Brussels recently debuted a digital age-verification tool intended to serve as a robust gatekeeper for the internet’s more sensitive corners. It was a flagship effort in the European Union’s ongoing campaign to harmonize child safety with individual privacy. However, the technical reality proved far more fragile than the legislative ambition: according to security researchers, the system was compromised in just two minutes.
The breach highlights a recurring friction in the digital era. As governments move to enforce age-gating for social media and adult content, they face a persistent "privacy paradox"—the challenge of verifying a user's identity without creating a centralized, vulnerable database of sensitive personal data. The Brussels app attempted to navigate this by using decentralized methods, but hackers quickly identified flaws in its implementation, rendering the digital barrier effectively moot.
This failure serves as a sobering reminder that policy mandates are only as resilient as their underlying code. For the EU, which has positioned itself as the world’s leading digital regulator, the incident suggests that the path to a safer internet for minors will require more than just legal frameworks. It will require a level of technical sophistication capable of withstanding the immediate, aggressive scrutiny of the open web.
With reporting from Politico.
Source · Hacker News
