Why does proving my age online require handing my browsing history to a stranger?
Opportunity
Laws in the US, UK, and EU now require websites to verify visitor age, and every production deployment routes that check through a centralized age-verification provider. That provider sees which users visited which sites and accumulates a detailed browsing record tied to real identity. Zero-knowledge proof alternatives exist in research and the EU is embedding one in its EUDI wallet, but the wallet spec will not be finalized before December 2026, covers only EU residents, and no comparable infrastructure exists elsewhere. The practical choice today is between lying about your age and surrendering your browsing history to a company you did not choose.
Why it matters
Privacy-preserving age verification is the missing primitive for an internet that is rapidly becoming age-gated by law.
How I score the opportunity
The Opportunity Score is my own read, not a measurement: how much it hurts, how often it bites, and how little exists to solve it today. Higher means I think it is more worth building.
How much pain it causes when it shows up.
How often people actually run into it.
How little good tooling exists for it today.
More problems worth solving
Why is the software we depend on most the worst to use?
TechWhy do I still own none of the data I generate?
TechWhy can I not get a receipt proving my data was actually deleted?
TechWhy can I not know if what is running matches what my SBOM declared?
TechWhy does every C2PA provenance chain break the moment content hits social media?
TechWhy does critical open source software still depend on one exhausted maintainer?