What Do Families Think About Age Assurance Methods?
Exploring Age-Assurance Methods: Balancing Online Safety and Privacy for Children
Age assurance methods are ways to verify a person's age online. They are used by websites and apps to ensure that users are old enough to access certain content. There are many different age assurance methods, each with its own pros and cons.
Europe leads the United States in the adoption of Age-Appropriate Design Codes. In fact, many new laws passing through various state legislatures are based on the UK GDPR Children’s Code or reference it as a guide.
Early articles often oppose what effectively becomes age gates. These articles muddy understanding on the topic and are influenced by conflicts of interest and self-serving intentions. They fail to recognize the potential benefits for both businesses and users. This confusion leads to paralysis, resulting in products and services that fall short of their potential.
To better understand how businesses can proactively use age assurance methods and build a competitive advantage, it is valuable to explore some concepts and ways age assurance may be implemented.
In a recent study in Europe, families were asked about their thoughts on age assurance methods, revealing numerous concerns. Families worry about the accuracy of the methods, the effort required to use them, and the risk to their privacy.
Age-Assurance refers to approaches used to ensure that children cannot access adult or inappropriate content, as well as keeping adults out of places where children are present. There are two primary approaches to assuring one's age: age verification and age estimation.
Age verification provides higher certainty by checking against trusted or verifiable records of data. Age estimation is often done through algorithms, which carry some error rates. The level of certainty demanded depends on the personal information collected by the business and the risks to the child's well-being, which are assessed in a Data Protection Impact Assessment (DPIA).
The level of risk determines the appropriate method to use.
Self-declaration:
Self-declaration is the simplest age assurance method. Users simply state their age, but this method is easily exploited by lying. In many cases, self-declaration alone may not pass an AI audit or comply with Age-Appropriate Design Codes.
Hard identifiers:
Hard identifiers are physical documents that prove a person's age, such as a driver's license or passport. This method is more accurate than self-declaration but is also more difficult to use. Users must scan or upload their documents, which can be a hassle. It's important to consider that some people may not have easy access to or possess these documents, introducing biases.
Facial image analysis:
Facial image analysis is a newer age assurance method that uses artificial intelligence to estimate a person's age based on their face. While still under development, this method shows promise in terms of accuracy. However, leading players in the market currently have an error rate of about 1.5 years for those under 18. This method also raises privacy concerns, as it requires users to use their device's camera for a selfie or upload a photo of their face, presenting various risks and insufficient safeguards.
Behavioral profiling and inference:
Behavioral profiling and inference analyze a user's online behavior to estimate their age. This method is not as accurate as facial image analysis. It does not require users to upload personal information explicitly, but it carries other risks to a business's compliance documentation.
Parent/guardian confirmation:
Parent/guardian confirmation allows parents or guardians to verify their children's age. This method can be highly accurate as it requires parental engagement. It provides an opportunity for parents to discuss appropriate online behavior with their kids. However, it can also lead to problems as the app collects significant personal information during the setup process for both the parent and child. Clear language must address how that information will be used, such as for advertising or behavior-based recommendations engines and provide opt-in and opt-out preferences.
Cross-service authentication:
Cross-service authentication allows users to use the same age assurance method across multiple websites and apps. This method is convenient but less secure. If a user's age assurance information is compromised on one platform, it could be used to access other platforms.
As society recognizes the importance of protecting children's privacy, age assurance methods will continue to evolve. New methods will be developed to be more accurate, less intrusive, and easier to use. In the meantime, families must carefully consider the pros and cons of each method before deciding which one is right for them. Businesses also need to consider the impact and risks their systems have on children and choose an appropriate and compliant method.
Here are some additional thoughts on the topic:
It is crucial to remember that age assurance methods are not perfect solutions. Determined users can bypass them, and they can introduce new privacy risks. However, they can be valuable tools for parents and guardians who want to protect their children from harmful content.
As new age assurance methods are developed, it is important to evaluate them carefully to ensure they do not pose undue risks to children's privacy.
Ultimately, the best way to protect children's privacy is through open and honest conversations about online safety. Parents and guardians should educate their children about the risks of sharing personal information online and encourage critical thinking about the content they consume.
About the Author:
Jeff Kluge, the CEO & Founder Holistic Ethics and creator of KidsTechEthics, leads a consulting and advisory business dedicated to enhancing the safety of online spaces and digital experiences for children. As the market demand for services like Data Protection Impact Assessments (DPIA’s), age-assurance strategies, content moderation, and proper implantation of Age-Appropriate Design Codes gains momentum, Jeff and his global team are at the forefront.
Starting with education and training for legal professionals and various teams within organizations, they bridge the gap between legal principles and business language. By creating action plans and providing insights, they strengthen compliance efforts and help develop desired products and services. With Jeff Kluge and his team, businesses can confidently navigate the complex landscape of child protection, ensuring a safer and more responsible digital environment for the next generation.
Jeff developed the next generation of age-assurance solution that is both privacy-centric and globally harmonized with Age-Appropriate Design compliance at its core. It accomplishes what both users and business want and need to facilitate and enable innovation in the next decades' greatest stakeholder focused enterprises.
Join us in getting children’s technology right, ethically. www.HolisticEthics.com