Age verification: Striking the balance between security and privacy in bid for children’s online safety

By Robert Prigge, CEO of Jumio

With children’s daily lives increasingly revolving around the internet, discussions around their online safety have persisted among parents, children’s safety and privacy advocates and lawmakers. Despite these ongoing conversations and deep concerns, many websites have yet to implement rigorous age verification measures that can confirm a young user’s true age.

It hasn’t gone without notice.

When it comes to social media, only 37 percent of U.S. consumers are confident these platforms are protecting minors from mature content through age verification controls. Anyone who has ever had to verify their age online knows how easy it can be to falsify the information, and a recent Ofcom survey found that one-third of underage social media users lie about their age. After all these years, most sites still rely on age verification prompts that are powered by the honor system.

Unfortunately, these lax age verification controls don’t end at social media. Many websites that offer mature content and services, like gambling and cannabis delivery, often don’t have additional age verification measures aside from pop-up buttons that ask users to certify that they are over 21. It’s no wonder that only 39 percent of Americans believe sites hawking mature content and services are taking age verification seriously.

It’s clear further action is needed to promote a safer digital world for children. However, many age verification capabilities also present considerable privacy issues, which is one of the reasons why effective online age verification methods for minors have stalled. But the problem isn’t just a technical one — lawmakers are encountering similar challenges.

A stronger push for rigorous age verification controls

Age verification tools will become essential to creating a safer internet for children. A prime example is online identity verification, which compares a real-time selfie to a government-issued ID using the power of AI and biometric-based liveness detection. Some social media platforms like Instagram and Yubo have already started integrating these types of tools to prove users are of the appropriate age. Such technologies provide a great solution for verifying one’s age, but they may also create additional privacy risks. And evidently, these tools also present another conundrum: since a government-issued ID is needed, how can minors without formal identification be verified?

Furthermore, while websites may be falling behind in their age verification strategies, legislators are starting to take matters into their own hands. In September, California became the first U.S. state to pass a bill that enforces specific guardrails for online organizations to protect minors. Although the California Age-Appropriate Design Code Act (CAADCA) marks a milestone for children’s online privacy and safety in the U.S., it has received a negative reaction from Big Tech. The tech trade group, NetChoice, recently sued California to halt the law from taking effect in 2024, claiming it is the government’s attempt to censor technology companies.

Many advocates of enhancing internet safety for children are also continuing to push on the proposed federal Kids Online Safety Act (KOSA), which faces strong support from Senate lawmakers, but increased resistance from the House. If passed, the bill would require covered platforms to provide specific safeguards for minors or their parents, including settings that limit access to their personal data and tools that enable parents to oversee their child’s use of the platform.

The government will likely face increased pressure from parents and children’s safety advocates to pass KOSA in the months ahead. However, while legislation is critical in spurring businesses to take action, they shouldn’t wait for the bill to pass to begin making a change. We can expect to see more organizations emulating Instagram’s age verification controls, but the safety versus privacy debate is sure to continue as a result.

Children’s age verification advancements face privacy hurdles

Deploying stricter protocols around age verification is absolutely crucial, but critics say that such an approach could be unsafe and invasive for children. Children’s privacy advocates have already spoken up about the CAADCA, demanding that the language is too vague and doesn’t present deep enough implications for businesses. As with any modern technology, age verification tools can provide a gateway for businesses and data brokers to collect, store and sell children’s data. Many are concerned that technology providers will be able to monitor users’ online activity and track their real-time location.

Organizations must go the extra mile to keep children safe and protect their privacy by ensuring parents consent to their child’s data being harvested and stored.

Children’s online safety is a two-way street

Ultimately, children’s online safety and privacy should be a shared responsibility between organizations and parents. Businesses must do their due diligence by deploying age verification measures that can confirm a user’s true age, but the majority of U.S. consumers agree the onus must also be on parents or guardians to protect their children from age-restricted content, services and products.

Online organizations and social media networks should consider an approach that involves age verification for minors, but also identity verification for parents and guardians that allows them to consent to their child’s use of the platform. To protect minors from inappropriate content, bullying and other forms of online harm, organizations should also have settings that allow verified parents and guardians to select what level of access their child can have on the website or application. For instance, a parent can select if specific words need to be filtered out or if certain accounts should be blocked. In addition to controlling how their child uses the social media platform, parents and guardians should follow data privacy best practices, such as limiting the information organizations are collecting from their children.

A safer internet is in our future

Whether a federal children’s online safety bill is passed or not, one thing remains clear — organizations need to start restructuring their websites with children in mind. For technology providers, this also means creating secure technology that can verify a user’s age without documenting or saving their data. The road to a safer internet is well underway and both organizations and parents will need to work together to truly achieve it.

About the author

Robert Prigge is CEO of Jumio.

DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.

Article Topics

age verification  |  California  |  children  |  data privacy  |  Jumio  |  Kids Online Safety Act (KOSA)  |  legislation  |  selfie biometrics  |  social media