What if I could purchase a unique QR code, good for maybe a month, that I could use online to prove my age?
There'd still be problems in the US with 1st amendment issues, but I'd at least remain anonymous.
I can already smell a business opportunity to start illegally reselling/dealing age-verification qr codes.
What many people do have a problem with is requiring disclosure of unmodifiable biometric data and government documents that once "hacked"/sold into the data collection pipeline becomes forever tainted and easily stolen.
You can't "reset my password" with biometric data once a malicious actor has it
Not a bad system really? Pseudo anonymity and avoids some third party tech firm getting involved?
For a digital only solution, I think the best system would be some form of public-private key attestation:
The government advertises their public keys for 18+ verification.
A website generates a unique token - this token is then taken by the user and submitted to the government receiving a signed attestation. This can then be given back to the website to prove the user is 18. It only has to be done once per profile and no information is shared between the Government and the website on who is who.
Unless of course the token is saved by both the website and government in some forever database and then a lookup is done.
Another solution could be a timed/signed token produced by the government that has no input from the website. But this still has the downside that this could just be saved by both parties and in future you could identified if both sides compare data.
I don't really understand why every adult should need to jump through hoops because parents won't spend 5 minutes enabling it on their kid's devices.
Hell, modern parental control software with an image classifier is arguably better than these online age verification systems since it works with anything that appears onscreen.
This is just moving personal data responsibilities from service providers (e.g. porn sites) to the central authority (QR code maker and verifier). Unless there is a semi-anonymous way of purchasing age proofs, e.g. over the counter.
There's a bunch of other "digital wallet" development going on in general, effectively providing digital certificate-backed identity documents and similar (driving licenses, passports). The plan for age verification is that these wallets will also be able to provide a cryptographically signed attestation of age (signed by an EU verification authority, i.e. your id-issuing government org) but with no other personal info included. Then you can present this to anybody, and they can independently verify the signature to confirm it's a recent proof-of-age attestation without knowing anything else about you.
It's still fairly early - lots of blueprints and proof-of-concepts, not yet rolled out anywhere AFAICT - but looks like a reasonable solution I think. In practice I suspect most people's experience will be a government-backed mobile app that you authenticate with once, and then it can handle verification requests on-device or show a QR code that other people can scan & verify.