The EU’s Age Verification Efforts: Child Protection, Privacy, and Digital Identity
By Martyna Chmura | 3 June 2026
Summary
The European Union (EU) is accelerating its efforts to introduce bloc-wide age verification systems and potential social media restrictions for minors, following similar online child safety measures introduced in Australia and the United Kingdom (UK).
While supporters argue these measures could reduce children’s exposure to harmful content and addictive algorithms, critics warn they may expand surveillance, weaken anonymity, and disproportionately affect vulnerable groups reliant on online communities.
Age verification is likely to expand gradually across major online platforms and digital services, although implementation across Europe will remain politically contested because of privacy, cybersecurity, and freedom of expression concerns.
Context
The European Union (EU) is escalating its efforts to regulate children’s access to social media platforms through age verification systems and potential minimum-age restrictions. European Commission President Ursula von der Leyen recently stated that the EU must consider a “social media delay” for children, with legislative proposals potentially emerging this summer.
Several EU member states are already pursuing national measures. France aims to restrict social media access for users under 15 from September 2026, while Spain, Germany, Portugal, and Norway are considering similar frameworks involving parental consent requirements, platform restrictions, or mandatory age verification systems. This reflects a broader international trend towards stricter online child safety regulation following Australia’s introduction of the world’s first nationwide under-16 social media ban in December 2025 and the UK's expansion of platform obligations under the Online Safety Act targeting age restrictions, addictive platform design, and parental controls.
The EU’s regulatory approach combines enforcement under the Digital Services Act (DSA) with the development of a bloc-wide age verification framework. In April 2026, the European Commission announced a privacy-focused age verification application designed to confirm users’ ages without directly sharing sensitive identity data with social media companies. The system is expected to integrate into the future EU Digital Identity Wallet.
Growing political support for restrictions reflects wider public concerns over children’s online safety. According to a European Union Agency for Fundamental Rights (FRA) survey, 89% of EU respondents expressed concern about children being exposed to violent content or online exploitation, while 88% were concerned about addictive platform use. Additionally, 74% of adults surveyed supported legal restrictions on social media access below a certain age, with 16 years old emerging as the most supported threshold.
Implications
The EU’s age verification debate is complicated by the lack of consensus on what should fall within the scope of “social media”. A narrow definition would mainly cover mainstream social networking platforms, while a broader one could include video-sharing sites, messaging apps, gaming platforms, forums, or AI chatbots. Without agreement on scope, member states may regulate different services and adopt divergent models, from outright access bans to parental consent, tiered access, youth versions, or feature-based restrictions. As of 11 May 2026, 23 of 27 EU member states were at least considering national legislation, but their approaches differed significantly in age thresholds, enforcement models, and covered services. This creates a fragmented regulatory environment where platforms may be treated differently depending on the country, increasing legal uncertainty for companies and uneven protections for children across the EU.
The European Commission’s age verification application seeks to reduce this fragmentation by creating a common technical framework. The app is intended to let users prove they meet an age threshold without disclosing their identity or exact date of birth, and is designed to be open source, device-compatible, and interoperable with the future European Digital Identity Wallet. Commission officials argue that this would allow children to be blocked from age-inappropriate content while letting adults browse with stronger privacy protections. If successful, the model could position the EU as a major driver of “trust technologies”, using cryptographic proofs and digital identity tools to regulate online access without relying on platforms to collect full identity data.
However, major implementation and enforcement challenges remain unresolved. It is still unclear whether responsibility for age verification would primarily fall on platforms, app stores, third-party providers, or member states themselves, particularly given the DSA’s “country of origin” principle, which limits how far individual governments can impose additional obligations on platforms regulated elsewhere in the EU. Enforcement also remains technically difficult because even advanced verification systems can still be bypassed through VPNs, borrowed credentials, fake accounts, or overseas services, particularly among older teenagers, while privacy-preserving systems relying on zero-knowledge proofs and digital wallets continue to face concerns over usability, cybersecurity and trust. The effectiveness of the EU’s framework will therefore depend not only on the technology itself but also on whether users, platforms, and civil society accept wider integration of digital identity infrastructure into everyday online access.
The same trust infrastructure also creates new risks as age verification may reduce direct data sharing with platforms, but it still normalises repeated demands for proof of identity across digital services. Critics warn that privacy-preserving systems can still become intrusive if users are constantly required to prove attributes before accessing online spaces. This creates a paradox insofar as measures introduced to protect privacy may expand verification checkpoints across the internet, making anonymity less practical and increasing dependence on state-approved or private identity providers.
This also raises broader concerns about surveillance in the name of protection, particularly as age verification systems become increasingly tied to wider digital identity infrastructure. Digital rights organisations have warned that weak safeguards in the European Digital Identity Wallet ecosystem could leave users exposed to excessive or illegal requests for information, known as “over-asking”. If age verification becomes routine, governments and companies may gain new tools to control access to digital spaces. Even where systems are technically anonymous, the social effect may be to make identity proof a default condition of online participation.
The measures also raise concerns regarding children’s freedom of expression and access to information, particularly because social media platforms increasingly function not only as entertainment services, but also as spaces for communication, learning, political participation, and peer support. Civil society groups argue that bans therefore risk limiting children’s rights to seek and receive information, particularly for LGBTQ+ children and other marginalised groups who may rely on online communities for support. A joint statement by children’s safety organisations similarly warned that LGBTQ and neurodiverse children use platforms for connection, self-identity, peer support, and access to trusted advice.
Forecast
Short-term (Now - 3 months)
EU member states are highly likely to proceed with national child online safety legislation while awaiting EU-level recommendations, further increasing regulatory fragmentation and compliance uncertainty for technology platforms operating across the bloc.
Public debate over children’s rights, privacy, freedom of expression, and digital surveillance is likely to intensify as governments consider stricter age restrictions and age verification requirements.
Medium-term (3 - 12 months)
The European Commission is likely to continue promoting its privacy-preserving age verification application and increase pressure on platforms to adopt stronger age assurance systems under the Digital Services Act.
Widespread implementation across the EU remains unlikely within this timeframe due to interoperability issues, cybersecurity concerns, and growing backlash from digital rights organisations and civil society groups.
Long-term (>1 year)
It is likely that some form of EU-wide age verification framework will gradually become integrated into major online platforms and digital services, particularly for high-risk or age-restricted content.
Broader adoption is highly likely to remain politically contested, with continued disputes over anonymity, freedom of expression and digital surveillance, especially regarding vulnerable groups.
Age-based social media bans alone are unlikely to significantly reduce online harms without broader platform-duty reforms targeting addictive design, recommendation systems, and child safety standards.
Overreliance on bans is likely to shift children towards less-regulated platforms and private online spaces.
