Hey there 👋

At SK NEXUS, we usually like to call ourselves tech optimists. We break down what’s exciting, what’s changing, and how it all connects back to you.

But sometimes, optimism isn’t enough. Every now and then, the tech world throws something at us that feels less like progress and more like a warning sign.

When that happens, we owe you “the talk”

This isn’t fear-mongering - it’s raising awareness.

Because if the average Bashir (or anyone, really) doesn’t know what’s going on, then it’s easier for these changes to slip by unnoticed.

So here’s our ask: read this carefully, share it with your circle, and keep the conversation alive. Awareness is the first step, and if enough of us care, real pushback can happen.

They say it’s about protecting kids.
But in reality, it’s about collecting the most sensitive data you have - handing it to people and systems you’ll never meet, never trust, and never control.

Right now, governments in Australia, the EU, the UK, and the US are pushing hard for “mandatory age checks” across the internet.

And here’s the thing:
Once the big players comply, the rest will follow.

Think about it: you go to play GTA 6 on launch day, but first, you’re told to upload your ID. Welcome to the future where “proving your age” becomes the gateway to tracking everything you do online.

In this article, I’ll break down what’s really going on:

• What the problem is and how age verification works

• Why it’s a massive privacy breach

• The real consequences of pouring your personal data into random websites

• And what this shift means for the future of the internet

The Global Push for Mandatory Age Checks

This isn’t a local experiment - it’s a worldwide rollout.
Lawmakers are racing to force ID checks across every corner of the internet.

Each country has its own “official reason.”
But the result is the same: one step closer to a web where anonymity dies, and surveillance becomes the default.

AU: Ban for Under-18s on Social Media

Australia isn’t just kicking kids off social media, they’re forcing everyone to prove their age.

The law, set to kick in by late 2025, will require platforms like TikTok, Instagram, and Facebook etc to verify user ages. If the companies don’t comply with the law, these companies could face fines up to A$49.9 million.

You might be wondering: “But… how will they check if it’s a kid or not?”
Well…you can expect a mix of “options” straight out of a surveillance playbook:

• Banks or mobile providers confirming you’re over 18

• Uploading a photo to match the government ID

• Facial age estimation tech

• AI scanning your account history to guess your age

• Behavioral tracking - even how long you’ve had your account

The government says it’s about “child safety.”

But what it really means is handing over sensitive data to corporations and AI systems that will store, analyze, and potentially share it - all in the name of keeping teens “safe”.

And once this infrastructure is built?
It won’t just be for kids - It’ll be for everyone.

EU: The “Privacy-Friendly” Age Check

Across the EU, several countries are pushing for an under-18 social media ban - but they’re packaging it in softer and more secure language.

Instead of demanding your raw ID upfront…they have a different proposal.

The proposal is to roll out a government-backed app that “proves” you’re over 18 without revealing anything else. The magic ingredient includes - Zero-Knowledge Proof (ZKP), which is a cryptographic trick that can confirm an attribute (like your age) without exposing other details.

Here’s the theory behind the app:

• The app is white-label, so each EU member state can release its own version

• You download it from an app store

• It verifies you meet the age threshold, then passes only a yes/no signal to the platform

And here’s what the important people say:

“Excessive screen time can limit the development of critical skills, alter cognitive capacities, weaken human relationships, and diminish the ability to collaborate effectively.”

But here’s the catch:
Theory is one thing, implementation is another.

And there are many concerning questions as well:

• Who controls the app?

• Who audits the ZKP system?

• What happens if certain groups - the unbanked, undocumented, or tech-poor are locked out? And what really goes on behind the scenes?

When you start asking questions like these.
Things get clearer, and you realize something.

Even the “privacy-friendly” solution still builds the same gate.
Once it’s there, it can be shape-shifted into anything.

UK: The Online Safety Act - Safety or Surveillance?

So, many of you might have seen the term “Online Safety Act” thrown around, but what exactly is this?

In a nutshell, the UK’s Online Safety Act is marketed as a law to protect people, especially children, from harmful online content. The core idea is that - make platforms responsible for shielding under-18s from explicit material, predatory behaviour, and other online dangers.

But here’s the unspoken truth - to enforce it, everyone will have to prove who they are.

This isn’t just about keeping kids off certain platforms. If age verification becomes mandatory, it means:

• You’ll need to submit a government ID, passport, or driving license to prove you’re an adult

• Third-party verification services will hold and potentially share sensitive personal data

• The barrier applies to every user, because the system can’t work otherwise

The “solution” strips away online anonymity in the name of safety. Once you attach an identity to every login, it’s not just your age that’s known - it’s you.

Think about it - all this data would be gathered in a centralized database of personal information that could be hacked, misused, or quietly repurposed for other forms of surveillance.

And once the infrastructure is in place, governments rarely stop at their first stated goal.

The UK is not coming slow.
First, it was demanding encryption backdoors “to protect children.”
Now, it’s age verification for everyone.

If you are curious about that topic, I’ve covered that backdoor fight in detail here: Why Government Backdoors in Encryption Are a Bad Idea

USA: The Age Verification Wild West

If you think this is just a “Europe thing,” think again. America is already deep in the age verification game - just not in one clean national law. Instead, it is a patchwork of state bills, each one slightly different, each one with its own rules, and all of them chipping away at the same thing: your anonymity online.

It started small - “let’s just keep kids off certain sites.” But that quickly turned into laws requiring ID checks for social media and adult sites in states like Louisiana, Utah, Mississippi, North Carolina, and more.

In short - If you refused to provide an ID, then no access for you.

Some states have taken it further:

• In Virginia, under-16s can only use social media for one hour a day unless a parent approves.

• Nebraska passed a law that will give parents direct access to their kids’ accounts.

• Georgia is banning social media use in schools entirely.

And these are just some of the states that I listed -
If you want to check out full details, check this out.

Here’s the thing:
To enforce any of this, they need to know exactly who you are. That means government IDs, passports, or facial recognition scans, fed into systems that match you against databases you’ll never see. And just like in the UK, this isn’t “for kids only.”

So yeah.. To lock kids out, they have to lock everyone in.

And guess what’s scary?

Once this infrastructure exists, it won’t just stop at “protecting the children.” It becomes a surveillance tool. One that can track, block, or profile anyone, anytime.

The “Protecting Kids” Excuse

Every law we’ve just talked about comes wrapped in the same shiny packaging:

“This is about protecting children.”

On paper, it sounds noble. Who wouldn’t want to keep kids away from everything, right?

But here’s the truth - the end result isn’t a safer internet for kids
It’s a universal ID requirement for everyone.

This whole movement didn’t start with social media. It started with adult websites. Lawmakers realized they could use the “think of the children” argument to force through verification laws that apply across the entire internet.

Adult sites became the Trojan horse.
Once those rules were in place, it was easy to extend them to other platforms.

Are you noticing the pattern?
Is this a coincidence?
I don’t think so.

What’s my point?
It’s not the government’s job to pamper what kids see online - that’s on parents. And even if governments could enforce every single rule perfectly, it wouldn’t stop the determined ones. Kids would still find workarounds, because that’s what the internet does best.

Think about it. What’s to stop “Joe from Ohio” from spinning up his own server, loading it with explicit content, and tossing up a fake verification system just to tick the legal box?

In the end, these policies don’t just fail at their stated goal.
They give governments a permanent tool to track everyone online, all under the banner of “child safety.”

Alright, enough ranting.
Let’s get into the serious part.
Because there’s a lot to unpack.

The Loophole Problem

Most of you are probably thinking - Come on, this can’t be that serious. There are plenty of workarounds, right?

Let’s talk about them.

VPNs: The First Line of Evasion

After the whole Online Safety Act drama, VPN interest among teens shot through the roof. Naturally, this caught the government’s attention. Now the idea of VPNs getting banned is floating, because in their eyes - it’s the obvious loophole.

But here’s the thing: even if they pull it off, then what? People will just move to Tor, SSL-based VPNs, private proxies…the list goes on. You can’t plug every hole in the wall.

Graeme Stewart from Check Point Software summed it up perfectly:

"The logistics are near-impossible. You could, in theory, ban the sale of VPN equipment or instruct ISPs not to accept VPN traffic. But even then, people will find workarounds. All you'd achieve is pushing VPN use underground, creating a black market for VPN concentrators."

Exactly. All this ban would do is push the tech further underground, and history has shown that once something goes underground, it’s even harder to track.

The MP Fake ID Hack

⚠️Caution: Don’t use sites like this to bypass ID checks. It’s not a good idea, and if you try it and things go south - that’s on you, not me. The following information is for educational purposes only.

In the UK, a programmer built a parody site that spits out mock driving licenses for your local MP - purely as a protest against age verification laws.

So, basically, what happens is the following:

• You type in your postcode (zip code).

• The site figures out which MP represents that area.

• It then generates a fake driving license with that politician’s face on it.

The point?

It’s satirizing the absurdity of mandatory age verification. The message is basically:

If you think your system is foolproof, here’s how easy it is to fake an ID even with a famous politician’s face.

And while it’s funny to look at, it’s still being used by tons of people to try and slip past verification systems. And that’s where this joke turns into a legal landmine.

When a Video Game Outsmarts Government Policy

Most of you are probably thinking, there’s no way this is happening - for real. And yet, here we are:

Brits are now using Death Stranding’s Photo Mode to slip past UK-mandated age checks on Discord and Reddit. Instead of face scans or ID uploads, they just point their phone at a virtual character - mimicking real facial movements like opening and closing his mouth. It’s enough to fool the system.

Here’s what’s wild:

• The person doesn’t appear on the camera - just Sam (the video game character) does.

• The system thinks you’re verified because the scan only checks for movement, not identity.

• Discord’s K-ID and Reddit's Persona both get played like a piano. Game over for the policy

So yeah…people are pulling it with Death Stranding, God of War - even Kratos is passing the test. And AI’s lowering the barrier even further.

The Bypass Game Never Ends

What you saw earlier are just a handful of examples.

Here’s the thing:
The minute governments roll out a law people don’t agree with, especially one that messes with how people live online - they end up lighting a fuse. And after that, it’s only a matter of time before workarounds flood in.

And here’s the uncomfortable truth:

- Governments can tighten the screws all they want.
- But every lock invites a new pick.

Think about it…Once every login is turned into a cat-and-mouse game, what exactly are the governments teaching the very children they claim to protect?

If the policy’s main outcome is encouraging people to outsmart it.
Then, maybe the problem isn’t the people - it’s the policy.

How Age Verification Actually Works

At its core, age verification is about turning you into data. That usually means:

• Face scans

• ID uploads

• Biometric checks.

All run through third-party “verification” companies, which now have a copy of your most sensitive documents.

And here’s the kicker:
Once your data is out there, it’s out there. You can’t “un-upload” your passport photo.

You can’t un-share your driver’s license number. That information will exist in some server, somewhere, forever.

The moment you agree to hand over your identity for something as simple as logging into a website, you’ve already lost control of it. And that’s the part they don’t like to advertise.

The Tea App Hack - A Warning From the Future

Governments say, “Just give us your private info - it’s for your safety.”
But what happens next?

A very recent event gives us a chilling preview of the answer. You’ve probably seen it in the headlines - yes, I’m talking about the Tea App hack.

Let’s briefly uncover what mess the Tea App hack made.

Promise vs. Reality

For those of you who don’t know, The Tea App is a dating app that is a women-only platform. To get in, you had to verify you were a woman, which meant handing over sensitive personal data: government ID scans, photos, and other private details.

Then it happened.
Over 72,000 documents and images leaked…just dumped online.

The fallout was brutal - emotional distress, reputational damage, and the horrifying realization that “safety” can flip into exposure overnight.

When you give away your most private information, you’re betting on the platform never failing you. The Tea App shows what happens when that bet goes wrong.

When “Delete After Verification” Is a Lie

The Tea App swore your data would be wiped after its users were verified. That promise was just marketing BS. No ID scans, photos, and personal info were deleted, and now they’re out there for anyone to grab.

This isn’t just embarrassing - it’s dangerous. Now, that data is probably being used for identity theft, getting sold on the dark web, or being fed into profiling systems that target you in ways you can’t see.

And the ironic thing?
This was from a platform claiming to keep “women safe.“

From Tea to Ashley Madison - The Pattern Is Clear

The Tea App isn’t the only horror story. Remember Ashley Madison? That flashy dating site marketed itself as secure and discreet - until millions of users had their credit card numbers, IDs, and personal messages dumped online.

These apps might look polished and trustworthy on the outside, but the truth is often uglier than the UI. I even dug into Tea’s backend architecture, and it was a mess from the start.

Security wasn’t a priority for them.
Harvesting user’s data was the priority.
And all this made the hack inevitable.

And here’s the reality:

Every time you hand your ID or sensitive data to a third-party service, you’re rolling the dice. If they get hacked, you pay the price - not them.

Now, step back and imagine this happening on a national scale. One breach, and tens of millions of people could have their most personal information dumped for the world to see. That’s the real risk behind “just show us your ID.”

Psst…a side note:
If you want to go deep into the details of the Tea App hack, my friends

• The Tea Isn’t Spilled - It’s Stored, Mined, and Monetized

• The Hidden Lesson From the Tea App Data Leak

The Bigger Picture: Surveillance Creep

This isn’t just about uploading your ID to get on Instagram. Once you normalize age verification, the door opens for something much darker.

Google has already admitted it’s going to use AI to scan your search history and guess your age. If it’s wrong? You could be locked out until you hand over more personal details to prove who you are.

And Google isn’t the only one doing this, YouTube is also implementing the same thing.

And once these models are in place, there is no guarantee that they won’t expand
|Today it’s “show us your age.” Tomorrow it could be:

• “Prove your political alignment.”

• “Confirm your financial status.”

• “Verify your employment or education.”

I know my claims sound like I can foresee the future as if I am Doctor Strange, but that’s the thing…surveillance creep always starts small - then spreads.

We already have proof of how fragile these systems are. Have I Been Pwned tracks data breaches, and the number is staggering: billions of accounts, emails, passwords, and IDs already leaked.

Now imagine that happening on a national scale…
Centralized databases of your most sensitive information.
One breach, and it’s game over.

Case Studies: When “Child Safety” Turns Into Control

If you think governments haven’t already tested these waters, think again. Age verification and “protecting children” laws are not a new invention, and history shows they rarely stay limited to their original promises. Let’s look at some examples.

Russia: From Child Safety to Silencing Opposition

Back in 2012, Russia introduced what it called a child safety measure.

On paper, it was about protecting kids from harmful content.
In practice, it became something very different.

What’s ironic is that - the law quickly morphed into a censorship tool, blocking access to political opposition sites, independent media, and LGBT content.

What started as “protecting children” became something else entirely. And once the infrastructure was in place, the government didn’t hesitate to use it far beyond its original scope.

Turkey: The Social Media Law Trap

Turkey did a similar thing in 2020 with its Social Media Law. Framed as a safeguard for “family values,” it forced platforms to store user data locally and hand it over to the government on demand.

Unsurprisingly, this wasn’t about families at all.
It became a mechanism for forcing platforms to surrender user data.

France: A Failed Attempt

France recently tried to enforce age verification laws, targeting adult sites first.
The government demanded platforms implement strict ID-based systems to keep minors out.

But things didn’t go as planned for the government.
These Adult sites, privacy watchdogs, and digital rights groups pushed back hard.

The critique was simple:
The risks of exposing millions of people’s identities outweighed the so-called benefits. Centralized ID databases would be a ticking time bomb for mass surveillance and breaches.

In the end, the enforcement failed, showing just how fragile and unpopular these schemes can be when tested in practice.

The Big Tech Angle: Data Is the Real Prize

While governments frame these moves as “for the kids,” Big Tech companies are also trying to make their own move. They’ve been lobbying for data-driven verification systems, pitching themselves as the “trusted” middlemen.

And once all this personal data starts funneling through their systems, tons of questions arise, such as:

• Who controls it?

• Where does it go?

• And for what purposes is it used?

No one really knows the answer to these questions.

The scary thing is - Today, it’s about age. Tomorrow, it could be about your medical records or some other form of data.

And here is the reality:

Age verification isn’t just about keeping kids off platforms.
It’s about building the infrastructure for total surveillance, owned and operated by both governments and corporations.

Pakistan’s Angle: A Fragile Privacy Landscape

I’ve walked you through how the world is moving on this issue - from the U.S. and U.K. to Europe and beyond. But what about Pakistan??

Let’s zoom in and see why the risks are even greater on our soil.

Privacy Doesn’t Exist Here

In Pakistan, privacy isn’t a right - it’s a joke.

Databases get hacked left and right, leaks are treated like casual news, and nobody bats an eye. The government doesn’t understand what digital privacy is, and neither do most people; there’s literally no culture of protecting individual rights.

I live here...I have seen people casually handing over CNICs, phone numbers, and personal details to random shops or shady apps without thinking twice.

And if you try advising them about privacy...they start laughing at you.

Weak Systems, Easy Targets

Our institutions aren’t built to handle this stuff. There is zero funding, ancient systems, and…Innovation? Haven’t seen that in a decade.

That’s how life is over here.
And instead of upgrading, they keep patching the same broken setups.
Hackers love it. And guess who suffers every time? Ordinary people.

Blindly Copying the West

Here’s the real danger:
Pakistan looks to Western countries for “gold standards.” If the U.K. enforces an Online Safety Act or the U.S. pushes ID checks, you can bet our government will also hop on the train not to protect kids, but to squeeze more data out of people.

In a country where privacy rights barely exist, importing these laws would mean giving authorities an even bigger surveillance net with zero accountability.

Alternatives - Safety Without Surveillance

Look, I know governments aren’t going to give a crap about what I say here. They’re too busy tightening the leash. But I’m not writing for them - I’m writing for you. And you should know: there are ways to protect kids online without ripping everyone’s privacy to shreds.

Let’s talk about some of these ways.

Anonymous token verification

Anonymous token verification is basically a way of proving something (like your age) without revealing your actual identity.

Here’s how it works in a nutshell:

1. You prove your age once to a trusted third party.

2. Instead of storing your passport or keeping your details, they give you a cryptographic token that says Yes/No based on whether you are over 18.

3. When you go to a website, instead of uploading your ID again, you just show the token. The site can verify the token is real, but it can’t see any of your private info.

4. The token itself doesn’t link back to you personally. It’s limited-use only, so even if it leaks, no one can tie it back to your identity.

In short, it’s like showing a “wristband at a concert” instead of flashing your full ID every time you go to the bar, much more privacy-friendly, right?

Decentralized ID checks

Then there’s decentralized ID checks.

Instead of shoving all your private info into one giant honeypot database, verification can happen locally on your device or through trusted, distributed networks. That way, even if one system gets hit, everything doesn’t go down with it.

Parental controls

I talked about this earlier as well…It’s not the responsibility of authorities to make sure children are safe from all the things that exist on the internet. There are so many built-in tools that exist in phones, laptops, and game consoles.

Parents don’t want to step out of their comfort zone due to which all of this is happening in the first place.

And if you look closely, you will realize that:

The problem isn’t a lack of tech.
The problem is the lack of usage of tech in the right ways.

The Endgame Nobody Talks About

It’s been a long ride, so if you’re still here - digital candy for you 🍬.

Now, just quickly sum up this whole thing.

What we’re seeing with age verification isn’t a one-off policy. It’s the blueprint for something bigger. Today, the excuse is kids and safety. Tomorrow, it could be your political leanings, your health history, your private beliefs. That’s how these systems evolve.

Once the pipes are laid
They don’t get torn out.
They expand.

And honestly…I get it - child safety matters.

But building permanent surveillance infrastructure in the name of “protection” isn’t the solution. We’ve seen this movie before - terrorism, encryption backdoors, and now age checks. Different script, same pattern. Every “temporary” rule sticks around, growing into something far beyond what it was sold as.

And here’s the bitter pill:

- Once your data is out on the internet.
- It stays that way.

Your Turn to Talk

Alright, I’ve ranted enough - now it’s over to you.

• Do you think age verification will actually protect kids, or is it just a new way to track everyone?

• Would you ever trust a government or third-party app with your most sensitive data?

• And here’s the big one: once anonymity is gone, can the internet ever be the same again?

Drop your thoughts in the comments - I read every single one.

Leave a comment

And if you found this post helpful or want more deep dives like this, restack it or share it with someone who needs it. Most people are not aware of what’s going on in the world.

Until next time…

Dive Deeper

• Wikipedia loses challenge against Online Safety Act verification rules

• How the UK KILLED Privacy: The Online Safety Act Nightmare

• Will the UK be sued over the Online Safety Act?

• The 'Tea App' Hack Takes an Insane Turn

• The Online Safety Act: the silencing of Britain | spiked podcast

• Gamers are getting around Discord's new UK age verification tools by using Death Stranding's photo mode – yes, you read that right | TechRadar