Age Verification Laws by Country (2026): UK, EU, US, Australia
AgeOnce Team
A concise reference to age assurance and age verification requirements across major jurisdictions in 2026.
Regulators worldwide are tightening rules for platforms that serve minors or restrict access by age. In 2026, requirements differ sharply by region.
Regulatory milestones
- 2023 · UK
UK Online Safety Act passed
- Jul 2025 · UK
UK OSA in force; Ofcom age assurance guidance
- 2025 · EU
EU age verification blueprint; DSA enforcement
- Apr 2026 · UK
UK: Major platforms demonstrate age restrictions
- Mar 2026 · AU
Australia Age-Restricted Material Codes in effect
- 2026–2027 · EU
EU Digital Identity Wallet (eIDAS 2.0) rollout
UK: Online Safety Act. In force from July 2025, the Act requires "highly effective" age assurance for services exposing under-18s to harmful content. Ofcom considers compliant methods to include: photo ID matching, facial age estimation, Open Banking checks, digital identity services, and mobile network operator checks. Self-declaration alone is not sufficient. Fines and investigations are already active.
At a glance by region
Online Safety Act
Highly effective age assurance; Ofcom guidance; fines and investigations active.
DSA + blueprint
Privacy-preserving proof of age; eIDAS 2.0 wallet; up to 6% turnover penalties.
State-by-state
No single federal law; FTC COPPA signals; many states advancing age checks.
2026 Codes
Social media, chatbots, app stores; robust verification; high penalties.
EU: DSA and age verification blueprint. The Digital Services Act obliges platforms to protect minors and implement age verification where needed. The European Commission’s age verification blueprint (2025) promotes privacy-preserving proof of age (e.g. proving "over 18" without disclosing birth date) and aligns with the upcoming EU Digital Identity Wallet (eIDAS 2.0). Member States are piloting the approach.
US: State-by-state. Roughly half of US states have passed or are advancing laws that require age checks for social media, gaming, or adult content. Methods and strictness vary. The FTC has signalled support for certain age-verification technologies under COPPA, subject to accuracy, security, and data-minimisation conditions. Some state laws have faced First Amendment challenges.
Australia. From March 2026, Age-Restricted Material Codes apply to a wide set of services (e.g. social media, app stores, AI chatbots, pornography). Platforms must use robust age verification (e.g. facial age estimation, digital wallets, or photo ID) for high-impact content. Penalties for non-compliance are significant.
Platforms operating in multiple jurisdictions should map obligations per territory and choose age-assurance solutions that support compliance and data minimisation in each. A single privacy-first integration, where you receive only an 18+ token and an Audit ID per verification with no ID or face storage, can serve UK, EU, US, and Australian requirements without duplicating systems or data.
By region (expand to read)
The Digital Services Act obliges platforms to protect minors and implement age verification where needed. The Commission's age verification blueprint (2025) promotes privacy-preserving proof of age (e.g. proving "over 18" without disclosing birth date) and aligns with the EU Digital Identity Wallet (eIDAS 2.0). Member States are piloting the approach. Penalties can reach up to 6% of global turnover for serious non-compliance.
No single federal age verification law. Many states have passed or proposed laws requiring age checks for social media, gaming, or adult content. Requirements and methods vary; some laws have been challenged on First Amendment grounds. The FTC has signalled support for certain age-verification technologies under COPPA (2026 policy), subject to accuracy, security, notice, and retention conditions.
From March 2026, Age-Restricted Material Codes apply to social media, AI chatbots, app stores, online gaming, search engines, messaging, and pornography. Platforms must use robust age verification (e.g. facial age estimation, digital wallets, photo ID) for high-impact harmful content. Penalties for non-compliance are high, up to tens of millions of dollars.
This is what we solve with AgeOnce
18+ token and Audit ID only, with no document or face storage
Returning users re-verify with a quick face check across your and partners’ sites
One integration for UK, EU, US, Australia (DSA, GDPR, Ofcom, ICO ready)
Prove compliance to regulators without holding sensitive data
Recent Posts
ICO Fines and the March 2026 Open Letter: Reddit, MediaLab, and Big Tech on Notice
The UK ICO has fined Reddit and MediaLab for age-assurance failures and sent an open letter to major platforms. What it means for compliance.
On-Device Age Verification: When Your Face Never Leaves Your Phone
How age verification can run entirely on the user’s device so that no face image or biometric data is sent to servers.
The 'Age Verification Trap': Can Platforms Comply Without Collecting Biometrics on Kids?
Regulators demand age checks, but collecting biometrics from minors triggers privacy concerns. How to navigate the trap.