The most intrusive, yet simplest, protection would be a double blind token unique to every human. Basically an ID key you use to show yourself as a person.
There are some very real and obvious downsides to this approach, of course. Primarily, the risk of privacy and anonymity. That said, I feel like the average person doesn't seem to care about those traits in the social media era.
Zero-knowledge proofs allow unique consumable tokens that don't reveal the individual who holds them. I believe Ecosia already uses this approach (though I can't speak to its cryptographic security).
That, to me, seems like it could be the foundation of a new web. Something like:
* User-agent sends request for such-and-such a URL.
* Server says "okay, that'll be 5 tokens for our computational resources please".
* User decides, either automatically or not, whether to pay the 5 tokens. If they do, they submit a request with the tokens attached.
* Server responds.
People have been trying to get this sort of thing to work for years, but there's never been an incentive to make such a fundamental change to the way the internet operates. Maybe we're approaching the point where there is one.
Yeah, this is something I've thought of and in my search for something like what you're describing I came across https://world.org/
The problem is Sam Altman saw this coming a long time ago and is an investor (co-owner?) of this project.
I believe we will see a world where things are a lot more agentic and where applicable, a human will need to be verified for certain operations.
You don't need Sama's Orb or a cryptocurrency, you can just have a government issued PKI. Estonia has been doing this for decades.
https://en.wikipedia.org/wiki/Estonian_identity_card
Cloudflare deployed the "hand out tokens to anonymously pass captchas" to throw Tor users a bone.
https://blog.cloudflare.com/privacy-pass-standard/