YOTI AGE CHECKS LEAK FACIAL PHOTOS TO THIRD PARTIES

The age verification platform transmits biometric data beyond its direct operations, according to findings shared on tech forums. Users undergoing Yoti's age checks unknowingly have their facial images and device identifiers distributed to external parties. The practice affects anyone using Yoti for age verification across websites and services. Device fingerprints—unique identifiers tied to hardware and software configurations—are collected alongside facial data. Yoti's data-sharing practices lack prominent disclosure at the point of verification. Users attempting to access age-restricted content face the choice of submitting biometric data with limited transparency about downstream recipients. The revelation prompted 112 points of discussion on Hacker News, with 24 comments addressing privacy implications. Questions emerged regarding consent mechanisms and regulatory compliance under GDPR and similar frameworks. No statement from Yoti was immediately available regarding the scope or purpose of third-party data sharing.