Alexandria, VA (June 27, 2024) — The International Centre for Missing & Exploited Children (ICMEC) calls on global governments, industries, and NGOs to enhance child protection through device-level age verification, ensuring a safer digital world for children.
The International Centre for Missing & Exploited Children (ICMEC) strives to influence and inspire the global community across governments, industries, and non-governmental organizations to do what is needed to protect children from online sexual exploitation and abuse and to safeguard them from harm. We strongly believe the best way for ICMEC to serve children is to actively engage with policymakers, law enforcement, and industry leaders who are genuinely committed to practical solutions for building a safer world for all children.
Age verification is a critical component in efforts to safeguard children, enhance online safety, and maintain ethical and legal standards in the digital era. Age verification measures make it challenging for children to access harmful content, serving as both a protective barrier and a deterrent against intentional and unintentional exposure. Together with strong trust and safety efforts, robust content moderation, and the use of protection technologies, age verification is a key component of a multi-faceted approach that companies can employ to better protect and safeguard children.
Age verification laws must be designed primarily to protect children from harm, while also avoiding unintended consequences that could prove harmful to children. These laws must prioritize child safety but also consider the implications for adult internet users, ensuring that rights to speech, expression, and privacy are balanced with the need to protect children. ICMEC is concerned that website-based age verification mandates do not adequately address these concerns.
Our concerns over website-based age verification mandates stem from several key issues. Firstly, the technology for effective age verification on websites is not sufficiently developed, making enforcement across diverse jurisdictions impractical. This could lead companies, especially smaller companies with more limited resources, to either minimally comply or not comply at all, while children can easily bypass protections using a virtual private network (VPN). Secondly, these mandates may inadvertently drive children towards more dangerous online environments, both on the clear and dark web. Lastly, there are concerns about the significant infringement on adult rights, particularly regarding privacy, speech, and expression, which could hinder efforts to implement effective child protection measures.
Instead, we believe that device-level age verification offers a comprehensive solution that an be integrated into the overall security infrastructure of a device, reducing the complexity and inefficiency of implementing website-specific verification mechanisms. Device-level age verification also gives parents and caregivers oversight of their child’s online activities, thereby creating a secure online environment based on age appropriateness. Device-based age verification ensures consistency, efficiency, and heightened security and facilitates a controlled and safer online environment for children.
Device-based age verification offers a better alternative through:
- Ease of Implementation: Effective device-based age verification technology already exists. Parental controls are readily accessible across all major operating systems,
and advanced technology for device-based content filtering is available, offering even greater effectiveness. - Consistency and Standardization: Enforcement of device-based age verification mandates is realistic. It offers a standardized method across various websites, platforms, and services, ensuring consistency in content restrictions. This approach establishes a unified, efficient, and effective system, contrasting with the impracticality and inconsistency of website-level mandates alone. Enforcement of device-based age verification is streamlined, and jurisdictional issues are mitigated by focusing on the jurisdiction where the device is sold.
- Greater Security: Device-based age verification avoids harmful unintended consequences of website-based mandates. It cannot be circumvented by children using VPNs or TOR to mask IP addresses.
- Default Protection: Device-based age verification brings unintended benefits. Beyond protecting children within the mandate’s jurisdiction, requiring age verification at the device level extends protection to children worldwide. When age restrictions are default settings on devices, children whose parents or caregivers may not be actively involved or familiar with varied app-specific processes for activating protective controls, are automatically covered and have protection in place.
- Enhanced Privacy: Device-based age verification imposes significantly fewer restrictions on users’ rights. Providing identifying information to a single operating system poses less security and privacy risk compared to sharing this information across multiple websites.
- Parental Responsibility: Device-based age verification empowers parents and caregivers by providing default protections and enabling robust parental oversight. Implementing age restrictions at the device level supports parental responsibility to supervise their child’s online activities, fostering a controlled and secure online environment that aligns with age appropriateness.
ICMEC strongly advocates for a device-level approach to age verification as an effective means to protect and safeguard children, especially when combined with other measures including trust and safety, content moderation processes, and other protective technologies. By integrating age verification mechanisms into the operating system of a device, users can be designated for enhanced protections across all applications used on that device.