Comment by _Algernon_

All your arguments are technical. It's the social layer that is the problem.

>Any well designed privacy system does not rely on the server components doing the right thing.

This is more expensive than just throwing everything into a centralized database. The extra costs needs to be justified when explaining the price to the voters.

>Servers and providers and governments are the main threat actors to be defended against.

Agreed. And they are the ones implementing the system. Clear conflict of interest.

>As for "the purpose can change" well - so? That is also true or anything else, it does not seem like a reason to avoid having good protection now. Any change that could compromise that would not be undetectable - the fundamental crypto should not allow it.

Introducing an age-verification system requires a lot of political capital (as seen by the repeated failures of introducing it so far). Nudging an existing age verification system to cover new purposes requires far less political capital.

>We would know if it happened.

Only if every technical decision goes the right way, despite all incentives and conflicts of interests pointing the other way. I wouldn't bet on it.