HN Debrief

The 'papers, please' era of the internet will decimate your privacy

  • Privacy
  • Regulation
  • Security
  • Identity
  • Social Media

The article warns that laws pitched as age verification for porn or social media are building the machinery for routine identification across the web. In practice that means more sites asking for passports, driver’s licenses, or third-party identity checks, with the predictable side effects of data retention, breach risk, chilled speech, and easier government demands for user records. People reading it largely took the core claim as obvious. The important question was not whether privacy-preserving cryptography exists on paper, but whether any government pushing these rules would choose it over systems that are simpler to explain, cheaper to deploy, and more useful for surveillance and enforcement. That is where the comments landed hard. Even technically literate readers who know anonymous credentials and zero-knowledge proofs said the politics point the other way. If the goal is actually to stop minors, a fully anonymous token is too easy to resell, proxy, or share. Once you add anti-sharing, revocation, hardware binding, location checks, or some persistent identifier, you are back to a traceable system with familiar tracking and exclusion problems. Several people argued this is why parental controls and device-level restrictions are the only privacy-preserving answer that maps to the stated child-safety goal, because they put enforcement on the parent-child relationship instead of on universal ID checks for adults. Others pushed a darker read: lawmakers are not confused about the tradeoff, they prefer systems that deanonymize users because those systems also help with law enforcement, subpoenas, and speech control. A smaller camp accepted that the internet is causing real harm and wanted some form of public digital identity infrastructure, but even there the burden was on proving the state can be trusted with a database and that the mandate would stay narrow, which few found believable.

Treat age-verification mandates as infrastructure policy, not a narrow content rule. If your product might fall under these laws, plan now for whether you will build around device-side controls, fight scope creep, or get dragged into identity collection you do not want to own.

Discussion mood

Strongly negative. Most comments treated age verification as a stalking horse for deanonymization and speech control, and even comments sympathetic to protecting kids were skeptical that governments would choose privacy-preserving designs or stop the system from expanding.

Key insights

  1. 01

    Anonymous tokens break on resale

    Anonymous age credentials fail at the exact point lawmakers care about. If adults can mint or share proofs without consequences, kids can buy access from token brokers the same way they buy anything else online. That pushes any real enforcement scheme toward traceability, because someone must be punishable when a credential is misused. Once that requirement shows up, the clean privacy story is gone.

    Do not assume a neat cryptographic design will survive contact with policy goals. If you are evaluating compliance options, ask first how the system handles sharing and resale, because that is where privacy-preserving proposals usually turn into identity systems.

      Attribution:
    • andrewla #1
    • Aurornis #1 #2
  2. 02

    Incentives favor the dumbest central ID

    The likely implementation is not the elegant one. It is the cheap, legible version that voters understand and agencies can subpoena. Several commenters argued that law enforcement utility, political signaling, and deployment speed all point toward entering a government ID number, uploading a document, or using a state-backed digital ID. That is not a technical accident. It is what the incentive structure selects for.

    Forecast regulation from institutional incentives, not from what cryptography makes possible. For product planning, expect regulators to prefer auditable identity rails over subtle privacy tech unless privacy is explicitly mandated and independently enforced.

      Attribution:
    • nemomarx #1 #2
    • forinti #1
  3. 03

    Parental controls fit the stated problem better

    If the public claim is protecting minors, local parental controls are the cleaner fit. They target the household that decides what a child can access, instead of forcing every adult to prove identity to every site. Commenters saw this as one of the few counterproposals ordinary voters could understand, because it mirrors how parents already manage alcohol, devices, and other restricted goods at home.

    If you need a politically viable alternative to mandatory ID checks, argue for stronger default parental controls and easier device-side tooling. That gives policymakers something concrete to support without normalizing universal identity collection.

      Attribution:
    • johnc1 #1 #2
    • causality0 #1
    • kaashif #1
  4. 04

    Trust and implementation are the real choke points

    Even a sound protocol does not solve the governance problem. Users still have to trust an issuer, verifier, device maker, and database operator they cannot inspect in practice. Several comments cut past the crypto and focused on the obvious operational risk. The system that maps people to keys, revokes credentials, or handles recovery becomes a target for leaks, abuse, and mission creep, especially in governments that already fail at basic record security.

    Push security reviews beyond protocol diagrams. When someone proposes privacy-preserving age checks, ask who holds the binding between person and credential, who can revoke it, what gets logged, and what happens after the inevitable breach.

      Attribution:
    • JohnFen #1
    • _heimdall #1
    • Geezus_42 #1
  5. 05

    Privacy-preserving proofs still need a policy compromise

    Zero-knowledge and related schemes are not magic. Commenters who knew the tooling argued they can reduce exposure, but only by choosing where to leak a little. Nullifiers, revocation hooks, hardware-bound credentials, or remote attestation can preserve more privacy than direct ID submission, yet each introduces a handle for tracking, exclusion, or central control. The hard part is not proving age. It is deciding which abuse channel you are willing to leave open.

    Use a gradient, not a binary, when evaluating identity claims. A system can be better than raw document upload and still be unacceptable for your use case if its anti-abuse controls create persistent identifiers or device lock-in.

      Attribution:
    • rockskon #1
    • teravor #1 #2
  6. 06

    Scope creep goes well beyond porn sites

    Once an age-check rail exists, it will be reused for other gates. Commenters immediately jumped from porn and social media to citizenship checks, frontier AI access, ISP signup, housing, and work. That is the structural risk. A proof mechanism built for one narrow category becomes a generic eligibility layer for whatever the next panic or bureaucracy wants to filter.

    Watch for adjacent requirements the moment any identity rail is introduced. In your own products and lobbying, resist optional fields and generic eligibility checks that make later expansion cheap.

      Attribution:
    • AJRF #1
    • pornel #1
    • dylan604 #1
  7. 07

    Libraries show data minimization can be operational

    One detailed example from a public library made the privacy point concrete. The library kept short video retention, let patrons disable borrowing history, and even salted and hashed Wi‑Fi device identifiers daily to meet grant reporting requirements without tracking people across days. That is a useful reminder that privacy is often a product and operations choice, not just a legal slogan.

    If you collect usage data because a contract or metric requires it, design for deliberate forgetting. Short retention, opt-out history, and aggregate reporting are practical patterns you can adopt now without waiting for new regulation.

      Attribution:
    • EvanAnderson #1

Against the grain

  1. 01

    Some want public identity infrastructure anyway

    A minority view held that the internet is causing enough social harm that society should build identity infrastructure openly and govern it democratically. The argument was not that current proposals are good. It was that leaving identity to private platforms is worse, and that legislated standards, audits, and open source requirements could make a state-run system more accountable than the status quo. That cuts against the dominant assumption that any expansion of public identity rails is automatically illegitimate.

    If you reject these laws, be ready to answer the governance argument, not just the surveillance argument. Some audiences will accept more state infrastructure if it looks more accountable than platform power.

      Attribution:
    • madrox #1 #2
  2. 02

    Anonymity can also degrade discourse

    Not everyone accepted anonymous speech as an unqualified good online. One line of argument said mass anonymous posting makes manipulation cheaper, lets foreign actors flood public debate, and leaves ordinary readers with no way to judge credibility. Even though others replied with First Amendment doctrine and the history of anonymous political writing, this objection matters because it speaks to why ID mandates get public support in the first place.

    Privacy advocates need a stronger answer to authenticity and manipulation than 'keep anonymity.' If you want to preserve anonymous participation, pair that case with credible alternatives for moderation, reputation, and anti-bot defense.

      Attribution:
    • pclowes #1
    • lovich #1
  3. 03

    Killing social media may be acceptable collateral

    A smaller but real faction was willing to tolerate privacy loss if it materially damaged social media. The premise was blunt: adults and children alike are being harmed by algorithmic feeds, AI slop, and addictive design, so reducing access might be worth the cost. That view rejects the article’s implicit assumption that keeping today’s internet intact is itself a policy goal.

    Do not assume everyone shares 'preserve anonymous access' as the top priority. If your business depends on open social distribution, prepare for regulation backed by people who actively want the channel weakened.

      Attribution:
    • kulahan #1
    • Gigachad #1
    • TurdF3rguson #1

In plain english

anonymous credentials
Cryptographic credentials that let someone prove a fact about themselves, like being over 18, without revealing their full identity.
First Amendment
The part of the United States Constitution that protects freedoms including speech, press, religion, assembly, and petition.
ISP
Internet Service Provider, the company that gives a home or business internet access.
nullifiers
Identifiers used in some privacy systems to detect repeat or abusive use without fully exposing a person’s identity.
open source
Software whose source code is publicly available for inspection, use, and modification.
remote attestation
A method where hardware or software proves to a service that it is running in an approved state on an approved device.
zero-knowledge proofs
A cryptographic method for proving something is true without revealing the underlying secret data.

Reference links

Privacy-preserving identity and cryptography

Law and constitutional references

Surveillance and privacy history

  • Room 641A
    Used as an example of longstanding mass surveillance predating current age-verification proposals.

Culture and commentary