As someone who comes from IT, what are you talking about?

You rightfully assert that facial recognition and government ID are privacy invasive, but then you offer DNA verification as a less invasive tool? That’s much more privacy invasive.

Also, it’s impossible to determine someone’s age from some DNA with the required accuracy. The law requires that 18+ content is available to someone who just turned 18 today and not available to someone who’s 18th birthday is tomorrow. That’s impossible to do from DNA, same as it’s impossible to do from just facial recognition alone.

Carbon dating only works for dead materials since e.g. your skin or your skin is only ever roughly a month old and even blood cells only live for ~120 days. Also, again, carbon dating is not nearly accurate enough for the day-accuracy required.

The only day-accurate process that exists is verifying your identity against government ID. And here it hardly matters which kind of ID is used for that (facial ID/DNA/Fingerprint/…) since the issue at hand is the ID itself. Facial ID is by far the least privacy sensitive version of biometric DNA.

This process isn’t great, no question about that, but the alternatives are worse if hard age verification is the goal.

That’s why the whole goal is being called into question, since there’s no non-privacy-invasive option to do real age verification.

Germany has a government ID that can provide a yes/no answer without revealing anything else about owner

I don’t think these systems should be implemented, the internet should be a free place and that’s it. Before anyone says “what about the kids oh my god” - this has nothing to do with kids, but the politicians like to use the kids as an excuse to do anything because if you add “kids” and “pornography” or even better “online abuse” and “kidnap” into the same phrase then they can shame you and shut down any argument against whatever they want to implement.

This age verification BS is just a first step into full identity verification online and also the govt knowing exactly you’re doing online, when and where. They also want to be able to instantly remove your ability to login into anything (or everything) they would like.

People say that the US is turning into surveillance / china-like state but in reality the EU is way, way closer than that. Just look at what was done with the EU Digital COVID Certificate (EUDCC) recently:

The EUDCC was a digitally-signed document. It was usually supplied in the form of a QR code, either contained in a PDF file, or as a printout. There are various mobile apps available to store and display the EUDCC (such as the Corona-Warn-App); alternatively, the EUDCC can be presented on paper.

Technically, the QR code contains a JSON document with the information payload. This JSON document is serialized using Concise Binary Object Representation (CBOR), and digitally signed according to CBOR Object Signing and Encryption (COSE). The resulting data is compressed with zlib and encoded into the final QR code

And yes, there were countries blocking you from going into a store to buy basic stuff without showing a valid COVID certificate. No vax or no proof of recovery = starve out. Add the inability to move between cities to that and you’re very, very close to the “democratic” China.

More here: https://github.com/ehn-dcc-development/eu-dcc-hcert-spec