It is possible to do this without risk of a data breach.
1. Age verifier uses PII to verify age
2. Age verifier issues credentials
3. AV deletes PII
Then, in accessing the pron, the AV authenticates the credentials and you're off.
This presents an issue with stuff like password recovery if you're not storing an email addy though. You could do it by storing a hashed version for verification I suppose.
Of course, credentials will leak and spread round schools almost instantly, but that was going to happen anyway.
Not sure why I'm thinking about this - it's a stupid idea just introduced as a sop to the Daily Mail (think of the children - here are photos of some in bikinis) brigade.
And as 66 says above, the security services aren't going to be best pleased when suddenly 20% of the public are routinely using VPNs.