After Numerous Screw Ups, EU Develops Own Age Verification App

The roll out of age verification has been a complete disaster. So, Europe has decided to roll out their own broken app.

Age verification has, so far, been a complete disaster for countries that implemented it. The technology has been circumvented by things like sharpies, pictures of golden retrievers, and, of course, VPNs. It has also been a security and privacy disaster thanks to things like the Discord data breach, the AgeGO scandal, and various other data leaks and breaches.

For supporters – particularly the mainstream media – the solution to all of this is to just completely re-write history and pretend that age verification is going swimmingly well. Yes, denial is about the only thing left supporters can use to bolster the technology and related laws.

So, what’s the solution to all of this? Realistically, abandoning age verification laws altogether. It was always a broken technology that has no hope of ever getting fixed. You’re never going to develop a solution that is both accurate and privacy focused. It’s either going to be ridiculously unreliable or extremely invasive. Experts have long urged lawmakers that they stop this age verification legislating and implementation until these issues could be properly studied first, but they got ignored because ain’t nobody got time for dat.

So, with the private sector predictably failing to deliver on the magical unicorn technology that verifies everyone’s age while still respecting the users privacy, it seems that the European government has decided to take a crack at this fools errand. They apparently decided to develop their own app for companies to use. From Tech Republic:

The European Commission has announced that its long-awaited age verification app is now technically ready and will soon roll out across the bloc.

The app is designed to let people prove their age when accessing online platforms, without handing over sensitive personal details. It comes as concerns grow over children’s exposure to harmful content, online bullying, and addictive platform designs.

Speaking on the initiative in a joint statement, Commission President Ursula von der Leyen and Executive Vice-President Henna Virkkunen stressed the urgency of the issue, saying, “When it comes to the safety of children online, the situation is extremely worrying.”

So, how did the EU government solve this fools errand of a problem? Apparently, just asking for credentials:

The system is built to be simple.

Users download the app, verify their identity using a passport or national ID card, and then use it to confirm whether they meet age requirements on websites or apps. Importantly, platforms will only receive a yes-or-no confirmation about a user’s age, not their birthdate or identity.

“Users will prove their age without revealing any other personal information. Put simply, it is completely anonymous: users cannot be tracked,” according to the Commission. The app will work across devices, including phones, tablets, and computers, and is also open source, meaning other countries could adopt the same system.

According to the EU, yup, they totally solved this whole thing. Now there is ‘no excuses’. The perfect solution that can totally never be fooled. The ultimate solution that is completely fool-proof and solves everything.

Now, I’m going to insult at least some of my readers intelligence and point out some of the problems with this concept.

First of all, it is easily prone to stolen credentials. Whether it is credentials that were uploaded or credentials that were snuck out of some unwitting parents purse, stolen credentials are going to easily circumvent this. If this report is anything to go by, there’s no other confirmation that the person accessing the app is really the person they say they are.

Additionally, VPN technology can still skirt this if stolen credentials are unavailable to the user seeking to circumvent this.

While I can appreciate the effort to simply offer a “yes” or “no” answer to different apps and services, this only solves some of the problems other age verification apps and services have. What’s more, I can appreciate that the government tried to choose simplicity given how much more broken the app becomes once you add complexity. Still, this is yet another broken app trying to solve this fools errand of a problem.

I can also appreciate that the EU approach to things has a history of being better than the North American approach. In North America, the approach is to just let the consequences fly and if people get screwed over by, for instance, having their information stolen and sold on the black market, the government tends to respond with a collective shrug and a response that amounts to “not my problem”. At least the European government acknowledges that the private sector has failed in this regard and chose to try and solve the problem themselves.

Of course, the problem is, again, that the private sector was handed a fools errand. Some vendors might thump their chest and say they have the perfect solution for everything because huge sums of money are at stake here. In fact, they may even throw around some buzz words like “industry standard”, “double blind”, or even “trusted solution”, but the reality of the situation is that the government effectively set up the private sector to fail because there is no solution to be had that “rises to the challenge”. The European government at least partially acknowledged this when they set up their own app. The problem is that the “app” that they set up doesn’t actually solve the problems either. They are going to find out sooner or later what a fools errand this whole thing is. The question in this is this: how many people are going to get hurt over this foolishness in the process?

Ultimately, the European government did manage to try and solve what the private sector could not – which is more than what could be said for North American governments. The problem is that their solution doesn’t actually solve the problem either. If anything, it is an extension of a government trying to feel like they did something. Age verification was an attempt to do something which failed. This is just another iteration of the government feeling like they are doing something as well. At the end of the day, all they accomplish is spinning the tires while not going anywhere.

Drew Wilson on Mastodon, Bluesky and Facebook.