Proton boss, Andy Yen, has warned present age verification proposals will lead to “the dying of anonymity on-line.”
A wave of age verification legal guidelines has swept internationally, with noticeable laws handed within the UK, US, and EU.
Yen is the CEO of Proton, which counts the most effective VPNs – Proton VPN – amongst its merchandise. Writing in a weblog put up, he mentioned the kind of age verification laws we’re seeing is “far too broad in scope” and “we merely cannot afford to get this flawed.”
Cybersecurity dangers
(Picture credit score: andreswd / Getty Pictures)
The cybersecurity dangers of age verification are severe. Authorities IDs, bank card data, and selfies are just a few examples of the info wanted to be submitted as proof of age. Web sites and platforms use completely different age examine suppliers, so knowledge might need to be handed over greater than as soon as. Privateness specialists have referred to as it a “catastrophe ready to occur.”
As Yen states, extremely delicate private data is a major goal for hackers. He warned that “knowledge will get leaked” and referenced the October 2025 Discord hack. This was the primary “notable” hack referring to age verification checks, affecting customers who had accessed its third-party buyer help providers – authorities IDs have been a part of a protracted checklist of knowledge stolen.
Yen believes breaches will preserve occurring, and he described platforms missing experience as “straightforward prey.”
“Governments can’t be trusted”
(Picture credit score: Jacek Kadaj / Getty Pictures)
Governments are wilfully implementing age verification laws. The UK’s On-line Security Act got here into impact in July 2025, and in December 2025, Australia’s under-16 social media ban got here into impact.
The EU launched the Digital Providers Act in 2022 and has been engaged on an app to examine individuals’s ages. Regardless of claims the app meets the very best safety requirements, and is open-source, the app’s protections have been reportedly bypassed in beneath two minutes. The EU Fee has since mentioned the app has been fastened, however this highlights the delicate safety of age verification programs.
Yen highlighted the rising requires age verification to be accomplished on gadget, by the likes of Apple, Google, and Microsoft – Apple has lately rolled this out within the UK.
Nonetheless, Yen warned that these corporations “have constructed their empires on gathering knowledge” and engaged in anti-competitive practices. Large tech has paid billions in fines and Yen did not assume they need to be given much more energy. He requested if anybody significantly believed they would not abuse it.
ID for everybody is terrifying
(Picture credit score: SOPA Pictures / Getty Pictures)
Yen argued that age verification will lead to ID being required “for each single particular person logging on,” regardless of their age or cause. He mentioned this “ought to terrify us all.”
Large Tech usually colludes with governments and Yen questioned how far this is able to go. He requested how lengthy it’s going to take earlier than each nation joins the UK in asking Apple to tie accounts to IDs. Yen mentioned, as soon as these IDs are collected, “it’s a brief leap to blocking entry based mostly on nationality or different elements.”
He questioned how lengthy earlier than governments ask for the names of everybody who’d downloaded a sure app, and the way lengthy earlier than sure people are blocked from the web completely. “Is that this actually a street we’re ready to go down?” he requested.
Yen argued that stripping away anonymity will scale back the variety of whistleblowers, individuals in want will not ask for assist, and “democracy itself suffers.”
Options are there
(Picture credit score: Daniel de la Hoz / Getty Pictures)
Yen was clear in saying “mother and father’ issues are legitimate and honest.” He added that youngsters should not have “unfettered entry” to the web. However he put ahead options to current age verification laws, saying tech corporations should not “turn into gatekeepers” of grownup web entry.
Many privateness and cybersecurity specialists, together with Yen, have pushed for improved parental controls. Yen mentioned the controls “ought to be apparent and simple to make use of, not an afterthought scattered throughout hidden menus.”
Yen referred to as on tech corporations to enhance in-app and device-level parental controls, in addition to arguing the scope of age verification have to be restricted to social media and websites internet hosting specific grownup content material – the place he mentioned “the potential for hurt is biggest.”
In addition to limiting scope, Yen mentioned, in the event that they exist, checks “have to be finished proper.” He mentioned:
- Checks ought to be performed client-side, on a consumer’s gadget
- Facial scans ought to be used and immediately discarded – not ID submission
- Age willpower have to be totally anonymized, end-to-end encrypted, and free from identifiable data
- Code for age checks have to be open-source
“The one solution to assure that age-verification knowledge won’t be stolen, shared, or abused is to not acquire it in any respect”
Andy Yen, CEO of Proton
Yen mentioned that is “non-negotiable” and “the one manner” we are able to assure knowledge will not be stolen. He mentioned one of the best, and most secure method, just isn’t gathering knowledge in any respect.
“We actually can not entrust it to the identical giants which have a confirmed monitor document of exploiting our non-public data,” he mentioned. Yen then said “faceless new corporations” and governments can’t be trusted both.
The “root trigger” of on-line hurt, Yen mentioned, was promoting. Consideration-based enterprise fashions give corporations “an incentive to spy” and preserve everybody hooked on their merchandise – together with youngsters.
“Age verification shouldn’t distract us from the true hazard to youngsters and adults alike,” Yen warned. However he mentioned age verification risked “locking in and reinforcing all of the worst elements of the web,” main us to a “hellish place.”
We take a look at and evaluate VPN providers within the context of authorized leisure makes use of. For instance: 1. Accessing a service from one other nation (topic to the phrases and situations of that service). 2. Defending your on-line safety and strengthening your on-line privateness when overseas. We don’t help or condone the unlawful or malicious use of VPN providers. Consuming pirated content material that’s paid-for is neither endorsed nor authorized by Future Publishing.
