Researchers from Georgia Institute of Technology and the University of California, Irvine presented new findings at the IEEE Symposium on Security and Privacy in San Francisco. They studied a London company called Yoti that many websites use for age verification.
The team found that a single verification attempt can send more than an age check. Sites often transmit a user’s facial image, online address and device fingerprint to other companies. The researchers said recipients include credit card firms, geolocation services and data brokers. Laws in 25 US states require digital age checks, but many covered sites do not enforce them.
Difficult words
- researcher — person who studies and finds new informationResearchers
- finding — new information from a study or investigationfindings
- verification — process to check if something is true
- facial image — a picture of a person's face
- device fingerprint — data that identifies a user's device online
- data broker — company that buys and sells personal informationdata brokers
Tip: hover, focus or tap highlighted words in the article to see quick definitions while you read or listen.
Discussion questions
- Would you be worried if a website sent your facial image to other companies? Why or why not?
- Do you think websites should enforce age checks more strictly? Why?
Related articles
Internet use may reduce loneliness for older unpaid caregivers
A US study found that older unpaid caregivers who use the internet more often tend to feel less lonely. Researchers analysed 2019–2020 California survey data from 3,957 caregivers aged 65 and older; about 12% had health problems.
Researchers find 'vibe coding' linked to insecure AI-written code
A research team found that a programming style called "vibe coding" is producing insecure code with help from generative AI tools. A new radar scans public vulnerability data and flags cases that show AI signatures or risky patterns.