upvote
Additionally there was a leak of the personal information of covid patients, the official tracking app was not affected as far as I can tell.

However even if the app is secure the storage and handling of the information is a different matter and it has been shown that care is not always taken.

reply
Why would an age verification app need to know your ethnicity/religion?

Governments likely already know your name, age, place of birth, so having an app with a standard API for verifying users isn't giving the government additional data.

reply
It is one extra attack vector. There is a data leak reported every week, and it is now apparent we cannot trust any organization to handle any datum securely, at all. It has gotten to the point where I now consider every piece of information compromised and sold on the dark web as soon as I am forced to transfer it to a third party. Because those are the odds.
reply
Doing absolutely everything useful with that data is "one extra attack vector". That is not any kind of a persuasive argument in itself.
reply
It's also replacing all the personal information stores from thousand applications and websites you have previously registered, or would have to. So arguably it's thousand attack vectors less.
reply
Governments will track with whom you verify. Much worse.
reply
Can we not spread nonsense narratives? One of the explicit requirements of the EU age verification system is that they cannot:

https://digital-strategy.ec.europa.eu/en/factpages/blueprint...

First, the user downloads the app onto their phone and sets it up by certifying their age. This can be done with a biometric passport/ID card, a national eID (e.g. national ID Card or other electronic identification mean), a pre-installed third-party app (e.g. a banking app), or in person (e.g. at the post office). Only the information confirming that the user is over the age will be saved in the app. No name, no birthday, or any other data is saved.

After completing this step, the communication between the app and the provider certifying the user’s age (e.g. eID, third-party app) ends. No further data is exchanged.

https://digital-strategy.ec.europa.eu/en/faqs/eu-age-verific...

reply
"government" age verification app will be made and maintan ed by some corp anyways.

so it will gather extra data, sell it sideways and leak like hell. (as they already do with all the data they already have)

reply
Since it requires Android or iOS, Google/Apple can gather the same data too.
reply
They did this from the beginning, still one can not cease trying to limit the exposure.
reply
I'm imagining something like recreation.gov in the US - it's the portal for booking campsites and other activities at national parks. It's run by BAH at great profit - most of the fees we pay aren't going to the national park service, it almost all goes to our corporate overlords.
reply
Not necessary to hearken back so far in history. In our present age the intelligence services consistently do not respect privacy rights of citizens, even when they are legally bound to.

https://www-bitsoffreedom-nl.translate.goog/2026/07/06/aivd-...

reply
Sure, but the poster was not just wrong, but wrong like "peace in our time" wrong. "Adolf? What a charming name" wrong.

Amusingly fantastically wrong.

NL may have its own issues like you linked to, but more uniquely had their collected data abused more than other countries in probably the worst event in history.

reply
I don’t follow. The Dutch tax office has substantially more complete records right now. Even if they don’t track race or religion as explicitly as they did in the 40s, your hypothetical invading Nazis can run some local AI over people’s last names and get close enough.

How is, of all things, an age verification app going to make that worse?

I mean I understand your argument in principle but it seems you’re arguing against ~every present-day functional government and not against an age verification app.

reply
I'm not even saying your conclusion is wrong. But choosing Netherlands about how information control is safe in the hands of the government is a bit of an own goal.

Like if I was the boss of a train company I would probably not put up a photo of Mussolini as a motivational poster. Well… maybe I would, but only ironically.

> How is, of all things, an age verification app going to make that worse?

What are you arguing for, here? If everything were perfectly anonymous, maybe. But NOT ONCE in history has governments decided to not abuse power. It'd be so easy to just put a tracker in there or something.

All these "think of the children" arguments are ALWAYS red herrings. Literally any action, any freedom denied, can be justified in the fight against CSAM. And so they get rushed through and abused.

The EU DNS filter (CSAADF) was literally IMMEDIATELY abused to block other things too.

"It's just age verification". Is it, though? How do you verify age without verifying identity? How do you verify its use, without tracking. Provably without tracking. Provably without what's called "turnkey tyranny"?

I think if your argument, which is an extremely common argument, is "I just want to block children's access to bad stuff on the Internet", then you cannot possibly have been paying attention to this debate that's been going on since at least the mid 1990s. Were you even born when this was being discussed? If that's your argument then you have about 30 years of catching up to do before you should speak.

[1] yes, I know Mussolini did not in fact make the trains run on time.

reply
>how do you verify age without verifying identity

zero-knowledge proofs

reply
Then you only know that someone is over 18. You don't know who is over 18. In particular, you don't know it's the person who's accessing your website.
reply
that's the same situation as children putting in their parents details/scanning their face/whatever, you're not going to solve this technically

the point is non-govt entities shouldn't get any information about you during age verification other than that you're over 18 and that's what ZKP can give you

reply
Your comment sounds like a politician who has just heard a magic technical incantation that solves everything.

I'm sorry, you can't just drop "quantum computer", or "zero knowledge proof", or "flux capacitor", and think that you have solved the problem.

Just dropping "zero-knowledge proof" as if it's a mic drop moment is like when Turnbull said "the laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia".

The devil in all this is in the details. Just saying "zero-knowledge proof" is just barely more productive than saying "won't someone please think of the children?".

If you don't have a complete solution, then you're "not even wrong".

In addition to that, you have misunderstood how zero-knowledge even addresses the main problems. Not the technical problems, and DEFINITELY not the meatspace problems.

reply
literally 0 substance in a 5 paragraph comment, I'm starting to think this might be a not-exactly-human poster
reply
First: That was six paragraphs, not five.

Second: There was some substance. Maybe not six paragraphs worth, but there was some. Here it is: You, when you said "zero-knowledge proofs", did not give much substance. How, specifically, is that going to work?

It's a bit rich for you to be complaining that knorker didn't have any substance, when the problem is that you didn't give any.

reply