Discord’s global age verification rollout has been delayed to later this year after major criticism over privacy concerns.
In a blog post, Discord co-founder and chief technology officer Stanislav Vishnevskiy said it “should have provided more detail about our intentions and how the process works.”
Earlier this month, Discord announced that age verification would be required for all users starting in March. Accounts that cannot prove their age would be limited to a “teen-appropriate experience.”
“The way this landed, many of you walked away thinking we’re requiring face scans and ID uploads from everyone just to use Discord,” wrote Vishnevskiy. “That’s not what’s happening, but the fact that so many people believe it tells us we failed at our most basic job: clearly explaining what we’re doing and why. That’s on us.”
He continued: “On top of that, many of you are worried that this is just another big tech company finding new ways to collect your personal data. That we’re creating a problem to justify invasive solutions. I get that skepticism. It’s earned, not just toward us, but toward the entire tech industry. But that’s not what we’re doing.”
Vishnevskiy clarified that “over 90% of users will never need to verify their age to continue using Discord exactly as they do today.”
“This is powered in part by our internal safety systems, which can already make an age determination for many adult users without any user action. We’ll publish the methodology behind this in a technical blog post before we launch globally.”
Vishnevskiy added that Discord plans to offer more verification options, including via credit card, and provide vendor transparency before the rollout.
This follows the revelation that Discord ran a “limited test” with age-verification firm Persona in the UK last month. As noted by Ars Technica, a disclaimer about this test was posted to a FAQ page about Discord’s age-assurance policies, which was then deleted.
It said the information submitted will be “temporarily stored for up to seven days, then deleted”. It clarified that “all details are blurred except your photo and date of birth.”
Vishnevskiy said that following this test, it “decided not to move forward with [Persona]” and that “all data was deleted after completing verification.”
“We’ve set a new bar for any partner offering facial age estimation, including that it must be performed entirely on-device, meaning your biometric data never leaves your phone. Persona did not meet that bar.”
Persona has faced controversy over its ties to Palantir co-founder Peter Thiel, as his venture capital firm Founders Fund is a major investor in the company.
Persona COO Christie Kim said that Thiel “is not on our board, does not advise us, has no role in our operations or decision-making.”
“[He] is not directly involved with Persona in any way. Persona and Palantir share no board members and have no business relationship with each other.”
Vishnevskiy also addressed a customer service breach last October that affected 70,000 users, who “may have had government-ID photos exposed.”
“We know many of you are skeptical of how we handle partnerships, and the security incident last year involving our third-party customer service provider only adds to that skepticism,” he wrote.
“To be clear, we do not use that vendor for age assurance. In fact, we no longer work with them at all, and we’ve taken the lessons from that incident seriously.”
Vishnevskiy added: “Every vendor we work with goes through a security and privacy review before integration. That includes contractual limits on data use, and strict retention and deletion requirements. Information submitted for age verification is stored only for the minimum time necessary, which in most cases means it’s deleted immediately. If a vendor doesn’t pass, we don’t work with them.”
