As your full government ID is retainable when sent as an image, this is not a safe method to age verify as seen by multiple leaks, as well as the leaks of source code from Persona which indicate their direct interfaces to send data to the US government and their potential retention of this data over a long period. Other services have had their databases leaked as well, for example IDMerit which has left an estimated
billion
people with their full name, address, face, and all other information on their ID now held by an unknown amount of strangers.
Access to an image of your full ID is as extensive as a doxx can get, and upon any failing to secure this data this information will not be removable from the public internet. When these are found by malicious actors, the data can be sold to any interested party en masse without disclosing it publicly, or even shared around interested parties. Keeping data like this quietly is not new, as long as company databases have been valuable, the information has been as well. Copies cannot be removed.
If the data is publicly released, archives will exist with data this valuable. It takes one person deciding they don't like you who knows the right place to look to try to find who you are in person. As with any ID verification company, Persona's internally stored data is a black box with no way of proving that they do not link the data back to your account, or any of the other data sources they use, as stated in the Privacy Policy:
"We may verify personal data about you for age assurance purposes with our network of trusted third-party data sources, including the following: publicly available sources (such as open government databases), government and national ID registries, consumer credit bureaus, utility companies, mobile network providers and postal address databases. The types of this “Additional Age Assurance Data” we obtain from these sources will vary depending on the verification checks available in the particular country. "
I also find it concerning due to the use of VRChat as a place to explore personal identity: multiple sources and definitions deem the current actions of the United States administration as a genocide against transgender people, linking this government ID with those exploring their gender identity is incredibly worrying to me as the actions of the United States administration are increasingly brazen. Matters of national security are free to have orders attached not to disclose that a company is cooperating for a specific purpose to the government, and the administration has already stated publicly their views of transgender activism as a threat to national security. The 2026 United States Counterterrorism Strategy specifically states that they will "prioritize the rapid identification and neutralization of violent secular political groups whose ideology is anti-American, radically pro-transgender, and anarchist." I am in Canada. With our degree of cooperation with the United States, I do not feel comfortable having a link between my current government ID and my behaviour online with the current United States' administrations actions.
I do not feel safe sending such extensive personal data in a retainable form to any entity. I do not trust any entity with a potentially permanent record of such dangerous data to have. I oppose any link between my personal identity offline and online; should some form of ID be necessary, at MINIMUM significant redactions should be allowed if not mandatory in order to simply demonstrate that there exists someone somewhere who is the age shown.
I especially take issue with gating all content of a category behind such an egregious violation of privacy. If your system is has significant risks for the user, it is not a system that can be an expectation to interact with certain content. Privacy matters, and such an expectation causes even further erosion then what we have already lost. Normalization and acceptance of this lost part of anonymization paves the road for further damage.