Privacy-preserving verification
Never reveal your birthdate.
Instead, have them ask your MOI:
Is your owner over 18?
Your MOI is your personal information vault. You own it. You control it.
And it responds only to specific queries from those people or organizations that you have authorized.
And it responds only to specific queries from those people or organizations that you have authorized.
If you have given a website permission to know whether you are over 18, your MOI will respond with NO or YES, and only that.
Your MOI does contain your date of birth, and you can certainly license it to family members and close friends if you want.
But that website only needs the answer to that one no-yes question, so that is all they get.
Your birthdate was recorded in your MOI when you enrolled in the Osmio VRD identity certificate program.
“Doesn’t ‘Identity certificate’ imply PKI, with its centralized authority?” you may be asking…
Answer: Yes. While The City of Osmio is an online municipality whose duly constituted public authority was established at its municipal charter meeting at the ITU’s Geneva headquarters on March 7, 2005, it is no longer affiliated with the International Telecommunication Union or its parent, the United Nations.
But before you jump to conclusions, please take a look at how Osmio’s structure prevents the kinds of abuses that have given centralized authority a bad name.
First, Osmio’s identity credential takes the form of a “certificate stack.” The identity certificate you actually use on a day to day basis works like your car’s license plate: anyone can see it, making you accountable for what happens on public roadways; but no one gets to know your identity unless there’s been an incident. If you’ve been slandered or defrauded by the owner of an Osmio Number Plate certificate, a valid court order will caused the disclosure of their name and location.
Second, Osmio’s Internet of People protocol means that there is no identity information in its identity certification database. Yes, you heard that right: an identity database with no identity information in it. If a dictator confronts the sysadmin demanding to know at gunpoint the identity of the person who has been critical of his regime, the sysadmin will have no way to provide it.
Third, we mentioned court orders to compel disclosure of a name, so you may be asking how that name is available. The answer is that the Attestation Officer who enrolled you, a Virgina Online Notary with additional qualifications, does maintain a personal database of names and locations of people they enrolled. But the identity of the Attestation Officer is similarly not disclosed in the certification authority database.
Fourth, anyone can participate in the governance of The City of Osmio. Osmio’s governance uses a system called Optimocracy, which allows any enrolled person to participate in a commission – but in order to vote on a matter before the commission they must have actively participated in the debate leading to the vote.
If we are to have a global information infrastructure with real privacy, real security, and real accountability, a system of governance is an absolute requirement.
And as Lawrence Lundy-Bryan notes, “There is no such thing as decentralized governance.”
No raw personal data shared
User-controlled
Minimum disclosure
Prototype / alpha • age verification first • broader claims later
Example request
Question
Is your owner over 18?
Your MOI answers only specific queries from people or organizations you authorize.
Shared
YES
Only the answer needed
Not shared
Birthdate
The underlying data stays private
Your MOI is your personal information vault. You own it. You control it.
Ask the question, not the data.
Today sites ask for date of birth, but with MOI they ask a specific no-yes question and get only the answer.
1
Verify once
Your birthdate is recorded in MOI during enrollment into a trusted identity system such as Osmio VRD.
2
Ask privately
Later, a site asks only what it needs to know, such as whether the person is over a threshold age.
3
Share only the answer
The site receives YES or NO — not the birthdate, not the document, and not unrelated personal data.
Your MOI
Your MOI belongs to you.
MOI means My Own Information. It is your personal information vault. It is not the website’s, not the platform’s, not the government’s, and not ours. Ownership and control is with you.
- You decide what it knows
- You decide who can ask questions
- You decide which answers can be returned
- Others get only the minimum answer they need
Verified once. Answered privately.
Your birthdate may be recorded in your MOI when you enroll in a trusted identity program, and after that MOI answers questions without exposing the underlying data.
Osmio’s structure is meant to prevent the kinds of abuses that people associate with centralized authority.
Interactive walkthroughs
This demo has two modes:
a simple plain-language walkthrough and a more technical trust-and-architecture view.
DU
Demo User
This person controls their own MOI
Private
Actual age
25
Question
18+
Answer
YES
1. Request
2. MOI checks
3. Approval
4. Result
What is happening right now
A website wants to check if someone qualifies.
Press “Start walkthrough” to see the process unfold one step at a time.
Website: I need to know whether this person meets the age requirement.
In plain English: the site asks one question, MOI checks privately, and the site gets only the answer.
Technical flow
1. Request
Website → MOI: “Is your owner over 18?”
2. Local processing
MOI reads the stored date of birth or age credential and computes the answer privately on the user-controlled side.
3. Response
MOI returns YES/NO plus verifier-facing metadata, not the raw date of birth.
No central database should know both who you are and what you do.
Illustrative verifier payload
{
"query": "age_over",
"threshold": 18,
"response": {
"answer": true,
"claim": "age_over_18",
"issuer": "Osmio VRD",
"proof": "attestation_or_signature"
}
}
This is an explanatory mock payload that shows the architecture and minimum-disclosure model, not a finalized production schema.
How Osmio's trust model answers the PKI objection
- Daily-use identity works like a “certificate stack” and a number plate.
- The certification database is described as having no identity information in it.
- An Attestation Officer maintains enrollment records separately.
- Disclosure is tied to valid process, not open lookup.
Why this matters to regulators and activists
- Regulators get a verifiable yes/no answer with less breach surface.
- Platforms avoid collecting raw personal data they do not need.
- Privacy advocates get architectural separation between identity, credential, and disclosure.
- Policy can focus on auditable eligibility decisions instead of forced over-collection.
The three-drawer model
Think of MOI as a secure classified-information file cabinet. Websites do not get to open the drawers. They receive only answers derived from information held under your control.
Drawer 1 — Structured data
Personal facts and profile information.
- Name
- Date of birth
- Address
- Phone and contact details
Drawer 2 — Credentials
Trusted attestations and verified status.
- Verified age credential
- Residency proof
- Student status
- Eligibility and license claims
Drawer 3 — Documents
Underlying evidence and sensitive records.
- Passport
- ID scans
- Supporting records
- Other protected files
Websites do not receive drawer contents. They receive the minimum answer needed for a specific decision.
Beyond birthdate
Age verification is only the first example. The same model can protect many other facts while sharing only the answer.
- Are you over 21?
- Are you a resident of this country?
- Are you a student at this university?
- Do you hold a professional license?
- Are you eligible for this service?
Technology and legal framing
MOI can be implemented using authenticity-enabled Solid Pods, user-controlled storage, and cryptographic identity systems such as the Osmio ID Pair.
When information remains under the user’s control instead of being copied into platform databases, it can benefit from stronger confidentiality, secrecy-law, and controlled-disclosure positioning.