Online age-verification systems could expose users to major privacy and safety risks, Australian digital privacy groups warn
Digital privacy groups in Australia have advised the federal government to eliminate mandatory identification documents from online age verification systems.
The warning comes in the aftermath of the Optus and Medibank data breaches, and privacy agencies suggest that these requirements could create a gold mine for criminals of personally identifiable information (PII), as well as repositories containing users’ streaming or viewing habits of pornographic materials.
eSafety commissioner, Julie Inman Grant, who is building a standardized online safety protocol to prevent kids from accessing adult content, has delayed her report to stakeholders until March 2023.
Until now, development of the e-safety roadmap was meant to incorporate a range of age-verification options, including:
- the use of third parties for age validation
- requiring IDs or credit card checks
- working with ISPs and mobile service operators to check or determine users’ ages
Neither of these age verification options comes without risks to users’ privacy and online security, according to digital rights groups, who warn of severe consequences in case of a data breach.
“Following the Optus and Medibank breaches, millions of people are now acutely aware of the dangers of collecting and storing large amounts of our personal information,” said Samantha Floreani, Program Lead for Digital Rights Watch.
“Age verification is a terrible combination of being invasive and risky, while also being ineffective for its purported purpose,” Floreani added. “Methods that are less privacy-invasive are easily bypassed by tech-savvy kids, and those that may be more likely to work at restricting access to pornography create massive and disproportionate privacy and digital security risks.”
“If these systems are pursued further, there is the potential for a new honeypot of identities and porn-viewing habits.”
Tech giants such as Google have already implemented age-verification processes on some level. For example, the company can estimate a user’s age by analyzing the information in the account, including the search history. Google, however, advised that, if age verification protocols were to require seeing a valid ID, the company would delete the information immediately after confirmation.
Are you a data breach victim or worried your personal info could be exposed or compromised by cybercriminals? Let us help.
Bitdefender offers extensive security and privacy plans to help you stay safe online. Bitdefender Ultimate Security plans (for US only) protect up to 10 devices with state-of-the-art technologies that predict, prevent and remediate new and existing cyber threats alongside unlimited VPN traffic and a cross-platform Password Manager.
Subscribers to our ultimate mega-suite also benefit from identity theft protection with real-time fraud monitoring, data breach monitoring, credit report monitoring, fraud alerts, credit freeze and lost wallet assistance, and an insurance policy of up to $2 million, among many other features, to protect against identity theft crimes and fraud.
Non-US users who need help monitoring and protecting their digital identity can opt for our Bitdefender Digital Identity Protection service – a privacy-focused tool that hunts down exposed personal data online to help you stay on top of security and privacy threats with 24/7 data breach monitoring and advice to help you prevent any financial damages.
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022