Many might’ve seen the Australian ban of social media for <16 y.o with no idea of how to implement it. There have been mentions of “double blind age verification”, but I can’t find any information on it.

Out of curiosity, how would you implement this with privacy in mind if you really had to?

  • incogtino@lemmy.zipEnglish
    233·
    1 month ago

    A joke answer, but with the kernel of truth - IRL age verification often requires a trusted verifier (working under threat of substantial penalty) but often doesn’t require that verifier to maintain any documentation on individual verification actions

    https://chinwag.au/verification/

    • onlinepersona@programming.devOPEnglish
      5·
      1 month ago

      As in, you have to roll up to an “age verification bureau” and say “I’d like to sign up to $platform, please verify that I’m of legal age to use it and tell them so”, then you buy a “token” that you can enter upon signing up? Am I understanding that correctly?

      Anti Commercial-AI license

      • incogtino@lemmy.zipEnglish
        3·
        1 month ago

        I wasn’t thinking in detail, just addressing an assumption I think a lot of age verification discussions include, which is that the verifier would have to be trusted to maintain some sort of account for you, retaining your data etc.

        I have no idea what the legislation says, but I’d be a happier privacy-conscious user if the verification platforms were independent (i.e. not in any other data business) and regulated, with a requirement they don’t retain my personal data at all (like the liquor store example)

        So the verifier gathers data from you, matches it with a request from the platform, provides confirmation that some standard has been met, and deletes almost all personal information - I acknowledge that this may not rise to the double-blind standard of the original request

        Edited to add:

        • you don’t have to ‘buy’ a token, the platform needs to pay verifiers as a cost of business

        • some other comments are asking how you prevent the verifier knowing the platform - to my mind you don’t, instead the verifier retains a request id record from the platform, but forgets entirely who you are

      • Pup Biru@aussie.zoneEnglish
        1·
        1 month ago

        yes and no: the government already has systems in place that know your age, or they can pay 3rd parties to have maintain records… so yes kinda you’d have to verify with them or they’d already have them, but you wouldn’t need to do that for each platform: it’d likely act like a social login (“login with facebook” etc) where you just tap a button and have the service attest to identity details without providing the identity itself