On the last day of the European Dialogue on Internet Regulation, the focus was on age verification. During the main event, The Age Verification Dilemma: Balancing Child Protection and Digital Access Rights, Tatiana Tropina from the Internet Society, Manon Baert from the 5Rights Foundation, Michael Terhörst from the Office for the Enforcement of Children's Rights in Digital Services, and Iain Corby from the Age Verification Providers Association engaged in discussion with interested participants.
In her opening statement, Tatiana Tropina expressed concern that mandatory age verification could pose a risk to users privacy and security. For example, this could be the case, for example, if malicious actors misused sensitive user data that they need for identification with the services. She was also critical of the possibility that certain groups of users could be excluded because they lack official identification documents, because they reject procedures for estimating age based on biometric data, or because they are unable to carry out these procedures due to the lack of an integrated camera on every device. She also disapproved of these mechanisms being used to deny people access to content and services, and was concerned that the internet would no longer be inclusive as a result. She therefore suggested that providers should continue to invest in the security of their services as an alternative. This could include providing information via metadata that warns devices about certain content or offers. Users would then have the opportunity to decide whether to use them or adjust their settings so that they are not activated by the device.
In response to the concerns expressed, Iain Corby referred to the large number of existing systems for determining or providing proof of users' age or age group. Users do not necessarily have to be identified. For example, there are systems in which users can remain completely anonymous to the service provider, meaning identification does not take place and the service provider only receives a response (yes or no) to requests to assign users to an age group or confirm whether a certain age has been reached. The biggest challenge with such secure, privacy-protecting procedures (zero-knowledge proof and double-blindness) is the cost. Against this backdrop, he believes that governments have a responsibility to promote the development of appropriate solutions, and their implementation if necessary.
Michael Terhörst described age verification as key to creating a safe, child-friendly digital environment. As a regulator, his job is to ensure that providers offer minors default settings and content that do not hinder their development. Knowing the approximate age of users is essential for providers to meet these requirements. In this sense, age-verification measures should not be seen as a way of excluding user groups, but rather as a means of enabling safe participation in the digital environment. Manon Baert also argued along these lines. She pointed out that the internet was not developed with children in mind. However, the negative effects and implications of this on minors and their well-being have been apparent for some time. Nevertheless, protection against existing risks should not result in children being excluded from the digital world. The focus should be on enabling them to participate safely. Age verification applications are an effective way of achieving this.
During the subsequent debate, it became clear that the objective should be to enable young people to safely participate in the digital environment. In doing so, concerns about user security and privacy must be taken into account. Solutions must be developed that are not tied to specific services or applications and can be used worldwide. There was also agreement that certain groups of users should not be excluded.