Just my take but if a company is using anything other than RTA server headers [1] for age verification then there are shenanigans afoot. This should be assumed. If it's not palantir it will be some other dark pattern and will only spread like a virus. Numerous entities are salivating at all the opportunities "age verification" will give them. With time a persons PII will end up being shared with a myriad of shady entities and leaked to all-the-bad-people leading to the creation of even more artificial business models that should have never existed in the first place. Do not accept this behavior otherwise a fascist 3rd party will eventually be required for all internet access.
Ideal Solution (that has existed for a very long time): Legislate the requirements for most clients used by young children to look for the RTA server header and trigger parental controls if the parent thinks they should be enabled. It's not perfect, nothing is nor ever will be but using the header solution is entirely private, does not store or leak data and puts the decision into the device owners rather than creating perverse incentives to track everyone. It may actually protect most small children whereas today teens quickly find a work-around and then teach smaller children how to work around these centralized gate-keepers. The current solutions are just about tracking people by real identity and incentivizing teens to commit identity crimes thus feeding the prison industrial complex. Parents are already legally responsible for their offspring. If parents are having difficulty with raising their children that is a different problem and would require a different solution after significant critical thinking.
Less Than Ideal solution: Create a maintain multiple deny-lists of domains that are using 3rd party age verification or gathering personal data in any way shape or form. Incorporate the deny-lists into uBlock and related add-ons.
Non starters: Anything that suggests the 3rd party verification is anonymous and includes cryptographic terminology. It may start off anonymous and with time the verification will include a unique code that can be reversed through some obfuscated method. Anything involving a 3rd party whether directly or indirectly must be entirely rejected.
Previous Discussion: [2]