Standardising Age Assurance

In a landmark move to strengthen online child protection, the Global Online Safety Regulators Network (GOSRN) has issued a joint position statement calling for a unified, principles-based and privacy-preserving international approach to age assurance. The statement, released in January 2026, reflects the growing consensus among regulators that verifying users’ ages is essential to safeguarding children in digital environments.

 

GOSRN is the world’s first dedicated forum for independent online safety regulators. Its current members include: 

• Ofcom (United Kingdom)
• eSafety Commissioner (Australia)
• Arcom (France)
• Coimisiún na Meán (Ireland)
• ATKM – Authority for the Prevention of Online Terrorist Content and Child Sexual Abuse Material (Netherlands)
• Korea Communications Standards Commission (Republic of Korea)
• Online Safety Commission (Fiji)
• Council for Media Services (Slovakia)
• Film and Publication Board (South Africa) 

Together, these regulators represent a population approaching one billion people and are committed to advancing regulatory coherence and coordination in online safety.

 

What is Age Assurance?

The GOSRN defines “age assurance” as the set of methods used by online services to estimate, infer or verify a user’s age. These methods include:

 

Age estimation: Techniques that approximate a user’s age or age range, such as facial analysis.

Age verification: Methods that confirm a user’s exact age, often by checking official documents or digital identity credentials.

 

The goal is to prevent children from accessing harmful or age-inappropriate content and to ensure they receive an experience tailored to their developmental needs. In some jurisdictions, age assurance is also used to enforce minimum age requirements and prevent unsafe interactions between children and adults.

 

Why Now?

The GOSRN’s focus on age assurance comes amid a surge in public concern over children’s exposure to online harms. As more jurisdictions introduce age assurance requirements, inconsistencies in rules and enforcement have emerged. These gaps create opportunities for non-compliant services to evade regulation by operating in less stringent regions.

 

The Network argues that a common international approach will not only improve protections for children but also simplify compliance for online service providers and build public trust in digital safety systems.

 

 

Six Principles for Age Assurance

To guide the development and implementation of age assurance systems, the GOSRN has outlined six core principles:

 

1. Accurate – Systems must deliver correct and trustworthy age assessments.
2. Robust – They should function reliably in real-world conditions.
3. Reliable – Outputs must be reproducible and based on credible evidence.
4. Proportionate – The level of assurance should match the risk posed by the content or service.
5. Fair and Inclusive – Systems must avoid bias and ensure equitable treatment of all users.
6. Non-intrusive – Age checks should be user-friendly and respect privacy.

 

These principles are designed to be technology-neutral, allowing for innovation while ensuring that all solutions adhere to data protection laws and uphold users’ rights to privacy and freedom of expression. The Network stresses that enforcement is critical—rules must be applied fairly and transparently to prevent companies from exploiting regulatory gaps.

 

 

Strategic Actions

The position statement is part of GOSRN’s broader 2025–2027 strategic plan, which prioritises regulatory coherence and coordination. To operationalise its principles, the Network has committed to several key actions: 

• Collaborating with data protection authorities to align age assurance with privacy requirements.
• Monitoring implementation and compliance, including identifying attempts to circumvent age checks.
• Aligning regulatory approaches across member jurisdictions.
• Engaging with industry through further statements and consultations.
• Promoting public awareness and understanding of age assurance technologies.
• Facilitating dialogue with stakeholders, including children, civil society and industry.
• Supporting research into privacy-enhancing technologies.
• Regularly updating the position statement to reflect technological and regulatory developments.
• Encouraging the development of digital parenting tools to complement regulatory efforts. 

 

Global Reactions

The GOSRN’s position has been met with a mix of support and scrutiny. Child safety advocates and policymakers have largely welcomed the initiative. In France, President Emmanuel Macron has accelerated legislation to mandate age checks on social media, while Canadian officials are considering raising the minimum age for social media use to 14.

 

Industry stakeholders have also responded. The Age Verification Providers’ Association (AVPA) praised the GOSRN’s recognition of diverse, privacy-preserving age assurance methods. However, it called for clearer benchmarks and independent audits to define what constitutes “highly effective” age assurance.

 

Digital identity providers such as Yoti and VerifyMy expressed cautious optimism. While they welcomed the inclusion of innovative methods like email-based age estimation, they echoed concerns about the lack of specificity in technical standards. They urged regulators to provide clearer guidance to avoid legal ambiguity and ensure consistent enforcement.

 

On the other hand, digital rights groups have raised concerns about privacy and surveillance. The UK’s Open Rights Group (ORG) warned that users are being forced to share sensitive data with unregulated age assurance providers, often without choice or transparency. ORG has called for stronger oversight, interoperability between systems, and clearer limits on data collection and retention.

 

 

A Changing Regulatory Landscape

The GOSRN’s statement reflects a broader global shift towards more assertive online safety regulation. Countries such as Australia, Ireland, Fiji and the UK have passed or are implementing new laws, while the European Union’s Digital Services Act is setting a high bar for platform accountability.

 

New regulatory bodies are emerging to enforce these laws, and international cooperation is becoming essential. The GOSRN’s efforts to harmonise standards and share best practices are seen as a model for how regulators can work together to address global digital harms.

 

The Network’s emphasis on privacy, fairness and proportionality aims to balance child protection with fundamental rights. Its coordinated approach is designed to prevent “forum shopping,” where companies relocate to jurisdictions with weaker enforcement, and to ensure that protections for children are not limited by national borders.

 

 

A pivotal moment in online safety

The GOSRN’s position statement on age assurance marks a pivotal moment in the evolution of online safety regulation. By articulating shared principles and committing to coordinated action, the Network is laying the groundwork for a global standard that protects children while respecting privacy and innovation.

 

As more countries adopt age assurance requirements, the GOSRN’s leadership could help ensure that these measures are effective, consistent and rights-respecting—setting a new benchmark for digital responsibility in the age of global platforms.

 

 

 

Dario Betti is CEO of MEF (Mobile Ecosystem Forum), a global trade body acting as the independent voice of the mobile ecosystem and focussing on cross-industry best practices, anti-fraud and monetisation

 

Main image courtesy of iStockPhoto.com and Jajah-sireenut