The intent is to protect minors. The risk is that the mechanism protecting them requires building a much larger surveillance apparatus than anyone campaigning for it admits.
Frederik Gregaard is the CEO of the Cardano Foundation, the Swiss-based non-profit organization that exists to ensure the advancement of the Cardano protocol.
KIDS doesn’t mandate age verification outright, because it doesn’t have to. Making platforms liable for harm to minors who access their services gives companies a simple risk calculus. Either you verify age, or accept the legal exposure of not knowing who’s a minor. Liability without a verification mandate still produces verification. That’s the mechanism, and it’s worth naming explicitly, because “there’s no explicit age check in the bill” is a technically true defense that misses how the incentive actually works in practice.
Once disclosure becomes the price of access, the information dragnet tends to expand. A tool built to confirm someone is old enough becomes a tool that confirms who they are, and a database built to prevent liability becomes just a liability – one more repository of identification data waiting for the next AU10TIX-style breach.
But if a platform only needs to know that a user is old enough, it should not require a full identity file or other data it may use as a proxy for age. If a service only needs to reduce exposure to harmful content, there is no need to build a database that can later be repurposed. These distinctions, however small, matter.
