The protection and empowerment of children and teens online is a key priority of the Commission. Age verification is part of our strategy to protect minors online but it is only one piece of the puzzle. It goes hand in hand with work such as the Digital Services Act (DSA) enforcement, the Action Plan Against Cyberbullying, the Better Internet for Kids Strategy and more.
The recommendation lays down the actions the Commission encourages Member States to take to make sure that all EU citizens have access to robust and privacy-preserving age verification by 31 December 2026.
It also defines an EU-wide governance approach to enable further availability of such technologies.
Member States are recommended to:
- Make use of the EU age verification blueprint, which can be customised to each Member State’s needs and be integrated with the European Digital Identity Wallets.
- Draw up implementation plans to ensure swift adoption of age verification solutions.
- Work together and engage with their Digital Services Coordinators, other Member States, the Commission, researchers and civil society in the roll out of their national solutions.
- Ensure compliance with all relevant cybersecurity standards through independent third-party scrutiny.
The Commission will also set up an EU Age Verification scheme, with requirements for providers of proof of age attestations and age verification solutions to meet, also outlining how trust in these providers can be checked by services needing to verify the age of individuals.
Additionally, the Commission will make available a list of the age verification solutions that meet privacy and security standards equivalent to the EU age verification blueprint and other relevant legislation.
Furthermore, a list of trusted providers of proof of age attestations will be set up. These providers can verify the age of the user for the age verification solution through one of the supported onboarding mechanisms, such as through eIDs, passports or ID cards.
Guidelines on the protection of minors under the Digital Services Act
Last July, the Commission adopted guidelines under the DSA that outline what online platforms should do to create a better and safer internet for young people.
Among other things, the guidelines recommend the use of effective age assurance methods that are accurate, reliable, robust, non-intrusive and non-discriminatory. This includes using age verification methods to restrict access to adult content such as pornography and gambling, or when national rules set a minimum age to access certain services.
For example, at present, 24% of 14 to 17-year-olds in 6 EU countries report seeing pornographic content at least once per week – which is being addressed in parallel through the DSA enforcement actions and needs to be underpinned by effective age verification.
When age verification is recommended, it should rely on physical identifiers, such as ID-cards, passports or Bank-IDs, to restrict access to adult content online such as pornography, gambling, or purchasing alcohol.
The EU’s Age Verification Solution
To accelerate the implementation of age verification solutions across the EU, the Commission provided a blueprint with technical specifications that allows users to prove that they are over a certain age, for example 15, 18 or even 65, without disclosing their exact age or identity. The blueprint includes guidance for the technical implementation of these specifications, including on cybersecurity and privacy.
For instance, the EU solution offers the highest privacy standards by using state-of-the-art technology to prevent tracking.
Furthermore, the solution only confirms if the user is over a certain age. It does not reveal the precise age, or any other information about the user either to the trusted proof of the age attestation provider or the online platform the user is accessing.
The solution guarantees full anonymity by protecting the user’s identity throughout the verification process. It is also fully aligned with the EU Digital Wallet framework.
The European Digital Identity Wallet
The European Digital Identity Regulation requires Member States to offer at least one free EU Digital Identity Wallet to its residents by the end of 2026. These wallets enable secure, user-controlled sharing of identity data and electronic attestations. including proofs of age, with public and private relying parties across the EU.