Businesses have historically lacked clarity from regulators regarding the compliant methods of age assurance available to them. The Children’s Code addresses some of these concerns.
While some brands have had to devote significant time and resources to understand and implement the solutions that best ensure child safety on their platforms, others have taken a more passive approach, opting to wait for additional guidance from the regulators instead of taking proactive measures. Implementing the Children’s Code can help.
Information Commissioner’s Opinion
The recent comprehensive update to the UK’s Information Commissioner’s Opinion on age assurance for the Children’s Code is therefore a welcome development. It brings much needed clarity to businesses in relation to the implementation of the Children’s Code, by outlining a risk- and standards-based approach to age assurance. Furthermore, given the ICO’s broad remit focusing on overseeing and enforcing data protection laws in the UK, it helps businesses assess their compliance with obligations under the UK GDPR, as well as with wider regulatory frameworks.
Alignment on age assurance requirements with the critically important Online Safety Act 2023 shows further joined-up thinking that will help protect our young people online. This Opinion drives a collaborative approach between regulators, helping to enforce the Children’s Code and alleviating contradictory requirements.
Assessing the age of users
The developments are particularly important in an environment where Ofcom has revealed that 75% of parents now worry about their children seeing age-inappropriate online content. And where access to smartphones has led to children becoming the biggest perpetrators of sexual abuse against children. Businesses must know they need to do more when it comes to assessing the age of their users. Enforcing regulation and providing applied guidance from the ICO, including The Children’s Code, will propel this matter to the higher echelons of decision making, ensuring the adoption of age assurance tools more quickly and effectively.
Naturally businesses will look for solutions that offer minimal friction for their users. The guidance around implementing readily accessible, privacy-preserving forms of age estimation such as email address is therefore pleasing. Not only will the majority of individuals have an email address and be willing to use it for the purposes of age estimation, this will complement biometric-driven age assurance including face and voice as specified in The Children’s Code.
Verification methods
Verification methods based on ‘hard identifiers’ such as an ID scan are also viable, but can exclude or indirectly discriminate against people who lack the necessary documents or information, such as credit history or passports. Verifymy’s email address solution is fully inclusive and has zero bias by gender or skin tone. Where possible, businesses should consider offering a choice of age assurance methods, appropriate to the needs of their service and users, to fully comply with The Children’s Code.
The ICO is being progressive in its approach by referencing techniques such as email address, which adds little or no friction to a user journey, making it both practical and commercially viable for platforms to adopt. This aligns well with The Children’s Code guidelines.
The note from the ICO stating that it will continue its engagement on international standards for age assurance technologies via the International Organisation for Standardisation and IEEE shows that this is a long-term commitment. Something that will be welcomed throughout the industry as The Children’s Code becomes a global standard.”
At Verifymy, we take pride in our role as a collaborative and responsible player in helping build a safer online environment. We actively support our clients and regulators worldwide in implementing and enforcing regulations aimed at safeguarding children and society online, in line with The Children’s Code.
Lina Ghazal, Head of Regulatory and Public Affairs, Verifymy
