EU Reveals Age Check Rules and Open-Source Tools to Protect Kids Online

Published Date : 7/14/2025 

The European Commission has launched new age verification guidelines and open-source software to protect minors online, with pilot testing underway in multiple EU countries. The initiative aims to harmonize digital safety standards while prioritizing privacy and user rights. 

The European Commission has taken a significant step forward in digital safety by releasing both guidelines for protecting minors online and a free, open-source age verification software. This move marks a critical phase in the implementation of the EU's Digital Services Act (DSA), which seeks to create a safer online environment for children. The software, dubbed a 'blueprint,' is designed to be adaptable for use by member states and private companies, ensuring compatibility with the upcoming EU Digital Identity (EUDI) Wallet. However, the commission has clarified that while the tool can be customized, core privacy-preserving features remain non-negotiable. n nThe software will undergo a pilot phase in Denmark, France, Greece, Italy, and Spain, as well as with online platforms, end users, and other stakeholders. Technical details, including source code and a beta version, have already been made publicly available. The commission emphasized that the blueprint is an open-source solution, allowing developers to tailor it to local needs without compromising privacy. This approach aligns with the EU's broader goal of fostering innovation while maintaining strict data protection standards. n nThe initiative is the result of a two-year contract awarded to T-Scy, a collaboration between Sweden's Scytáles and Germany's T-Systems (a subsidiary of Deutsche Telekom). The project, announced in February 2025, highlights the EU's commitment to leveraging technology for child safety. The commission stated that the software is designed to be accurate, reliable, and non-intrusive, with a focus on minimizing the collection of personal data. This is a key response to growing concerns about the misuse of biometric data in age verification systems. n nIn addition to the software, the European Commission has published comprehensive guidelines under the Digital Services Act (DSA) to protect minors from online risks. These guidelines outline measures such as default privacy settings for children's accounts, restrictions on targeted advertising, and enhanced block/mute functionalities. They also recommend the use of age-appropriate design principles to prevent manipulative or addictive behaviors on online platforms. The guidelines emphasize a risk-based approach, recognizing that different platforms pose varying levels of risk to children based on their size, purpose, and user base. n nThe guidelines are not mandatory but serve as a framework for platforms to align with EU standards. They encourage the adoption of 'effective age assurance methods' that are accurate, non-discriminatory, and privacy-preserving. For instance, age verification systems are recommended for restricting access to adult content like pornography or gambling, particularly in regions with strict age limits. However, the commission stresses that these measures must not unduly restrict children's rights or access to information. The guidelines also call for regular impact assessments to ensure compliance with the United Nations Convention on the Rights of the Child (UNCRC). n nPublic feedback played a crucial role in shaping the guidelines. The commission received over 170 submissions during a call for evidence, with stakeholders emphasizing the need for a variety of privacy-preserving age assurance tools. Many respondents highlighted the importance of 'age estimation' as a scalable and less intrusive method compared to traditional verification techniques. Debates continue over where age assurance should be implemented—whether at the device level, operating system level, or service level. Some advocates argue that integrating these systems at the device level would provide more consistent protection, while others prefer platform-specific solutions. n nDespite the progress, challenges remain. Critics argue that mandatory age verification could inadvertently inconvenience adult users or create barriers to accessing information. The commission has acknowledged these concerns but maintains that the measures are essential to mitigate risks like online grooming, cyberbullying, and exposure to harmful content. The guidelines also stress the importance of avoiding the collection of additional personal data for age verification, a move aimed at preventing data overload and privacy breaches. n nThe EU's push for age assurance has already sparked investigations into major platforms like X, TikTok, Facebook, and Instagram. Executive Vice President Henna Virkkunen of the European Commission stated that platforms have no excuse for continuing practices that put children at risk. This signals a shift toward stricter enforcement of the DSA, with the commission vowing to hold tech giants accountable for their safety measures. n nFor businesses, the new guidelines and software present both opportunities and challenges. While the open-source blueprint offers a cost-effective solution for compliance, companies must navigate complex regulatory requirements and ensure their systems align with EU standards. The integration of the EUDI Wallet adds another layer of complexity, as it requires seamless interoperability with existing age verification tools. n nAs the pilot phase progresses, the success of the EU's approach will depend on collaboration between governments, tech companies, and civil society. The focus on privacy-preserving technologies and user-centric design reflects a broader trend toward balancing digital innovation with ethical considerations. With the rapid evolution of online threats, the EU's efforts underscore the importance of proactive, adaptive policies to protect vulnerable users in the digital age. 

Frequently Asked Questions (FAQS): 

Q: What is the EU's new age verification software, and how does it work?

A: The EU's age verification software is an open-source 'blueprint' designed to help member states and companies create localized age assurance tools. It uses privacy-preserving methods like age estimation to verify users without collecting excessive personal data. The system is compatible with the EU Digital Identity Wallet and undergoes testing in several countries.

Q: How do the EU's guidelines protect minors online?

A: The guidelines recommend measures such as default privacy settings for children, restrictions on targeted advertising, and enhanced block/mute features. They also emphasize age-appropriate design principles and require platforms to conduct regular impact assessments to address risks like cyberbullying and harmful content.

Q: Which countries are testing the new age verification software?

A: The software is being piloted in Denmark, France, Greece, Italy, and Spain, alongside online platforms and end users. These countries were chosen to evaluate the system's effectiveness in diverse digital environments.

Q: What are the main concerns about the EU's age verification approach?

A: Critics worry that mandatory age verification could inconvenience adults or create barriers to information access. There are also debates about where to implement age assurance—whether at the device level, OS level, or service level. The EU aims to address these concerns by prioritizing non-intrusive, privacy-preserving methods.

Q: How does the EU's initiative align with global child safety efforts?

A: The guidelines emphasize alignment with the United Nations Convention on the Rights of the Child (UNCRC) and encourage platforms to adopt risk-based approaches. By promoting open-source solutions and collaboration, the EU aims to set a global standard for protecting minors in the digital space. 

More Related Topics :