> I truly fear the harm that will be done before legislators realize what they’ve created.
Not defending the legislation as I overwhelmingly disagree with it, but if I recall, I don't think any of the age verification legislation specifies a specific implementation of how to verify age.
Requiring photos, or photo ID, or any other number of methods being employed, were all decided on by the various private companies. All the legislators did is tell everyone "you must verify age." The fault here is on Roblox as much as it is on the legislature and they should equally share blame.
The problem with e-ID is its focused on identity verification, not just age verification and that's where the problem lies.
We still need the ability to be psuedoanonymous online. We should be able to verify age without divulging any identifying information to the service requesting age verification.
An e-ID registry could work on a sort of public/private key system so long as the services requesting informatino from the registry only receives a yes or no of "is this person old enough" and no further information.
If an e-ID can vouch you are citizen number #3223423, it should be able to use the same crypto to vouch that your birth date predates a threshold, without revealing anything else. It's more a question of requirements gathering & UX (and political will).
> Once issued, the e-ID will be stored in a secure digital wallet application on the user’s smartphone or other compatible device.
That sounds like Apple & Google-blessed Android only, open source gadgets and non-Microsoft desktops not supported. Estonia at least used smart cards where a reader can be plugged into just about anything.
I'm obviously not going to show my id to Zuckerberg's website or any porn sites, casinos because I don't trust those bastards. They're also not the police, so they lack the proper autoritah to request my an id.
I think the point of the comment you are answering to is that in Switzerland, they are building a system where you can prove your age without telling who you are to the website, and without telling which website you visit to your government.
The government might not know which website exactly, but the fact that you are looking to verify your age is in itself a datum that you might not want the government to know. "Palata was either looking at porn or buying drugs in January 2026" is probably not something you want the government to know, even if the specifics are obscure.
It doesn't have to be exclusively digital. You can be psuedoanonymous using some form of key as verification. To get a key, you have to present your ID in person at, for example, the social security office or local DOL.
All the key does is attest that "this person is over X years old" with no other identifying information associated with it.
I think blending in person & digital together is going to be the best way forward. Like going to the store and buying alcohol. I have little privacy risk from the cashier glancing at my ID for a second to check my birth date.
> I have little privacy risk from the cashier glancing at my ID for a second to check my birth date.
Imagine your abusive ex is looking for you. She could go to a few alcohol vendors in the area and tell them "Respectful cashier, I suspect that my husband is reverting back to being an alcoholic. If you see the birthdate 1971-06-21 then please phone me after he leaves".
To which the vender replies "Why on earth would I check if someone over the age of 50 might be under the age of 18 (or 21 in some parts of the world)".
Well, I did have many more recent exes in my early twenties than I do in my fifties.
But also the mechanics of the check might be important. For instance, I always go to take the baby out of the back seat when I park, even though I have not driven a baby in years. Because I do not want to ever risk leaving a baby unattended in a car. The store policy might be to check every ID, even in seemingly obvious cases.
But that would require the government to set up the system that lets you present your ID and get a key. They haven't done that, so it's not valid to blame businesses for not using it.
> with no other identifying information associated with it
Not possible, the key itself becomes identifying information similar to how an IP address + timestamp is identifying information even though their is no information abut you stored in the IP address or timestamp.
A digital ID, like someone said below. But people (in the UK at least) go mental about that, despite the government already having all the information anyway. Creating a easy way to securely share that information with a 3rd party for online verification is apparently the work of the devil.
In the real world you turn up in person with a passport, or maybe use snail mail as a way to verify an address which is hard to fake.
Online we have to pretend it is still the internet of the 90s where it's all just chill people having a fun time using their handle...
Not defending the legislation as I overwhelmingly disagree with it, but if I recall, I don't think any of the age verification legislation specifies a specific implementation of how to verify age.
Requiring photos, or photo ID, or any other number of methods being employed, were all decided on by the various private companies. All the legislators did is tell everyone "you must verify age." The fault here is on Roblox as much as it is on the legislature and they should equally share blame.