Google is making zero-knowledge proof technology more accessible to help platforms verify user age without collecting personal data. The move aims to balance online safety requirements with user privacy.
Zero-knowledge proofs allow one party to verify information about another without revealing the underlying data. Google's initiative makes this cryptographic technique available for age assurance systems, enabling websites and apps to confirm users meet age requirements without storing sensitive identification documents or birth dates.
The technology works by proving a statement is true—in this case, that a user is above a certain age—without disclosing why. Users maintain control over their information while platforms gain verification certainty.
Google has published technical documentation and tools to help developers implement zero-knowledge proofs for age verification. The company positions this as addressing growing regulatory pressure for age gates on age-restricted content while protecting user privacy.
The approach faces adoption hurdles, as developers must integrate new systems and users need to understand the verification process. However, industry support suggests growing interest in privacy-preserving verification methods as regulations like the EU's Digital Services Act mandate stronger age assurance measures.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.