Introduction

This article is designed to explain my personal take - as a professional in the IT space for over 18 years of my life, when it comes to the recent bills being proposed in not only the states but also federally when it comes to age verification. This covers both OS-level age verification, as well as verification for adult websites.

There are many reasons why I’m against both, but I should preface my reasons with my current stance regarding not only these sites/apps but also that of the concept of child-safety in general.

First, I do believe that children should be protected from aspects of the Internet. I fully am on board with this in general. How to do it is where I differ from, likely, a good number of people.

Second, I have the following stances regarding adult-themed apps and sites, as well as social media in general:

1. Porn rots the brain - I personally believe that the consumption of porn distorts one’s view of reality.
2. Adult-themed apps/games - This is the same as #1 above.
3. Social media, especially too much, also rots the brain - Social media can be a powerful tool, if used properly, but it can lead to “doom scrolling”, mental illness, and so on. It needs to be tightly controlled (more on this later).

In short, I don’t visit porn sites. I don’t download/play adult-themed games.

So, one may ask - doesn’t this all not affect you, why the post? That’s a good question, and it comes down to understanding where this is going, as well as data privacy.

Let’s discuss the actual problem

I believe there are two groups of individuals who are pushing these bills. I’ll only address one of the two in this section, but it’s the more well-meaning of the individuals. The people who have seen problems with our youth, and are looking at ways to solve it. These individuals are the more emotional of the two groups in my opinion, but I do see where they’re coming from.

First, the research [1][2] shows that social media changes people. Depending on how much and what they consume it can change how we as people approach situation, our emotional regulation, and so on. This is especially true with children.

The same can be said for porn.

This all relates to dopamine [3][4], and it’s been shown that social media sites[5][6] - as well as porn, can be addictive [7]

Now, with all this in mind, one’s immediate idea may be to:

1. Let’s ban porn and social media
2. Let’s regulate porn and social media

If the beginning and thought about all this stopped at seeing “oh it’s bad, we need to block it”, then your perspective would make sense. I’m asking, though, for people to think a bit deeper into the ramifications of such shallow thought.

I do have actual ideas on solving these problems, but let’s first dive into the what the risk is, going down this path.

Data Security and Privacy - a primer

This is where my background as an IT professional, and the crux of my personal take on this comes into play. To start in baby steps, I should define the terms a bit.

Data Security specifically means the protection of data that one obtains. This not only means from the traditional bad actors (also called hackers), but also from the government as a whole. The short version is unauthorized use of data should be minimized.

Data Privacy specifically means the ability for the least amount of information necessary to provide a service being obtained to provide such service. This is a big issue for me, and something I feel strongly about.

Both of the above account for something called Digital Hygiene [8]. In short, Digital Hygiene is a conscious effort by the individual to limit the exposure of their personal information online. The reason for this is simple. Data breaches are common [9] - very common. In 2025, there were 3,464 estimated data breaches that affected, in 2025, 278.58 million people [10].

This is a lot, and it’s been a lot, over the past number of years. One may reasonably ask that if so many data breaches happened, why bother? Well, I’ll answer that next.

Biometrics - why does it matter?

Biometrics can be identified as the following [11]:

Biometrics refers to the automated measurement and analysis of an individual’s unique physiological or behavioral traits, such as fingerprints, iris patterns, facial features, voice, or gait, to confirm or establish identity. These traits are selected for their inherent variability, stability over time, and resistance to forgery, enabling applications from personal device unlocking to forensic identification.

If you unlock your phone by looking at it, or using a fingerprint scanner? That’s biometrics.

Traditionally, depending on the service, biometrics can be collected a few ways:

1. On Device - This is traditionally to gather enough information to know if the person is the same one who set up the phone, and unlocks it accordingly.
2. In the Cloud/As a service - This involves the use of companies like Persona to verify the age of the individual.

In the case of #1, this is for authentication. This information exists on the phone, and at least with the iPhone, is locked in a special area of the operating system. In the case of #2, this is for authorization, which is often delegated to a company like Persona to handle.

So, let’s talk about Persona, since that’s the most applicable toward what we’ve been talking about above. Persona recently had a data leak [12], and what came out of it is pretty alarming. [13]

1. They don’t just age verify, they alert and communicate - 269 different checks are done on a user, cross referencing databases, and the like. This isn’t about just age verification, this is a surveillance tool.
2. They log for a long, long time - The information collects sticks around for “up to 3 years” (given the integration, that selfie is likely sent to other databases), as well as your government IDs and the like.
3. The run their code on government servers. Why?
4. They appear to have tight integration with the government. Again, why?

In essence - I don’t trust Persona in any way, shape or form. I recently was asked to do identity verification, through Persona. I contacted support, and said I wouldn’t do it - and asked for alternatives. Luckily, some companies are waking up to the use of Persona, like Discord.

That’s not the only leak in all this. Around August, 2025, the Tea app was hacked, and information was leaked online [14].

And, they’re even more. In October, 70,000 users “may have been leaked” [15]. We now have Discord pinkie promising that it’ll be checked on device, but many question this [16].

One big reason this “hill” is one to die on is because in the area of biometrics, we’ve been fortunate enough not to have too many leaks. Still a lot, but in the grand scheme of things, it’s still one data point that’s relatively safe - or was safe, until this legislation came about. There are better solutions, I’ll get to further in the article. But, I feel like the “strings” for all this are being pulled by other actors - who don’t really care about “protecting the children”, they care about control. We’ll get into that next.

The state of our privacy - where we’re going?

Above, I talked about two groups of people that I feel are pushing for this change. One group being the more well-meaning people, who are actually concerned about the children. The second group, that’s where they come in. This second group of individuals, in my strong personal opinion, is attempting to increase our surveillance state. In the U.S. we’re relatively free, compared to the rest of the world. There’s risk in freedom - and there needs to be full knowledge that some people will do some bad things. As was said “Give me liberty or give me death” [17].

First, let’s give a brief history. In the aftermath of the 9/11 bombings, the Patriot Act [18] came about. This was a controversial bill that, among other things, increased our surveillance state dramatically. Originally, it was intended to primarily deal with international intelligence gathering - that was the saving grace, or what most thought.

Around 2010 or so, Snowden released various files - in what I feel, was a good manner. He fed the files to reporters who were tasked with going through them. Normal channels to stop this activity wouldn’t have worked, and he did what he had to in my opinion. This led to the disclosure of PRISM [19], and the FISA courts (which rarely, if ever, pushed back). The amount of surveillance, even at that time, is absurd and we’re talking a good 15 years ago at this point. I recommend hitting AI to learn more about this, if this is all new to you. But suffice to say, the collection of information wasn’t just about international communication, it was also domestic - massive databases of known associates, and yes, of civilians too.

Fast forward to more recent years. You may have heard about the ALPR cameras [20] that have come up in the past few years. At first, they simply scan and check on license plates. Now, they’re held in databases and automatically shared - in a nice and easy lookup tool, called Flock Safety [21]. When I was talking about Flock with a colleague of mine, he said that Flock helped solve crimes. He’s right that Flock has helped to solve crimes, but I asked him - “Could those crimes be solved without Flock?” We dove into a few examples, his examples, where I pointed out alternative methods that would have led to the same result - without the need of Flock. Furthermore, Flock has been abused in many cases [21][22][23][24]. Either way, a good deal of people are now scrambling to fight back, when we should have fought when they started becoming a thing in the first place.

Flock cameras do a lot more now than just license plate scanning, and now detect people and sounds. In addition, they’re not used in accordance with the law. A privacy law was passed in Virginia recently, and police are breaking the law [25].

Now, we have a flurry of laws coming about that increase this surveillance state even more. Above, I spoke about one - age verification on websites (porn, social media), but that’s not all they have planned. There are two main categories of current proposed laws in addition to the above.

1. App Store Age Verification
2. Operating System Age Verification

There’s a really good website for this, the FSC Action Center [26]. But, California was the most recent state to pass legislation around this [27]. It’s a fairly “mundane” law on the surface - with a simple requirement of indicating age on sign-up. But, since anyone can lie about their age, where do you think this goes next once the infrastructure is in place? Then, there’s the ECC’s “App Store Accountability Act”, that “closes a glaring loophole”. They cite the daily caller [28] in a recent tweet, which I went into a deep dive debunking the article and the effects of this law on their proposed objectives [28].

We even have the FTC Commissioner, Mark Meador, claiming anyone talking about this want to “prey on your kids”, yeah, I’m serious:

People who argue that age verification requires collecting and retaining massive troves of personal data are not operating in good faith. They're just paid by people who want to prey on your kids.

— Mark Meador (@MeadorFTC) March 5, 2026

I replied to him, that some people are simply concerned about their privacy [31]

At this point, we’re seeing the scope of control increase quite drastically. There’s a claim of this to “protect the children”, but given the increase in surveillance as I indicated above, you’ll see where I’m coming from.

So what is the solution then?

Solutions to solve the problem

If we define the problem we’re trying to solve as purely about “protecting the children”, specifically around the ability for parents to help determine - for themselves, how to manage their children’s online activities, there are many options that exist already, and they don’t take much to get setup. This provides the ability for parents to manage their children’s activities in an online space, giving them access as they see fit - not what the government sees fit.

School-Issued Devices

Much of the below, I haven’t fully fact-checked. The colleague I mentioned earlier discussed how school laptops that are provided in the state of Iowa are far too open and are managed at the district level instead of at the state level. So, my proposal for this lies into two components:

1. Federally, the Department of Education creates a loose infrastructure for enrollment of devices. This includes the ability for enrolling not only computers, but phones and tablets into what’s called MDM (Mobile Device Management) that gives a loose profile that can be built off of. This can be tied to existing login credentials handled by many schools.
2. State wide, they introduce filters that apply at the state level (what should be allowed/blocked).
3. District wide, they tweak filters that apply at the district level (again, what should be allowed/blocked).

Enrollment of state-issued laptops and mobile computing equipment is handled through MDM. This would restrict admin access to the students, restricting what apps can and can’t be installed on those devices, what sites can be visited, and protections on the device (e.g. no web cam, hours, whatever)

This isn’t new technology. Companies routinely use MDM on a consistent basis.

Home-Provisioned Devices

For homes that provide their children devices, there’s multiple technologies already in existence that assist with parental controls.

Apple [32] has a strong set of parental controls already available. Google [33] also has strong parental controls as well.

Furthermore, if the school-issued device option is implemented, personal devices can also be enrolled in MDM, and inherit the same safeguards present on the school devices.

The problem with home-provisioned devices isn’t the technology. It’s there, and painfully easy to use. What the problem really is, is that parents not willing to be parents properly. I could go over a whole post on that alone, but families giving their child a device to raise them, instead of themselves raising their child, is annoying. That said, it’s not the state’s job to raise the child. It’s the parent’s job to raise the child. It’s a personal freedom stance for me on that.

Conclusion and getting involved

I sincerely hope that this article helps with two areas. First, to explain the problem(s) with the current slate of legislation, and to educate about the ramifications going through with it. Right now, I admit, this feels like a losing battle because at least according to some polls, a large number of Americans support pieces of this legislation (although, I question the sampling). On the surface, these laws seem “reasonable”, but they do increase the risk of even more data being leaked, abused, and unnecessarily shared. I also know that there will be a game of cat and mouse that happens here, and people will not only find a way to bypass this all, but will only call for more strict measures. And, like most laws that get passed, they never become undone. I believe the strings that are pulling people’s emotions around these laws is purely about increasing our surveillance state even further - and I think that’s a problem.

I strongly oppose all the legislation discussed above. In the end of the day, I do want children protected, but I want it done with efforts that only impact them - not the rest of society. In other words, I don’t want adults treated like children, nor do I want every person’s data surveilled to the extent that it is now (and will be in the future with this going through).

We need people to push back. The best route to start doing this is by utilizing the FSC Action Center’s Age Verification Bill Checker [26].

Utilize this link, contacting your representatives. Explain that this isn’t about porn or adult content. Explain that this is about digital privacy as a whole, and alternative ways of helping protect children online. Digital privacy and security should be all of our concern.

References

1. Hopkins Medicine - Social Media and Mental Health in Children and Teens
2. Yale Medicine: How Social Media Affects Your Teen’s Mental Health: A Parent’s Guide
3. YouTube, Huberman Lab Clips: Addiction Explained, Rises & Falls in Dopamine | Dr. Andrew Huberman
4. Carry Your Cross: How Porn Affects Dopamine: A Digital Drug
5. ResearchGate: Social Media Addiction: Symptoms and Way Forward
6. Grokipedia: Social Media and Suicide
7. Wikipedia: Pornography addiction
8. Digital Hygiene - What is Digital Hygiene?
9. Secureframe - 110+ of the Latest Data Breach Statistics to Know for 2026 & Beyond
10. Statista - Number of data compromises and individuals impacted in the United States from 2021 to 2025
11. Grokipedia - Biometrics
12. Fortune - Discord distances itself from Peter Thiel–backed verification software after its code was found on a Google Cloud endpoint
13. State of Surveillance - our Age Verification Is Filing Reports on You to the Feds
14. Fox News - Tea app hacked as women’s photos, IDs & even DMs leaked online
15. BBC - ID photos of 70,000 users may have been leaked, Discord says
16. Ars Technica - Discord faces backlash over age checks after data breach exposed 70,000 IDs
17. Wikipedia - Give me liberty or give me death!
18. Wikipedia - Patriot Act
19. Wikipedia - Prism
20. S&T Automated License Plate Reader Fact Sheet | Homeland Security
21. Flock Safety
22. EFF - EFF’s Investigations Expose Flock Safety’s Surveillance Abuses: 2025 in Review
23. Have I Been Flocked? - Two Tales of Real-World Flock Abuse
24. The Colorado Sun - After police used Flock cameras to accuse a Denver woman of theft, she had to prove her own innocence
25. Louis Rossmann - Virginia passed a privacy law that police immediately broke
26. FSC Action Center - Age Verification Bill Tracker
27. Tom’s Hardware - California introduces age verification law for all operating systems, including Linux and SteamOS — user age verified during OS account setup
28. Loeb & Loeb LLP - App Store Age Verification Laws Trigger New Federal and State Children’s Privacy Requirements
29. Daily Caller - EVAN SWARZTRAUBER: Congress Can Hold App Stores Accountable
30. X.com - Thread about the App Accountability Act
31. X.com - David’s reply to Mark Meador
32. Apple - Use parental controls to manage your child’s iPhone or iPad
33. Google - Help keep your family safer online