Adult websites: protecting minors and adults’ identities at the same time

In what ways does the issue of age checks on adult sites represent both a necessity and a challenge?

Martin Bieri: Society faces a real challenge in this area, particularly concerning sites of a pornographic nature. A report from ARCOM (Regulatory Authority for Audiovisual and Digital Communication) published in May 2023 revealed that 28% of minors, i.e. 2.3 million children and adolescents, visited adult websites every month - and this has risen by 36% over five years. From the age of 12 and over, more than half of boys are affected. To protect minors, the French Parliament has passed two laws, one in 2020 and the other in 2024, which require pornographic websites to implement an age verification system. 

Olivier Blazy: The challenge is to be able to verify that the user is an adult, while asking for as little personal information as possible in order to respect their privacy. Now that age checks are mandatory, there has been a rise in highly invasive systems, such as asking users to provide their ID and/or requesting access to their webcam. These are risky options, as any system that records the user’s identity and their consumption habits of this kind of content could lead to blackmail. 

How was the partnership between the CNIL and the Inria Grace team created to respond to this issue, and how did you work together?

O. B.: I was in contact with the CNIL via former colleagues from my PhD, and as I worked on issues relating to cryptography and privacy, the collaboration came about naturally. We worked with four CNIL agents to collectively seek a solution to age verification that would be compatible with the GDPR (General Data Protection Regulation), using established cryptography tools. 

M. B.:

In late 2021, we contacted Olivier Blazy to determine which technologies we could use to prove that age checks can be performed while protecting personal data. And with a little time, we were able to develop a demonstrator!

How can you tell us how this demonstrator works? 

O. B.: It is based on two tools: group signatures and zero-knowledge proof. The first allows services concerned by the age check requirement to sign proof of age on behalf of any age verification provider. This means that the pornographic website will not have access to information about the third party chosen by the user: for example, it will not know that they are a client at a certain bank. 

The issue is that if an age verification provider and an adult website belong to the same company, or if an age verification provider targets a user by always attributing them a particular signature, the user may end up being connected to the signature and content they view. This is where zero-knowledge proof comes in.  

In concrete terms, in our system, an internet user connects to an adult site and the site sends them a “challenge”, a sort of long number. The user transfers this “challenge” to the age verification provider of their choice, which has access to their personal information. If they are 18 or over, the “challenge” is signed. The user simply has to send it back to the adult site to access the content. There is therefore double anonymity: on the one hand, the adult website has proof that the user is over 18, but without having to know where this proof comes from and without knowing anything about the user’s identity; and on the other, the age verification provider knows the user’s identity and certifies that they are over 18, but does not know for which site this proof will be used.  

Does this double-blind system present any limits?

O. B.: An adolescent who was really motivated could install a VPN and set their computer location fictitiously in a country that does not require age verification, to get around the requirement. But our solution will at least push back the age at which minors access such sites for the first time, currently at around 9-10 years old, and avoid these sites being accessed opportunistically or accidentally.

M. B.: As pornographic websites are the only ones to request this type of signature from age verification providers, such providers will know that the user is consulting a pornographic website. The system must therefore be rolled out to all websites reserved for over-18s (sale of alcohol or cigarettes for example) so that it is impossible to know what kind of request it is. 

The demonstrator was placed online and free to access in 2022 and 2023. What were the initial results?

O. B.: The solution was tested by content providers, age verification providers, start-ups and privacy protection associations, as well as by the French National Observatory of Child Protection. This stage allowed us to identify concrete problems, such as the need to anonymise the invoicing of verifications with content providers as well. The good news is that out of the solutions on offer, our system is the least off-putting to users. And that is key, as the aim is not to prevent adults from accessing these websites. 

M. B.: With the demonstrator online and the feedback from industry, ARCOM will highlight double anonymity in its reference framework, which will be published in the coming weeks. It will ask content providers to implement two types of age checks, one of which should provide the same guarantees as our system.   

What are the next challenges for you?

O. B.: The fact that our system was selected by the ARCOM reference framework is an excellent illustration of the transfer of our research to society. But we also wish to promote our work in the field of academia, with a scientific paper planned for publication this year. From a technical point of view, we will be keeping an eye on emerging needs, as the idea is to allow stakeholders to adopt the solution. And at a regulatory level, we are working on transposing it to an international scale.

M. B: Indeed, the challenges for Europe are significant. At present, French law goes beyond European legislation and additional formalities are needed to apply it in other countries. As it falls under the CNIL’s jurisdiction to monitor and sanction actors that do not respect data protection, we will obviously be keeping a very close eye on the subject.