The Age Verification Nonsense: When 'Protecting Children' Means Destroying Privacy
So Bluesky just locked someone out of their account until they verified their age. The options? Hand over a copy of your government ID to some third-party verification company called KWS, submit to a face scan, or provide the last four digits of your social security number. Their response? Delete the app and walk away. Can’t say I blame them one bit.
This age verification push is spreading like wildfire across social media platforms, and it’s being sold to us under the oldest political con in the book: “think of the children.” Various states in the US are mandating these requirements, and platforms are scrambling to comply. The article someone linked shows that this isn’t just a Bluesky decision – they’re being forced into it by state legislation. But here’s the thing that really gets under my skin: this has absolutely nothing to do with protecting children, and everything to do with dismantling what little online privacy we have left.
Let me be blunt here. Kids have always found ways around restrictions. Always. Someone in the discussion thread made an excellent point from their time working in IT at a high school – back in the early 2000s, students were using proxy servers to bypass web filters. Today’s kids are exponentially more tech-savvy. They’ll use VPNs, they’ll borrow their parents’ verified accounts, they’ll find workarounds we haven’t even thought of yet. The idea that making me scan my face or hand over my driver’s license is going to prevent a determined teenager from accessing social media is laughable.
What’s actually happening here is far more sinister. We’re building a massive database linking real identities to every online account, every comment, every “like,” every browsing habit. Someone pointed out that law enforcement would absolutely benefit from this – imagine having “User hornyperson4929 is actually John Doe at 123 Main Street” in a searchable database. And who’s storing all this sensitive identity verification data? Third-party companies we’ve never heard of, with security practices we can’t audit, creating honeypots for hackers. Because that’s worked out so well with the dozens of massive data breaches we’ve already experienced.
The discussion thread had someone suggest a better solution if we actually cared about child safety: devices could ship with parental controls locked on by default, requiring adults to actively unlock features. It’s not perfect, but it would place the responsibility where it belongs – with parents – rather than requiring every adult on the internet to prove they’re not a child to access social media. But that solution doesn’t give governments and corporations what they really want: a comprehensive map of who everyone is online.
Look, I work in DevOps. I understand systems and data flows. The technical people in the industry are universally clowning on these age verification laws because we know they’re unenforceable, easily circumvented, and won’t achieve their stated goals. California is even trying to mandate age verification at the operating system level, which is genuinely bonkers from a technical standpoint. But the laws keep coming anyway, which tells you everything you need to know about their actual purpose.
One commenter said they don’t even care if their kids watch porn – they did as teenagers themselves. That brutal honesty gets at something important: we’re creating a surveillance infrastructure that will outlast whatever moral panic sparked it. Today it’s “protecting children from adult content.” Tomorrow it’s “preventing misinformation.” Next week it’s “national security concerns.” The goalposts will keep moving, but the surveillance apparatus will remain, growing more comprehensive with each new “emergency.”
I’m genuinely hopeful that this might kill social media as we know it. Not because I want to lose the ability to connect with people online – quite the opposite. But the current model of massive centralized platforms owned by billionaires and increasingly controlled by government mandates is broken beyond repair. Someone mentioned the “Dead Internet” theory, where AI-generated content floods everything to the point of uselessness. Combine that with mandatory identity verification, and you’ve got platforms that are simultaneously less private and less useful.
The interesting discussion is happening around alternatives. Federated social media, old-school blogs and RSS feeds, self-hosted solutions, mesh networks – people are actively looking for ways to route around this damage. Someone mentioned Lemmy, which is essentially federated Reddit. Others talked about returning to curated blog reading instead of algorithm-driven feeds. These aren’t perfect solutions, but they’re moving in a direction that distributes power rather than concentrating it.
If Reddit ever requires ID verification, I’m out. Same with any other platform that demands I prove my identity to participate in public discourse. We’re being asked to accept that anonymity and pseudonymity online are luxuries we can no longer afford, that the price of participating in digital public spaces must be constant identification and tracking. That’s not a trade-off I’m willing to make, and it shouldn’t be one that any of us accepts without serious pushback.
The person who deleted Bluesky rather than hand over their ID made the right call. Every time someone makes that choice, it sends a signal to these platforms and the legislators behind these laws. Maybe if enough people walk away, they’ll realize that “protecting children” isn’t worth destroying the open internet. Though honestly, I suspect they know exactly what they’re doing, and the children were never the point at all.