Last week, Discord announced it will begin requiring users to submit either a face scan or a government-issued ID to verify their age before receiving full access to the platform. Users who opt out will face restrictions designed to create what the company calls a “teen-friendly environment.”

On paper, that sounds reasonable. Protect kids. Reduce harm. Make platforms safer.

But it also signals something bigger: a rapid shift toward tying real-world identity to online activity across the internet.

This isn’t happening in isolation. More platforms are rolling out age verification systems in response to mounting political pressure around youth mental health, algorithmic harms, and online safety. And lawmakers are increasingly treating ID verification as the easy policy answer — even when the consequences are anything but simple.

Virginia has already been down this road. During the first two years of the Glenn Youngkin administration, the General Assembly passed laws requiring adult-content websites to collect government IDs from users. The stated goal was to protect children. The real outcome? Many sites simply blocked access statewide, while others were forced to store enormous amounts of personally identifiable information with questionable security safeguards. Enforcement proved inconsistent, and some sites ignored the law altogether.

Now, under renewed federal pressure and cultural momentum from conservative movements centered on online morality, more social platforms are adopting similar verification systems. The message is clear: prove who you are, or lose access.

Meta has required ID verification for political advertisers since the fallout of the 2016 election interference scandal In late 2025, the company expanded cross-app age verification features. Reddit requires verification in certain states. Google is experimenting with similar controls for YouTube.

Step by step, anonymity — once a foundational feature of the internet — is becoming a liability instead of a right.

The Security Problem:

Here’s the part nobody really wants to talk about: asking millions of users to upload IDs creates an entirely new security risk — and one we already know many companies struggle to manage.

Many of the platforms now requesting government IDs simply do not have the sophisticated data and information security infrastructure needed to protect them. Handing over your license, passport, or facial scan may feel like a quick step to unlock features, but it also creates a high-value target for cyberattacks and identity theft.

And this isn’t hypothetical.

Discord itself has already experienced security issues. In 2025, a malicious actor reportedly gained access to sensitive information through a third-party customer service vendor — the exact type of “back door” cybersecurity experts warn about constantly. Of the accounts impacted globally, roughly 70,000 users may have had government-issued photos exposed, because those images were being used to review age-related appeals.

So the obvious question becomes: why on earth would users feel comfortable handing over more ID data now if the system has already been compromised once?

Even the biggest players aren’t immune. Meta — arguably one of the most well-resourced tech companies on the planet — has faced repeated criticism over internal security practices. Allegations in 2025 suggested broad internal access to user data at WhatsApp despite the company’s end-to-end encryption branding, raising concerns about who inside a company can see sensitive information and how closely that access is monitored.

As someone who participated in Meta’s political verification beta back in 2018 — handing over both my ID and Social Security information — I can tell you this isn’t some abstract concern. Once that data exists in a corporate system, users lose meaningful control over how it’s stored, shared, or exposed when something inevitably goes wrong.

If companies operating at Meta’s scale still struggle to lock down sensitive data, imagine how difficult it will be for smaller platforms — often without dedicated cybersecurity teams — to handle millions of IDs responsibly.

Age verification doesn’t eliminate risk. It centralizes it. And centralized data has a way of eventually being leaked, breached, or misused.

And that’s the bigger issue that rarely gets acknowledged: data collection isn’t just a safety tool — it’s a business model. The more information companies hold, the more valuable they become to advertisers, investors, and, increasingly, governments. Every new verification system expands the pool of data that can be monetized, subpoenaed, or repurposed later. What begins as a policy meant to “protect children” often ends up reinforcing the same data economy that made the internet feel unsafe in the first place.

I Always Feel Like Somebody’s Watching Me

Security risks are only part of the story. The more prescient issue — especially for anyone involved in organizing or political activism — is surveillance.

Recent reporting from The New York Times described how the Department of Homeland Security issued hundreds of subpoenas seeking names, email addresses, phone numbers, and other identifying information tied to social media accounts that track or criticize immigration enforcement activities. The requests reportedly targeted platforms including Google, Reddit, Discord, and Meta.

While companies have offered different levels of transparency around how they respond to these requests, the larger reality remains: once your online identity is verified by government-issued ID, connecting your speech to your real-world identity becomes significantly easier.

That matters because the accounts reportedly under scrutiny weren’t shadowy criminal networks — they included local community groups sharing public information. One example involved accounts tracking ICE activity in Montgomery County, Pennsylvania, where community members posted updates in both English and Spanish to alert neighbors about enforcement activity in their area. Regardless of where you stand politically, that kind of monitoring raises serious questions about how online civic participation may be treated under heightened enforcement environments.

Those who remember will have flashbacks to the Sinclair-led hysteria over the Facebook Group “Loudoun Love Warriors” just a couple of years ago.

Discord’s age verification rollout is also reportedly tied to Palantir and MAGA sycophant, Peter Thiel. The company informed users that they would be testing out the use of Persona, which is an age verification vendor whose investors include–you guessed it–Peter Thiel. As you may or may not know, Palantir houses the data-harvesting and surveillance technology that fuels ICE’s deportation efforts and compiles databases from American citizens’ private information.

Discord announced they had ended their trial partnership with Persona on February 21 due to public outrage.

Pirat_Nation 🔴@Pirat_Nation

Discord has ended its partnership with Persona after backlash over a UK age verification trial that raised serious privacy concerns. The experiment is over, all related data has been deleted, and Persona is no longer involved.

9:49 AM · Feb 21, 2026 · 1.09M Views

---

644 Replies · 1.72K Reposts · 21K Likes

(Lmao, “deleted.” Yeah sure totally.)

However, So just know that if you use these age-verification services like Persona, there is a high likelihood that they will be shared with companies like Palantir, which means they will be shared with the government.

Being in an opposing administration now poses a greater risk than usual for Democratic party members and activists online, especially in one that has had authoritarian tendencies and close ties to the Billionaire tech bros that hold every data point out there. Don’t believe that Mark Zuckerberg, Jeff Bezos, Sam Altman, Tim Cook, and especially Elon Musk, Peter Thiel, and Larry Ellison will have your best interest at heart when it comes to solidifying their place in the President and White House’s good graces.

For Democrats, organizers, and activists operating under administrations they may view as hostile or authoritarian-leaning, this creates a new layer of risk. The issue isn’t simply whether someone is actively watching every post. It’s that the possibility of being watched changes behavior. When people know their accounts are tied directly to their IDs, speech becomes more cautious, organizing becomes quieter, and online spaces that once felt open start to feel like they’re under glass.

Surveillance doesn’t always arrive as censorship. Sometimes it arrives as friction — subtle enough to make people self-censor before anyone ever tells them to.

And if that feels familiar, it should. After 9/11, many Americans accepted expanded monitoring powers because they were framed as temporary protections against harm. Two decades later, much of that infrastructure became permanent. The lesson is simple: once surveillance systems are built, they rarely shrink — they just find new justifications to grow.

The Solutions: Four Rules for Digital Safety in the Age of Verification

The reality is that Democratic committees, activist networks, and everyday organizers aren’t leaving the internet anytime soon. Platforms like WhatsApp, Discord, Facebook, and Instagram remain essential for coordinating events, sharing information, and building movements — especially during moments of rising activism and anti–White House sentiment.

So the goal isn’t to disappear. The goal is to adapt.

If age verification and digital identity systems are becoming normalized, then political organizers need a new set of operating principles. Think of these as simple rules for navigating an internet that is increasingly tied to real-world identity.

Rule #1: Choose Your Tools Intentionally

Not every platform treats your data the same way.

If privacy matters, look for tools designed around encryption and minimal data retention rather than advertising and engagement metrics.

• Signal remains one of the strongest options for secure communication. Messages can disappear automatically, and the platform stores minimal user data.

• Slack can also provide secure collaboration spaces for teams, though higher-level security features often require paid plans.
  

No app is perfect. But choosing tools intentionally — rather than sticking with whatever platform everyone else uses — can dramatically reduce exposure.

Rule #2: Post Like Your Name Is Attached — Because It Probably Is

Algorithms reward conflict, humor, and outrage. But as verification systems expand, the distance between your online persona and your real-world identity is shrinking fast.

This doesn’t mean you should stop speaking out. Sharing protest information, criticizing elected officials, and organizing politically are protected activities. But context doesn’t always survive online. Sarcasm can be misunderstood, jokes can be weaponized, and posts can travel far beyond their intended audience.

While we don’t believe that you will get raided for saying something like “Donald Trump sucks” or “Orange Man Bad,” there are other things that can be interpreted as a threat even if you didn’t mean to.

Just three years ago, local Richmond activist Jimmie Lee Jarvis who many of us know was arrested and charged with a felony for a tweet directed at conservative internet provocateur Andy Ngo. When Ngo was scheduled to speak at the Richmond Omni, Jarvis said he was “on his way” and posted a picture of actor Jason Schwartzman carrying a box labeled “DYNAMITE.” While most normal people and those who know Jimmie could see this was a joke, the Henrico County Police did not and arrested him and held him in jail.

The new reality is simple: if your friends can see it, authorities potentially can too — and verified IDs make attribution easier than ever.

Being politically active online shouldn’t require fear. But it does require strategy.

Rule #3: Know Your Rights in the Online World

As the digital landscape gets more complicated, understanding your legal protections becomes just as important as choosing the right apps.

Organizations like the American Civil Liberties Union provide resources explaining what speech is protected, how online investigations typically work, and where platform rules end and constitutional protections begin.

Knowing your rights doesn’t make you reckless — it makes you prepared. Activists and organizers don’t need to retreat from online spaces, but they do need to understand the legal terrain they’re operating within.

• Twitter

• Instagram

• Facebook

• TikTok

Rule #4: Fight for an Internet That Doesn’t Require Permission to Participate

Policies like the Kids Online Safety Act (KOSA) are framed as child-protection measures, and that framing understandably resonates with parents and communities worried about online harms.

Taylor Lorenz has done extensive coverage on KOSA and argues that these laws risk creating a de facto digital ID system — one where anonymity disappears and participation online requires government-backed verification. Similar laws abroad have been used to restrict journalism and marginalize vulnerable communities under the banner of safety.

Lorenz has pointed to the UK’s Online Safety Act and similar restrictive laws in Sri Lanka to illustrate the devastating effects of these policies, which she claims have been used to curb independent journalism and marginalize groups. These would most likely be used to censor and monitor content related to LGBTQ+ issues, reproductive health, immigration, and other sensitive topics, under the banner of protecting minors.

Virginia’s own experience with age-verification policies shows how quickly good intentions can produce messy consequences: inconsistent enforcement, expanded data collection, and limited effectiveness.

Protecting children online is important. But building a permission-based internet where every user must verify their identity is a much bigger and more permanent change than most people realize.

The Real Goal

The answer isn’t silence. The answer isn’t abandoning digital organizing. It’s learning to operate smarter inside a system that is changing fast.

Digital safety today looks a lot like field organizing has always looked: know the terrain, understand the risks, and protect the people around you while still doing the work.

Because the internet isn’t going away — but the rules of participation are being rewritten in real time.

The debate over age verification is often framed as a simple choice: protect children or protect privacy. But that framing misses the larger reality. What’s being built isn’t just a safer internet for kids — it’s a new infrastructure where identity verification becomes the price of participation.

And once those systems exist, they rarely stay limited to their original purpose.

Every new verification requirement creates another database. Every database becomes a potential target for hackers, advertisers, or governments. And every step that ties our online speech more closely to our real-world identities shifts the balance of power away from users and toward institutions that already hold enormous influence over public discourse.

For organizers, activists, and everyday people who rely on digital spaces to advocate, mobilize, and build community, this moment demands clarity. The goal isn’t to retreat from the internet or surrender the tools that make modern civic engagement possible. The goal is to understand the terrain we’re operating in — and to push back against policies that treat surveillance as the default solution to every social problem.

The internet was never perfect. But for decades, it allowed people to explore ideas, find community, and challenge power without first having to show a passport at the door. That freedom is worth protecting, even as we work to make online spaces safer for younger users.

Because the real question isn’t whether safety matters. It does.

The question is whether we can protect people without building a system where being watched becomes the cost of being heard.

And that’s a question we should answer carefully — before the infrastructure becomes permanent, and before silence becomes the safer option.

The moment identity becomes the price of participation, the internet stops being a public square and starts becoming a checkpoint.

TL;DR

Age verification laws and platform policies are being sold as ways to protect kids online — but they’re also accelerating a shift toward tying real-world identity to everyday internet use. That creates two major risks: security vulnerabilities as more companies collect sensitive ID data, and expanded surveillance possibilities as governments increasingly request user information from social platforms.

For organizers, activists, and politically active users, the stakes are higher. When accounts are linked to verified identities, speech becomes easier to monitor and harder to separate from real-world consequences. The solution isn’t retreating from the internet — it’s using more secure tools, posting with greater awareness, knowing your rights, and pushing back against policies that normalize mandatory digital IDs.

The real question isn’t whether safety matters. It’s whether we can make the internet safer without turning it into a system where being watched becomes the cost of being heard.