Why can't I access certain websites without giving my ID to random companies?

[Fox]

I'm not going to but I want to know why?

[Undertaker00]

In the UK, access restrictions are usually tied to age-verification rules and ISP-level filtering. They're not random, they're there to enforce legal requirements around adult content.

If you're running into blocks, your straightforward options are give ID or find an easy way around it that a 5 year old could master.
(I'm helping/directing you)

[Fan22]

There's been a growing push for users to provide ID to access certain websites, especially around age-restricted content. On the surface, it sounds reasonable. Verify age, protect users, move on.

But once you look at the security and privacy implications, it becomes a lot more questionable.

The main issue is simple. You're being asked to hand over one of the most sensitive pieces of personal information you have to a website or third-party service you probably know very little about.

And history has shown again and again that even large, well-funded platforms get breached.

We're not talking about small leaks either. Entire databases containing personal information, emails, passwords, and in some cases identity documents have been exposed. Once that data is out, it's out permanently. You can change a password. You can't change your identity.

Another concern is data storage. When you upload ID, where is it actually stored? For how long? Who has access to it? Is it encrypted properly, or just sitting in a database waiting to be compromised?

Most users never get clear answers to those questions.

There's also the issue of trust. Many of these verification systems rely on third-party providers. That means your data isn't just being shared with one company, but potentially multiple layers of services behind the scenes.

Each layer increases the risk.

From a security standpoint, the safest data is data that was never collected in the first place.

That's why many people are uncomfortable with the idea of handing over ID just to browse a website.

A more balanced approach would be systems that verify age without requiring full identity exposure. For example:

One-time verification tokens instead of storing documents
Privacy-focused verification providers that don't retain data
Device-level or account-level age confirmation handled by trusted platforms

These approaches reduce the amount of sensitive information being passed around while still addressing the original goal.

At the end of the day, this isn't just about access. It's about risk.

Every time you upload personal identification online, you're making a trade-off. In some cases, that trade-off might be worth it. In others, it's reasonable to question whether the risk outweighs the benefit.

It's not about avoiding rules. It's about understanding the long-term consequences of how personal data is handled, stored, and potentially exposed.

Once that information is compromised, there's no undo button.

[Lazy Sentinel]

Capita/Discord/UKs own Legal Aid Agency have all been hacked in recent years. This has gone too far.

[veritas.io]

I won't be providing my ID to porn sites. These people always start with oh but think of the children. But then they just want control

[Fan22]

That is the nuanced version of it. There is a kind of restraint in the best of this that is harder to achieve than it looks.

Happy to keep discussing this.

I always check startup items and background processes first.

[Piston]

Hmm, not convinced. Ha, yeah that is about right.

Proper useful that.