How would it race to the bottom? Let's say you have deployed privacy-preserving age verification. How do you force privacy violations? I guess I see two directions:
1. "We have this system that works, but now we will throw it away and mandate that private companies check your ID and do whatever they please with it". That doesn't seem realistic.
2. "We have this private system where the government issues tokens that it cannot track, and now we will change it for no other reason than to identify you when you use those tokens, purely for the sake of surveillance". That is not subtle either.
A realistic "race to the bottom", to me, would mean that the technology slowly erodes to the point where it facilitates privacy violations. But that is not how the cryptography works. It would be like thinking that E2EE may lose its essence of E2EE if the untrusted party stops caring about it: it cannot be, the whole point being that with E2EE you don't have to trust the untrusted party!
