The age verification industry is projected to hit $1.6-2.5 billion by 2027. Companies like Yoti (which acquired MindGeek's AgeID), ID.me, Veratad, and LexisNexis Risk Solutions charge per verification. They lobby for strict verification laws. They advise on the regulations that would mandate their own services.
Glenn Meder drew a line this week: "Online age verification is the hill to die on." Privacy advocates agree, but for different reasons than you'd expect. What politicians frame as child protection looks like a system that eliminates online anonymity and normalizes surveillance.
The RTA (Restricted to Adults) header solves this. Websites flag adult content without collecting personal data. Parents configure devices to block flagged content. Responsibility stays with device owners, not central authorities. Many sites already use it voluntarily.
Simplicity doesn't generate revenue.
Reddit's UK webcam verification shows there's middle ground. But every verification method creates data someone wants to keep similar to how Webloc sells location data to authorities without warrants. Mandating age verification won't stop determined teenagers. It will encourage identity fraud while building databases of browsing habits tied to real people harvesting data to law enforcement. The RTA header works because it trusts parents instead of replacing them.