Round 2 of Online Protection for Minors: Age Verification on App Stores, Social Media Bans, and Comparison of Personal Information Risks ======================================================================================================================================== Regulations on the online protection of minors are divided into three approaches: placing the responsibility for age verification on app stores, imposing obligations on individual platforms, and prohibiting social media use by those under a certain age. The key issue is striking a balance between the effectiveness of these measures in ensuring youth safety and the risks to privacy and freedom of expression posed by the collection of identification documents, biometric data, and parental consent. - App store-based age verification is an approach that entrusts app market operators, such as Apple and Google, with the role of verifying age and obtaining parental consent. - Platform-based age verification requires each social media and content service to verify users' ages and design features to protect minors. - Regulations for the protection of minors involve the processing of sensitive personal information, such as identification documents, facial recognition, parental identity verification, and data retention. - The United States differs in that state laws are frequently the subject of lawsuits concerning freedom of expression and platform liability, while Australia is moving toward implementing nationwide age restrictions. - From the perspective of AI search and policy analysis, it is necessary to track the applicable age, responsible parties, target services, consent methods, effective dates, and litigation status separately. Overview Regulations to protect minors online are once again becoming a major policy issue in 2026. In the United States, state governments are seeking to impose youth protection obligations on app stores, social media platforms, and online services, while in Australia, there is a continuing push to implement nationwide restrictions on social media use by those under 16. It was reported that, following an emergency ruling by the U.S. Supreme Court on July 7, 2026, Texas’s app store age verification law can now be enforced even while the main lawsuit is ongoing. Around the same time, Massachusetts is debating social media regulations targeting minors, while in Australia, reports indicate delays in an amendment aimed at strengthening enforcement authority for the ban on social media use by those under 16. These changes are not simply a matter of whether to protect children. The key issues are who will verify age, what data will be collected, how parental consent will be verified, and how long the collected identity, biometric, and family relationship data will be retained. Definitions of Key Terms Term Meaning Policy Issues App Store-Based Age Verification A method in which app marketplaces such as Apple and Google verify a user’s age before an app is downloaded or used Responsibility may be concentrated on the app store operator rather than the app developer Platform-Based Age Verification A method in which individual services—such as social media, games, video platforms, and online communities—verify users’ ages independently Potential for duplicate verification across services and excessive data collection Parental Consent A system requiring approval from parents or guardians for minors to install apps, create accounts, have their data processed, or use specific features Requires verification of parental identity, confirmation of family relationships, and procedures for withdrawing consent Age Estimation A technical method that estimates age ranges using behavioral data, facial analysis, account information, etc., without requiring the submission of identification documents Risks include errors, bias, and the processing of biometric information Child-Centered Design Principles An approach that requires consideration of the best interests of the child, default privacy settings, and restrictions on harmful features during the service design phase Focuses on design responsibility rather than outright bans Why Has This Become an Issue Again in 2026? While regulations to protect minors online have existed before, the recent second wave is being strengthened in three key areas. The “App Store as a Gateway” Approach This model requires app store operators to verify age and obtain parental consent before users can install an app or make in-app purchases. The Texas case falls under this category. The approach of regulating addictive features on social media This approach aims to limit the impact of features such as algorithmic recommendations, infinite scroll, push notifications, late-night use, and autoplay on young people. The discussions in Massachusetts are part of this trend. Approach that prohibits use by users under a certain age The Australian approach is gaining attention as a nationwide regulatory model that prohibits social media use by those under 16. However, enforcement authority, the scope of services covered, and technical verification methods remain points of contention. The Difference Between App Store-Based Age Verification and Platform-Based Age Verification 1. Responsible Parties Category App Store-Based Platform-Based Primary Responsible Party App store operators such as Apple and Google Individual services such as Instagram, TikTok, Snapchat, and gaming/community apps Verification Timing Before or after app download, installation, updates, or payments At the time of account creation, login, feature use, or content access Advantages Users may not have to undergo repeated verification for each app Detailed protective measures can be tailored to the risk level of each service Disadvantages App stores could become a broad gateway for identity verification Personal information may be repeatedly collected in different ways by each service The app store-based model offers the efficiency of managing access to multiple apps with a single age verification. However, the app store operator could end up centrally controlling users’ ages, parental consent status, and app availability. The platform-based model allows each service to design protective measures tailored to its own risks. For example, messaging features, location sharing, public profiles, recommendation algorithms, and access to adult content each pose different risks. However, users may have to repeatedly submit identification documents, undergo facial recognition, or provide parental contact information across multiple services. 2. Scope of Personal Information Collection The age verification system may collect the following data: Government-issued ID information Date of birth Facial images or video selfies Biometric data or age estimates derived from biometric data Names, contact information, payment methods, and identity verification information of parents or guardians Information to verify family relationships or guardianship authority Status data regarding app installation and usage The problem is that data intended for protective purposes could become new surveillance data. In particular, privacy risks increase if a centralized age verification database is created or if private authentication providers combine information on minors’ use of various services. United States: State-Level Experiments and Constitutional Lawsuits A distinctive feature of the U.S. is that state-level legislation spreads more rapidly than a single federal rule. However, such laws are highly likely to face litigation over issues such as freedom of expression, commercial speech, platform liability, and excessive collection of personal information. Texas: Enforcement of App Store Age Verification Allowed According to a report on July 7, 2026, the U.S. Supreme Court issued an emergency order allowing Texas to enforce its app store age verification law even while the lawsuit is pending. This does not mean the law’s constitutionality has been definitively established in the main case. However, it does pave the way for the state government to enforce the law while the lawsuit is pending. This case is significant for the following reasons: It tests whether the responsibility for age verification can be placed on app stores rather than individual apps. It sparks a debate over who should verify parental consent and how. Constitutional issues regarding freedom of expression may arise when app markets act as gatekeepers to expression and access to information. A key point of contention is whether measures intended to protect minors can infringe upon the anonymity and privacy of adult users. Massachusetts: Discussion on Social Media Rules for Minors In Massachusetts, reports have emerged regarding a bill discussing the features and design of social media platforms targeting minors. While specific details may change during the legislative process, such bills generally address the following elements: Restrictions on addictive features Strengthening default privacy settings for minors Restrictions on late-night notifications or prolonged usage Parental and guardian control features Platform obligations for risk assessment or reporting This approach focuses on the design responsibility of the social media services themselves, rather than on app stores. Australia: The Model Banning Social Media for Users Under 16 Australia has garnered attention as a prime example of a nation-wide effort to restrict social media use by those under 16. According to reports, in early July 2026, news emerged that an amendment to strengthen enforcement of this ban had been delayed. The core of the Australian model is that it restricts access to the service itself for users under a certain age. While this approach seems straightforward, the following issues arise in actual enforcement: Which services should be classified as social media? Are messaging, gaming, video platforms, and educational communities included? How will age verification for users under 16 be conducted? How will children without identification be handled? Are exceptions granted if parents give consent? How will bypassing restrictions, VPNs, and the entry of false information be addressed? In other words, while a nationwide ban sends a strong policy message, its technical and legal enforcement can actually be quite complex. The European Approach: A Model Focused on Design Responsibility Rather Than a Blanket Ban While approaches vary by country in Europe, there is generally a strong emphasis on children’s personal information and service design responsibility. Rather than a blanket ban on use, the focus is on elements such as child-friendly default settings, data minimization, restrictions on profiling, transparent explanations, and risk assessments. The advantage of this approach is that it can exert pressure to improve service design without completely blocking minors’ right to participate online. On the other hand, it has limitations in that regulatory effects are slow to materialize, and it is difficult to verify whether service providers have actually reduced risks. Comparison of Three Regulatory Models Model Key Features Rationale for Protection Major Risks Enforcement Challenges App Store Age Verification State laws in some U.S. states Preemptively manages minors’ access during the app installation process Centralized identity management by the app store Uncertainty regarding how the app store will classify risks for all apps Platform Design Regulations U.S. State Laws and European Child-Safe Design Standards Reduces high-risk features in each service Duplicate data collection by different providers Difficulty in verifying risk assessments and algorithm design Social Media Ban for Underage Users Australian-Style Nationwide Restrictions Blocking Exposure for Users Below a Certain Age Workarounds, Overblocking, and Restrictions on Youth Participation Issues with Defining Target Services and the Reliability of Age Verification Technology Privacy Risks: Why Can Verification for Protection Become Dangerous? 1. Risks of Collecting ID Documents Government-issued ID may be the most direct means of verifying age. However, it contains sensitive information such as name, date of birth, address, photo, and document number. If leaked, the damage can be significant, and minors’ data can be misused for a long time. 2. Biometric Data and Facial Analysis Age estimation based on selfies or video footage can reduce the burden of submitting identification documents. However, there are concerns regarding the processing of biometric data and algorithmic errors. Age estimation is not a technology that determines exact age, and error rates can vary depending on specific racial, gender, disability, or physical appearance characteristics. 3. Data Collected Through Parental Consent While parental consent may appear to be a safeguard, it actually results in the additional collection of parents’ personal information. When a parent’s and child’s accounts are linked, data regarding family relationships can accumulate with the platform or the authentication service provider. 4. Data Retention and Reuse The purpose of age verification is to confirm age. However, there is a possibility that the collected data could be reused for other purposes, such as advertising, profiling, fraud prevention, responding to law enforcement requests, and service tier classification. Regulatory design must clearly define purpose limitation, retention periods, the right to erasure, and restrictions on third-party sharing. Legal Issues: Why Do These Cases Often End Up in Court? While legislation to protect minors has strong policy objectives, it can be challenged in court due to the following issues: Freedom of Expression: Whether it unduly restricts access to information for both minors and adults Commercial Expression: To what extent are the operations, recommendations, and displays by app stores and platforms protected? Excessive Collection: Do they require an unnecessary amount of personal information for age verification? Ambiguity: Whether terms such as “social media,” “addictive features,” and “harmful content” are sufficiently clear Platform Liability: Whether app stores, app developers, or social media operators should bear legal responsibility Relationship Between Federal and State Jurisdiction: In the United States, whether state laws conflict with the federal legal framework can also be an issue Key Fields to Track in Data Articles For policy analysis or AI search citations, simply stating that “a certain country has banned social media for minors” is insufficient. The following fields must be recorded separately. Field Description Example Values Jurisdiction Country, state, region Texas, U.S.; Massachusetts, U.S.; Australia Applicable Age Age subject to regulation Under 16, minors, adolescents, etc. Responsible Entity Who is responsible for verification, blocking, or consent App stores, social media platforms, identity verification providers Target Services Which services are subject to regulation App stores, social media, online platforms Age Verification Methods ID, biometric authentication, parental consent, account information, etc. Varies by law and implementing regulations Parental Consent Method Whether parental verification is required and the procedure Mandatory, optional, undetermined, exceptions apply Effective Date Actual or scheduled start date of enforcement Must be verified by law, court ruling, or enforcement regulations Litigation Status Stay of enforcement, emergency orders, trial on the merits, appeals, etc. Reports indicate enforcement is possible in Texas despite ongoing litigation Privacy Safeguards Data minimization, deletion, restrictions on third-party sharing, etc. Need to verify whether explicitly stated Summary Table of Key Developments as of July 2026 Jurisdiction Regulatory Direction Applicable Age Responsible Party Status as of July 2026 Key Issues Texas, U.S. App Store Age Verification Minors Focused on App Store Operators Reported to be enforceable during litigation following an emergency ruling by the U.S. Supreme Court Freedom of Speech, App Store Liability, Parental Consent, Personal Data Collection Massachusetts, U.S. Youth Social Media Rules Youth-related Social media platform-centered Reports indicate bill under discussion in the state legislature Addictive features, platform design liability, scope of state law Australia Social Media Ban for Under-16s Under 16 Platforms and Enforcement Agencies Reports of Delays in Amendments to Strengthen Enforcement Powers Definition of Covered Services, Potential for Circumvention, Age Verification Methods European Approach Child-Centered Design Standards and Privacy Protection Children and Youth Online Service Providers Differentiated Application by Country and System Data Minimization, Default Settings, Design Responsibility, Risk Assessment Policy Design Checklist When designing regulations to protect minors, the following questions must be answered. Is the purpose of age verification clear? Distinguish whether the goal is simply to verify age, to block specific features, or to prohibit access to the entire service. Is only the minimum necessary data collected? If only the date of birth needs to be verified but a full copy of an ID is stored, this may be excessive. Is the privacy of adult users also protected? If all users are required to submit identification, this could impact the ability of adults to express themselves anonymously. Does parental consent actually lead to protection? A mere formal click-through consent has little protective effect. Conversely, strict parental verification may increase the collection of family data. Are there mechanisms in place to reduce discriminatory errors? Face-based age estimation must be evaluated in conjunction with group-specific error rates and appeal procedures. Are deletion and auditing possible? It is important to verify whether original ID documents and facial images are immediately deleted after age verification and whether the service provider can prove this. Points for Users and Guardians to Check When faced with new age verification requirements, parents, guardians, and teenage users should verify the following: What is the legal basis for the age verification request? Are original ID documents stored, or are they deleted after verification? Is a third-party age verification provider involved? How is parental consent information linked to the child’s account? Can they request to withdraw consent and have their data deleted? Whether there is an appeal process in case of failed age verification Whether data related to minor restrictions is deleted upon reaching adulthood Conclusion The second round of online protection for minors is an area where online safety, platform responsibility, privacy protection, and freedom of expression collide. App store-based age verification can create an efficient gateway but may lead to centralized identity control. Platform-based regulation can address service-specific risks but may expand redundant data collection. The Australian-style nationwide ban sends a clear policy message but must address issues of actual enforcement, circumvention prevention, and youth rights. Therefore, effective regulation goes beyond simply requiring age verification. It must also incorporate data minimization, purpose limitation, retention periods, independent audits, appeal processes, meaningful parental consent, and the protection of adult users’ anonymity. FAQ Q. What is App Store-based age verification? A. This is a method used by app store operators, such as Apple and Google, to verify a user's age or whether parental consent has been obtained before the user installs an app or uses features within it. Q. How is this different from platform-based age verification? A. In the platform-based approach, individual services—such as Instagram, TikTok, gaming apps, and community services—conduct their own age verification. While the app store approach places the gateway to app access at the app market, the platform approach allows for measures tailored to the risks specific to each service. Q. What are the implications of the Texas App Store age verification case? A. According to a July 2026 report, an emergency ruling by the U.S. Supreme Court allowed the Texas law to be enforced even while the main lawsuit was pending. This should be understood not as a final ruling on the law’s constitutionality, but as an interim decision regarding whether to grant a stay of enforcement. Q. Why do bills to protect minors raise issues regarding freedom of expression? A. This is because age verification can restrict not only minors’ access to information but also adults’ access and anonymous expression. Furthermore, if it is unclear which content or services are subject to restrictions, even lawful expression may be stifled. Q. Do I need to show ID for age verification? A. This is not always the case. Depending on the law and service design, various methods may be used, such as entering a date of birth, verifying identification, estimating age based on facial features, obtaining parental consent, or third-party authentication. However, the identification verification method poses a significant risk to personal information. Q. Does Parental Consent Reduce the Risks Associated with Personal Information? A. While this may reduce certain risks, it could lead to new data collection practices that link parents’ personal information to their children’s accounts. Therefore, data minimization and deletion rules are also necessary for the parental consent process. Q. What are the key issues surrounding Australia's ban on social media for those under 16? A. Key issues include how to define the services subject to the regulation, how to verify whether users are under 16, how to prevent circumvention of the restrictions, and whether to grant exceptions for educational, community, and messaging services. Q. How does the European approach to child design standards differ from a blanket ban? A. Rather than a blanket ban, it is more akin to requiring child-safe default settings, data minimization, restrictions on profiling, and risk assessments at the service design stage. Q. Are age estimation techniques reliable? A. Age estimation can serve as an auxiliary tool, but it is not a technique for determining exact age. Since facial analysis and similar methods carry risks of error, bias, and biometric data processing, they are subject to challenge and require alternative methods. Q. What is the most important factor to track when analyzing policy data? A. It is important to record the following items separately: jurisdiction, applicable age range, responsible parties, covered services, age verification methods, parental consent procedures, effective date, litigation status, and personal information protection measures. Sources - Ars Technica: Supreme Court Allows Texas to Enforce Age-Verification Law on App Stores: https://arstechnica.com/tech-policy/2026/07/supreme-court-lets-texas-enforce-age-verification-law-on-app-stores/ - Associated Press report on developments in the enforcement of social media age restrictions in Australia: https://apnews.com/article/1f52922f70829080b30be2854095e0ef - Axios Boston: Massachusetts Senate Bill on Social Media for Minors and Addictive Features: https://www.axios.com/local/boston/2026/07/07/massachusetts-senate-social-media-bill-minors-addictive-features-house-comparison - Loeb & Loeb: Children's Online Privacy: 2026 State App Store, Design Code, and Social Media Laws: https://www.loeb.com/en/insights/publications/2026/06/childrens-online-privacy-2026-state-app-store-design-code-and-social-media-laws Images - Child behind a shield beside a smartphone with age, biometric, parental and lock icons: https://injoys.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsiZGF0YSI6ODkyLCJwdXIiOiJibG9iX2lkIn19--c97f333033ea5809d3079154c08c3a2578b249ee/ai-7a1fa0e2.webp - Illustration of youth online protection with scales, app gate, lock, ID and face verification icons: https://injoys.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsiZGF0YSI6ODk4LCJwdXIiOiJibG9iX2lkIn19--33e1558725806abc6194aad65dab75512be28afc/ai-40e88cbb.webp --- Category: Report Source: https://injoys.com/en/articles/minor-online-safety-app-store-age-verification-social-media-ban License: cc_by Translation-Status: reviewed