The EUDI Wallet was not meant for age assurance: AVPA

The European Union should not look at the EU Digital Identity (EUDI) Wallet as an age-assurance solution to keep minors from restricted content, the Age Verification Providers Association (AVPA) says in its recent comments on the Digital Services Act (DSA). Instead of the upcoming digital ID scheme, Europe should rely on more privacy-friendly solutions created by the age assurance industry, according to the trade group.

“The wallet is fundamentally an identity solution, and its processes all start with identification at a high level of security – giving rise to concerns that without some design adjustments, it will not be fully anonymized,” says Iain Corby, AVPA’s executive director.

The organization submitted its comments in response to the European Commission’s request for feedback on minor protection guidelines contained in the Digital Services Act. While the EU regulation does not explicitly require digital services to introduce age assurance, it forces online platforms to ensure a high level of privacy, safety and security for minors.

The deadline for submission ended on Monday with the Commission receiving over 170 comments from government agencies, industry organizations, digital rights organizations and child protection advocacy groups. Tech giants TikTok, Google and LinkedIn and digital ID companies such as Veridas, VerifyMy and Yoti also submitted their views on the DSA.

In its submission, AVPA argues that the EUDI Wallet was not designed for the age assurance use case. The digital ID scheme may not meet the requirement for anonymity which is a part of certain sensitive age verification use cases.

Some countries also require age assurance software to guarantee “double-blind” protection, making it technically impossible for the user to be identified by the digital service they are accessing. Current EUDI wallet requirements and technical documents were not designed to deliver this feature, says the organization.

Rather than assuming there is a need for a new solution, the Commission should consider available age assurance methods which are already being used by many online platforms.

“The age assurance sector has developed rapidly over the past decade,” writes Corby.

The EU is also funding the development of a hybrid solution through the euCONSENT project, an age verification and parental consent solution that would keep minors from restricted online content and products through digital tokens. The tokens are created through both age estimation and age verification methods and provide assurance to digital services, such as apps and websites, that the user is over a certain age.

“A proof of concept is being built by the end of 2024 and it has widespread support from across the age assurance sector,” AVPA says in its comments. The trade association represents 30 providers of online age verification and age estimation technology.

The Information Technology and Innovation Foundation (ITIF) also submitted its views on the DSA, warning that age verification requirements could also infringe on child rights if not designed properly.

Article Topics

age verification  |  AVPA  |  biometrics  |  Digital Services Act  |  digital wallets  |  EU  |  EU Digital Identity Wallet