Frequently Asked Questions:
- Should I comply with an age verification request? It depends on the service and your threat model. If you value the service and the only way to keep access is verification, choose the method that requires the least sensitive data and the fewest third parties. If privacy or anonymity is critical, consider whether giving up access is preferable to exposing identifying information.
- What questions should I ask before verifying my age? Ask: What data is required? Who will see it during verification? Who will retain it and for how long? Are there independent security audits? Who will know you attempted verification? Answers help you compare risk across options.
- Is facial age estimation safe to use? Facial estimation varies. On-device solutions (e.g., Private ID used by Google in some cases) are more private because images don’t leave your device. Services that upload selfies to vendors (e.g., Yoti used by Meta and TikTok) risk leaks and tracking. Also, facial algorithms often misclassify marginalized groups.
- Are document uploads (IDs) risky? Yes. Uploading a government ID proves identity and age but exposes names, addresses, and ID photos that can be retained or leaked. Some vendors and platforms claim deletion policies, but bugs, long retention defaults, and breaches have caused large disclosures in the past.
- Are there safer alternatives to face or ID checks? Less sensitive options include credit card verification, email/database checks, or privacy-preserving digital IDs that disclose only age. Credit cards are replaceable and typically processed securely, but still undermine anonymity. Digital IDs can be good if implemented without 'phone-home' leaks, but availability and trust vary.
Summary
Age-gating mandates are spreading, and many services now require users to verify age using methods that can expose sensitive personal data. This guide breaks down the common verification approaches—face scans, government IDs, credit cards, email-based checks, and digital IDs—explains who sees and stores your data, and highlights the biggest risks: data breaches, third-party sharing, long retention, and discrimination by automated systems. It details how major platforms (Meta, Google, TikTok) implement checks differently—some on-device, some uploaded to vendors like Yoti or Incode—and why marginalized users often face higher error rates with facial estimation. The Electronic Frontier Foundation opposes mandated age verification because these systems inherently threaten privacy, anonymity, and free expression; meanwhile, this practical resource helps users “follow the data,” ask the right questions, and pick the verification route that minimizes exposure.
Highlights:
- Follow the data: ask what’s collected, who can access it, retention length, audit practices, and visibility.
- Facial age estimation may keep images on-device (better) or upload them to vendors like Yoti (riskier).
- Document-based checks prove identity and age but expose full legal names, addresses, and sensitive ID photos.
- Credit card or email-based checks are lower-sensitivity options but still undermine anonymity and can enable tracking.
- No method fully protects everyone—marginalized groups can be misclassified and long retention creates breach risks.
Age verification is increasingly required by major services, but every available method carries trade-offs that can harm privacy, anonymity, and speech. The key principle is to 'follow the data': before you pick a verification route, ask five questions about each option—what data it demands, who can access it during verification, how long it will be retained and by whom, whether independent security audits exist, and who else will know you sought verification. Common approaches include inferred age from account activity, facial age estimation (on-device or via third-party uploads), document-based ID checks, credit card verification, email- and database-based checks, and emergent digital ID systems. Each approach differs in intrusiveness and risk.
Major platforms implement these methods in different ways. Meta often uses inferred signals first, then offers Yoti face checks (which upload selfies to Yoti) or ID uploads; both expose sensitive data and can leave traces in logs or support workflows. Google can use Private ID for on-device facial checks (better privacy), credit card charges, email verifications via VerifyMy, or ID uploads that it says are deleted after verification. TikTok relies on Yoti for face scans, accepts credit cards (or parental verification), and uses Incode for ID+face matching; Incode may retain data unless explicitly told to delete it. Third-party vendors’ practices matter: some upload images to servers, some claim immediate deletion, some have trackers, and some retain data long-term—creating breach and surveillance risks.
Because facial estimation tends to misclassify people of color, transgender/nonbinary individuals, and people with disabilities, it’s not an equitable solution. Document checks and digital IDs prove identity as well as age, which can undermine anonymity and expose you to broader privacy harms, especially with long retention policies. Credit card checks and email-based probes typically involve less permanently sensitive data (cards can be replaced), but still facilitate tracking and can reveal that you sought verification. There are cryptographic digital-ID systems that can disclose only age, but access is uneven and may still 'phone home' to issuers. The Electronic Frontier Foundation opposes mandatory age-verification regimes because they cannot fully protect speech and privacy; in the meantime, users should choose the least revealing method, remove identifying context from selfies, demand transparency about retention and audits, and request deletion when possible.