Ireland tells X to follow rules as High Court dismisses Online Safety Code challenge

Just as the social platform known as X has struggled to convince people to stop calling it Twitter, it has likewise struggled to convince Ireland’s High Court that the country’s regulators are out of line in making it follow the rules.

The platform owned by cartoonish billionaire Elon Musk has lost its challenge against regulatory body Coimisiún na Meán’s Online Safety Code, according to a report from RTE. A justice dismissed the allegation that the code amounts to “regulatory overreach,” and “did not agree that X was entitled to reliefs sought by way of judicial review.”

In other words, there’s no reason X shouldn’t have to abide by the law along with every other social platform.

Now, it appears to be doing a bit of a dance in trying to avoid the regulator. Having announced the introduction of new age assurance measures to bring it in compliance with the Irish code, the UK Online Safety Act and similar EU regulations, X has not, according to Coimisiún na Meán, actually implemented them.

Per RTE, “last week, Coimisiún na Meán said it had not seen evidence of measures taken by X to comply with the code. It contacted the platform and asked for an explanation by last Friday. Coimisiún na Meán received a reply from X on Friday outlining the new measures which the regulator is now studying.”

X’s online help center post outlines its age assurance strategy, which it says takes a multi-step approach. It first looks at “existing highly reliable signals” including ID verification and account creation date, then moves to age estimation based on users’ email addresses and their existing network.

For “user-involved” identity verification, X gives users two options: facial age estimation (FAE) based on a selfie, or on a photo from a government-issued ID. (“Users can submit a government-issued ID, which will be used to estimate their age by our artificial intelligence systems).”

X all atwitter over age verification rules in Part B of code

The legal kernel of the issue for X is the provisions of Part B of the Online Safety Code, which it claims go further than what was required in adapting the prior EU Audiovisual Media Services Directive (AVMSD). These are the provisions which require video-sharing platforms that allow pornography to use effective age assurance to ensure that children cannot access it.

Coimisiún na Meán’s statement on the issue says that “platforms have had nine months to come into compliance with Part B of the Code. We expect platforms to comply with their legal obligations. Non-compliance is a serious matter which can lead to sanctions including significant financial penalties.”

In a follow-up post to its online help centre, X says it will take a multi-step approach to verification, using existing signals, as well as age estimates using email addresses and social connections, and biometric modalities including facial recognition.

Parental controls key part of shift in online safety

A piece in the Irish Examiner looks at what the new age assurance laws mean for Ireland’s parents. It notes that “platforms must also have visible and easy-to-use parental controls, such as time limits or restrictions on who can post or view videos on a child’s account, along with clear mechanisms to report harmful content and established procedures for resolving complaints.”

“Parents should familiarise themselves with platform settings, including parental controls, reporting tools, privacy defaults, and content ratings.”

But the hefty fines attached to noncompliance signify “a shift from self-regulation and parental vigilance towards holding tech firms legally accountable – assigning some responsibility to platforms for keeping children safe.”

However, only some will be held accountable under the code. It only applies to 10 sites headquartered in Ireland: Facebook, Instagram, X, YouTube, Udemy, TikTok, LinkedIn, Pinterest, Tumblr and Reddit.

Non-video-sharing platforms – which include Snapchat and gaming platforms such as Steam – are not subject to the law. Nor does it cover recommendation algorithms.

The piece says a lack of detail on specific age verification or age estimation technologies is a flaw in the code. But that is likely to allow consumers a broad choice of age assurance options.

Ireland is one of the EU’s early adopters of legally binding age verification requirements, specifically for video sharing platforms. Its code is in alignment with the EU Digital Services Act, which has somewhat less stringent age assurance rules.

Article Topics

age verification  |  biometric age estimation  |  Coimisiún na Meán (CnM)  |  Ireland  |  Online Safety Code  |  regulation  |  social media  |  X (twitter)