Age Assurance: Guiding Principles and Best Practices

Digital services work to design safe, age-appropriate experiences, including by implementing “age assurance” practices to establish a user’s age.

A variety of age assurance approaches exist, including age verification based on review of identity documents or parental consent; age estimation based on inferences made from user data, physical characteristics, or other measures; and self-declaration by the user.

Every approach to age assurance presents trade-offs. Key challenges include the fact that more accurate methods may depend on collection of new personal data, and thus can be in tension with a service’s privacy commitments to users and legal obligations. Methods may also create inequities among users, unfairly discriminating against certain people, and may not be economically feasible for smaller companies.

There is no one-size-fits all solution in this area. Instead, different services opt for different approaches based on a variety of factors, including but not limited to users of the service, type of service offered, risk calculation, privacy expectations, and economic feasibility.

As part of the Digital Trust & Safety Partnership’s practicing companies’ commitment to its overarching Trust & Safety Best Practices Framework, this document describes a range of current best practices for age assurance. We identify five guiding principles and then note how companies have used these principles to develop example best practices for age assurance. Of course, the specific practices that services use may vary by digital product or feature and evolve with both the challenges faced and advances made in age assurance technologies.

The five guiding principles are:

1. Identify, evaluate and adjust for risks to youth to inform proportionate age assurance methods, as part of implementing safety-by-design.
2. Account for risks to user privacy and data protection as part of development, implementation, and ongoing assessment of age assurance approaches.
3. Ensure assurance approaches are broadly inclusive and accessible to all users, regardless of age, socioeconomic status, race, or other characteristics.
4. Conduct layered enforcement operations to implement age assurance approaches.
5. Ensure that relevant age assurance policies and practices are transparent to the public, and report periodically to the public and other stakeholders regarding actions taken.