Online age checks blasted by US rights group, researchers

Online age checks are threatening Americans’ constitutional rights, according to a free speech advocacy group and a team of academics.

Their position is being put to the test in courts of law and public opinion. A group of researchers from Princeton University, UNC Chapel Hill and Duke University, in particular, have received criticism for their dismissal of the availability of effective and privacy-preserving age assurance methods.

The Foundation for Individual Rights and Expression (FIRE) is suing the state of Utah in federal court to have its second attempt at regulating age restrictions for social media tossed.

Utah’s first attempt was repealed earlier this year, and replaced with SB 194, which was signed into law in March. The new bill requires “documentary evidence” of the account holder’s age so that people under 18 can be served a limited version of the social media platform.

The new law is also unconstitutional, according to FIRE, because it similarly restricts people’s speech and access to “constitutionally protected content.”

Primed for a fight

A similar point is made in “Child Online Safety Legislation (COSL) – A Primer,” a paper from four academic researchers that argues that the motivation for age restriction regulations is flawed.

“The debate over these reforms takes for granted that social media harms young people, that this is supported by empirical evidence, and that the reforms proposed by policymakers will have a material, positive impact on young people’s mental health and well-being,” the researchers write. “However, these issues are far from settled.”

The primer focusses on U.S. efforts to regulate the online lives of children. While regulatory change is needed, the researchers argue, more evidence and less moral panic should go into the formation of those measures.

The paper refers to the Age Verification Provider’s Association (AVPA), but the organization says it was not contacted by its authors.

“We’d have been more than happy to speak to you and give you the opportunity to present a balanced report considered how privacy enhancing technology and [cryptography] can easily address the risks you highlight,” the organization responded on LinkedIn.

“Such lack of academic curiosity suggests your conclusions preceded your research.”

Yoti CEO and Co-founder Robin Tombs panned the paper even more forcefully. He notes that the paper dismisses biometric facial age estimation with three sentences, referring to Yoti by name and citing a report that it can be easily spoofed without identifying the report.

Tombs argues that the technology has been declared effective by NIST, German regulator KJM, and customers like OnlyFans and Meta. He calls out several examples of lacking diligence in the paper, labels it “unscience,” and advises the authors: “Don’t pretend you are experts on age checks.”

Perhaps stakeholders in the U.S. could learn from Europe. The AVPA suggests in a LinkedIn post that with eIDAS 2.0 taking effect, the EU Digital Identity Wallet could be part of the answer to effective age assurance.

There are several potential barriers to the EUDIW’s use for age verification, however.  Many young people, and particularly children, are not likely to have a digital wallet anytime soon. Further, the security features of the EUDI Wallet require the user to initiate each interaction, which could mean constant interruptions compared to the current user experience.

The AVPA concludes that all options should be kept open while the evidence rolls in.

Article Topics

age verification  |  AVPA  |  biometrics  |  EU Digital Identity Wallet  |  legislation  |  social media  |  Yoti