ZH version is available. Content is displayed in original English for accuracy.
Advertisement
Advertisement
⚡ Community Insights
Discussion Sentiment
51% Positive
Analyzed from 3403 words in the discussion.
Trending Topics
#app#age#android#verification#government#services#google#ios#social#media

Discussion (91 Comments)Read Original on HackerNews
Thing is, the status quo is absolutely worse. My 13yo son likes making Roblox games. Suddenly, some months ago, Roblox made a change where you’re not allowed to share your games with friends unless you do “age verification”, apparently in some misguided bid to beat the pedos. In Roblox’ case, this means sharing your 3D likeness with some sketchy American business who pinky promises to delete said data after. I don’t want random American tech companies to have my kids’ biometric info like that, able to sell it to whoever asks. Nor my passport or anything like that.
I’d much prefer a government supplied app, that’s guaranteed to protect my privacy, and has no business incentive to sell my data, where I can see what data about me (or my son) is shared with Roblox or whichever sleazy business wants it.
Obviously this only makes sense if the government is less sleazy than the average American tech business, but for all its faults, I think that currently holds for the EU (and most of its member countries). There’s plenty precedent of EU governments doing privacy-conscious apps right (the Dutch covid tracking app comes to mind).
I hope they see reason and fix this here issue.
How about the option of the state not being so tyrannical in meddling about what people anonymously do online in their free time?
Also, don't use Roblox, you can freely share games made with PICO-8, Löve, Godot, Rpgmaker, Game maker and the like, no need to go to the hell scape that is Roblox and its dark patern and locked down ecosystem.
Don't get me wrong. I agree roblox is a very shady operation, but that does not erase the fact that their platform is unmatched when it comes to letting kids make games.
There also Luanti, the new name of MineTest, which is closer to the Roblox experience (in the sense that there already a playable game there, and creating new stuff is closing to modding than to game making).
In any case, I think that age gating would not be needed if the platforms were regulated to remove addictive recommendation algorithms.
This is a bit of a 64,000 euro question, though. Look very closely at what the government exemptions for GDPR are.
I don't think it's Godwin's Law when you are so spot on, exactly describing the worst case.
However even if the app is secure the storage and handling of the information is a different matter and it has been shown that care is not always taken.
Governments likely already know your name, age, place of birth, so having an app with a standard API for verifying users isn't giving the government additional data.
so it will gather extra data, sell it sideways and leak like hell. (as they already do with all the data they already have)
https://www-bitsoffreedom-nl.translate.goog/2026/07/06/aivd-...
However there is ZERO talk about mobile platforms... No alternative solution like linux for the desktop, no money or care given to the few alternative that tentatively exist, and zero talk about forcing companies (at least for the ones shipping android phones) to open up their firmwares and allow users to install alternative OS if they want to sell in the EU.
So whilst the backend guys more or less got the memo about sovereignty, I think there is still a lot of educational work to do regarding end user devices and what kind of digital slavery hole we're digging ourselves in...
(because you still need the hardware made, and it's not like the EU commission is even prepared to fix BSPs for that hardware)
The EU has endlessly sold critical infrastructure to US, India and China while actively sabotaging efforts to rebuild it and now want it back - for free. This is criticized as having a low chance of success, as well as being a pretty unreasonable demand.
These digital ID wallets do exactly that. Member states lose control of the ID infrastructure, which will now be controlled by the EU. There isn't much sovereignty left at national level...
It will totally not be used to sanction you the moment you become a nuisance to the EU elites by saying "wrong speech" that goes against their mandated doctrine or pointing out their acts of corruption or dismantling of democracy.
The EU building in Brussels even has the word "DEMOCRACY" plastered on the front in large bold letters[1], in case you forgot.
[1] https://audiovisual.ec.europa.eu/en/media/video/I-287829
Seriously, there is something tremendously wrong with governance when politicians keep changing the whole world around us, without us having any say in it at all. The threat this measure poses to the internet and society is significant, yet it is being pushed through without any substantial debate or push back. This just is not how decent and actual democracies should function. What messed up timeline is this?
That's where you're wrong. Most people actually do agree with age verification. Just because a decision is stupid it doesn't mean it's undemocratic. Trump was elected democratically, twice. Brexit passed through a referendum.
Shifting this question benefits only those who want to force this upon us.
Additionally the amount of elderly that don't have or can't use a phone or don't have anyone that can help them with it will decrease rapidly anyway. In my experience it's mostly the same generation as the people that remember WWII.
"EU age verification app to ban any Android system not licensed by Google" 27-jul-2025 https://www.reddit.com/r/BuyFromEU/comments/1mah79o/eu_age_v...
and
"EU age verification app not planning desktop support" 24-sep-2025 https://news.ycombinator.com/item?id=45359074
It would be a difficult choice but would it really be so bad to be excluded from such a society? Don't a lot of people from silicon valley dream to be farmers in the wildlands?
It's not like it's a feature for you the end user, it doesn't solve any of your problems, on the contrary, it creates new ones.
App and device verification based on Google Play Integrity API and Apple App Attestation
But I can't find that anywhere. Am I missing something?
Edit it was not visible from the discussion link but it is visible from the issue link below. Also it seems to be transferred over from a totally different repo?
https://github.com/eu-digital-identity-wallet/av-doc-technic...
Yes, that this post is propaganda.
Are there any other Operating Systems than iOS, Android or Android flavors?
WebOS was nice but who is still using this? Symbian? Can you even use Social Media Apps with another phone OS?
Yes, there are many more: GNU/Linux, Windows, macOS, *BSD, etc.
This will prevent people who only own a computer and not a modern iOS/Android smartphone from accessing services and platforms.
This also sets a very strong anti-competition pressure. Which company will try now to invest on developing a new OS for smartphones if we already know users will not be able to access the most popular services & platforms with it?
Spanish speakers in Spain will just register services in Latinamerica sites with a VPN. Despite the dialect differences, non-jargon Spanish it's understood everywhere and once they got their user registered they can switch the country anytime.
Distros like Trisquel will just set their sites and mirrors outside the EU. And, well, if they provide a portable torrent client for Windows among the torrent the law would be utterly broken.
Switzerland absolutely complies to EU (and US) demands for a long time now.
There's also old versions of iOS and Android. We don't want to end up in a situation where people are locked into one of only two vendors and can be forced to keep buying the newest model to use an ID app that only supports the most recent software. That'd be even worse for the environment than the current disposable smartphone culture.
Everything to do with the age verification push is corrupt and stupid to begin with. There isn't even a legitimate cause behind all this for forcing ANY app, even if it didn't also force people to buy a specific, expensive, privacy-invading American product.
There is GrapheneOS, HarmonyOS by Huawei, LineageOS for older phones and many more Android ROMs.
Additionally, Linux phones exist and are already sold in the EU to consumers, not just a prototype.
There's really no justification around limiting the OS selection.
There is also Linux, Windows, MacOS and many more operatint system not limited to phones.
Like Windows, MacOS and Linux?
I remember a gov.uk team presentation. They had a usecase of someone using a PS Vita to access a government assistance program because that was the only device they had access to.
Among 450 million people in the EU there are definitely more OSes than just latest versions of iOS and Android.
The (actual) complaint of the thread appears to be resolved already (which would make sense given this is old news):
> In the README, the following is listed:
>> App and device verification based on Google Play Integrity API and Apple App Attestation
The README.md does not appear to feature such a section (nor any of the other files for that matter).
Separately, the title is editorializing, and falsely suggests there's some big bad EU app, even though the app that does exist is merely a reference implementation, not for end user usage. There's a reason the repository you're linking a discussion thread from only holds specs.
What will you do when Apple/Google or the US Government effective immediately delete/block your app? The impact initially may be small but after a few years if widely used, you can break a country.
(Reminder: we know Persona's verification software already shares verification data with the federal government. It's a leap to modifying other apps, but within the realm of possibility of US government power. There is absolutely desire from them to gather blackmail material on politically important people, and age verification systems connected to adult sites/apps are a great way to do it)
We have a definition at the beginning, for "Social media and other digital services (in short, social media+)":
“Within the scope of this report, the terms ‘social media+’ and ‘social media and other digital services’, are used to broadly define services that may be available to minors and contain age-inappropriate and/or risky features (for example, addictive and harmful features, among which infinite scroll, autoplay, recommendation algorithms and persistent notifications) and/or content. Social media and other digital services providers include online platforms serving as intermediaries of content from third parties, such as social media, as well as app stores. AI systems posing risks to minors’ safety and development, including AI companions, video games exposing children to harmful commercial practices or dangerous contacts, and video-sharing platforms enabling age-inappropriate access to minors are also included.”
So, let's see, services that may contain age-inappropriate and/or risky content, "online platforms serving as intermediaries of content from third parties".
How quickly can you come up with something that wouldn't fall in that definition?
It seems that anything that allows user-contributed content (such as plain old forums) or communication among users would be comprised in it.
And, yes, to be sure we explicitly include app stores (I guess including e.g. F-Droid, and what about software repositories?) and video games with intercommunication features.
What is this definition used for?
Recommendation 1 of chapter 3: “A harmonised EU-wide access restriction to *social media and other digital services*, including AI companions, for children under 13 is necessary.”
This is a report, not law, but it was commissioned by Ursula von der Leyen and “The report is intended to inform future actions to be proposed by the European Commission and EU Member States to reinforce child safety online.”
It's actually disingenuous to think there won't be. This is a repository for a mobile app only.
Such a strong new legal framework must consider consumer hardware actually in use:
- Android variations Like GrapheneOS, Huawei's HarmonyOS, older phones running custom ROMs - Linux phones, which are sold in the EU and by EU companies
- Desktop operating systems
All of them can run Web Apps, and thus need age verification