As the European Commission pushes ahead with plans for European Union-wide online age verification via a dedicated app, the tech sector warns about the potential consequences for privacy and anonymity.
The warnings come as scrutiny intensifies around the EC’s newly unveiled prototype verification app.
Andy Yen, chief executive of Swiss technology company Proton, warned that online age verification risks reshaping the internet in a bad way and “kill privacy”.
“Age verification as it is currently being proposed in country after country would mean the death of anonymity online,” he said.
“Online privacy has always been tenuous. But with age verification, we’re on the cusp of, once and for all, requiring ID for every single person going online, for any reason, legal or not, adult or not. And that should terrify us all,” he insisted.
While acknowledging the need to protect minors online, Yen criticised what he described as an overly aggressive and poorly targeted regulatory push.
“Online threats to children are real, but the headlong European pursuit of age verification that we’re seeing around the world is unacceptable in its approach and far too broad in scope,” warned Yen.
He further argued that the emerging regulatory framework disproportionately benefits large technology firms, the very companies, he noted, that contributed to today’s data-driven ecosystem.
“The same tech giants who built the privacy nightmare that the internet is today,” he said.
Yen warned that the increasing volume of sensitive personal information being collected, including passports, biometric data and video verification, creates inevitable risks.
“The business of age-gating the internet has come a long way from ticking a box,” he said.
“Now people are submitting passports, videos, even fingerprints. And what’s happened? The same thing that’s always happened: that data gets leaked.”
The accumulation of such data, he argued, makes platforms attractive targets for cybercriminals. While some companies may handle the responsibility securely, others will not.
Within hours of the release of the EU age verification app, security researchers reported serious vulnerabilities. One claimed to discover fatal flaws in only two minutes.
Speaking to Brussels Signal today, several software developers were blunt in their assessment.
“They really messed up,” one developer who wished to remain anonymous said.
“It’s easy to bypass; it’s not far off a standard ‘are you 18 years old?’ form,” another one told us.
“Without particular hacking abilities, I was able to identify at least 27 bugs. I can only imagine what a determined hacker could do,” the developer said.
