Not sure how viable this is in the US due to reasons but a centralized auth service could in theory not provide any PII back to the service requesting an age verification, and the auth provider wouldn't necessarily have to be get data back from the service except for the first time a user registers an account.
Much of the EU uses centralized auth services for critical services like banking, taxes, applying for schools, applying for loans. It's pretty great honestly. There are also APIs for integrating into these where the user chooses what pii they want to share with the service.
I know it's a controversial topic but the argument that age verification and auth services must remove privacy and inevitably leads to mass surveillance is a false narrative which I find kind of funny as if anybody should know these technical realities it's users on hn.
