UK’s proposed OS-level age verification could eliminate part of DVS market

The UK government is mooting device-level restrictions on nude images that could usher in a new era of a kid-friendly internet, kill off one of the major segments of the burgeoning domestic market for digital identity and biometrics services, or both.

Prime Minister Kier Starmer announced on Monday that the Big Tech companies that provide operating systems for smartphones and tablets – read Apple and Google – will have to implement measures to detect nudity and prevent children from viewing it, or face penalties like those in the Online Safety Act. The Times notes that includes potential criminal charges with maximum sentences of five years in prison.

Platforms and OS-makers have been arguing about where in the stack age assurance should happen all along, and messaging services have been a possible gap in the UK’s online safety regime.

But if that gap is addressed with ML algorithms on the device that must also be applied to apps and browsers, and can only be turned off at the device level, then the anticipated role for Digital Verification Service (DVS) providers in enforcing age minimums for access to pornography will disappear.

Home Office guidance refers to built-in features that can only be turned off “through an age verification process.” It also makes clear the measures are to prevent the possibility that children can “take, share or view” nudity, implying that the ML algorithms will also have to applied to web browsers.

“Adults will still be able to take, share or view nude content through an age verification process,” Home Office explains.

Both Apple and Google already have content filtering measures for children, such as blocking or blurring images with nudity. The proposed policy would require and expand their use.

The problem, the Age Verification Providers Association (AVPA) points out in a LinkedIn post, is that there is no trusted way for OSs to deliver age assertions to third-party applications currently deployed at scale.

The AVPA says that using existing technologies and architectures is the only way the policy can be implemented within the three months specified by the government.

“For the UK to proceed with its proposal for device-level controls that block nude images, with age verification used as the adult opt-out mechanism, there are significant technical, legal and commercial issues still to be resolved.”

Client-side scanning is fairly widely deployed, but not universal, and OS providers do not generally share the results of their internal, high-assurance age checks to others. Android allows apps from outside its official app store to be installed, which sets up possible circumvention. The policy sparks competition concerns and leaves liability uncertain.

Big Brother Watch Director Silkie Carlo says the policy will lead to “population-wide ID checks for all of us to use our phones, tablets and laptops.”

“The Government mandating that all phones in Britain require ID and surveillance software is a crossing of the Rubicon that would make the UK one of the most authoritarian internet regimes in the world,” Carlo warns. “This extreme technological censorship requires rigorous public and parliamentary scrutiny that is currently totally missing.”

Article Topics

AVPA  |  Big Brother Watch  |  biometrics  |  device-based age verification  |  digital verification service (DVS)  |  OS-level age verification  |  UK age verification