A good starting assumption for this answer is that the only un-hackable database is no database at all. Data protection legislation (GDPR) already requires data minimisation – only using and retaining the data required for the purpose at hand. It is possible to...
Providing age verification does not require a record of the purpose for which an age check is carried out. In medicine, a “double-blind clinical trial” is one where neither the researchers nor the patient are aware of whether the latter has had a real drug...
A particularly sensitive topic is the use of biometrics, such as facial images or voiceprints, to estimate the age of a user. The first thing to say is that such methods never require the retention of this sensitive personal data. The software does not need to use...
More and more of us are becoming aware of the risks of ‘phishing’ – fake emails or websites that seek to extract personal data, particularly passwords and other secrets we use to secure our online activities. This is, sadly, not a problem unique to...
There is a critically important difference between facial age estimation and facial recognition. For facial age estimation, there is no need – or indeed any legal basis – to retain a copy of the image that is analysed to estimate your age – indeed...
