Technologists and policymakers are reckoning with a generation-defining problem on the internet: while it can be a revolutionary force for unprecedented education and connection across the globe, it can also pose dangers to children when they have completely unfettered access.
There is no simple way, however, to monitor children’s internet access without surveilling adults, paving the way for disastrous online privacy violations.
While some advocates praise these laws as victories for children’s safety, many security experts warn that these laws are being proposed and passed with flawed implementation plans, which pose dangerous security risks for adult users as well. In the United States alone, 23 states have enacted age verification laws as of last month, with two more states following suit in September. Meanwhile, the United Kingdom’s Online Safety Act, which took effect in July, requires many online platforms to verify users’ identities before granting access.
Here’s a primer on where the debate over age and identity verification stands.
What exactly is age verification?
When we talk about age verification laws, we aren’t talking about when you made a Neopets account as a kid and checked a box to affirm that you were at least 13 years old. In the United States, those types of age checks are a result of the Children’s Online Privacy Protection Act (COPPA), an internet safety law passed in 1998. But, as you already know, if you had a Neopets account when you were 10, COPPA-era age checks are very easy to navigate around. You simply click a box that says you’re 13.
In the context of the laws that have cropped up during the 2020s, age verification usually refers to a user uploading an official ID to a third-party verification system to prove who they are. Users mi …