Safety Tech 101: Delivering kid-safe online experiences (age assurance)

The Safety Tech Innovation Network welcomed speakers from the Age Verification Providers Association and Yoti to discuss all aspects of age assurance – from policy to methods, and why we need to create a level playing field for people doing age checks.

Our second Safety Tech 101 event took a deep dive into the technologies used at platform level to enable age-appropriate online experiences, including the use of age assurance services to limit children’s exposure to harmful content.

Attendees heard from:

Watch the full event recording to learn about age assurance and the different methods used to keep children safe online:

“Age verification has been a leading sector within Safety Tech”

There are a number of definitions surrounding age verification, age estimation and age assurance, and Iain believes that introducing global standards and frameworks will make it “easier to export the technology”, and thus grow the sector. A number of useful frameworks and codes of practice include:

The Age Verification Providers Association has worked hard to “create a level playing field for people doing age checks and also enable interoperability”, which Iain sees as the future for age assurance.  This means that if a user has completed age checks with one provider, they can use them on many other websites. To help support interoperable solutions the AVPA and some UK AV providers have been contributing to projects such as  the EU’s euCONSENT consortium pilot project, which will go live in Summer 2022.  This project is exploring how to support interoperable age verification solutions and parental consent to improve children’s safety online. As part of this work, Julie Dawson described how “age tokens” are added to a user’s browser. They provide a digital proof that an age check has been completed.

The Age Verification Providers Association and other UK age assurance providers are working with DCMS and the British Standards Institute to develop an international standard for age assurance. The standard will establish a framework to support companies in assessing what their age assurance requirements are, so they can choose the most appropriate methods for their needs and their jurisdiction.

“Companies should think about consumers and what they want or can use”

Users are increasingly mindful of protecting their privacy online, according  to Julie..“One of the things we have been looking at is how can people share less – rather than more – data? How can they just share age?”. Companies should consider what other forms of data a user can share about themselves that can be used for just checking age. Expanding the types of data that can be used for age assurance means that age assurance solutions are more inclusive.

Julie shared considerations for companies who are looking to implement age assurance to think about: 

  • It’s a broad landscape that should be user-first. Before committing to a method of age assurance, think about the specific use case and the countries where this technology is being deployed.
  • Privacy is imperative. “We have got to protect users’ rights. This includes data minimisation, meeting GDPR and other legislation and being transparent around how the approaches to age assurance are built.” 
  • There are varying degrees of friction and costs for different solutions. “Depending on whether you are a large or small platform, your needs are going to be very different. For example, a large platform will likely want to have a range of age assurance methods, in a range of languages.” This builds on complexity and cost. 
  • Regulators are keen to see that these age checks are proportionate and that organisations can make them scalable. Companies need to think about how these can be delivered on a global basis but meet in-country needs.

“For many companies, to be able to protect their child users, they will need to know which ones are children”

The UK government expects that age assurance will  play an important role in helping companies to comply with  their duties under the Online Safety Bill. “At the very heart of the Online Safety Bill is the protection of children and this is a key priority for the Secretary of State”, said Antonia Bayly. All companies in scope of the legislation will need to assess whether their service is likely to be accessed by children and if so, deliver additional protections for them.

Other important legislation driving the use of age assurance technology to protect users includes:

  • The Age Appropriate Design Code is world-leading legislation that protects children’s data and came into force last year. Companies can either apply the Code’s standards to all of their users or, if they choose,  only their child users. Antonia said there has been “a noticeable shift in the use of age assurance technologies by in-scope companies”, since the introduction of the Code.
  • Video Sharing Platform Regime has a smaller scope than the Age Appropriate Design Code but it requires Video Sharing Platforms providers are required to take ‘appropriate measures’ to protect under-18s from potentially harmful material.  Ofcom has recently published guidance on this too. 
  • The EU’s Digital Services Act now makes reference to age verification. It is still in draft form but Antonia said: “it is an important signal about how other countries are considering these technologies”.

And what about around the world? 

“There is a growing global interest” in age assurance technologies, said Antonia. 

As governments become more familiar with the technologies and as the sector continues to innovate, it is expected that countries will begin to recognise the value of age assurance in providing “a more tailored age appropriate experience for children as well preventing children from accessing content”. 

Interested in the rest of our Safety Tech 101 series? Read our other articles.

Articles you might like