Beyond Age Verification: Why Utah’s SEDI Initiative Could Redefine Digital Trust for Families, Businesses, and the Internet

For years, conversations around protecting children online have largely centered on one question: How do we verify age? 

But Utah’s emerging State-Endorsed Digital Identity (SEDI) initiative signals something much bigger, reframing the conversation from simply blocking minors access based on age alone, to building a trusted, privacy-preserving digital identity infrastructure. Individuals and families will have more control over how they engage online — while helping businesses meet growing safety, privacy, and compliance expectations.

Just weeks ago, PRIVO's CEO, Denise Tayloe, participated in Utah’s State-Endorsed Digital Identity Summit alongside policymakers, privacy leaders, and technology innovators discussing the future of child protection, age assurance, and digital identity. Her panel focused on a critical challenge facing governments and companies worldwide:

“How do we protect children online without creating systems of mass surveillance?”

Utah’s answer may become one of the most important digital policy developments to watch in the coming years.

The Problem: The internet was never built with trusted identity.

Today’s internet largely operates without a trusted identity layer. That absence has created growing challenges across industries:

• Children accessing age-inappropriate services
• Online exploitation and predatory behavior
• Fraud and impersonation
• Deepfakes and synthetic identities
• Account takeovers
• Compliance burdens for companies
• Massive collections of sensitive personal data

Historically, many age verification systems have required companies to collect and retain significant amounts of personal information simply to prove someone is old enough to access a service.

As PRIVO's CTO Paul Trevithick recently highlighted while discussing the article, “The Age Verification Trap,” traditional approaches can unintentionally force organizations into a difficult tradeoff between enforcement and privacy. That tension is exactly what Utah’s SEDI framework is attempting to solve.

What Is SEDI?

SEDI stands for State-Endorsed Digital Identity.  According to Utah’s framework, SEDI is designed around a foundational principle:

“Identity belongs to the person, not the government.”

Rather than creating a centralized surveillance system, SEDI proposes a decentralized, privacy-preserving approach where individuals control their own digital identity through cryptographic credentials and user-controlled wallets.

SEDI is designed to prevent government tracking, profiling, or "phone-home" surveillance of digital ID use.

Utah describes SEDI as:
• Rights-first
• Privacy-preserving
• Decentralized
• Interoperable
• Open standards-based
• Family-centered

The framework specifically emphasizes:
• Protecting individual rights
• Safeguarding children
• Strengthening families
• Preventing surveillance and tracking
• Enabling trusted digital interactions

This is a significant shift from many current identity and age assurance models.

Why This Matters for Children and Families

One of the most important aspects of SEDI is its recognition that children require a different model of digital identity governance.

Utah’s framework explicitly includes:
• Parental rights and delegation
• Parental controls
• Child identity protections
• Age assurance with data minimization
• Protections against exploitation and manipulation

The SEDI paper states, “Parents are able to manage their children’s digital identity and any associated credentials.”

Importantly, this approach aims to allow individuals to prove facts, such as age eligibility, without disclosing unnecessary personal data like full identity, address, or other sensitive information. That distinction matters enormously. For years, PRIVO has advocated that age assurance should not become a mechanism for excessive data collection or long-term tracking.

The future of child protection online must balance:
• Safety
• Privacy
• Family autonomy
• Regulatory compliance
• Usability
• Trust

SEDI moves that conversation forward.

This Goes Far Beyond Social Media

While much public discussion around age assurance focuses on social media and gaming, the implications of trusted digital identity are far broader.

Future use cases could include:
• Healthcare access
• Telehealth
• Education platforms
• Digital payments
• E-commerce
• AI systems
• Online government services
• Consent management
• Delegated authority for minors and caregivers
• Secure AI agents acting on behalf of individuals

Utah’s own framework identifies future capabilities including:
• Consent and permission management
• Personal data management
• Agentic AI
• Government records
• Peer-to-peer communication
• Age verification

This is where identity becomes foundational infrastructure for the digital economy.

Why Businesses Should Be Paying Attention

Companies globally are facing mounting pressure from:
• Child safety laws
• Age assurance requirements
• Privacy regulations
• Parental consent obligations
• Platform accountability mandates
• Fraud prevention expectations

At the same time, consumers increasingly expect:
• Privacy
• Transparency
• Minimal data collection
• Control over personal information

SEDI suggests a future where businesses may no longer need to collect and store large amounts of highly sensitive identity data simply to determine eligibility or age status.

Instead, privacy-preserving identity assertions could enable:
• Trusted transactions
• Reduced liability
• Lower fraud exposure
• Streamlined compliance
• Better user experiences
• Stronger consumer trust

For organizations engaging with youth, or organizations seeking to appropriately exclude minors from certain services, this could become transformative.

Why PRIVO Is Paying Attention

PRIVO has spent more than two decades operating at the intersection of:

• Identity
• Parental consent
• Consent management
• Privacy
• Youth safety
• Regulatory compliance
• Age assurance

As both an FTC-approved COPPA Safe Harbor and an identity and consent technology provider, PRIVO has long believed that effective digital trust frameworks must be:

• Privacy-preserving
• Interoperable
• Family-centered
• Risk-based
• Configurable across jurisdictions

The evolution toward decentralized, user-controlled identity aligns closely with where the broader ecosystem is heading.

PRIVO also believes the conversation must move beyond simplistic “age verification” narratives toward broader concepts of:

• Trusted digital identity
• Delegated authority
• Youth governance
• Consent orchestration
• Privacy-preserving eligibility verification

That is why initiatives like Utah’s SEDI matter.

A Signal of What May Come Next

Utah may be first — but it likely will not be alone.

The SEDI initiative positions digital identity as public infrastructure rather than merely a commercial product. And as regulators worldwide continue grappling with online harms, AI risks, fraud, and child protection, other states and jurisdictions are likely watching closely.

The internet’s next chapter will not simply be about proving age. It will be about rebuilding trust itself. And if that future is going to work for children, families, businesses, and society, it will require identity systems designed around liberty, privacy, and individual control from the very beginning. That conversation has already started. And PRIVO intends to help shape it.

Learn more by visiting Utah's SEDI website: https://sedi.utah.gov/