Wisconsin’s Porn Veto Exposes Web2’s Broken Identity Layer: A Case for ZKPs and Decentralized ID

Last week, Wisconsin Governor Tony Evers vetoed AB 105, a bill that would have required residents to verify their age before accessing adult content online. His reasoning? He called the mandate—which typically involves uploading a government-issued ID—an "intrusive burden on adults who are trying to access constitutionally protected materials."

While this might seem like a standard political clash over internet regulation, for founders, engineers, and builders, it highlights a much deeper, structural failure of the current web: we still don't have a privacy-preserving identity layer.

More than two dozen states have already passed similar age-check requirements, forcing platforms into a difficult corner. Do they risk massive fines, or do they force users to upload their driver's licenses, creating the ultimate hacker honeypot? As internet regulation increases, the opportunity for innovative tech solutions has never been larger. Here is how blockchain, zero-knowledge proofs (ZKPs), and AI intersect to solve this exact problem.

The Web2 Identity Trap: Centralized Honeypots

Currently, the primary way to verify age online is through third-party KYC (Know Your Customer) providers. You upload a picture of your ID and maybe snap a quick selfie.

From an engineering perspective, this is a nightmare. It requires storing highly sensitive personally identifiable information (PII) on centralized databases. For platforms hosting adult content, a data breach isn't just an inconvenience; it can ruin lives. Web2's approach to identity relies on revealing data rather than verifying attributes.

The Blockchain Solution: Enter Zero-Knowledge Proofs

This is exactly the type of problem that cryptographic builders have been trying to solve for a decade. The solution lies in Decentralized Identity (DID) and Zero-Knowledge Proofs (ZKPs).

A ZKP allows one party to mathematically prove a statement is true without revealing any additional information. In the context of age verification, a user could hold a digital, cryptographically signed credential of their ID in a local wallet. When a website requests age verification, the wallet generates a zero-knowledge proof asserting age >= 18.

The website receives a true/false verification that is mathematically guaranteed to be accurate, but it never learns the user's name, birthdate, or ID number. By leveraging blockchain infrastructure as a decentralized public key registry, systems can instantly verify the issuer's signature (e.g., a DMV or trusted oracle) without relying on centralized, hackable databases.

The AI Approach: Biometrics, Estimation, and Bias

Another approach gaining traction is AI-driven age estimation. Instead of asking for an ID, platforms request access to the user's webcam. A neural network analyzes the user's facial geometry and estimates their age. If the AI is highly confident the user is over 25, they bypass the ID requirement entirely.

While this drastically reduces user friction, it introduces a different set of engineering and ethical challenges:

1. Algorithmic Bias: Facial analysis AI has historically struggled with accuracy across different ethnicities and skin tones.
2. Biometric Privacy: Even if the image is processed locally and immediately deleted, users are inherently distrustful of feeding biometric data into black-box algorithms.
3. Adversarial Attacks: Deepfakes and AI-generated images can potentially spoof these systems, turning the age-verification process into a continuous cat-and-mouse game between AI generation and AI detection.

The Founder's Opportunity

Policy creates markets. With states aggressively pushing for age-verification laws and privacy advocates (including governors like Tony Evers) rightly pushing back against invasive ID requirements, a massive market gap has opened up.

Founders who can build seamless, privacy-preserving identity protocols that abstract away the complexity of ZKPs will win big. The goal isn't just to solve the age-verification problem for adult content—it's to build the missing identity layer for the entire internet. Whether it's proving you're a human to defeat bot farms, proving your age to buy a restricted product, or proving your jurisdiction for compliance, the future of online identity must be decentralized, verified, and entirely private.