Earlier this month, Australia implemented a world-first ban on social media for users under 16, and platforms that do not comply will risk fines of up to $49.5m per serious violation. While this is the first complete ban of social media, many other countries and states have enacted social media age limits. Countries rarely impose flat-out bans, and more often try to target age verification and parental consent.

We expect these regulations and guardrails to keep expanding and to evolve through many iterations over the coming years. This week, we look at what this trend means for the future of the internet as well as how it will impact other industries, covering the evolution of age gates, reasons for these changes, and discussions around how this impacts personal sovereignty. 

The Evolution of the Digital Gate

The history of age gating has moved from voluntary honor systems to mandatory identity checks. In the early web era, the 1998 Children’s Online Privacy Protection Act (COPPA) established the "13-year-old rule," which treated children under 13 as a specially protected group, but compliance relied on self-regulation.

Today, we have entered the "biometric and cryptographic" era. Australia’s 2025 ban marks the beginning of the end of the failed experiment with user honesty (i.e. self-reporting how old you are). This shift has ignited an "Age-Tech" boom, moving toward third-party solutions where age is no longer something you "tell" a website, but something your device "proves" via encrypted tokens. This advancement finally resolves an almost thirty-year struggle to balance child safety with privacy and anonymity.

Regulatory Pressures

Mandatory age gating is not new, but rather an evolution of tactics used in other high-risk industries. Historically, the alcohol and tobacco industries were the first to implement age gates online, though they relied on honor system "soft gates" such as birth-year entry fields (e.g., “Yes, I am 21”). 

These systems were widely criticized as useless. Over time, regulators realized that self-reporting was an ineffective guardrail, which has directly informed the Australian government’s refusal to accept simple date-of-birth prompts as reasonable gates today.

The online gambling industry moved toward "hard gates" decades ago due to stricter legal consequences. For over a decade, the UK Gambling Commission has mandated a "verification waterfall" that cross-references user data with credit agencies and government databases before a single bet can be placed. Similarly, in the United States, states like Louisiana and Texas set a 2023 precedent by requiring government ID uploads or third-party digital identity apps to access adult websites. These industries proved that while hard gates create friction and drive away some users, they are remarkably effective at creating a legal audit trail that protects the platform from prosecution.

The End of the Anonymous Web?

It is easy to extrapolate these changes and believe that we are approaching the end of anonymity, yet we would disagree. Age will just be another aspect of the concept of verifiable anonymity, where users can remain anonymous while platforms can verify certain aspects such as location, legal identity existence, non-sanctioned individual, income, purchase history, single user per account, and in this case, age. The most optimal future is for users to have encrypted identities while being able to share the minimum information needed for accessing a specific platform. 

Like FaceID to authenticate, solutions like AgeKey will be integrated into the log in process. This will allow users to verify their age through a 3rd party and take that information with them anonymously. With how much is changing from a regulatory perspective, this will benefit users and companies in a number of ways:

For digital platforms, users can quickly scan a QR code or even use biometrics (fingerprint or face scans) on their device. For “in real life” (IRL) experiences, similar to Apple Pay, a user could verify their identity on their device and then tap it using NFC, allowing the payment terminal to confirm only whether they meet the required age for the purchase – no physical ID needed. 

Below are a few use cases that we envision for AgeKey: 

Takeaway: Age verification is not new; most people have passed age gates digitally or in person hundreds of times, but it is now hardening into a regulatory standard. The result is an internet where two people can have very different experiences of the same product depending on where they live, how old they are, and what their parents allow. Instead of ending anonymity, this shift pushes us toward verifiable anonymity, where age becomes just one attribute your identity can prove without revealing who you are. 

Have a great weekend,

Josh