It is not preemptive cynicism. My issue isn't with private corporations having access to my data, it's with my government having access to my social media profile.
Zero trust age verification means both sides don’t have to learn anything about each other beyond old enough yes/no. Should mean that.
I’m fine with age verification if it fulfills at least the same criteria that offline age verification does. When you show your ID card in a supermarket to buy alcohol or cigarettes or whatever then the government doesn’t learn anything about what you did and if the cashier doesn’t memorize and write down anything on the card the supermarket doesn’t learn anything about your identity. Here the digital solution can and should do better and close that theoretical deanonymization vector.
> Zero trust age verification means both sides don’t have to learn anything about each other beyond old enough yes/no. Should mean that.
Well, it doesn't. Absolutely none of the systems people are putting into place, or suggesting putting into place, are actually zero trust. The ones that claim to be are "somewhat lower trust if you don't think hard about how to exploit them". Yes, we know in theory how to do zero trust. The reality of these mandates is that people can easily get de-anonymized to all kinds of actors who should't be able to identify them.
It's also a "solution" to a massively exaggerated problem, one that's not in any way specific to any given age group. But that's unrelated to the fact that nobody is, in practice, doing or planning to do anything privacy-preserving.
Will age verification require the use of software I can't view the source of and/or can't patch (due to remote attestation), and presumably only runs on user-hostile systems (Android with Google Services and iOS)?
It is not preemptive cynicism, it is also unprobable becaues the EUDI [0], tech specs and example source code are open source and available on GitHub for everyone to review [1]. The age verification is implemented in a pricacy-friendly way, you can't even obtain the exact age during the verification step. The are brackets (such as 13+, 18+) and all the verifier gets is a "yes" or "no". Not your name, not your age.
Please stop spreading FUD when the actual implementations behind the government initiative are actually open source and have been designed to allow anonymous verification.
