parents will always be a better a solution bc they are simply closer to the root of the problem, so better positioned to white-list.
Not to speak of the risks of a fully deanonymized web, once naiive black-listing doesnt cut it anymore...
And btw, your kid could possibly buy all items you named online today, black markets are a consequence of unmet demand. So what now? Talk about parental oversight or AV for amazon and TOR?
TimorousBestie
> The internet was intended for children. It was intended for everyone.
ARPANET and the related early nets were intended for sharing research and sharing scarce computing resources for research purposes.
Everything else was an accident of the telecoms wanting to get their respective beaks wet.
stego-tech
This^
Requiring age verification online would be like requiring my ID every time I wanted to drink a beer I already bought. I already had to give my ID when buying internet service, and again when I got the credit card I use to pay for it, and again for the bank account I use to pay the credit card, and the job that puts money into my bank account, and to buy the car that gets me to and from these places.
If you’ve allowed a minor online without so much as a web filter in place, you’ve already lost the battle. Punishing strangers for your failure to police your own network devices and children is a complete abdication of your responsibilities as a parent.
Guthur
The goal has nothing to do with children, this is control.
The UK has a long long history of over reach with all of theses initiatives.
The UK governments is desperate to keep a increasingly fragile society from boiling over and their natural inclination is to censor, it's what they have always done.
Klonoar
It kind of blows my mind that the early internet had explicit carve outs for kids-only spaces (AOL Kids Only or whatever, Yahooligans, etc).
I’m sure someone has tried to bring it back but it’s interesting to me that the public at large seems to have forgotten these ideas.
kylecazar
There's a lot of precedent in the real world to force providers of a service/product to verify the age of the consumer. What is so special about services delivered over the internet?
I think this pov tends to come from people that are nostalgic for the wild west days of the web. It doesn't matter if the internet was not originally intended for children -- they're here, en masse, and now society is looking for solutions.
stego-tech
> What is so special about services delivered over the internet?
Metaphor time:
Consider a liquor store in a physical space, and a porn site on the internet.
The liquor store requires ID at point of sale because it has limited entry and exit into the building. It has physical restrictions making it harder for minors to enter, and harder to exploit their way into accessing age-restricted items. This is because the physical world is always shared by default, and we must make rules securing adults-only spaces in a world that’s intrinsically shared with children.
A digital porn site exists on a realm solely built by adults, that requires adults to access in the first place. A child cannot sign up for an ISP, a child cannot buy their own cellular phone[1], and a child cannot decide to share their coffee shop or library WiFi for free to everyone within range. At some point, a child requires the assistance of adults to enter the internet. That makes the internet a de facto space for adults first, not children, and that is why I vehemently disagree with vilifying the majority of users (adults) just to “protect” kids who will bypass those age checks like they’ve successfully done for decades.
There will always be youth finding a way to procure pornography, drugs, or alcohol underage. The difference with the internet is that it’s by adults, for adults, and that children are guests who should be supervised by adults in their circles - not by policing all the adults online through intrusive surveillance measures.
[1] Children can, of course, use cash or cards to buy prepaid phones and airtime in many countries. I do not think this should be allowed and would be a better venue to restrict access than a surveillance state.
kyledrake
Another really important distinction here is simply that drugs and alcohol damage health, cause cancer, cause brain damage, cause car crashes and kill people, and photons of humans having sex with each other are probably orders of magnitude less harmful and it would require a massive amount of scientific research to prove to me otherwise.
I'm not critiquing your argument, I'm really just sitting here in amazement that the zeitgeist thinks these are of similar harm.
pickleglitch
If a bartender asks to see your driver's license, that's fine. Now imagine a bartender asks to see your driver's license, and then run it through a scanner to capture a digital image of it, which they then store in a folder for the owner to peruse at their leisure. It's not the same thing, at all.
kylecazar
100% agreed. Execution matters a lot, and the hope is that ZKP etc gain traction in verification flows to prevent such shenanigans.
cortic
>What is so special about services delivered over the internet?
The most dangerous people on earth who are not in prison are on the internet; It is an adult place. Making it look like a child friendly place will not change this. But it will lure more kids online unsupervised and unprotected.
KenSF
In the real world, we have many businesses which will look at ones gov't issued ID, most bars for instance. We have other businesses which will record the information off ones ID, most dispensaries for instance. I will go into the first. I will not go into the second. Verifying my eligibility is one thing. Recording my data for later use is a very different thing. I can tell the difference in the real world because I can see the process. Online, it is impossible to tell. Providers can build a reputation for privacy, think Proton.
You say we are looking for solutions. There are better solutions, including privacy preserving solutions, which can work. We just don’t have any of those yet.
EA-3167
One of THE major selling points for the internet is the option of anonymity, is that true for your other examples? I'd add what exactly is the point in this context? For alcohol sales or tobacco sales you can see the rationale in public health, clearly stated data about reducing accidental deaths, road accidents, and violence.
Where is the equivalent here?
kylecazar
In the U.S, to get into an R-rated movie without a parent you need to show ID to prove that you are 17.
But you can watch videos of people being beheaded in subreddits by simply signing in.
My point is that if a society decides that certain content should be age restricted -- it being on the internet shouldn't make the difference.
I largely think that age restriction laws are ridiculous. BUT, I don't think the internet is some special haven, exempt from all of society's standards/laws enforced offline.
calvinmorrison
that's also the selling point of the illegal underground gambling strip club speak easy i often go to.
FirmwareBurner
It was never about "protecting the children", that's just the glazing they wrap internet censorship in so citizens would swallow it.
Case in point, the same UK politicians who try to burry the Muslim grooming gangs story where kids got harmed, are now suddenly the ones pushing for Internet ID to "protect the children". If they cared so much about the children, why didn't they go after the grooming gangs immediately, instead of trying to hide it.
What they want is internet censorship, to take away the internet freedom of assembly, the ability to control and ban any criticism from the public targeting politicians and the elite the same way they do to mainstream media. No more people taking about political scandals, corruption, illegal immigration, sex scandals, Epstein list, Ukraine, Gaza, law enforcement abuse, mass shootings, etc, they don't give a damn about the kids.
stego-tech
I’m aware, but I go right back to the substance of the original conceit instead of letting myself get dragged into the details; that’s how you get these ghouls accusing you of being a pedophile or claiming you want to show children pornography in the classroom.
You gotta attack the root argument: this space was never intended for children, and it is the sole responsibility of parents to protect their children in adults-only spaces like the internet.
FirmwareBurner
> that’s how you get these ghouls accusing you of being a pedophile or claiming you want to show children pornography in the classroom.
People keep saying this but I've never seen it happen IRL. Probably because previous generation of people who are now parents, grew up with uncensored internet and turned out largely all right, or at least the issues they have (economy, jobs, housing) aren't due to a lack of internet censorship to "protect" them.
>You gotta attack the root argument: this space was never intended for children
That only distract people from the government trying to censor free speech on the internet using kids as a human shield.
crinkly
Eh use their own hammer against them. Calling someone a pedophile is libel in the UK. Sue them!
scott_w
> Case in point, the same UK politicians who try to burry the Muslim grooming gangs story where kids got harmed
Please don’t spread lies to make your point. The current Prime Minister was the DPP who oversaw the prosecution of the Rochdale scandal and worked on changing reporting and investigation. Listen to Andrew Norfolk’s interview with the News Agents if you’d like a citation.
ryandv
The web is ripe for disruption.
Decades of historical baggage, technical cruft, and now a new set of encumbrances in the form of aggressive state surveillance under the moniker of "regulation;" it's strange to me that there are no movements in this space to replace an aging and decrepit web that has grown increasingly user hostile.
ActorNightly
A lot of the tech "movements" that are all about disruption have leaned heavily conservative in the past decade, and its the conservatives that are implementing these rules.
There was some merit to being anti-establishment in the past under Democratic leadership because for sure there were issues, but thinking that the conservative party is the way out because they are all about personal liberty and freedom, when in reality they are the complete opposite, is why you don't see the same amount of effort being put into this now.
whall6
should be pretty easy to do once starlink has full global coverage... could easily circumvent ISPs
riffic
Starlink itself is an ISP. so you're going to circumvent an ISP - with an ISP?
whall6
sure, why not? I'm not saying that I personally could, but the entire network of starlink satellites is owned by one person. Interesting to think about the possibilities at the very least
FirmwareBurner
Starlink isn't above government laws the same way how Youtbe, Apple, Google, Facebook and your ISP aren't. If the EU/UK/Australian governments say 'jump', these companies will say 'how high' or face criminal charges. They aren't gonna die on a hill and go to jail to protect your anonymity and privacy when the armed law enforcement show up at their offices with subpoenas. Their business and freedom is more important than your privacy.
You need to talk to push for change in your democratic government, not try to find technical workarounds around government tyranny while going on with your day as if what your government is doing is normal.
general1726
I wonder when there will be first Generate ID as a Service (GIDaaS). I would expect something like choose state, ID type, pay 10USD in crypto and now I am Joaquim van Ender from Netherlands.
Of course, this will get combated by governments letting tech companies to query IDs against their databases, which inevitably will leak the IDs which will then make this exercise pointless.
tiberius_p
Will we have to share our ID when we connect to Tor too?
meowkit
And we should be pushing for ZKP verifiable identification.
https://blog.google/technology/safety-security/opening-up-ze...
easterncalculus
The problem with ZKPs, especially for age verification in the US, is that it you obviously still need some digital identity to perform the proof against. That not only doesn't exist in the US, but introduces a sensitive identity that like any other can be leaked.
The same is true for cryptocurrency of course but that risk is implicit in holding a private key to spend in the first place.
cmdli
If there is no provable link between the service and the identity, however, there isn't that much harm in the leak itself. It just becomes a list of names and ages which are a dime a dozen on the internet. Hell, if the identity service was the government itself then it would be entirely useless outside of getting a list of people who have a driver's license (is this public info already?)
nemomarx
I'd prefer zkp if we're doing this at all, but I think you could go simpler still. Google is skipping it for accounts with an associated credit card, that would work in lots of sites really
pr337h4m
In this case, compromise is equivalent to surrender
mindslight
No, we most certainly should not! Zero knowledge proofs are not some magic privacy faerie dust that can be sprinkled around to provide any desired security property.
For this use ZKPs are trivially proxyable, and thus this type of system also requires additional security properties from treacherous computing [0] - specifically remote attestation which prevents your ability to run code of your choosing on your own device.
And Google (et al) are quite eager to supply this type of environment ("Safety" Net, WEI, etc). This is exactly why the new UK system requires the use of a locked down corpo-controlled phone, and why corpos are pushing this idea that there is a "secure" way this can be done.
Essentially they are advertising the cool privacy-preserving half of the system, without mentioning the necessary other half that destroys privacy and freedom.
[0] "trusted" computing in corpo speak. In other words, a crippled model of computing that the corpos can trust us to have.
nerdjon
Slightly bothered that it seems like the article is conflating an app/website choosing to implement some form of verification vs a law requiring it.
I think that if a website or app wants to make this choice, they should be allowed too. Obviously we should expect that they have proper security, and we should make the choice on if we want to take that risk. But I think it is a perfectly valid choice by the developer, and users can choose whether or not they think it is worth it or use a competitor that doesn't (or a competitor is created that doesn't).
But the issue of laws requiring it I think is where things have gone too far. So much of this is being framed as "protect the children" but most of it really seems to be fueled from a puritanical "porn is bad" and needing to make it harder to get access too for adults. I really wish we could move past this as a society, stop vilifying it, being ashamed of sex, etc.
And likely throw in some tracking of what people are doing online since now you no longer have the anonymity.
Edit:
If you really truly are trying to "protect the children"... Maybe educate them instead of hiding things from them.
WhereIsTheTruth
Can we go back to when the same people kept spitting "social credit, china bad" narrative
Tasteless rulers
jajuuka
We're supposed to be copying the good parts of other countries, not the bad ones. It's definitely mind blowing seeing the pivot from "great firewall of China, they don't have access to open information and that's why we're better." to "we need a great firewall too" in such a short amount of time.
mathiaspoint
I'm just going to bounce if you ask for ID and if I can't find a forum I like I'll get a foreign VPS and host it myself.
The only way around that is to kill the internet, good luck recreating North Korea's intranet as a replacement.
The internet badly needs a standard system for people to verify their age*, identity**, etc but it's a terrible idea for that system not to be pseudonymous.
* as in "I am over n years old", not "my exact birthday is nnnn-nn-nn"
** as in "I am a unique human you know as <uuid>", not "I am John Q Smith"