April 25, 2026
Age check or ID checkmate?
EU Age Control: The trojan horse for digital IDs
Readers say the “privacy” pitch is a fig leaf while platforms pick ID scans
TLDR: The EU touts private age checks, but rules still let sites demand full ID scans—critics call it a digital ID Trojan horse. Commenters split between “government control is coming” and “just fix the demo,” with added chaos over a crashed site and an “ai;dr” punchline.
The EU’s new age-check plan was marketed as magic—prove you’re over 18 without giving away your identity—but the crowd isn’t buying it. The post claims the privacy promise is optional and big sites can just use old-school identity checks that scan your passport and face anyway. Add in Apple/Google phone lock-in, a reference app that quietly rewrote its README to sound more “demo” than “done,” and security cracks like relay attacks, and commenters smell a Trojan horse for a digital ID system dressed up as “for your privacy.” Oh, and there’s no single EU app—27 country apps to integrate with—so “good luck, platforms.”
Then the drama hit: the site got hammered (“slashdotted? HNd?”) and someone rushed in with an archive link. One joker dropped an “ai;dr” while cynics warned this is how you inch toward a Great Firewall-lite under the banner of child-safety and terrorism fears. A pragmatic camp countered: if it’s “just a toolbox,” make the demo bulletproof so countries copy the right thing. The vibe: privacy talk in public, passport scanners in practice, and a looming deadline no one believes will deliver smooth, continent-wide tech by 2026.
Key Points
- •The article identifies three issues: KYC fallback instead of a privacy-preserving wallet, platform attestation lock-in by Apple/Google, and protocol weaknesses (unlinkability depends on wallet behavior and relay attacks).
- •Project documentation changed in May and July 2025 to frame the app as a white-label toolbox for Member States, removing earlier non-production disclaimers.
- •Major platforms can choose between the EU wallet and standard KYC; the article argues KYC is more likely due to integration complexity across 27 national systems.
- •The official trusted list reportedly has no production apps, and the reference implementation is not fully mature, casting doubt on near-term interoperability.
- •The high-assurance flow relies on NFC passport verification (MRZ-derived keys, chip data, local face matching), but the article claims the shipped cryptography differs from marketing promises.