McDonalds is a $200 billion company with annual revenue of more than $25 billion. Yet, Their app, partner portals, and job applicant chatbot all had pretty egregious security flaws that allowed someone to order free food, access internal company data, and gain admin privileges.

I don't care much about McDonalds, but my point is that if a company as large as this has such low standards, how does anyone argue that the personal identifying info users are compelled to give up by age-verification laws will be kept safe?