The Federal Trade Commission (FTC) has announced a significant shift in its enforcement of children’s online privacy regulations, specifically regarding age verification technologies. This decision allows certain websites that collect and process minors’ personal data solely to verify their ages to operate without fear of enforcement under existing children’s privacy laws. “…
Published 6 hours ago on Feb 28th 2026, 5:00 am
By Web Desk
The FTC’s recent policy statement aims to encourage the adoption of age verification technologies, amplifying this crucial aspect of online safety for children. According to Christopher Mufarrige, the director of the Bureau of Consumer Protection, these technologies represent a major advance in protecting young users. The agency’s new direction allows certain commercial websites to collect personal data of minors without needing parental consent, as long as this data is strictly used for age verification purposes.
Under the Children’s Online Privacy Protection Act (COPPA), commercial operators are generally required to obtain consent from parents before collecting any data from children under the age of 13. However, the FTC’s guidelines will exempt so-called “mixed audience” sites from this obligation when data is gathered specifically to ascertain a user’s age. Conditions for this exemption mandate that data must be deleted promptly after being used, can only be shared with third-party service providers that demonstrate adequate data security practices, and require proper disclosure of the data collection process. It is crucial for these entities to adopt stringent security measures and ensure accuracy in their age determinations.
This policy announcement has garnered positive reactions from proponents of age verification technologies, but it has also raised concerns among privacy advocates. For instance, the Electronic Frontier Foundation (EFF) has pointed out that collecting data for age verification may inadvertently expose children to risks, which COPPA aims to mitigate. EFF Senior Counsel David Greene noted instances of data breaches, highlighting a previous incident where Discord reported that approximately 70,000 users’ government ID details were compromised during an age verification process. Such occurrences call into question the FTC’s commitment to safeguarding children’s privacy.
Conversely, Suzanne Bernstein from the Electronic Privacy Information Center (EPIC) emphasized that the FTC’s guidelines stress the importance of responsible data handling practices when implementing age assurance technologies. She highlighted the need for companies to protect against data misuse and ensure robust security measures are in place.
The FTC’s policy statement outlines how the agency intends to exercise discretion in enforcing the law regarding age verification technologies. The Commission is also contemplating more permanent changes to the existing regulations, signaling an upcoming review of the underlying COPPA Rule. This review aims to modernize the framework governing age verification mechanisms, with the FTC’s current policy remaining active until it is modified or replaced with a revised rule.