Comment by tech2
2 days ago
They may not be against content restriction, instead they may be against removal of user privacy or anonymity. If the proof of age thing was some kind of zero knowledge proof such that the age verifying group has no knowledge of what you're accessing, and the site you're accessing has no knowledge of you as an individual (beyond tells like IP address etc.) then perhaps they'd be more open to it?
There isn't any technology that can prevent sharing of age verification with third parties without tying your uses to your identity. To unmask someone in order to uncover sharing, you would require the ability to do it in general, which is incompatible with privacy/anonymity.
And yet homomorphic encryption is a thing. It's possible to process the encrypted request and be unable to see it.
Similarly we could easily devise many solutions that can prove the age in the privacy - respecting ways (like inserting the age-confirming token inside the pack of cigarettes which an adult could then purchase with cash, etc)
Many ways.
You're not understanding the dichotomy. It doesn't matter what kind of encryption you use, the system you're asking for can be made much simpler than this: Just use the same token for everyone and only give it to adults. It needs no cryptography at all, it just needs to be a random string that children don't have. You don't need anything to do with cigarettes, just print it on the back of every adult's ID or allow any adult to show their ID at any government office.
But then anyone can post the token on the internet where anyone can get it, the same as they could do with anything cryptographic that you put on the back of cigarettes or whatever. Unless you have a way of tracing it to the person who did it in order to impose penalties, which is precisely the thing that would make it not private/anonymous, which is why they're incompatible.
If you're going to do one then do the first one -- just make it actually untraceable -- but understand that it won't work. It would never work anyway because there are sites outside of your jurisdiction that won't comply with whatever you're proposing regardless, so the thing that fails to work while not impacting privacy is better than the thing that fails to work while causing widespread harm, but then people are going to complain about it and try to impose the thing that does cause widespread harm by removing privacy. Which is why the whole thing should be abandoned instead.