Providing Business Clarity: How updated Guidance from the Information Commissioner's Office (ICO) on Age Assurance for the Children’s Code will Improve Online Child Safety

Providing Business Clarity: How updated Guidance from the Information Commissioner's Office (ICO) on Age Assurance for the Children’s Code will Improve Online Child Safety

Follow VerifyMy on LinkedIn to keep up to date with the latest safety tech and regulatory developments.

Businesses have historically lacked clarity from regulators regarding the compliant methods of age assurance available to them. 

While some brands have had to devote significant time and resources to understand and implement the solutions that best ensure child safety on their platforms, others have taken a more passive approach, opting to wait for additional guidance from the regulators instead of taking proactive measures. 

The recent comprehensive update to the UK’s Information Commissioner’s Opinion on age assurance for the Children’s Code is therefore a welcome development. It brings much needed clarity to businesses in relation to the implementation of the Children's Code, by outlining a risk- and standards-based approach to age assurance. Furthermore, given the ICO’s broad remit focusing on overseeing and enforcing data protection laws in the UK, it helps businesses assess their compliance with obligations under the UK GDPR, as well as with wider regulatory frameworks.

Alignment on age assurance requirements with the critically important Online Safety Act 2023 shows further joined up thinking that will help protect our young people online. This Opinion drives a collaborative approach between regulators, alleviating contradictory requirements. 

The developments are particularly important in an environment where Ofcom has revealed that 75% of parents now worry about their children seeing age-inappropriate online content. And where access to smartphones has led to children becoming the biggest perpetrators of sexual abuse against children. Businesses must know they need to do more when it comes to assessing the age of their users. Enforcing regulation and applied guidance from the ICO will propel this matter to the higher echelons of decision making, ensuring the adoption of age assurance tools more quickly and effectively. 

Naturally businesses will look for solutions that offer minimal friction for their users. The guidance around implementing readily accessible, privacy-preserving forms of age estimation such as email address are therefore pleasing. Not only will the majority of individuals have an email address and be willing to use it for the purposes of age estimation, this will complement biometric-driven age assurance including face and voice. 

Verification methods based on ‘hard identifiers’ such as an ID scan are also viable, but can exclude or indirectly discriminate against people who lack the necessary documents or information, such as credit history or passports. VerifyMy’s email address solution is fully inclusive and has zero bias by gender or skin tone. Where possible, businesses should consider offering a choice of age assurance methods, appropriate to the needs of their service and users. 

The ICO is being progressive in its approach by referencing techniques such as email address, which adds little or no friction to a user journey, making it both practical and commercially viable for platforms to adopt. 

The note from the ICO stating that it will continue its engagement on international standards for age assurance technologies via the International Organisation for Standardisation and IEEE shows that this is a long-term commitment. Something that will be welcomed throughout the industry.”

At VerifyMy, we take pride in our role as a collaborative and responsible player in helping build a safer online environment. We actively support our clients and regulators worldwide in implementing and enforcing regulations aimed at safeguarding children and society online.

Lina Ghazal, Head of Regulatory and Public Affairs, VerifyMy