Australian ePrivacy Chief Issues Guidance for Social Media Platforms on Minimum Age Law

The law bars children younger than 16 from having accounts on age-restricted social media platforms. The guidance details how platforms can meet their obligations via age-assurance technologies, better reporting pathways and clear communication with users. It builds on a recent self-assessment guide to help social media services gauge whether their age-restricted platforms are in compliance.

The guidance reflects extensive consultation with industry and stakeholders, said eSafety Commissioner Julie Inman Grant. It recognizes that "there is no one-size-fits-all solution for industry, given the diversity of platforms and technology," and aims to help tech companies meet their obligations "in a way that is effective, privacy-preserving and fair."

The law requires platforms to deactivate or remove existing underage accounts with clear, careful communication and to prevent re-registrations or circumvention by those users. Companies must take a layered approach to age assurance to minimize end-user friction, reduce the risk of errors and provide user choice.

Platforms can't rely on self-declarations alone and must continuously monitor and improve their age-assurance systems, the office said.

The regulator stressed that it's not asking platforms to verify the age of all users, and companies are forbidden from requiring government ID as their sole age-verification method. They're not required to use specific technologies or vendors or to retain personal information from individual age checks.

Compliance will be monitored by the Office of the Australian Information Commissioner and complemented by the Privacy Act, the regulator added.

A government review earlier this month found that age assurance can be done privately, efficiently and effectively and that there are no substantial technological reasons preventing its use (see 2509010001).