全球年齡保障高峰會第三天：去中心化數位身分、產業適應與監管環境

全球年齡保證標準高峰會的演講嘉賓討論了使用去中心化數位身分獲得父母同意、生物識別行業對監管要求的響應、開放身份交換方法以及年齡保證和年齡驗證行業的其他關鍵主題。

Day Three of the Global Age Assurance Standards Summit: Exploring Decentralized Digital Identity, Industry Responses, and Regulatory Landscape

全球年齡保障標準高峰會第三天：探索去中心化數位身分、產業應對措施和監管環境

Day three of the Global Age Assurance Standards Summit showcased presentations from industry experts delving into the transformative potential of decentralized digital identity for parental consent, the evolving landscape of the biometrics industry in response to regulatory demands, the vision for a universally trusted identity, and the latest developments in age assurance and age verification standards.

全球年齡保障標準高峰會第三天展示了行業專家的演講，深入探討了去中心化數位身分在獲得父母同意方面的變革潛力、生物識別行業為響應監管要求而不斷變化的格局、普遍可信身份的願景以及年齡保證和年齡驗證標準的最新發展。

euCONSENT 2.0: Empowering Parental Consent with Decentralized Technology

euCONSENT 2.0：透過去中心化技術賦予家長同意權

In a pivotal presentation, Iain Corby, Executive Director of the Age Verification Providers' Association (AVPA), unveiled the roadmap for the second phase of the euCONSENT program and introduced the AgeAware App. Financed with a €1.4 million grant from the European Commission and supported by the United Nations through UNICEF's Safe Online initiative, euCONSENT 2.0 seeks to revolutionize age assurance practices.

在一次關鍵演講中，年齡驗證提供者協會 (AVPA) 執行董事 Iain Corby 公佈了 euCONSENT 計劃第二階段的路線圖，並介紹了 AgeAware 應用程式。 euCONSENT 2.0 得到了歐盟委員會 140 萬歐元撥款的資助，並透過聯合國兒童基金會的安全線上計畫得到了聯合國的支持，旨在徹底改變年齡保障做法。

Corby emphasized a fundamental shift away from publisher-based age assurance towards a decentralized, app-based approach. The first phase of euCONSENT utilized a device-based token system for age verification. However, the new system employs a more sophisticated metaphor of a chocolate wrapped in foil. The raw ingredient is the user's age, which they must prove when accessing age-restricted websites via the AgeAware app. This "thin application" serves as a technology-neutral client compatible with various software and hardware options.

Corby 強調從基於出版商的年齡保證轉向去中心化、基於應用程式的方法的根本轉變。 euCONSENT 的第一階段利用基於設備的令牌系統進行年齡驗證。然而，新系統採用了更複雜的比喻，即用箔紙包裹的巧克力。原始成分是用戶的年齡，他們在透過 AgeAware 應用程式訪問有年齡限制的網站時必須證明這一點。這種「瘦應用程式」充當技術中立的客戶端，與各種軟體和硬體選項相容。

Upon age verification through biometrics, facial age estimation, or other traditional means processed through a provider, AgeAware issues a token, representing the foil-wrapped chocolate. The token encloses the ingredients (personal information), while the external public product, confirmed by AgeAware, establishes that the contents meet the age verification threshold.

透過生物辨識、臉部年齡估計或提供者處理的其他傳統方式進行年齡驗證後，AgeAware 會發行一個代幣，代表箔紙包裝的巧克力。令牌包含成分（個人資訊），而經 AgeAware 確認的外部公共產品則確定內容符合年齡驗證閾值。

As users accumulate tokens from different websites using various age verification providers, AgeAware interrogates them, selecting the most optimal token for the relying party in question. The content provider may have specific pricing preferences or accept the published price of the verification provider, accessible to anyone seeking to use the token. A default price mechanism is in place for parties without an established verification agreement.

當使用者使用不同的年齡驗證提供者從不同的網站累積令牌時，AgeAware 會詢問他們，為相關依賴方選擇最佳的令牌。內容提供者可能具有特定的定價偏好或接受驗證提供者公佈的價格，任何尋求使用代幣的人都可以存取。對於沒有既定驗證協議的各方，有預設的價格機制。

"This means that the relying party need only find a token, even in the absence of prior knowledge or a contract with the age verification provider," explained Corby. "They can seamlessly utilize the token to verify the user's age, which is provided anonymously through a dedicated service." The tokens have a finite lifespan.

「這意味著依賴方只需要找到一個代幣，即使在事先不知情或與年齡驗證提供者簽訂合約的情況下也是如此，」科比解釋道。 “他們可以無縫地利用令牌來驗證用戶的年齡，這是透過專門的服務匿名提供的。”代幣的壽命是有限的。

A tallying service overseen by euCONSENT monitors the reuse of age verification provider tokens and reports to an orchestration scheme to charge and distribute fees accordingly. This eliminates the burden on relying parties to report their own numbers.

由 euCONSENT 監督的統計服務監控年齡驗證提供者代幣的重複使用，並向編排方案報告以相應地收取和分配費用。這消除了依賴方報告自己的數字的負擔。

Corby identified areas of improvement in phase one, particularly concerning parental consent and linking parent and child identities. Phase two priorities thus address this "unfinished business," including advancements in zero-knowledge proof, enhanced untrackability, compatibility expansion to apps, and exploration of integration with the EU digital wallet. The plan also involves refining underlying ethical principles, deepening the involvement of international standards organizations, and updating certifications.

科比確定了第一階段需要改進的領域，特別是在父母同意和父母與兒童身分聯繫方面。因此，第二階段的優先事項解決了這一“未完成的任務”，包括零知識證明的進步、增強的不可追踪性、應用程式的兼容性擴展以及探索與歐盟數位錢包的整合。該計劃還涉及完善基本道德原則、加深國際標準組織的參與以及更新認證。

Despite its European regulatory origins, euCONSENT envisions a global impact. Its governance is entrusted to euCONSENT ASBL, an NGO with members from industry, academia, and the legal profession.

儘管 euCONSENT 的監管起源於歐洲，但它預計會產生全球影響。其治理委託給 euCONSENT ASBL，這是一個由來自工業界、學術界和法律界的成員組成的非政府組織。

Ver.iD Demonstrates Parental Consent through Decentralized Digital IDs

Ver.iD 透過去中心化數位 ID 表達家長同意

Showcasing the potential of digital credential wallets, Roger Olivieira, Co-Founder of Amsterdam-based Ver.iD, explained how the Dutch government issues verifiable personal information retrievable through apps like the one provided by Ver.iD. The government is piloting a decentralized digital ID system that would enable digital verification of relationships, such as that between a child and their guardian. This would empower guardians with a "parental dashboard" to provide consent by confirming the age of minors ("wards") attempting to log into age-restricted apps or accounts (e.g., video games, social media).

阿姆斯特丹 Ver.iD 聯合創始人 Roger Oliviira 展示了數位憑證錢包的潛力，解釋了荷蘭政府如何發布可透過 Ver.iD 提供的應用程式檢索的可驗證個人資訊。政府正在試行一種去中心化的數位身分系統，該系統可以對關係進行數位驗證，例如兒童與其監護人之間的關係。這將為監護人提供“家長儀表板”，透過確認嘗試登入有年齡限制的應用程式或帳戶（例如視訊遊戲、社交媒體）的未成年人（“受監護人”）的年齡來提供同意。

EU Age Assurance Report Highlights Need for Regulatory Guidance

歐盟年齡保障報告強調需要監管指導

Martin Sas from the KU Leuven Centre for IT & IP Law presented an upcoming report on the trustworthiness of age assurance systems for the EU Parliament. The report aims to map the legal requirements for age assurance under European law, identify potential risks to fundamental rights, and evaluate the risks of specific methods.

魯汶大學 IT 和智慧財產權法中心的 Martin Sas 向歐盟議會提交了即將發布的關於年齡保障系統可信度的報告。該報告旨在繪製歐洲法律下年齡保證的法律要求，識別基本權利的潛在風險，並評估具體方法的風險。

The report emphasizes the imperative to consider necessity, proportionality, and the best interests of the child when implementing age assurance measures. It promotes the delicate balance between child protection and digital rights. Regarding biometric age assurance methods, age estimation is deemed less reliable than age verification, but verification is perceived as "more intrusive."

報告強調，在實施年齡保障措施時必須考慮必要性、相稱性和兒童的最大利益。它促進兒童保護和數位權利之間的微妙平衡。關於生物特徵年齡保證方法，年齡估計被認為不如年齡驗證可靠，但驗證被認為「更具侵入性」。

The report expresses concerns about privacy and security risks, potential discrimination, and exclusion of individuals with limited access to ID documents, technology, or developmental disabilities. It thus underscores the urgent need for regulatory harmonization, increased pressure for conformance testing, and adaptation to the burgeoning use of age assurance systems.

該報告對隱私和安全風險、潛在歧視以及對身分證件、技術或發展障礙的個人的排斥表示擔憂。因此，它強調了監管協調、增加一致性測試壓力以及適應年齡保證系統的迅速使用的迫切需求。

Open Identity Exchange Outlines Universal ID Vision

開放式身分交換概述了通用 ID 願景

Nick Mothershaw, Chief Identity Strategist for the Open Identity Exchange (OIX), presented the organization's perspective on the symbiotic relationship between digital identity and age assurance. OIX's aspiration for a "simple, universally trusted ID" hinges on educating relying parties about the benefits and intricacies of biometrics and digital identity through initiatives such as events, consultations, and resource dissemination.

開放式身分識別交換 (OIX) 首席身分策略師 Nick Mothershaw 介紹了該組織對數位身分與年齡保證之間共生關係的看法。 OIX 對「簡單、普遍可信的 ID」的渴望取決於透過活動、諮詢和資源傳播等舉措，讓依賴方了解生物辨識技術和數位身分的好處和複雜性。

Mothershaw emphasized the significance of trust frameworks and trustmarks in ensuring that the security equation is addressed from both sides. OIX has meticulously analyzed trust frameworks worldwide, including the UK Digital Identity and Attributes Trust Framework (DIATF), eIDAS 2.0, the NIST version 4 draft, and the DIACC Pan-Canadian Trust Framework.

馬瑟肖強調了信任框架和信任標記在確保雙方解決安全問題的重要性。 OIX 仔細分析了全球信任框架，包括英國數位身分和屬性信任框架 (DIATF)、eIDAS 2.0、NIST 第 4 版草案和 DIACC 泛加拿大信任框架。