Authors: Natascha Gerlach and Jasmina Byrne
A case for safe participation over exclusion
Recent proposals to restrict minors’ access to social media reflect legitimate concerns about children’s online safety and reflect growing public demand for stronger protections. From Australia to Europe, governments are increasingly turning to age-based restrictions as a way to reduce online harms.
The debate, however, has become too narrowly focused on whether children under a certain age should be allowed to access social media at all. Age-based restrictions may have a role, but they are not a substitute for addressing how the underlying design choices should make online environments safe.
The real question is not whether children should be online, but under what conditions they can participate safely. Protecting children requires digital services that are safer by design while preserving children’s rights, opportunities, and ability to participate in the digital world.
The limits of age-based restrictions
The strongest argument for restrictions rests on concerns that systemic online risks affecting children have not been adequately addressed. Exposure to harmful content or unwanted contact, certain harmful design choices, or processing practices have all contributed to a growing perception that digital services are not consistently designed with children’s best interests in mind. Public concern about these issues is legitimate. Policymakers are right to ask for accountability from platforms and strong protections for young users.
But while access restrictions may appear to offer a straightforward response, they do not eliminate children’s online activity. Children frequently find ways around age restrictions including using VPNs, accessing services through shared adult or older sibling accounts, or moving to other platforms where oversights and safety tools may be weaker and enforcement challenging.
Policymakers should also be clear about the evidentiary basis for intervention. The effectiveness of broad age-based restrictions remains uncertain and more recent studies have raised questions about their efficacy – regulatory measures should be evaluated by the extent to which they reduce harm in practice. Many experts agree that strengthening age-appropriate design is the better policy choice.

What a blunt restriction puts at risk
While recent discussions often focused exclusively on risk, for many young people, online platforms are also an important source of information, learning, creativity, social connection, or civic participation. In some jurisdictions, restrictions beginning at age 16 may affect young people who can already vote at that age – or will soon be able to – and who gain their information on online platforms. Policymakers should therefore carefully consider the relationship between age-based access restrictions and broader objectives relating to participation and inclusion.
For some children, online spaces provide access to information, trusted resources, and supportive communities that may not be available offline—for example for those living in isolated areas, unsafe home environments, or young people looking for information related to sexual orientation. Policymakers should therefore consider both the harms that restrictions may prevent and the opportunities they may inadvertently limit. The key question is whether a restriction is proportionate to the risks it seeks to address and whether it reduces harm without creating new ones.
Age assurance: a tool, not a silver bullet
Age assurance can help create safer and more age-appropriate online experiences, but it is not a solution on its own. Its value depends on how it is designed, deployed, and matched to the risks involved.
Any credible age assurance framework should be grounded in data minimisation, proportionality, and privacy by design. Approaches that consider privacy-enhancing technologies generally be preferred, for example, over approaches that require routine disclosure of identity documents or extensive personal information. As more than 300 security and privacy researchers have argued, age assurance should improve children’s safety without creating unnecessary privacy risks for everyone else.
The level of assurance should reflect the level of risk. More intrusive methods may be appropriate for genuinely high-risk services, while lower-risk contexts should rely on less burdensome approaches. A one-size-fits-all model is unlikely to deliver better safety while imposing unnecessary privacy costs.
International consistency will also matter. Divergent age assurance requirements could increase compliance costs and lead to unnecessary collection of children’s personal information across jurisdictions. The objective is not age assurance for its own sake, but age assurance that demonstrably improves safety while protecting privacy and inclusion.
The respective roles of parents, platforms, and policymakers
Parents are understandably concerned about the scale and complexity of children’s digital lives. The rapidly evolving online service environment creates challenges that no parent can reasonably manage alone. It is therefore unsurprising that families look to governments and technology companies to help create safer online environments.
Yet child online safety cannot be achieved through regulation alone. Platforms should design services that are safe and age-appropriate by default, supported by meaningful accountability, transparency, and privacy safeguards. Policymakers should set clear expectations, establish minimum standards, and encourage safer design through proportionate, evidence-based regulation. And while burden should not be placed on parents alone, they do have an important role. Children’s maturity, resilience, needs, and circumstances vary, and no regulatory framework can account for every family.
Public policy should therefore support—not replace—parental decision-making by providing tools, information, and resources that help parents guide their children’s online participation.
The goal is not to shift responsibility from one actor to another, but to ensure that platforms, policymakers, parents (and guardians), and children each play a meaningful role in creating safer online experiences.
Children’s voices belong in the policy process
Discussions about children’s online safety are often conducted without meaningful input from the children and young people most affected by the resulting policies. Including their perspectives is not only consistent with the UN Convention on the Rights of the Child—it also leads to better policymaking by helping regulators understand how young people actually use digital services, perceive risk and respond to restrictions.[9] Their experiences can help identify which interventions are likely to improve safety while preserving beneficial forms of participation.
Meaningful participation should be treated as part of effective governance, not as an afterthought. Policymakers should, therefore, engage children early in the policy development process and provide feedback to children about how their views influenced the final policy outcome.
Toward effective and coherent child online safety policy
There is a broad agreement on the objective: improving children’s safety online. The challenge is to translate that shared goal into policies that are effective, practical, and capable of balancing safety, privacy, participation, and accountability.
Encouragingly, the G7 digital ministers’ emerging consensus on protecting children online points toward a durable and internationally coherent approach. Rather than focusing primarily on exclusion, they emphasise safety by design, privacy-preserving age assurance, transparency, risk mitigation, and shared responsibility. This reflects an important recognition that protecting children online is fundamentally a governance challenge rather than one that can be solved through a single measure.
The recent recommendations of Germany’s Independent Expert Commission similarly conclude that protecting children online requires not only safeguards but also empowerment, participation, and shared responsibility. Greater international alignment would help avoid fragmented regulatory approaches while providing clearer expectations for platforms operating across borders.
Creating safer digital environments is more challenging than simply restricting access because it requires addressing the underlying concerns of online harm rather than excluding children from digital spaces. That means investing in safety- and privacy-by-design, proportionate age assurance, meaningful accountability, digital literacy, and continued engagement with children, parents, educators, industry, and civil society. It also requires recognising that effective solutions must work across different cultural and economic contexts and legal jurisdictions.