Online age checks are not just about children; they’re about getting everybody onboard with digital identity and biometric surveillance: perspective
Digital ID and biometrical facial scans for online age verification are quickly becoming passports to the internet thanks to legislation and big tech policy changes.
As governments begin enforcing age identity checks, big tech and social media companies are following suit with sweeping updates affecting all users in all parts of the globe.
In September 2018 the World Economic Forum (WEF) published a report stating that digital identity will determine your level of access to information.
Fast-forward seven years, and this is has become a reality as digital IDs and biometric facial scanning become the new normal for passing internet checkpoints.
“This digital identity determines what products, services and information we can access – or, conversely, what is closed off to us”
WEF, Identity in a Digital World: A new chapter in the social contract, September 2018
The new laws and policies come under the guise of “child safety,” but when looked at through a different lens, the message can be easily inverted to mean “adult endangerment” as everyone’s speech and access to information will be dependent upon some form of digital ID for accessing search engines and social media.
Whether through a government mandate or through the fusion of corporation and state via public-private partnerships, the years-long agenda to rollout internet passports is steaming ahead.
Here, we take a look at legislation coming from the European Union (EU), the UK, Australia, and the US, as well as big tech policies being implemented and how they will impact all of society.
The EU Digital Services Act
The European Commission is in the process of testing an age verification app prototype that is built upon the EU Digital Identity Wallet framework.
Five nations have agreed to be guinea pigs for this new experiment:
- Denmark
- France
- Greece
- Italy
- Spain
The European Commission website is awash with ways this type of internet passport will protect children.
The announcement includes quotes like: “Making sure our children and young people are safe online is of paramount importance,” and “Children deserve a safe digital childhood,” and “They [guidelines] will ensure that children and young people can continue to enjoy the opportunities the online world.”
But beneath it all, adults will be equally impacted, and this is yet another backdoor or Trojan Horse for coercive biometric surveillance and digital identity adoption for all.
“Built upon the robust European Digital Identity Wallet framework, this user-friendly and privacy-preserving age verification solution enables individuals to demonstrate their eligibility for age-restricted online services, such as those restricted to adults, without disclosing more personal information than absolutely necessary.”
European Commission, EU Age Verification Solution, July 2025
“A core objective of this initiative is to deliver a consistent, secure, privacy-preserving and user-friendly age verification experience that can be easily integrated into a wide variety of digital services throughout the European Union.
European Commission, EU Age Verification Solution, July 2025
“The modular architecture and adherence to open standards not only ensure interoperability between national systems, but also allow online service providers to adapt the solution to their own technical and regulatory environments”
According to the EC, “The age verification blueprint […] lays the groundwork for broader deployment of age-appropriate based services in the future and is built on the same technical specifications as the European Digital Identity Wallets (eID) that are to be rolled out before the end of 2026.”
“This ensures compatibility between the two and enables the integration of the age verification functionality in the future eID Wallets.”
This is not just about children. It’s getting everybody onboard with digital ID, continuous facial recognition monitoring, and internet passports.
This digital ID and internet passport rollout is part of the EU Digital Services Act (DSA).
Recently, the US House Judiciary Committee obtained documents from the European Commission exposing the DSA as a tool for censorship, where a sentence like “We need to take back our country” is considered to be “illegal hate speech.”
If platforms don’t comply with censorship recommendations from EC-approved NGOs and Civil Society Organizations (CSOs), then the platforms can get fined up to six percent of their global earnings.
“The DSA is being used to censor political speech, including humor and satire. Documents produced to the Committee under subpoena show that European censors target core political speech that is neither harmful nor illegal, attempting to stifle debate on topics such as immigration and the environment”
US House Judiciary Committee, “THE FOREIGN CENSORSHIP THREAT: HOW THE EUROPEAN UNION’S DIGITAL SERVICES ACT COMPELS GLOBAL CENSORSHIP AND INFRINGES ON AMERICAN FREE SPEECH,” July 2025
On May 7, 2025, the EC held a workshop with the biggest names in tech, NGOs, and CSOs called the “DSA MULTI-STAKEHOLDER WORKSHOP ON SYSTEMIC RISKS AND THEIR MITIGATION.”
One participate, Access Now, which ironically claims to advocate freedom of expression while promoting digital identification systems, remarked that “everything that can be considered as hateful and harmful” should be removed from platforms.
With the European Commission completely committed to enforcing internet passports, digital ID, and censorship, the UK is following suit.
The UK Online Safety Act
With the enactment of the Online Safety Act (OSA), which also claims to protect children, everyone must submit to an internet passport check when accessing social media and other large user-to-user services, which the bill refers to as Category 1 services.
Like with the EU, we see that this is not aimed at just allegedly protecting children — this is also aimed at adults.
The bill uses Orwellian doublespeak with phrases like “Adults will have more control over the content they see,” which actually means that adults will see what the algorithms nudge them to see.
They will be nudged toward content from “verified users” — the ones who sign up for digital ID schemes or give up their biometrics through facial scans for the internet passport check.
“Adult users of such [Category 1] services will be able to verify their identity and access tools which enable them to reduce the likelihood that they see content from non-verified users and prevent non-verified users from interacting with their content. This will help stop anonymous trolls from contacting them”
UK Government, Online Safety Act: Explainer, April 2025
According to the User identity verification section of the OSA:
- A provider of a Category 1 service must offer all adult users of the service the option to verify their identity (if identity verification is not required for access to the service).
- The verification process may be of any kind (and in particular, it need not require documentation to be provided).
Here we see that even if an identity check isn’t required, it still must be offered.
And if the age check doesn’t require documentation, the most obvious alternative is continuous facial scanning, which acts like a living digital ID where your image is always up-to-date in real-time.
Any government may say that the data collected will be erased and that privacy will be secured, but how long will those assurances last when a new regime is in power or when a new emergency is declared?
“Category 1 services will also need to proactively offer adult users optional tools, at the first opportunity, to help them reduce the likelihood that they will encounter certain types of legal content”
UK Government, Online Safety Act, July 2025
On the censorship front, the OSA states that “Services will be required to take steps to remove illegal disinformation content if they become aware of it on their services,” and these services will also need to reduce the likelihood that adults will see “certain types of legal content” — like self-harm.
But definitions can be vague. Repercussions sweeping.
Criticizing climate change policies like net zero, or questioning public health authorities could all be considered forms of self-harm.
Afterall, a threat to the planet is a threat to the self, and questioning public health authorities is the same as questioning science itself, which is dangerous to everyone.
Once digital ID and other forms of internet passports are in place, the move towards censorship becomes that much easier.
Now let’s look to Australia’s requirements for internet passport checkpoints.
The Australian Online Safety Act
Australia’s Online Safety Act claims to be all about protecting children, but yet again, we see it is about casting a digital dragnet over everyone.
When the section for social media minimum age was introduced, Senator Malcolm Roberts warned in 2024 that the continuous facial recognition scanning would cover adults as well as children and that the cameras would always be watching.
“The issue is not who signs in to social media; the issue is who’s using the account,” said Roberts.
“This requires the device camera to always be on to check the user’s image against their digital ID to prevent, for instance, someone’s younger siblings from taking of the session.”
Roberts also warned that the constant surveillance coming out of the OSA could lead to censorship under the guise of combatting so-called misinformation and disinformation.
“The new law puts the onus on social media platforms, not parents or children, to take reasonable steps to ensure fundamental protections for under 16s are in place”
Australia eSafety Commissioner, Social Media Age Restrictions, July 2025
In Australia, it is the responsibility of the platforms to enforce age checks for accessing content that the government says is appropriate for children. The decision is not up to the parents.
And while Australia’s “Social Media Minimum Age” Fact Sheet “Specifies that no Australian will be compelled to use government identification (including Digital ID) to prove their age online,” this doesn’t prevent private companies from using facial scans for compliance.
“Digital identity apps were proposed as an effective AV method as an individual’s personal information remains stored on their phone“
Australia eSafety Commissioner, Age Verification Consultation, August 2021
According to the age assurance call for evidence:
- Digital identity apps were proposed as an effective AV [Age Verification] method as an individual’s personal information remains stored on their phone. QR codes or links can be used to connect with the app and allow for an age attribute to be shared with the requesting site or platform.
- Physical age tokens can be used to generate an online password for any age-restricted content. Mobile operator age checks were also suggested.
- Facial analysis technology was presented as a suitable biometric option, particularly for individuals who do not have government identity documents. It allows for one-time facial scans which estimate a user’s age – no data is stored.
The nudge towards using facial analysis technology is almost universal.
The call for evidence talks about a “one-time facial scan” but what does that mean? You only need to scan your face once and never again?
Or does “one-time” mean you have to scan your face “one-time” for each time you log on?
And just how accurate is this technology at determining the difference between a 15-year-old and a 16-year-old?
What happens when a 16-year-old scans their face to logon, and then hands it over to a 15-year-old?
Digital identity lies in wait as the perfect back-up scheme.
Australia commenced the Digital ID Act in 2024, and is currently trialing digital ID for online age verification.
Digital identity as a means of age verification and internet passport is considered to be voluntary at the moment.
However, the foundation is already being laid, so that the switch from voluntary to mandatory can be implemented at any time, for any reason.
Now let’s take a look at what lies in wait for the United States.
The American Kids Online Safety Act
The Kids Online Safety Act (KOSA) in the United States is currently sitting in the senate, and it is another piece of legislation that claims to protect children while being a smokescreen for surveillance, censorship, and internet passports for all.
At the present, the bill calls for an “age verification study and report” to consider which systems could be used for online age verification.
If the bill is ever ratified, the study could then go on to explore the solutions presented by the EU, the UK, and Australia like digital ID, facial scanning, credit cards, government issued IDs, and physical age tokens.
Moving from federal to state, many age verification requirements for social media in the US are being handled at the state level.
Much of the responsibility is placed on the parents and not on the platforms or the state.
Now let’s look at some of the big tech platforms to see how their policies are changing amid this global push for internet passports.
Big Tech and Social Media Platforms Deploy Age Verification Worldwide
When it comes to Google: Some content and services are subject to age verification. To access age-restricted content or services, the company may ask to confirm your age with a valid government ID, or a valid credit card.
For Google-owned YouTube, the video platform recently began using AI to interpret a variety of signals to determine whether a user is over or under 18.
These signals include the types of videos a user is searching for, the categories of videos they have watched, or the longevity of the account.
In the case of a false positive, the user will have the option to verify that they are 18 or over, such as using a credit card or a government ID.
And Spotify is testing age assurance technologies in select markets with its own internal age estimation technology and partnering with digital identity company Yoti.
Spotify also enlists facial scan technologies for age checks.
With more and more internet passport legislation being enacted, more and more private companies are following suit.
From Vaccine Passports to Internet Passports: The Global March Toward Digital ID and Biometric Surveillance
The agenda to require digital identity and biometric surveillance in order to access social media platforms and to use search engines has been years in the making.
The technological foundation is in place, but the rules have been set in pencil.
If you didn’t show proof of vaccination during lockdowns, you were “killing grandma.”
Now we’re going from vaccine passports to internet passports.
By showing proof of age, you are protecting children.
It’s all inverted.
“Two weeks to slow the spread” lasted over three years.
Voluntary became mandatory.
Your passport to the internet is your passport to information, your freedom of expression, your ability to network and interact with others, but it goes far beyond that.
Your financial transactions, your consumption habits, your medical history, everything about you goes into feeding these digital identity systems.
In the end, these measures are for public and private entities to gain more insights into your private life, so that you are more easily incentivized, coerced, or otherwise manipulated into compliance.
Image Source: AI generated with Grok
