On Wednesday 27th August, the Canadian Digital Governance Standards Institute (DGSI) published CAN/DGSI 127:2025 – Age Assurance Technologies, Canada’s first national standard dedicated to the design and use of age assurance systems.
This isn’t a new law mandating age checks – rather, it is a principles-based framework that sets out best practices for verifying users’ ages in a privacy-preserving, proportionate, and risk-informed manner. However, with age verification currently on the legislative agenda in Canada, this standard will likely serve as a foundational reference point for any future regulatory requirements.
Why this standard matters
With access to age-inappropriate content and services online becoming increasingly widespread and easier for younger users to access in unregulated markets, organisations need trusted ways to determine user age while respecting privacy and accessibility.
DGSI’s new standard offers practical, privacy-preserving guidance to help platforms, policymakers, and solution providers create safer, age-appropriate online spaces.
What age assurance methods are covered?
The standard outlines seven categories of age assurance methods, each suited to different use cases and risk levels:
- Self-check – User declares their age.
- Document-based verification – Upload or scan official ID.
- Biometric and characteristic-based verification – Use of biological or feature analysis.
- Capacity testing – Cognitive tasks to infer age.
- Cross-account or cross-platform authentication – Age verified via another account or service.
- Profiling – Analyse user behaviour or attributes (like email address).
- Authorised confirmation – An adult (e.g. parent or professional) confirms age.
The standard notes that some attempts to restrict access through methods such as self-check or declaration have historically been unreliable, as they are easily bypassed. They also note that some of the above measures should be integrated with other processes/measures to protect minors and control access to services, and each measure carries a varying level of risk for the individual.
The role of innovative age check solutions, including email-based age estimation
One notable aspect of the new standard is its recognition of a wide range of age assurance technologies, including innovative, low-friction age check methods such as email-based age estimation.
Within the framework of CAN/DGSI 127, email-based age estimation is likely best understood under method 6: Profiling. This category refers to the process of analysing the behaviour of users to predict their ages. Data used for profiling consists of information that users choose to share about themselves and information that is automatically collected from their engagement with services.
While the standard does not prescribe specific risk thresholds or deployment conditions for profiling, it places this method alongside others in a broader risk-based framework – where the sensitivity of content or service should inform the level of assurance required.
Email-based age estimation is gaining significant traction among both platforms and users
Recent Ipsos research in the UK found that 56% of users would be willing to use their email address to prove their age – a trend that mirrors what we’ve seen across our client base for years.
This method is particularly popular for its privacy-preserving, inclusive and low-friction nature – allowing platforms to determine a user’s age to a high degree of accuracy, without requiring ID uploads, selfies, credit card details or apps to download.
What comes next?
While CAN/DGSI 127 is not legislation, it establishes a clear national benchmark for age assurance practices in Canada.
If your platform offers age-restricted content or services for Canadian users, now is the time to review your existing age verification approach. In many cases, leveraging email data already collected at account sign-up can offer a simple, privacy-conscious path to compliance.
Get in touch – we’d be happy to help assess your current setup and explore how email-based age estimation can fit into your compliance strategy.
You can access more information at http://www.dgc-cgn.org or the Standards Council of Canada.
