In general I'm opposed to this kind of regulation, but as a thought exercise, we do have the primitives needed to do age (or any other attribute) verification in a privacy-preserving and decentralized way.

You could imagine a hierarchy of organizations (governments, financial institutions, schools, etc) that a website trusts to verify some attribute (minimum age, citizenship, etc). Those organizations can attest that some identifier like an email address has been verified to belong to a real individual with that attribute, and that organization belongs to the hierarchy the website trusts, without revealing anything else about the user, the exact verifying organization, or the requesting website.