Many might’ve seen the Australian ban of social media for <16 y.o with no idea of how to implement it. There have been mentions of “double blind age verification”, but I can’t find any information on it.

Out of curiosity, how would you implement this with privacy in mind if you really had to?

  • hemko@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 months ago

    Could it be maybe a token signed by the verifying party living permanently on your computer (like cookie), and websites can request permission to query it to verify the age?

    • lad@programming.dev
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 months ago

      Since age tends to not decrease, that may make sense: once you reach 18 you get a signed token you can use forever.

      Your token might be used by someone else, though

    • chaospatterns@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 months ago

      The hard part is browsers. Cookies and local storage are limited by the origin URL. You need it explicitly set on the domains you intend to visit, but those domains don’t know your age. The one that knows the age is the identity provider, but it can’t set it for all domains. There are other techniques that you could use, like a smart card combined with a browser extension to do local based user info attestation, but those are difficult to manage at a nation scale and I suspect people will struggle with them, though there are some countries that do have national smart cards (e.g. Estonia.)