The anything goes / mass surveillance dichotomy is false. It is possible to have small-scale, individually-moderated websites, if the software to host them is available and easy to run, without sacrificing privacy (or even accountability). Pseudonymity is usually good enough, especially for things like Omegle.
Unfortunately, that requires a return to the days when most people's primary computing device was capable of acting as a web server, and computer literacy implied empowerment: that might be tricky, but if we work hard enough I'm sure we can get there.
> How do you propose verifying a users age without sacrificing privacy?
It's usually obvious if you can have a short conversation with the person in question. Throughout my childhood escapades, I'm certain that most, if not all, the responsible adults I interacted with knew pretty much exactly how old I was. (I'd managed to navigate a legal loophole that, I believe, still exists in GDPR today, so they weren't required to kick me off – but while I was treated as an equal, I wasn't treated the same way I'm treated now.)
> If it can be done at small scale, it will get sold to data brokers and exploited at large a scale
That's quite illegal, and quite easy to detect (just give slightly different data to everyone and see what leaks). Most people don't commit crimes: individuals just don't have the kinds of incentive to buy and sell people's personal data that organisations like Facebook, Taboola and Oracle have. (And what would they get for betraying these people's trust? $30? Sure… I'd totally go for that.)
How do you propose to give slightly different data to everyone and see what leaks when you have to have a short conversation with the person in question?
