Tag: digital id

US Bill Mandates On-Device Age Verification

A bill introduced by Representative Josh Gottheimer in the House on April 13 would require Apple, Google, and every other operating system vendor to verify the age of anyone setting up a new device in the United States.

The legislation, H.R. 8250, travels under the friendlier name of the Parents Decide Act, and it is among the most aggressive surveillance mandates ever proposed for American consumer technology.

We obtained a copy of the bill for you here.

The press releases describing it lead with children. The text describes something much larger. To confirm a child is under 18, the system has to identify everyone else, too, and the bill builds the infrastructure to do exactly that.

This is child safety as a delivery mechanism for mass identification. The pattern is familiar by now. A genuine harm gets named, a sympathetic victim gets centered, and the solution proposed reshapes the digital lives of three hundred million people who were not the problem.

The Parents Decide Act follows that template with unusual precision. It takes the real suffering of real children and uses it to justify building a national identity layer underneath every device sold in the country, administered by two private companies, with the details to be filled in later.

The mandate sits in Section 2(a)(1), which obligates providers to “Require any user of the operating system to provide the date of birth of the user” both to set up an account and to use the device at all. Adults included.

There is no carve-out for grown users, no opt-out for people who simply want to turn on a phone without handing a date of birth to Apple or Google first.

The age check is the entry fee for owning a computer. What happens to that data afterward gets handed off to the Federal Trade Commission to sort out later. A federal bill that mandates identification as a condition of using a general-purpose computing device represents something the United States has not previously had, which is a national ID requirement for turning on a device.

Keep reading

Turkey To Require National ID for Social Media Accounts

Every social media account in Turkey is about to be tied to a government-issued identity number. Justice Minister Akın Gürlek announced on April 3 that global platforms have agreed to the system and that a three-month transition begins once legislation passes parliament. Accounts that remain unverified get shut down.

“Social media will now be accessed with real information and personal identity. We have reached an agreement with social media platforms,” Gürlek said. He didn’t name which companies signed on.

The plan requires users to submit their TC Kimlik number, the unique 11-digit identifier assigned to every Turkish citizen from birth, linked to government databases containing names, birth dates, family records, and biometric data. Gürlek framed anonymous accounts as engines of disinformation and harassment. “If someone insults others or carries out a smear campaign online, they must face the consequences,” he said.

The official justification doesn’t survive contact with Turkey’s own record. Cybersecurity specialists have pointed out that IP addresses and internet access logs already let authorities trace anonymous users. The government doesn’t need your national ID on every post. It needs you to know it’s there.

Keep reading

Idaho Bans Mandatory Digital ID With New Privacy Law

Idaho just became one of the few states to draw a line against mandatory digital identification. Governor Brad Little signed Senate Bill 1299 on April 1, 2026, and the new law does something genuinely unusual in American state politics right now: it pushes back against digital ID rather than pushing it forward.

We obtained a copy of the bill for you here.

The bill creates Section 67-2364 of the Idaho Code, prohibiting government entities from requiring “any person to obtain, maintain, present, or use digital identification.”

Approximately three-quarters of US states are currently offering or developing electronic driver’s licenses. The national momentum is clearly toward digital ID systems, with states like Arkansas, Texas, Georgia, and Utah all advancing their own versions in 2025 alone. Idaho is swimming against that current.

The bill, introduced by Senator Tammy Nichols, goes further than a simple opt-out. It prohibits public entities from denying, delaying, conditioning, or reducing “any service, benefit, license, employment, education, or access based on a person’s refusal or inability to use digital identification.”

That second clause, “or inability,” protects people who can’t use digital ID, not just those who won’t. Anyone without a smartphone, without reliable internet, without the technical literacy to navigate a digital wallet, keeps full access to government services. Physical, non-digital identification remains “valid for all governmental purposes” under the law.

The bill also addresses what happens when someone voluntarily shows a digital ID during a government interaction. A government entity cannot “require a person to surrender, unlock, or relinquish control of a personal electronic device for identity verification.” Handing your phone to a police officer or a clerk at the DMV is not the same as handing them a laminated card.

A phone contains your messages, your photos, your browsing history, and your location data. Presenting a digital ID “shall not constitute consent to search or access any other contents of a device.”

That’s a Fourth Amendment protection written directly into a state statute.

Keep reading

Massachusetts House Passes Social Media Age Verification Digital ID Bill

Massachusetts just voted to force every social media user in the state to prove their age to a tech company. 

The bill passed the House 129-25 on Wednesday, banning children under 14 from social media entirely, requiring parental consent for 14- and 15-year-olds, and mandating that platforms build age verification systems to enforce all of it. If it becomes law, the policy takes effect on October 1.

We obtained a copy of the bill for you here.

House Speaker Ron Mariano and Ways and Means Chair Aaron Michlewitz framed the legislation as protection. “This ban would be among the most restrictive in the entire country, helping to protect young people from harmful content and addictive algorithms that have a proven negative impact on their mental health,” they said in a joint statement. 

They also described the broader goal: “The simple reality is that Massachusetts must do more to ensure that our laws keep pace with modern challenges – especially when it comes to protecting our children, and to setting students up for success in the classroom and beyond.”

The bill doesn’t say how companies should verify ages. It leaves that to Attorney General Andrea Campbell, who would have until September 1 to write the implementing regulations. 

That vagueness is deliberate, according to Michlewitz, who said it gives the AG flexibility in a changing industry. 

But the practical reality of age verification is that someone has to prove who they are. 

That means government IDs, facial scans, or behavioral tracking, and those requirements don’t just apply to kids. Every user on the platform has to go through the system, because you can’t filter minors without checking adults, too.

Keep reading

Meta To Comply With Florida Age Verification Digital ID Law

Meta agreed to comply with Florida’s age verification law, HB 3, and will begin purging accounts belonging to children under 14 starting in May. 

The company’s capitulation comes ahead of an April 8 deadline set by Florida Attorney General James Uthmeier, who threatened litigation against any platform still refusing to verify the ages and identities of its users. Uthmeier is now pressuring Snapchat, Roblox, Discord, and TikTok to do the same.

What Florida calls child protection is also the construction of a statewide identity verification system for the internet. Meta is one of the biggest companies lobbying for age verification checks on the app store level.

HB 3 bans under-14s from social media entirely and requires parental consent for 14- and 15-year-olds. But to block minors, platforms first need to determine who is and isn’t a minor. That means age-checking everyone, adults included. The surveillance burden falls on millions of people who have every legal right to use these services without proving who they are.

Keep reading

Zorin OS Says No to Mandatory Age Verification in Linux

Zorin OS has entered the broader Linux debate on age verification laws. Co-founder Artyom Zorin stated on the Zorin Forum that the distribution will not introduce mandatory age or ID checks. He emphasized that privacy and security are core values for the project and confirmed the team is monitoring new OS-level laws that may impact Linux distributions.

Zorin’s response clarifies that the project will not independently add mandatory age or identity verification. However, it notes that not all current proposals are equally invasive.

Regarding California’s law, Zorin OS states that the requirement resembles age attestation rather than strict identity verification. Users would self-declare their age or date of birth during account creation, and apps would only receive a general age bracket, such as under 13, 13 to 15, 16 to 17, or 18 or older.

Zorin also notes that, based on its interpretation of the law, users would not need to upload photo ID, submit face scans, or share raw birth-date data with apps or government entities.

However, the project does not endorse this approach. Zorin describes California’s model as less invasive but warns it could set a concerning precedent. The statement notes that some proposals in other jurisdictions are more intrusive and raise greater privacy concerns.

That is where Zorin draws its clearest line. The project states that laws requiring full age verification through personal documents or face scans would significantly invade user privacy. If such rules were enforced, Zorin might withdraw from affected jurisdictions rather than implement them.

Keep reading

Apple Expands Age Verification to Singapore & South Korea

Apple’s identity verification demands are spreading across Asia. Starting in late March, the company expanded age verification requirements in both Singapore and South Korea, adding these countries to a growing list alongside the UK, where users must prove they’re adults before Apple lets them fully use their own devices.

Singapore has been partially locked down since February 24, when Apple began blocking downloads of apps rated 18+ unless users confirmed they were adults.

That initial wave also hit Australia and Brazil. But the late March update goes further, bringing Singapore’s requirements closer to the UK model. Apple now requires Singaporean users to confirm they’re 18 or older to download or purchase 18+ apps, using a credit card, a driving license, a National Registration Identity Card, or a Foreign Identification Number card. Passports, debit cards, and gift cards aren’t accepted.

That list of acceptable documents tells you something about Apple’s priorities. Passports are internationally recognized government IDs, but they don’t work here. Debit cards, which millions of adults use as their primary payment method, are also excluded because minors can technically hold them.

Keep reading

New Company Hopes to Build Age-Verification Tech into Vape Cartridges 

Their goal is to use biometric data and blockchain to build age-verification measures directly into disposable vape cartridges.

Wired reports on a partnership between vape/cartridge manufacturer Ispire Technology and regulatory consulting company Chemular (which specializes in the nicotine market) — which they’ve named “Ike Tech”:[Using blockchain-based security, the e-cig cartridge] would use a camera to scan some form of ID and then also take a video of the user’s face. Once it verifies your identity and determines you’re old enough to vape, it translates that information into anonymized tokens. That info goes to an identity service like ID.me or Clear. If approved, it bounces back to the app, which then uses a Bluetooth signal to give the vape the OK to turn on.

“Everything is tokenized,” [says Ispire CEO Michael Wang]. “As a result of this process, we don’t communicate consumer personal private information.” He says the process takes about a minute and a half… After that onetime check, the Bluetooth connection on the phone will recognize when the vape cartridge is nearby and keep it unlocked. Move the vape too far away from the phone, and it shuts off again. Based on testing, the companies behind Ike Tech claim this process has a 100 percent success rate in age verification, more or less calling the tech infallible. “The FDA told us it’s the holy grail technology they were looking for,” Wang says. “That’s word-for-word what they said when we met with them….”

Wang says the goal is to implement additional features in the verification process, like geo-fencing, which would force the vape to shut off while near a school or on an airplane. In the future, the plan is to license this biometric verification tech to other e-cig companies. The tech may also grow to include fingerprint readers and expand to other product categories; Wang suggests guns, which have a long history of age-verification features not quite working.

Keep reading

Apple UK Age Verification Chaos: Users Face Failed Scans, Rejected Passports, and Forced Content Filters

Apple’s iOS 26.4 age verification system is failing UK users who don’t have a credit card or photocard driving license, leaving them with no way to prove they’re adults on devices they’ve owned for years.

The system arrived without warning, without explanation, and without any apparent consideration for the people who don’t fit Apple’s narrow assumptions about what a British adult looks like.

No Warning, No Communication

Apple sent no email. Included no mention of age verification in the iOS 26.4 release notes it shared publicly.

Unless you’d been following the developer beta track, where the feature appeared in February or reading Reclaim The Net’s earlier coverage, the first you knew about it was a prompt on your screen after restarting your phone.

That’s how 35 million UK iPhone users found out their devices now require identity documents to function normally. A “Confirm You Are 18+” label appeared at the top of Settings, and anyone who couldn’t or wouldn’t comply got silently downgraded. Apple’s Web Content Filter switched on, blocking websites across Safari and every third-party browser. Communication Safety is activated, scanning images and videos in Messages and FaceTime for nudity. Features that worked fine the day before now require government-approved proof of adulthood.

A company that controls what software runs on every iPhone it sells decided overnight that UK users needed to hand over identity documents to keep using the devices they already paid for. And it didn’t bother to tell them it was coming.

Keep reading

Digital IDs are insecure and can be hacked

On Wednesday, Norman Fenton, Professor Emeritus at Queen Mary University of London, published an article describing how he lost control of his Twitter (now X) account to a hacker on 18 March but has now regained limited control. 

“After sending a spam ‘vote for me’ direct message (with a malicious link) to all my mutual followers on 20 March, the attackers began posting spam publicly. Not sporadically, but continuously: the bot was posting roughly once per second, pausing only intermittently to repost content from accounts I follow. By the time I regained access, there were thousands of spam posts and reposts,” he said.  “For now, anyone visiting my timeline will see little but pages of spam.”

Prof. Fenton ended his article by saying, “Regaining access to my account ultimately required persistence, external pressure, and, quite likely, legal escalation. Many users facing similar attacks will not have those options.

“If X cannot reliably protect accounts, respond promptly to verified compromise reports, and restore control without unnecessary barriers, then users are left dangerously exposed.

“What’s clear right now is that when things go wrong, you will be largely on your own.”

Read more: I’ve regained control of my hacked X account, Norman Fenton, 25 March 2026

In response to Prof. Fenton’s experience, Dr. Scott McLachlanformerly a lecturer in Digital Technologies for Healthcare at King’s College London, posted a Substack note taking Prof. Fenton’s final remarks a logical step further.

Keep reading