Tag: digital id

US Plan To Copy UK’s Disastrous Online Digital ID Verification Is Winning Friends in the Senate

The Kids Online Safety Act (KOSA) is moving forward in the US Senate with 16 new co-sponsors as of July 31, 2025, reviving a proposal that copies the same type of provision found in the UK’s controversial Online Safety Act, which has caused much backlash across the Atlantic.

In Britain, that measure forces online platforms to implement digital ID age checks before granting access to content deemed “harmful,” a policy that has caused intense resentment over privacy violations, the erosion of anonymity, and government overreach in the realm of free speech.

Now, US lawmakers are considering a similar framework, with more senators from both parties throwing their support behind the bill in recent weeks.

Marketed as a way to shield children from harmful online material, KOSA has gained prominent backing from Apple, which has publicly praised it as a step toward improving online safety. Yet beyond the reassuring branding, the legislation contains provisions that raise serious concerns for free expression and user privacy.

If enacted, the bill would give the Federal Trade Commission authority to investigate and sue platforms over content labeled as “harmful” to minors. This would push websites toward aggressive content moderation to avoid liability, creating an environment where speech is heavily filtered without the government ever issuing direct censorship orders.

The legislation also instructs the Secretary of Commerce, FTC, and FCC to explore “systems to verify age at the device or operating system level.” Such a mandate paves the way for nationwide digital identification, where every user’s online activity could be tied to a verifiable real-world identity.

Once anonymity is removed, the scope for surveillance and profiling expands dramatically, with personal data stored and potentially exploited by both corporations and government agencies.

Advocates of a free and open internet warn that laws like KOSA exploit the emotional appeal of child safety to introduce infrastructure that enables ongoing monitoring and identity tracking. Even with recent changes, such as removing state attorneys general from enforcement, these core concerns remain.

Senator Marsha Blackburn defended the bill, stating, “Big Tech platforms have shown time and time again they will always prioritize their bottom line over the safety of our children.” Yet KOSA’s structure could end up reinforcing the dominance of large tech firms, which are best positioned to implement costly verification systems and handle the resulting data.

The bill’s earlier version stalled in the House after leadership, including Speaker Mike Johnson, questioned its impact on free speech. Johnson remarked that he “love[s] the principle, but the details of that are very problematic,” a sentiment still shared by many who view KOSA as a gateway to lasting restrictions on online freedoms.

If this legislation moves forward, it will not simply affect what minors can view; it will alter the fundamental architecture of the internet, embedding identity verification and top-down content control into its design.

Keep reading

UK Government Warns Against VPNs, Caught Using Them Themselves

The UK’s technology secretary urged citizens to think twice before using virtual private networks (VPNs) to bypass the country’s new oppressive online digital ID checks, framing it as a matter of child safety. His comments have landed awkwardly, given that many MPs, including senior ministers, rely on taxpayer-funded VPN subscriptions themselves.

Speaking on BBC Breakfast, Peter Kyle warned: “For everybody out there who’s thinking about using VPNs, let me say this to you directly: verifying your age keeps a child safe. Keeps children safe in our country, so let’s just not try to find a way around.”

Politico reported that official spending records show parliamentarians across party lines have been billing the public for commercial VPN services.

Business Secretary Jonathan Reynolds charged taxpayers for a two-year NordVPN subscription in April 2024.

Labour MP Sarah Champion, who in 2022 pressed the government to investigate whether teenage VPN use could undermine online safety rules, also has a subscription on record.

The government says it has no intention of outlawing VPNs but admits it is monitoring how young people use them. This comes after a sharp increase in downloads following the rollout of mandatory digital ID checks under the new censorship law, the Online Safety Act.

For security experts, VPNs are not a subversive tool but a vital one.

The real danger lies in the age verification industry itself.

Keep reading

The Payment Giant That Wants to Be Your Digital ID

As European authorities accelerate efforts to introduce centralized digital identity frameworks, Mastercard is working aggressively to insert itself into the core of this transformation.

The payments giant presents its involvement in the EU’s digital ID agenda as a natural extension of its expertise in secure transactions. Under the branding of “convenience” and “trust” is a much deeper issue: a private corporation with a history of controlling access to commerce is helping to shape how individuals will prove their identity across both public and private life.

Michele Centemero, Mastercard’s Executive Vice President for Services in Europe, has publicly endorsed the European Commission’s ambition to roll out the European Digital Identity (EUDI) Wallet to as many as 80 percent of EU citizens by 2030. “By 2030, the European Commission expects up to 80% of EU citizens could use it for everyday tasks like renting a car, signing a lease or verifying age online,” he said. “At Mastercard, we are working to support this evolution.”

According to Centemero, identity verification should feel as seamless as tapping a card. That framing serves Mastercard well, since it also helps justify why a payment processor should be involved in identity infrastructure at all.

The company’s involvement isn’t superficial. Mastercard holds a central role in two major EU-funded pilot programs: the NOBID project and the WE BUILD Consortium.

Both are focused on testing real-world scenarios where identity verification is built directly into the act of making a payment.

Mastercard’s goal is to link verified attributes such as age, student status, or residency to its transaction systems. The result is a system where every purchase can also double as a form of ID verification.

While Mastercard calls this innovation, it also has been accused of tightening its grip on how people access services. The company has already been accused of a willingness to restrict purchases or services based on opaque internal policies. Giving it a hand in identity verification extends that influence into areas that go well beyond finance.

If your access to goods or services depends not just on having the money to pay, but also on Mastercard’s approval of your identity data, the line between public service and corporate control becomes dangerously hard to find.

Online identity verification is already a source of friction for many users. Mastercard points to the fact that over 40 percent of online fraud in Europe involves identity theft and claims that its participation in digital ID development will reduce both risk and inconvenience. But the promise of greater efficiency often masks the loss of autonomy that comes with centralized, corporate-managed identity systems.

The company is also leveraging its role in shaping international standards. Mastercard is a participant in organizations like the FIDO Alliance and EMVCo and is a founding member of the OpenWallet Foundation.

These bodies influence how identity attributes are secured, shared, and verified globally. Mastercard is not only helping define the technical framework; it is working to ensure that its own infrastructure is embedded within it.

Keep reading

DIGITAL ID: The Shocking Plan to Kill Free Speech Forever

The U.S. is on the verge of launching a dystopian online surveillance machine—and disturbingly, Republicans are helping make it law.

The SCREEN Act and KOSA claim to protect kids, but they’re Trojan horses. If passed, every American adult would be forced to verify their ID to access the internet—just like in Australia, where “age checks” morphed into speech policing. In the UK, digital ID is already required for jobs, housing, and healthcare.

This is how they silence dissent: by tying your identity to everything you read, say, or buy online.

The trap is nearly shut. Once it locks in, online freedom vanishes forever.

Will Americans wake up before it’s too late? Watch Maria Zeee expose the full blueprint—and how little time we have left.

Keep reading

Spotify Threatens to Delete Accounts That Fail Digital ID Checks

Spotify has begun warning users that their accounts could be permanently removed unless they complete a new age verification process, part of a broader shift toward stricter content access and censorship controls on digital platforms.

The company has introduced a system that uses facial recognition technology to estimate a user’s age, with further ID verification required if the software detects someone who appears to be underage.

A notification recently began appearing within the app, instructing listeners to verify their age through Yoti, a third-party application that scans faces via smartphone cameras to assess whether a user meets the required age for access.

If the system concludes that a person might be too young, Spotify will ask for additional documentation and show ID. Anyone who does not complete the verification within 90 days will lose access to their account entirely.

According to Spotify’s updated policy page, “You cannot use Spotify if you don’t meet the minimum age requirements for the market you’re in,” adding that users who cannot confirm their age “will be deactivated and eventually deleted.”

The platform, which allows users as young as 13 to join, said it will begin prompting certain individuals to verify their age when they attempt to view content labeled as suitable only for adults.

“Some users will now have to confirm their age by going through an age assurance process,” Spotify stated. This may occur, for example, when someone tries to watch a music video rated 18+ by the rights-holder.

Spotify’s decision arrives amid a wave of newly mandated age-check measures driven by the UK’s new censorship law, the Online Safety Act, which came into force recently.

Under the law, platforms must restrict access to content not suitable for minors, including pornography and violent material, and enforce age thresholds set out in their own user policies. Companies that fail to comply face fines of up to 10 percent of global turnover.

Keep reading

Why the UK’s age verification system (probably) won’t work

On Friday, the “Age Verification” clause of the UK’s Online Safety Act officially came into force. The result was a sudden surge in discussion, and a lot of people realising – finally – what the law really means.

People have been googling “VPN” a lot. That’s a good thing; we’ll get to why later.

Unfortunately, much of this is stable doors and bolted horses. We’ve been warning about the OSA since it was first mooted (by the Conservatives, just to remind you that “sides” are an illusion), and we’re rather past the point where awareness would have mattered.

The new law essentially forces companies to put any even potentially “adult content” behind an ID wall – meaning a user must prove their age before they access it. The ways of doing that vary; you can use a credit card or let an AI-powered system scan your face via webcam to guess your age.

Don’t worry, it won’t store the data, and it’s only guessing your age, not scanning your face and uploading it to some data storage centre. They promised they wouldn’t do that.

The really vital part here is what exactly “adult content” means. It evokes – and is indeed intended to evoke – pornography. The act was sold as a tool to prevent children from accessing the near-infinite amounts of porn scattered across the web, but pornography is the least of it.

“Adult content” can also mean violence, suicide, animal cruelty, war, drugs…or any news coverage and/or discussion of the same. It could also mean “conspiracy theories”, especially those which could “expose children to harm”, like anti-vaccine sentiment, or cause “radicalization”.

In fact, it can potentially mean anything it is required to mean, which is exactly the kind of thing they LOVE to put in new laws.

But I don’t want to rehash these points here. You can read our previous coverage of it HERE HERE HERE and HERE.

Today I want to talk about how the OSA is going to spread, and why it might not matter if it does.

Over the weekend, it was widely noted on Twitter/X that Elon Musk’s platform was putting EU-based users behind the age restriction, not just British ones. People made jokes that the US-based platform couldn’t differentiate between the UK and Europe.

Far more likely, they are preparing for when the EU launches its own age verification scheme in the near future.

Keep reading

Supreme Court Urged to Halt Mississippi’s Online Digital ID Law Over Free Speech and Privacy Concerns

NetChoice has filed an emergency application with the US Supreme Court to halt the enforcement of Mississippi’s online age verification digital ID law, House Bill 1126, after the Fifth Circuit stayed a preliminary injunction without explanation. The group is urging the Court to reinstate the district court’s ruling and protect First Amendment rights, which it argues are under immediate threat.

The Mississippi law compels every person, regardless of age, to verify their identity before creating accounts on social media platforms, and requires minors to obtain explicit parental consent.

NetChoice argues that this framework “unconstitutionally imposes content-based parental-consent, age-verification, and monitoring-and-censorship requirements for vague categories of speech on social media websites.”

The emergency filing warns of far-reaching consequences, asserting that “the Act will prevent access to that expression for some users entirely—including those unwilling or unable to verify their age and minors who cannot secure parental consent.”

We obtained a copy of the filing for you here.

Adults would also be subject to this regime, required to share private information in order to access constitutionally protected online spaces.

According to the brief, “the Act would require adults and minors to provide personally identifying information to access all manner of fully protected speech.”

NetChoice compares this level of state control to a dystopian system where “stationing government-mandated clerks at every bookstore and theater to check identification before citizens can access books, movies, or even join conversations” would be the norm.

The brief continues, “This Act thus presents far different issues from pornography laws… it ‘directly targets’ a staggering amount of fully protected speech.”

Keep reading

Tea App Leak Shows Why UK’s Digital ID Age Verification Laws are Dangerous

The UK’s Online “Safety” Act, legislation marketed as a safety net for children, was rolled out with all the foresight of a toddler launching a space program. Now, any site hosting “potentially harmful” content could be required to collect real-world ID, face scans, or official documents from users.

What could go wrong? Ask Tea, the women-centric dating gossip app that went viral by promising empowerment, then faceplanted into one of the most dangerous data breaches of the year. Their Firebase server, housing tens of thousands of selfies and government-issued IDs, was left wide open to anyone with a link.

This is the real-world consequence of lawmakers selling digital ID mandates as a solution to online harm: private companies getting access to sensitive personal data with all the discretion of a parade float, and then dropping it into the laps of the entire internet.

Let’s pause for a moment and appreciate the cosmic genius it takes to build an app allegedly designed to protect women, and then expose all of their private data to the world with the finesse of a first-time hacker copying a URL.

Tea, the dating app that rocketed to the top of the App Store by selling anonymity, safety, and empowerment, before face-planting into the Firebase server floor, spraying driver’s licenses and selfies like a busted confetti cannon.

Keep reading

UK Data Use and Access Act – Digital Wallets Coming

The Data (Use and Access) Act, also known as the DUA Bill, has provided the UK government with the ability to roll out a series of programs that will eventually force citizens to participate in a digital ID program. The law was enacted with the premise of reinforcing security and providing convenience for businesses and individuals, with the true goal of surrendering all data and control to government authorities.

The UK government has eased the public into the concept by launching digital verification services. Phase one enabled citizens to voluntarily create a digital identity to streamline the right to work and the right to rent procedures and provide access to age-restricted products. Phase two will create a foundation for Digital Verification Services (DVS) and government oversight of digital identities. Approved services will receive a trust mark to note that they have been verified by the government. The program is currently in a pilot phase but the government plans to move full speed ahead by the end of the year.

“This independent certification process has given lots of organisations across the UK economy the confidence to start accepting digital identity. In some parts of the economy though government or businesses need extra assurance, beyond the requirements in the trust framework, before a digital identity can be used,” the government noted, later adding, “We estimate that hundreds of thousands of right to work, right to rent and disclosure and barring checks each month are now taking place using digital identity services providers; but that’s just the small step towards a much bigger transformation we want to enable through our work.”

In two years, after people are accustomed to creating and using their digital identity, the government plans to launch a digital wallet (GOV.UK Wallet) that will store citizens’ official government-issued documents. The Home Affairs Committee launched an inquiry into the risks associated with this digital ID, with industries and watchdog services raising a red flag over concerns regarding government overreach and surveillance. Critics are also concerned about the true security measures a centralized database could offer as data breaches and unauthorized access are possible. The initial attempt to create GOV.UK failed and cost the government £200 million and there is no currently publicly disclosed total cost of the plans to create a new version.

Keep reading

Digital ID: Bluesky to Launch Age Checks in UK

Bluesky is preparing to introduce age checks for users in the UK, following obligations under the country’s controversial censorship law, the Online Safety Act.

The platform revealed that individuals will have several options to verify their age, such as facial scanning, ID upload, or payment card entry.

The system will operate through Kid Web Services (KWS), a tool developed by Epic Games to help online platforms manage age verification and implement parental controls.

Users who opt out of verification, or who are under 18, won’t be excluded entirely but will encounter stricter limitations. Access to adult-oriented material will be restricted, and features like direct messaging will be disabled.

Passed in 2023, the Online Safety Act has triggered alarm among digital rights advocates, who argue that the legislation could severely curtail free speech and privacy by linking everyone’s online comments to their real-world ID.

Keep reading