Summary of "This Could STOP Age Verification!"
Overview
An open letter, signed by 371 security and privacy academics across 29 countries, calls for a moratorium on large‑scale age‑assurance (age verification) rollouts until security, privacy, equality and societal impacts are properly evaluated.
The letter asks policymakers and companies to pause deployments of mandatory age‑assurance technologies until independent study can establish their benefits, harms, and technical feasibility.
Core technological concepts discussed
-
Age‑assurance systems
- ID submission and government‑issued certificates.
- Biometric and AI facial scans used to verify age.
-
Attack and circumvention techniques
- Deepfakes and AI‑generated faces.
- Using in‑game cameras (example: Death Stranding) to fool face checks.
- VPNs and geo‑spoofing to access services in other jurisdictions.
- Bought, borrowed, or commercially sold verified accounts and credentials.
-
Centralized storage risks
- Platforms or third‑party identity vendors holding large databases of PII and biometrics (creates large breach risk).
-
Parental controls vs forced verification
- Platform features (for example, YouTube restricted mode) contrasted with mandatory ID/biometric checks that force logged‑out or differently treated browsing.
Main technical and policy concerns
-
Efficacy
- Current age checks are easy to bypass and may not reliably protect minors.
-
Security and privacy harms
- Collecting sensitive PII and biometrics at scale increases the risk of massive leaks and surveillance; several real breaches are cited.
-
Safety tradeoffs
- Forcing users to verified services can drive people, including minors, to less regulated and less secure alternatives, increasing exposure to malware, scams, or illegal content.
-
Autonomy and equality
- Large‑scale access control mechanisms risk undermining personal freedom, creating discrimination/equity issues, and locking in invasive infrastructure.
-
Implementation feasibility
- Many design decisions have unclear consequences; the academics call for scientific consensus before deployment.
Examples and incidents cited
- Discord: reported leak of roughly 70,000 government IDs in an earlier breach.
- “Tapp” and similar age‑verification services: experienced hacks exposing user information.
- Persona and IDMerit: third‑party identity vendors reported leaks (IDMerit cited as >1 billion records leaked).
- Circumvention: using video games or AI tools to bypass facial verification.
- YouTube case: forcing age checks can force minors to browse logged‑out, which reduces the effectiveness of parental controls (restricted mode) and may expose them to worse content.
- Adult sites (example: Pornhub/hub): referenced as part of the broader ecosystem of age‑gate discussions.
Recommendations from the letter
-
Implement a temporary prohibition (moratorium) on deploying age‑assurance technologies at scale until independent study establishes:
- Whether age assurance is actually efficacious.
- The potential damages to general security, privacy, and societal wellbeing.
-
Prioritize independent, scientific evaluation of benefits, harms, and technical feasibility before wide deployment.
Commentary / position in the video
- The narrator strongly opposes mandatory ID/biometric age verification.
- Argues for parental responsibility and existing parental controls over forced verification schemes.
- Praises the academics for pushing back against current government and corporate plans.
Main speakers and sources
- The open letter authors: 371 security and privacy academics across 29 countries (primary source).
- Examples and companies referenced: Discord, Roblox, OpenAI, YouTube, Persona, IDMerit, “Tapp,” and adult sites (Pornhub/hub).
- The video narrator/creator (unnamed) — provides analysis and personal viewpoint.
Category
Technology
Share this summary
Is the summary off?
If you think the summary is inaccurate, you can reprocess it with the latest model.