Keeping kids safe online is a top priority.
Today, the Commission has preliminarily found porn platforms Pornhub, Stripchat, XNXX, and XVideos in breach of the Digital Services Act for allowing minors to access adult content.
We’ve also launched investigation into Snapchat under doubts that the platform has failed to adequately protect minors from harmful content, grooming, and illegal products like drugs and vapes. We also suspect that they have failed to verify users age sufficiently.
We say this loud and clear: online platforms are responsible for protecting minors, and they need to do more to deliver on this responsibility.
The full press releases:
🔗 https://ec.europa.eu/commission/presscorner/detail/en/ip_26_722
🔗 https://ec.europa.eu/commission/presscorner/detail/en/ip_26_723
@david @bjoreman @HennaVirkkunen that site somehow doesn't seem to work here. But in general, these proposals fail, because sites can regularly probe for age brackets. If you do this on a regular basis, you can figure out someone's birthday.
E.g. if 12 years is a bracket boundary, the day that age gets attested is the birthday of the kid. Even more likely because someone is more likely to check close after their birthday to unlock some site/functionality.
@david @bjoreman @HennaVirkkunen The problem with most age attestations is that you can work out someone's birthday by keeping track of past attestations. When the attestation changes, someone had their birthday, thus the attestation gives away information that someone might not want to reveal.
This gets worse with implementations with which you can test age brackets (different age brackets under 18, to allow some content).
@david @bjoreman @HennaVirkkunen Also, age verification is strongly detrimental to open source and your freedom to choose your OS.
Most implementations of 'anonymous' age verification require remote hardware attestation (eventually), because otherwise you can manipulate the app/process that partakes in the attestation.
Mandatory remote attestation is pretty much the end of free OS choice, because you running your own non-approved software will shut you out of services.
@david @bjoreman @HennaVirkkunen Age verification + remote attestation is big tech's pipe dream. Google can already shut out competing systems from phone NFC payments, because pretty much every bank only supports Google/Apple Pay and Google doesn't attest alt-OSes.
Remote attestation of websites would be another level, making it practically impossible to live outside the Google/Apple duopoly.
@david @bjoreman @HennaVirkkunen For these reasons, Europeans should outright reject age verification.
Yes, I know it is difficult when kids can pretty much access anything, but as parents we have to find better ways than those that further kill privacy and entrench big tech players.
@david @bjoreman @HennaVirkkunen
You are missing my first point, even if an age attestation method does not reveal the birth date, you can infer the birth date from it because some day the attestation will flip from 'false' to 'true'.
Second, Spain is piloting the EUDI Wallet for age verification, which will implement remote attestation:
@david @bjoreman @HennaVirkkunen At any rate, Mastodon is too short a format to go into the details of issues with ZKPs for age attestation, so some useful pointers:
In the README, the following is listed: App and device verification based on Google Play Integrity API and Apple App Attestation I would like to strongly urge to abandon this plan. Requiring a depe...
@HennaVirkkunen and I have said it loud and clear too: protecting your children is the prime responsibility of parents and the tools to do so have become easier and easier to use and implement.
Apart from that what is a minor?
Apart from that, what’s the scientific evidence of seeing porn in the age bracket of say 12 to 18 is damaging? There is hardly any.
Apart from that, read the comments of @[email protected]
Because he is right and knowledgeable.
*Ugh*
Please not another excuse for why "handing over all your personal information and ID documents to random Internet services is good actually" 🙄
Are you suggesting it would be safe for EU citizens to submit their passport details to services like PornHub?
I think the sentiment is good but for age verification to work it needs to be provided as a service on EU/local governmental level to not leak sensitive information.
Unfortunatly not all countries have the faith in their goverment the same way we in Finland have, and in some cases for good reason, so age verification will be tricky to implement.
@HennaVirkkunen How do you suggest the platforms should do that? The lazy way everybody around pushes results in the platforms storing huge ammouts of data with government issued IDs. If you don't trust them with child protection, do you really trust them to keep that data private, not leak them and not misuse them?
So please, really think through the next steps. Cause so far I see only really stupid solutions for this issue, resulting in weakening privacy in the name of protecting children.
@HennaVirkkunen I understand all the concerns here, but do we realy want minors to grow up watching 5 dudes in a group r*pe like scene do a young underaged looking woman with pain in her face, urinating on her, thinking that's normal and they have to do or accept this in their later lifes?
Those are contents minors find behind these companies "Are you 18 years old? Klick yes or no!".
This is irresponsible!
Just 2 cents: the EU should provide census API, so that it would be possible to verify age of people. Census is a govt job. There is no digital identity on internet.
This is a fault of governments. Once you create a digital ID to check with, then you have the right to complain about "you don't check their age".
Dear @EUCommission and @HennaVirkkunen
Please consider what the world wide community of scientists for computer security and privacy, who are studying the impacts of technology on society, have to say on this topic. They published an open letter, signed by more than 400 scientists in the field, calling for a (temporary) moratorium on age verification online earlier this month:
https://csa-scientist-open-letter.org/ageverif-Feb2026
Henna Virkkunen
Fredrik Björeman
David
Daniël de Kok
Paul
ABT554
Stefan Frede
John Ahlroos
Zughy
ManuX
Morwud
SummerOf68
ikuturso 🇪🇺
Ivo Limmen
Uriel Fanelli
Ivan Carapovic
Dylvn
Jonas Sulzer
René
Osma A 🇫🇮🇺🇦
Dragofix