4 regions you didn't know already had age verification laws - and how they're enforced

Age verification’s arrival in the UK has caused a wave of uncertainty among Brits. The new systems aim to protect children from accessing adult or harmful content inadvertently; however, the implementation of these measures has become a cause for concern among privacy advocates.

What many don’t know is that such measures are already either in effect or coming into effect across several major regions worldwide. While no two regions are going about age verification the same way, two questions remain: which is doing it best? And has anyone avoided the vocal uncertainties of global privacy advocates? Here’s everything we know

Australia's Online Safety Act 2021

Australia’s 2021 Online Safety Act was less focused on restricting access to adult content than it was on tackling issues of cyberbullying and online abuse of children, especially on social media platforms.

The act introduced a legal framework to allow people to request the removal of hateful and abusive content and gave the Australian eSafety Commissioner powers to force providers to block and remove access to content.

There was also a proposal to block access to social media for anyone under the age of 16, which became law at the end of 2024. Providers have 12 months to implement some form of age verification, and trials of potential solutions have just finished as of August 1, 2025.

There has been pushback against the implementation of this ban, with both the Australian Law Council and the Privacy Commissioner expressing concerns about the scope of the legislation. Notably, whether it will simply encourage younger internet users to turn to less legitimate sites once mainstream platforms have been blocked.

China's Internet real-name system

Chinese law has required online service providers to implement a real-name registration system for over a decade.

In 2012, the Decision on Strengthening Network Information Protection was passed, before being codified into law in 2016 as the Cybersecurity Law. The legislation requires online service providers to collect users’ real names, ID numbers, and other personal information. The government claims that this is to maintain public order and hold individuals accountable for what they say and do online.

There have been several changes and amendments to this legislation since its inception. In 2015, users were made to sign up with their real names on internet services. In 2017, the Cyberspace Administration of China announced regulations requiring online platforms to request and verify the real names of users when they register. Further changes followed in 2020, 2023, and 2025 when China launched the National Online Identity Authentication System, which allowed users to submit their personal information in return for an "Internet certificate" which is a unique code that can be used to verify real-name identities and access online accounts without submitting details multiple times.

Opponents of this legislation argue that it could further restrict freedom of expression in the country, as well as increase the ease of identity theft or targeted fraud if everyone’s real name is public. Foreign technology companies have also warned that they could be asked to provide product details to the authorities, including source code, details of encryption, or other crucial information, which could increase the risk of intellectual property theft or details of their products being passed to local competitors.

The USA's Children's Online Privacy Protection Act 1998 (COPPA)

The USA’s COPPA is intended to protect the privacy of children under the age of 13 by requiring parental consent before any personal information can be collected. It also sets out the responsibilities of the website owner/service provider to protect this information and the safety of minors using its service.

As with the other laws we’ve looked at, COPPA has its fair share of critics and opponents and has been criticized as being both ineffective and unconstitutional by experts. Critics claim that it encourages users to lie about their age to access content and allows websites to sidestep the need for parental consent. It has also been accused of contributing to the suppression of children's freedom of speech, self-expression, and other First Amendment rights

In 2012, an Internet Safety Technical Task Force found that age verification is not only a poor solution for privacy but can also constitute a violation of privacy. It also doesn’t prevent kids from accessing adult content or lying about their age, it doesn’t ensure a safe online environment, and it doesn’t prevent targeted or potentially predatory advertising to children.

An updated version of the legislation, COPPA 2, was initially defeated when it was first introduced in 2024 as an amendment to the Kids Online Safety Act (KOSA), but it has been reintroduced in 2025. COPPA 2.0 is designed to increase the age range to include everyone under the age of 17, rather than 13, and would introduce measures to ensure companies obtain opt-in consent from anyone aged 13-16 before processing their data.

The EU Digital Services Act (DSA)

The DSA is a piece of legislation specifically targeting what the EU describes as Very Large Online Platforms (VLOPs). These are companies like AliExpress, Amazon, Google, Meta, Microsoft, etc.

In 2025, the European Commission took the first steps towards creating an EU-wide strategy for age verification on websites when it released a prototype app for a potential age verification solution called a mini wallet, which is designed to be interoperable with the EU Digital Identity Wallet scheme.

Like the UK’s version, it’s designed to use bank details, national ID card schemes or (in the future) passports to verify a user’s age, though there have been concerns that this may render it inaccessible to large groups of people, including migrants who may not have any of these forms of ID.

The main issues with this legislation have been due to some of the details in the implementation guide, which suggests that the EU will allow individual member states to set their own age requirements, leading to implementations becoming fragmented and confused. There has also been push-back from the Center for Democracy and Technology Europe, which has argued that these planned age estimation technologies are “neither accurate nor privacy-preserving.”

What's next?

While it is agreed that there need to be safeguards in place to prevent children from accessing potentially harmful content, these laws often have unintended consequences in terms of personal privacy and liberty. In the UK, over 450,000 people have signed a petition to repeal the Online Safety Act and, though the Government has claimed the act won't be repealed, the response is sure to open a number of conversations.

In Europe, since the solution is currently being trialled, it remains to be seen what the widespread response, and resultant changes, might be. However, backlash to EU initiatives such as 'Chat Control' suggests the debate as to how age verification occurs in Europe may be equally contested.

For now, those worried about the security of their online data can use a VPN to add an extra layer of security. Right now, the best VPN available is NordVPN, though a superb, cheap option is Surfshark should you want an alternative. A VPN encrypts your data, making it near-impossible for bad actors to intercept while you verify your age.