It’s getting a little more onerous to access online pornography. Within the past few weeks, Kansas, Florida and Idaho became the latest U.S. states to pass policies requiring “adult” websites to verify visitors’ age before allowing access. Five other states already had similar statutes, and lawmakers have introduced or are considering them in many more. Across the Atlantic, the European Union has imposed age-verification requirements on three of the world’s largest pornography sites. France, Germany and the U.K. also recently ordered all such sites to verify that users are aged 18 or older.
Supporters say that the intent of these laws is to prevent children and teenagers from viewing explicit and potentially harmful content. But age-verification requirements have drawn many critics, from the American Civil Liberties Union to Pornhub to online privacy experts. Detractors note that such laws endanger adults’ digital anonymity and put personal data at risk.
Currently the most widely adopted methods of digital age verification involve users sharing sensitive information such as facial scans, official ID cards or banking particulars with third-party companies—details which, in the process, inevitably get linked to individual data on pornography consumption. This poses obvious opportunities for hacking, theft and extortion, argue digital rights advocacy groups, including the Electronic Frontier Foundation.
On supporting science journalism
If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.
Yet there is at least one other approach. Olivier Blazy, a computer scientist and professor at the École Polytechnique in France, worked with the country’s National Commission on Informatics and Liberty (CNIL) to design a more private system of online age verification in 2022. This method, which has been under evaluation and testing in France since 2023, adds a digital intermediary between a restricted website and an age-verification service. The system prevents the website from “seeing” information that could identify a user. Meanwhile the third-party age verifier cannot detect which site a user is visiting. “There are still privacy risks,” Blazy says—but “it’s not worse” than the baseline risk all Internet users accept when they go online from personal computers. Scientific American spoke with Blazy to learn more about the problems of online age verification and how they might be fixed.
[An edited transcript of the interview follows.]
What are the privacy concerns surrounding online age-verification laws?
The privacy concerns come from questions of “What kind of data do you collect to do this age verification? And what are you going to do with them?” The worst example would be if you directly collected people’s name and the type of website they’re trying to access. Then someone could establish a list of who follows certain content—which could be used to target groups such as LGBTQ+ people. That would be terrible.
In France recently there have been many big hacks of government websites. The last one targeted the [government] unemployment website, and it affected 43 million people. We know that establishing lists is a very bad idea.
What are the most common strategies suggested for age verification? What vulnerabilities do they have?
One of the solutions people like to imagine is scanning an ID card—though we’ve already seen hacks that try to access identity documents. If this happens, it will probably be an easy target for hackers. And it’s easy to trick these systems. I managed to access a website by downloading a picture of an ID card I found on the Internet.
There’s also facial recognition—that leads to biometric data being stored. Biometric data are also super sensitive, and if this kind of information is leaked, it’s dangerous. From a hacker’s point of view, a database of biometric data is like a big piñata that you want to break open because that information provides easy access to do [harmful] things. There is also a lot of bias with facial recognition. It’s often very bad at estimating the age of women, especially if they are wearing makeup, and people of color.
Something that was classically done on adult websites was to ask users to perform a payment of $0 or £0 just to prove that you have an account that is set up to pay over the Internet. The idea is that these kinds of accounts are only for adults, but that’s no longer true. Some banks allow these kinds of payments and accounts from people younger than 18. Plus, this is bad because you are telling people to input banking information on a website that is not necessarily super secure. One can also imagine fake porn sites with fake portals that lure people to enter banking information.
What is the alternative strategy you helped develop?
We created an [automated program interface to exist as a firewall] between the content provider and the verification service.... The only information the content provider gets is a yes or no about whether a user is [aged 18 or older]. The only information the age verifier gets is that someone has sent an age-verification request.
In France people already have a digital identity through this portal called FranceConnect. Everybody with a French social security number has an account there. It’s what you use to pay your taxes. It’s not the kind of account you’re going to give away to someone else. We didn’t work with it directly, but we did try to devise a system that would be compatible with this and still prevent the government from knowing what kind of websites people access.
Our system is run by the user in a browser on their computer or smartphone. It’s not going to interact with an external server. When a user tries to access a website, the website sends them a challenge, and the user takes that challenge to whatever existing age-verification provider they want to use. The provider gives some kind of digital signature that assures that the user is [aged 18 or older]. The user can then forward that signature to the website.
Are there still privacy risks associated with this protocol?
There are still privacy risks in that sense that any time you use the Internet without a VPN [virtual private network], websites have access to your IP address, so you’re not anonymous. But what we did is prove that [our system is as secure as] this.
VPNs are often used to bypass age verification or other restrictions. Do these tools make verification laws ineffective?
If you ask me, I’m against these laws. I don’t think they’re super effective. I think teenagers are smart enough to be able to install VPNs.
If you want to defend these kinds of laws, I [do] think it might prevent some young children from accidentally accessing adult content. Maybe young children won’t think about installing a VPN to purposefully go to such websites. It might raise the age of first [pornography] access, which I think is a good thing, but it will not be efficient. Thinking about the cost of implementing these kinds of solutions and the privacy risk—it’s maybe not the best idea.
Are there any other methods to protect children from inappropriate online content?
The nontechnical approach is to educate parents about the dangers of the Internet. When they provide a smartphone to their children, they should understand that [those kids] will be able to talk to strangers [and see and share adult content]. I don’t want to blame parents; I want to warn parents and have them speak to their children.
If you want to use technology, some forms of parental controls offer a good solution. It’s not perfect, but it gives an extra layer of protection without the [large-scale] privacy threat.
Considering your stance on France’s law and similar policies, how does it feel to have developed a privacy protocol to enable age verification?
I really went into it thinking, “How can I do something that is less bad than what exists?” It was damage control, knowing [that France will adopt age verification].... I’m pretty scared of what is going to happen. But at least now we can point to something and say, “Look, we can have some privacy.”