Couldn't you just have sites ask if certain patental guidance flag in the browser is sending an api code to their server when receiving a request? That would be totally voluntary and not intrude on anyone's privacy. IDs are the worst possible option for this goal, and it's clear protecting kids isn't the goal.