To be clear, I’m not advocating for online age verification. I’m very much against it in any form. I’m just curious from a technical standpoint if it’s possible somehow to construct an accurate age verification system that doesn’t compromise a user’s privacy? i.e., it doesn’t expose the person’s identity to anyone nor leaves behind a paper trail that can be traced to that person?
Depends on how reliable you need this system to be. For example, do you need to handle the scenario where an adult verifies their age to access a website, then lets a minor use that website in their place? That would be a much harder problem to solve than if you just need to verify that an adult was present on the other end at one point in time. For the latter, device-based age verification seems to be trivial to set up from a technical standpoint.
If there was a certificate you could verify from the government once you had it it only verified with the site saying 18+/21+ type of thing, if have certificate allow in, I feel that should be more than enough. Profile on the device with the cert is logged in with passcode, fingerprint, faceid, password whatever… Just to have the cert attached to your user for the browser to verify it was there would cover it. It shouldn’t show birthdate, or any user data, just age over 21 - yes.