Commission President von der Leyen announces a ready solution for age verification that will enable anonymous surfing and hold platforms accountable.
The era of non-binding appeals to large tech corporations seems to be over in Brussels. In a joint statement on Wednesday, EU Commission President Ursula von der Leyen (CDU) and Vice-President Henna Virkkunen, responsible for tech sovereignty, gave the green light for a new era of digital youth protection. The core of the offensive is a Europe-wide app for age verification, already tested by several countries, which, according to von der Leyen, is now technically ready and will be available to citizens shortly.
The Commission is thus reacting to concerns about risks such as online bullying, addiction factors due to algorithmic design, and cyber-grooming, which involves approaching children and adolescents online. The Commission President’s diagnosis is grim: one in six children is bullied online. Furthermore, social media promotes addiction through endless scrolling, which can impair brain development.
Since platforms have so far been unable to provide effective mechanisms to protect minors from harmful content, the EU is taking matters into its own hands. The new app is intended to enable users to prove their age to online services without revealing their entire digital identity.
Data Protection to the Highest Standard
Technically, the project is based on the digital Covid certificate. As with the pandemic companion, the Commission relies on a model that works on smartphones, tablets, and computers. After downloading, the app is set up once with an identification document. Special attention is paid to privacy. Von der Leyen emphasized: The application meets “the world’s highest data protection standards.” Age is verified without revealing further personal information. The app is “completely anonymous – users cannot be traced.”
The application is based on Zero-Knowledge Proof. This cryptographic principle makes it possible to prove the correctness of information – in this case, reaching a certain age – without revealing the underlying data itself. This is intended to preserve informational self-determination. Platforms only receive confirmation of being “old enough” without having to scan the ID. Austria’s age control already relies on this procedure.
Enforcement of the DSA and EU Shoulder-to-Shoulder
The initiative is closely linked to the enforcement of the Digital Services Act (DSA). Virkkunen made it clear that the Commission is already taking action against companies like TikTok, Facebook, or Instagram for addictive designs. Measures have also been initiated against pornographic platforms, as they often do not use functional age controls. The new application now removes the excuse for corporations that there is no simple technical solution.
Countries like France, Italy, and Ireland are considered pioneers and plan to integrate the app into their national digital wallets. To avoid patchwork, Virkkunen intends to establish an EU-wide coordination mechanism for the accreditation of national solutions this month. The source code of the app is openly accessible as part of the EUDI digital citizen identity to build trust and facilitate integration into company solutions, for example. In Germany, an expert panel will initially develop recommendations for child safety online.
Surprise, the app is insecure hot trash: https://xcancel.com/Paul_Reviews/status/2044723123287666921
Furthermore, social media promotes addiction through endless scrolling, which can impair brain development.
I think this is the big one that’s driving this push for age verification. The issue of YouTube, Twitter, Reddit, and Lemmy rotting kids brains has gotten measurable and significant. I think Gen Alpha is the first generation to end up less academically capable than their parents. The status quo is considered untenable by voters, politicians, and the Epstein class alike. Not to mention the impacts on mental health. If anything the issue is that the legislation is too centered on kids. That’s problematic firstly because it requires proof of age, and secondly because adults aren’t immune to brain rot and addiction.
This is being pitched as a thing for kids, but kids aren’t champing at the bit to prove they’re children. So, presumably this just means that any time you access a service, you’re gonna have to use this to prove your age, as an adult, right?
Well, kinda. You can have access tiers. For instance no access for age<13, limited access for 13<age<18, full access for age>18.
Needless to say, I think this is (in most circumstances) the wrong approach.
We are talking about products that are often deliberately harmful and hostile to all users, and then we expect to have a child-safe version of these. Shouldn’t we try to get an adult safe version too? It would be way easier to protect children then.
Well, it depends what you mean about “adult safe”.
There are still regulations to make sites free of harmful content. Problem is that is not enforced enough.
But do you want governments to decide what’s “adult safe”? It seems that’s an even worse approach with far more overreach than already proposed.
Adult safe should mean porn ban or explicit content, if you want to make unified rules for all ages.
We should also take into account that there factually is a difference between kid brains and adults. This is not coming from nothing, even though the proposed solution ends up being a privacy nightmare.
For sure, but in all those access tiers, they would presumably need to verify MY age as well to be sure of which tier I fit into, right? The only reason I can see that I wouldn’t need to use this app is if I’m on a site that isn’t age gated, I think.
Edit: sorry, I didn’t even respond to your second point. I think you’re exactly right about the issue being with them being harmful to begin with. Fixing those issues should absolutely be the first priority.
And I wanna be clear, the idea of a zero proof system is the best I’ve heard of so far in all of these concepts. At least with that there aren’t some insane security issues being overlooked. I’m just wary of the surveillance state future everyone seems to be pushing for.
Assuming the technical implementation is sound (I’m techy but that’s still way over my head), there is something missing from the explanations I’ve been seeing so far.
The state is of course the one who should be proving my identity, and the website has (usually) no business knowing who I am or holding a copy of my documents. The state however has no business knowing what I’m browsing, and a pinky promise is not enough.
I can’t understand whether this is something that the proposed system offers, or whether it’s a property of zero-proof systems in general.
Obviously something like this must necessarily be Free and Open Source if any trust at all must be put into it.
Such an ID could be used to keep adults (pedos) off children specific sites.
How would that work? How would you distinguish the “pedos” visiting from anyone else? Whatever these “children specific sites” you’re referring to, are children going to create, host, and manage them all on their own without any adults ever to help them at any level?
Except it will not only be used for this.
