FTC Policy Statement on COPPA Exemption for Age Verification Data Collection
The U.S. Federal Trade Commission (FTC) issued a policy statement clarifying it will not pursue COPPA enforcement against websites and online services that collect, use, or share personal data solely to perform age verification, addressing industry concerns that age-checking could itself trigger COPPA liability. The FTC said the exemption applies only when providers give clear notice to parents/children, limit use of the data to confirming age, avoid retaining the information after verification, and share it only with third parties they are confident will maintain confidentiality; the agency also emphasized the need to employ reasonable security safeguards and take reasonable steps to ensure age-verification methods and vendors provide reasonably accurate results.
The FTC said it plans to review the COPPA Rule to further address age verification, following earlier agency remarks framing age verification as an important child-protection tool. Separately, Discord announced it is postponing and modifying a planned global age-verification policy after user backlash, delaying rollout to the second half of 2026 and adding options beyond government ID or video selfies (e.g., credit card verification), along with commitments to vendor transparency and a forthcoming technical explanation of its “age determination systems”; this reflects broader regulatory pressure for platforms to verify user ages but is distinct from the FTC’s COPPA enforcement posture.
Sources
Related Stories
Discord Global Age Verification Rollout After Third-Party ID Image Breach
**Discord** announced a phased global rollout requiring users to verify their age using **video selfies or government IDs**, citing growing regulatory pressure for age checks on social platforms and a goal of providing a “teen-appropriate experience by default.” Discord said the verification data will be **deleted immediately after age is confirmed** and claimed it **will not leave the user’s device**; the company also described new defaults that restrict access to age-gated features (e.g., blurring sensitive content and limiting age-restricted channels/commands to verified adults). The rollout is expected to begin in early March, following earlier “teen-by-default” measures introduced in the U.K. and Australia. The policy change triggered backlash in gaming communities due to privacy and breach concerns, amplified by a prior incident in which **roughly 70,000 images of government IDs** were exposed after users had uploaded them for customer service purposes; reporting attributes the exposure to a **third-party service** Discord used to manage data. Discord is attempting to reassure users by pointing to tightened controls and a partnership with *k-ID* for age checks, but critics highlighted perceived ambiguity in how ID scans may be handled (including potential uploads to vendor servers and involvement of additional third parties), and warned that expanding collection of sensitive identity data increases the platform’s attractiveness as a target.
1 months ago
Platforms Expand Identity and Age-Verification Features for Privacy and Adult-Content Access
Google upgraded its *Results About You* safety feature to detect and request removal of additional sensitive identifiers exposed in Search results, including government ID numbers such as **passport numbers, driver’s license numbers, and Social Security numbers**. The update also streamlines Google’s process for reporting and removing **non-consensual explicit imagery (NCEI)**, including deepfakes and other AI-generated sexualized content, reflecting increased platform focus on limiting the discoverability of highly sensitive personal data and abusive imagery. Discord announced it will begin requiring **age verification** for access to adult content globally, using either an **ID upload** or an **AI-based video selfie** to estimate age. Discord stated that verification data will not be retained by Discord or its verification provider, claiming face scans will not be collected and ID images will be deleted after verification, highlighting ongoing industry movement toward stronger identity/age-gating controls alongside privacy assurances about data handling.
1 months ago
Regulatory Push for Online Age Verification and Adult-Site Access Restrictions
A growing regulatory push to require **online age verification**—particularly for access to pornography and other age-restricted content—is accelerating in the U.S. and U.K., with policymakers framing it as a child-safety measure and critics warning of privacy and free-speech risks. An **FTC** commissioner publicly endorsed age verification as a tool to protect children online, pointing to widespread state-level adoption in the U.S. and noting that court outcomes have been mixed, including a **U.S. Supreme Court** decision upholding a Texas law requiring pornography sites to verify users’ ages. In the U.K., the **Online Safety Act (OSA)** is driving direct service changes: **Aylo** (parent company of Pornhub and other tube sites) said it will **restrict access in the United Kingdom** rather than implement the OSA’s age-checking approach for all visitors, while allowing continued access for users who have already verified their identity. Aylo argued the framework diverts traffic to unregulated sites and creates privacy risks, while **Ofcom** countered that services can either implement compliant age checks or block U.K. access and urged development of effective device-level solutions.
1 months ago