A good starting assumption for this answer is that the only un-hackable database is no database at all. Data protection legislation (GDPR) already requires data minimisation – only using and retaining the data required for the purpose at hand. It is possible to...
Providing age verification does not require a record of the purpose for which an age check is carried out. In medicine, a “double-blind clinical trial” is one where neither the researchers nor the patient are aware of whether the latter has had a real drug...
A particularly sensitive topic is the use of biometrics, such as facial images or voiceprints, to estimate the age of a user. The first thing to say is that such methods never require the retention of this sensitive personal data. The software does not need to use...
Age verification checks can be completed using passports, driving licences, online banking, through credit reference agencies or with a digital ID app on your mobile phone account; innovative new technology can estimate your age from a selfie using artificial...
Many such critical business services, such as Mastercard and Visa, have previously indicated they would not choose to provide their services to websites in countries where a national regulator found them to be non-compliant with the law. There is a reputational risk...
