With children spending increasingly more time online in the post-Covid world, parents and advocates are concerned about exposure to inappropriate content, threats and scams, driving demand for action from lawmakers.
However, because the digital realm struggles to offer the same level of protection as physical IDs for the offline world, there is an ongoing debate around effective age verification online. To address this, digital age verification measures have been proposed by government authorities including Australia, the United States, and more recently, the United Kingdom.
Surprisingly, while age verification mandates have been proposed, the plan for implementing this policy is less clear. Furthermore, there is a concerning lack of consideration for security and privacy. Privacy concerns drove policymakers in Australia to halt plans to mandate age verification on adult websites, admitting “each type of age verification or age assurance technology comes with its own privacy, security, effectiveness or implementation issues.”
From this, we can assert that user privacy must be compromised to increase online safety mechanisms. However, decentralized identity verification provides a secure and privacy-optimized solution, giving users full control over their personal information. Mass adoption of this technology would support the goals of online safety advocates while maintaining users’ privacy and the security of sensitive data.
Taking back control over personal data
One of the major concerns around mandating age verification on websites is the risk of outsourcing this task to Big Tech companies, which have a track record for abusing users’ data and lack the incentives to implement appropriate safety measures.
Monetizing user data is a massively profitable business model for Big Tech. In Q2 of 2023, for example, Facebook’s average revenue per user (ARPU) was US$10.63. Multiply this by 3.03 billion users and you’re talking tens of billions of dollars. Given the profit incentive, it is unlikely that Big Tech would be motivated to develop an age verification tool that would protect users’ privacy, even the privacy of children.
When the European Union issued a fine against Facebook for violating its privacy laws to the tail of 1.2 billion euros (US$1.26 billion), the social media giant announced days later it would be laying off 490 staff in its European headquarters — a power move to say the least.
Decentralized IDs would limit the amount of information that can be accessed by websites, government actors and Big Tech companies. Through the technology of zero-knowledge proofs (ZKPs) built into their decentralized ID, users can verify necessary information to access a platform or certain content — like age, for example — without sharing any additional sensitive information that would traditionally be on an ID card — such as birthdate, full name, citizenship and more.
Defending against hackers
Another advantage of decentralized identification is the decentralization of data storage. Traditional forms of age verification require large repositories of data. This creates an opportunity for hackers to access large swaths of data more easily. Big Tech has a history of data breaches, including this year when hackers exposed 200 million email accounts linked to Twitter, the company that has since been renamed X.
In contrast, dispersing users’ data in individual digital wallets provides less of an incentive for hackers and a more secure data system with no single point of failure. Keeping personal information out of these centralized data storage servers shields users from the threat of hackers, which is particularly important when it comes to the data of vulnerable users, like children.
Increasing adoption of decentralized ID
Decentralized identification is already used by a number of government authorities. In Estonia, for example, as of 2014, all citizens have a state-issued digital identity, granting them access to government services. The European Union also reached an agreement in June to create a digital identity wallet, eID, which will be available to the majority of its citizens by 2030.
Government adoption of decentralized ID will bring much-needed capital and research into the space, especially given the global decentralized identity market is expected to grow by 89% from 2023 to 2030. Furthermore, as decentralized ID adoption becomes more widespread, Big Tech firms will be motivated to get on board with the technology, putting power back into the hands of users.
Enabling age verification online serves a number of use cases beyond protecting children from harmful content. Decentralized ID can be used to make certain purchases (like alcohol), access services, or apply for jobs. The next step is to motivate policymakers to utilize and implement this technology.
The way forward
The issue of protecting youths online presents a formidable challenge for lawmakers. On the one hand, internet access makes children vulnerable to a number of threats online. On the other hand, any solution to this issue will require public support, and many people are concerned about potential privacy infringements from any overbearing solutions.
Decentralized ID is a tried and tested solution that eliminates the need for Big Tech platforms to manage sensitive information while ensuring data is encrypted and secure on the blockchain. Now that we have the tools in hand, it is crucial that we use them.
Governments seeking to implement age verification as part of a broader plan to address online safety should consider decentralized ID verification. Likewise, industry leaders should continue to educate institutions and the public on how this emerging technology works, what its benefits are, and how it could solve many of the challenges of the digital world. These stakeholders will be glad to hear that safety doesn’t need to come at the cost of privacy.
