Seems like it could work in the other direction... mandate that adult sites etc. include a standard, relevant flag in the response, so that parental control software can detect it if it's installed. Sites don't have to know anything about their users, parents can reliably filter out naughty sites.

To op's point, age verification is really a surveillance measure, so this won't happen.

That would be a better approach. Let the sites that require it, negotiate with the browser to get it. Oh wait, isn’t that what we are asking them to do and they won’t? They’d rather shut off access entirely.

No the best approach is having parental controls on device and require whitelisting and established accounts that the parents setup. Anything else is making the web a more restrictive place for all.

> Adding even more personal information into HTTP headers is NOT the way to go

It's exactly the way to go; because the alternative currently being pursued by half the western world is to attatch your full government ID to every internet request. Some preference flags are pretty harmless in comparison, and very powerful tool to solve some related problems.

The internet is already segmented and will continue to become more segmented (Intellectual property, GDPR, gambling). Adding a method to control that with the power in the hand of the user; is the least bad way to implement it.

It also makes regulating the internet alot less painful for businesses and governments. A buisness can refuse my service if they don't like my http request. No more murky "US company liable for EU user traffic even if unintended" nonsense. (The user can choose to voluntary remove GDPR protection with this method for example)