Privacy‑Preserving Age Verification Falls Apart On Contact With Reality
from the seems-bad dept
Here we go again. Whenever policy makers insist that there’s some “nerd harder” solution to tricky societal problems, actual experts have to spend a ridiculous amount of time explaining basic realities to them. Sometimes those are realities about the technology. And sometimes it’s realities about the technology.
This time it’s age verification’s turn.
Steve Bellovin—one of the most respected security researchers out there, and instrumental in showing why “safe” crypto backdoors can’t exist—just published a short paper arguing that so‑called privacy‑protecting (“zero‑knowledge”) age verification can exist in theory, but not in practical reality.
Bellovin walks through the proposed architectures and then hits a variety of “insurmountable obstacles” that break privacy once you leave the whiteboard and touch reality. This isn’t all of them, but here are a few of the important points from his paper.
Identity‑proofing creates a privacy bottleneck. Somewhere, an identity provider must verify you. Even if it later mints an unlinkable token, that provider is the weak link—and in regulated systems it will not be allowed to “just delete” your information. As Bellovin puts it:
Regulation implies the ability for governments to audit the regulated entities’ behavior. That in turn implies that logs must be kept. It is likely that such logs would include user names, addresses, ages, and forms of credentials presented.
Then there’s the issue of fraud and duplication of credentials. Accepting multiple credential types increases coverage and increases abuse; people can and do hold multiple valid IDs:
The fact that multiple forms of ID are acceptable… exacerbates the fraud issue…This makes it impossible to prevent a single person from obtaining multiple primary credentials, including ones for use by underage individuals.
Cost and access will absolutely chill speech. Identity providers are expensive. If users pay, you’ve built a wealth test for lawful speech. If sites pay, the costs roll downhill (fees, ads, data‑for‑access) and coverage narrows to the cheapest providers who may also be more susceptible to breaches:
Operating an IDP is likely to be expensive… If web sites shoulder the cost, they will have to recover it from their users. That would imply higher access charges, more ads (with their own privacy challenges), or both.
Sharing credentials drives mission creep, which will create dangers with the technology. If a token proves only “over 18,” people will share it (parents to kids, friends to friends). To deter that, providers tie tokens to identities/devices or bundle more attributes—making them more linkable and more revocable:
If the only use of the primary credential is obtaining age-verifying subcredentials, this isn’t much of a deterrent—many people simply won’t care…That, however, creates pressure for mission creep… , including opening bank accounts, employment verification, and vaccination certificates; however, this is also a major point of social control, since it is possible to revoke a primary credential and with it all derived subcredentials.
The end result, then is you’re not just attacking privacy again, but you’re creating a tool for authoritarian pressure:
Those who are disfavored by authoritarian governments may lose access not just to pornography, but to social media and all of these other services.
He also grounds it in lived reality, with a case study that shows who gets locked out first:
Consider a hypothetical person “Chris”, a non-driving senior citizen living with an adult child in a rural area of the U.S… Apart from the expense— quite possibly non-trivial for a poor family—Chris must persuade their child to then drive them 80 kilometers or more to a motor vehicles office…
There is also the social aspect. Imagine the embarrassment to all of an older parent having to explain to their child that they wish to view pornography.
None of this is an attack on the math. It’s a reminder that deployment reality ruins the cryptographic ideal. There’s more in the paper, but you get the idea.
The history here is important. Three years ago, France’s CNIL reviewed age‑gating tech and found it all terrible for privacy, then floated a zero‑knowledge demo. EU officials promptly said “yeah do that” as part of a broader internet ID push, which digital rights folks correctly flagged as a privacy/regulatory mess.
Stateside, the Foundation for American Innovation published a paper this February with the cute title “On the Internet, No One Knows You’re a Dog,” which now appears to have vanished from their website (?!?) but not before NY State Senator Andrew Gounardes—who’s never met a bad internet bill he didn’t support—cited it to push a statewide age‑verification law. (You can still find the paper via the Internet Archive, though it’s pretty much vanished from Google search…)
I should note how this also seems like yet another example of “protect the children!” moral panics crossing traditional partisan lines. Here’s an idea being pushed by aggressive technocrats in the EU… and then picked up excitedly by FAI, a right-leaning organization with close ties to the Trump White House (even as it keeps criticizing the EU approach to regulating the internet), and then used by a liberal Democrat in NY to justify a bad law.
This cross-partisan embrace of “privacy-preserving” age verification should terrify anyone who values civil liberties. When aggressive EU technocrats, Trump-aligned think tanks, and supposedly progressive Democrats all rally behind the same surveillance infrastructure—each convinced they’re the good guys—you’re witnessing the construction of an authoritarian tool that will outlast any particular administration’s priorities.
Meanwhile, because the conservatives on the Supreme Court decided they can toss decades of First Amendment precedent around age verification because they’re offended by naked people online, the stakes here aren’t hypothetical.
Privacy advocates are in the same place Bellovin is. EFF’s recent summary is blunt about what zero‑knowledge proofs can’t do in this context:
What ZKPs don’t do is mitigate verifier abuse or limit their requests, such as over-asking for information they don’t need or limiting the number of times they request your age over time. They don’t prevent websites or applications from collecting other kinds of observable personally identifiable information like your IP address or other device information while interacting with them.
ZKPs are a great tool for sharing less data about ourselves over time or in a one time transaction. But this doesn’t do a lot about the data broker industry that already has massive, existing profiles of data on people… Going from presenting your physical ID maybe 2-3 times a week to potentially proving your age to multiple websites and apps every day online is going to render going online itself as a burden at minimum and a barrier entirely at most for those who can’t obtain an ID.
There are absolutely contexts where ZK proofs can reduce disclosure—closed ecosystems, narrow deployments, no legal logging/audit mandates, low adversarial pressure, and little incentive to share credentials. That is not what these laws create. They create audit trails, liability, and incentives that recreate linkability.
A few months back we had professor Eric Goldman on the podcast to talk about his excellent paper on age verification/assurance. His bottom line matched Bellovin’s deployment‑reality critique: the tech creates serious harms regardless of branding. “Zero‑knowledge” doesn’t change the incentives, the governance, or the fact that someone, somewhere, has to check your ID and keep enough records to satisfy auditors and courts.
Lawmakers who want to control the internet will keep waving around “privacy‑preserving” as cover (Hi Senator Gounardes!). Bellovin just explained, with receipts, why that cover doesn’t actually protect privacy. It adds identity friction to lawful speech, supercharges data linkage, and hands governments and intermediaries a revocation switch. That’s not child protection; it’s infrastructure for control.
Filed Under: age verification, credentials, nerd harder, privacy, steve bellovin, tokens, zero knowledge proofs
Comments on “Privacy‑Preserving Age Verification Falls Apart On Contact With Reality”
I really wish he had titled the section something else. What he’s calling ‘insurmountable’ doesn’t mean it can’t be done, it just means there are going to be certain flaws that you can’t tidily fix. It’s really misleading to twist that to say “can exist in theory, but not in practical reality.”- because governments are very likely to just treat those issues as part of the cost of doing it. It’s only impossible if those costs are non-negotiable to you.
ie, does it make sense to say privacy preserving age verification can’t be done because some percentage of the population won’t have access to IDs? No, that’s wildly misleading. Similarly, does the fact that multiple IDs can exist (which isn’t easily fixable) mean it can’t be done? No. It just means you’re stuck with the downside of multiple IDs in countries that don’t have a singular one.
This is also for a very specific type of privacy. There are alternatives that the paper doesn’t look at that aren’t as privacy preserving (ie, mainly one that can be verified/revoked by the government), but again, governments would be willing to do and are still more privacy preserving than what we have now.
Most forms of government, if misused, are tools for authoritarian pressure. We still do them. (That said, I’m kind of surprised he doesn’t consider other types of deterrents? E.g. if the ID gets blocked, or fines. Linking it to other things is the obvious solution, but it’s not the only one)
That all said, I take issue with at least one of these hurdles:
There’s a pretty obvious way to cover costs- government spending. It comes with it’s own pitfalls (and you do have to be wary about things like sites inflating costs to defraud, etc), but not insurmountable. Having users/sites pay is fucking wild.
(Some of the others are also a bit blinkered. E.g. it never talks about having IDPs conferring among each other for different types of IDs, to avoid the multiple ID problem. Or having some shared flag between IDs)
He explained why it doesn’t protect it perfectly. It’d still be a massive privacy improvement over current implementations, even if the downsides aren’t (or can’t be) mitigated further.
Re:
There are certain flaws that cannot be fixed.
This comment has been flagged by the community. Click here to show it.
Re:
There’s a pretty obvious way to cover costs- government spending…Having users/sites pay is fucking wild
What is wild is that you want everyone to pay the cost for you to access porn
Re: Re:
If you think all this age verification shit is, was, and always will be limited to porn, you’re not paying attention.
Re: Re:
Nah, you have to pay the cost for each time you want to be considered an adult on the internet
Either financially or in personal data
You’d have to be stupid not to see that websites wouldn’t be able to function without making you pay the bill somehow
Re: Re:
I mean, for one, it’s not paying the cost to access porn, just the additional government-created cost that’s being added on.
But also, it’s pretty normal for the government to cover the costs of something it implements/wants, especially when it infringes on an important liberty like speech. That is what government is for. That may even include things you don’t personally like or use. If the government thinks it’s important to protect kids, it makes sense for it to invest the money it takes to protect kids.
That said, it’s not just porn. These laws are already hitting major internet sites like Wikipedia/social media etc (some because they have porn hosted on non-porn centric sites, but also such laws can target other “adult” themes/topics), as well. This isn’t even just a hypothetical slippery slope concern, at this point.
Re: Re:
I want the people who created the cost to pay it.
Re: Re:
That’s a slur that splashes both ways.
Re:
The “current implementation” is no age verification step at all, which is maximally privacy-preserving, vastly cheaper than any of the things you suggested, and immune to mission creep and misuse.
Re: Re:
Multiple countries/states have already passed age verification laws (and in the U.S., SCOTUS has already upheld some as constitutional, in theory). They involve much worse implementations like uploading a picture of an ID, often with little to no standards for things like storing, encrypting, etc. Barring a last minute upset, age verification seems pretty likely to be coming to at least some places. The backlash in the UK gives me a little hope, though.
Until/unless the tide turns, it is worth making sure that these laws are as least-bad as possible. There’s a huge range of how privacy eroding these can be. (To be clear, this doesn’t mean you can’t also advocate for repealing them)
Re:
i take issue with you taking issue by swapping the author’s premise with your own.
There are no privacy-preserving methods.
Re: Re:
Well, I can think of one: Don’t do age verification and instead mandate the promotion of web filters to parents by government.
Age verification
I don’t think this will happen and google could make an app. Voluntary eg us this app to show I.m an adult over 18
This app could create a digital id token
Eg I’m tom i.m over 18 here’s a token to show i.m an adult this token could be passed in to apps eg user no 456780347
Is an adult
Eg you only send your id to apple or google thru the app
They would delete your id after a month but leave the token in your phone laptop
I d trust apple or google more than say
100 websites that ask for personal Id
In the UK the law applys to Wikipedia news websites Reddit
Eg any website that might contain material that is deemed potentially harmful to non adults under the age of. 18
Eg sites that show political protests or have
info about medical drugs
Its not just a law about porn websites
Re:
It’s something that is actively being discussed. See here for instance. It’s a possibility.
There are advantages to having it done at the app store level. There are downsides though, e.g. concerns around monopoly.
90 people cent of people use android phones , I think most people would prefer to send google their id rather than have to send ID
to dozens of websites that are probably going to be hacked in the future . You have your id in your phone encrypted Google can access it via an app to make a digital token
The token will user user ,…. Is over the age of 18 the website only knows your userid no eg usauser no random no token no assigned
By the app
The app is voluntary the website can record your id unique token no it does not need to know your name or address. That info is held by the app but encrypted stored in the device only google has access to your name
or address
I.m not saying this idea is perfect but it’s alot better than the UK verification law which forces users to send their id to 100s of websites which are vunerable to hackers
As the article says there’s probably no way to make user id verification that does not expose users private information to the risk of hackers gaining access to the data or else increasing risk of government surveillance of the websites that people choose the visit
I think this app should be voluntary and should used the exception methods used by signal and other apps to safeguard user privacy
Re:
i think no such thing should exist.
Re:
You’re AI response is embarrassing.
'The children', as almost always, are merely the excuse
I should note how this also seems like yet another example of “protect the children!” moral panics crossing traditional partisan lines.
It’s truly a shame how 99.99% of ‘think of the children!’ turning out to be fraudulent instances where children are just the excuse to grab power give legitimate uses of the term a bad name…
providers tie tokens to identities/devices
Device identity is already a joke. Constant re-verification. Any time the OS updates or who knows what. i’ve had apps that don’t recognize the device because that app updated. Idiots.
And so they’ll give up on trying to bother with privacy and just go straight into “Report all your personal info to us now.”
And everyone will just whine about it online while bending over for them.
Jokes on you this is all just a ploy to revive the print magazine industry!
(God if only)
Bug?
“That’s not a bug, it’s a feature,” said every congress-critter.
Everyone is an adult on the Internet
We need a new, kids net with dedicated devices and services.
Nothing else will work.
The parent can’t take responsibility atm unless they ban Internet access completely.
I should be able to buy dedicated kid devices so service providers can tell I’m a child user.
Age verification is useless unless you lock up internet access with it. Otherwise unattended kids will circumvent it. We should be educating families to take proper care of their kids and teens and punishing those who don’t instead of using privacy-destroying methods that are all but fluff in terms of prevention.
Re:
Even if you lock everything up there will be access sharing among family members so even then it’s useless.
Trump administration told the UK to go F itself over trying to “backdoor” (break) Apple encryption.
You will never cover that.
Re:
You will never cover that.
https://www.techdirt.com/2025/08/21/uk-backs-down-on-apple-encryption-backdoor-but-the-secret-deal-raises-new-questions/
You will never admit that you’re full of shit. Of course we would cover that. We covered it when the UK first demanded Apple put in place backdoors.
I know, I know, you have this myth in your head of who I am and you’re ALWAYS wrong. I know you’re a partisan hack who believes everyone else must be as well. But some of us have principles. You should try it.
Re: Re:
But some of us have principles. You should try it
Does this mean that you are going to let my stupid arguments through or do they make too much sense and you cant argue so just insult?
Re: Re: Re:
As you yourself regularly demonstrate, posts to this forum are not barred on the basis of mere stupidity, no matter how utterly inane those posts may be.
Re: Re: Re:2
You don’t see how regularly my posts are censored. Not to mention how every single post is held for moderation.
How would you or anyone else?
Re: Re: Re:3
You say “BernardoVerda doesn’t suffer from my deranged hallucinations” like that’s somehow supposed to reflect badly on them.
But we _fixed_ that
utter, grumble…
The are pushing a known insufficient solution to a known _solved_ problem in computer science.
At the same time, platforms have been quietly de-implementing the working solution from their end.
https://leaflessca.wordpress.com/2025/01/16/pornography-parliament-and-parents/