If the website sees (and possibly stores) the e-mail address, and the government or another party knows who it belongs to, the scheme is anything but privacy-preserving.
I’m confident you could devise a way to ensure the verifying party doesn’t know which website requested the verification, and vice versa. I’ll have to think about it a bit more.
