I don't know why I find myself to be the lone voice with this opinion, but the pushback here should for the governments themselves to implement age-verification, just like how it's their job to implement issuance of IDs.
They can implement a transparently auditable system, where you scan your id-card (nfc or camera) in the government's portal, and using oauth federation, it will confirm your age, and nothing more than that to sites requesting it.
Site that wish to prevent the fact that you visited them a secret from the government can use various temporary domains, ips, Tor,etc... so long as the government's verification service can reach it.
The government already has your ID information, and they already know at least your home IP (yes, this is actively shared with them in the US). The only privacy concern is them knowing what sites you're visiting.
I get resisting and fighting this, but it's been years now and people are having to endure this mess. It isn't going away either. I was complaining about KYC laws earlier, they started out the same, it was about "terrorists" then.
You can fight two fights in parallel. One to prevent the whole thing, another to require the government to implement a service themselves, do it transparently and preserve privacy while doing so.
Yet another proposal I have is for sites that offer oauth federated login (google,microsoft,github,etc..) to vouch for your id verification, either by them doing it directly or via the government portal i proposed earlier. You'll then just login to sites with the right google account or whatever and that's all the site will ask from you.
I would also be fine with buying a 'card' of some sort at stores that do id verification already, like where you'd buy a cigarette or alcohol. You also buy some scratchable card with a verification code on it. They can't argue it's not good enough, because it's good enough for cigs and alcohol. they can't say "what if a minor gets a hold of the card later" because what if a minor gets a hold of cigs or alcohol later as well?
They can implement a transparently auditable system, where you scan your id-card (nfc or camera) in the government's portal, and using oauth federation, it will confirm your age, and nothing more than that to sites requesting it.
Site that wish to prevent the fact that you visited them a secret from the government can use various temporary domains, ips, Tor,etc... so long as the government's verification service can reach it.
The government already has your ID information, and they already know at least your home IP (yes, this is actively shared with them in the US). The only privacy concern is them knowing what sites you're visiting.
I get resisting and fighting this, but it's been years now and people are having to endure this mess. It isn't going away either. I was complaining about KYC laws earlier, they started out the same, it was about "terrorists" then.
You can fight two fights in parallel. One to prevent the whole thing, another to require the government to implement a service themselves, do it transparently and preserve privacy while doing so.
Yet another proposal I have is for sites that offer oauth federated login (google,microsoft,github,etc..) to vouch for your id verification, either by them doing it directly or via the government portal i proposed earlier. You'll then just login to sites with the right google account or whatever and that's all the site will ask from you.
I would also be fine with buying a 'card' of some sort at stores that do id verification already, like where you'd buy a cigarette or alcohol. You also buy some scratchable card with a verification code on it. They can't argue it's not good enough, because it's good enough for cigs and alcohol. they can't say "what if a minor gets a hold of the card later" because what if a minor gets a hold of cigs or alcohol later as well?