The UK’s telecoms regulator, Office of Communications or Ofcom, has rolled out guidance for what it calls “highly effective age checks” to prevent individuals under the age of 18 from accessing porn websites.
The new age verification methods, which incorporate artificial intelligence (AI) among other mechanisms, will place a significant portion of responsibility on adult websites to ensure their content is not accessed by minors.
The development arrives under the recently passed Online Safety Act, a highly contentious piece of legislation that set off a prolonged debate on online privacy among digital safety advocates, tech companies, and the UK government.
The law requires digital platforms to implement stricter measures for the safety of children to protect them from online harm, including bullying and content promoting self-harm and eating disorders.
Ofcom says the “age assurance” processes, involving age verification, age estimation, or a combination of both, are highly effective at assessing whether or not a viewer on a given adult website is a child.
As for the incorporation of AI-based technology in child safety measures concerning explicit content, websites will have to set up robust age gates on their landing pages. To verify their age, a viewer will have to upload a selfie to the website, and artificial intelligence will then determine their age based on facial features.
Other verification methods include uploading an image of ID documents such as passport or driver’s licence, and sharing banking information that can confirm a user’s age.
These age checks are not as simple as they sound, however. They involve what is being deemed a controversial approach to restricting children’s access to porn websites. For instance, a viewer might involve their bank to confirm their age to the platform (albeit with consent), or they may upload their ID and then provide an additional live photo for matching to confirm their identity.
Users will also have the option to verify their age through their credit cards, i.e., the bank issuing approval for their customer that they are over 18 years of age. Verification can be provided through mobile network operator and digital wallets as well.
The regulator’s draft guidance will not allow adult websites to continue with “weaker” age checks, including self-declaration of age and warnings or disclaimers. Adult content must not be visible to a viewer before or during the age-checking process, the regulator says.
Privacy and security concerns
Ofcom says all the assurance methods outlined above will be subject to the UK’s privacy laws, but the approach itself raises a slew of questions with regards to data protection and other challenges persisting online. The primary concerns revolve around the potential exposure of sensitive information, as has been observed in various episodes of hacking where critical banking data ended up on malicious sites.
Moreover, experts argue that uploading images to websites that are notorious for publishing and profiting from child sexual abuse will entail further risks for users. The situation becomes particularly alarming in the context of creative developments fuelled by generative artificial intelligence (AI).
Questions are arising on the legitimacy of mechanisms by the government to ensure the protection of personal information that is provided to adult websites for age verification. How the regulators will make sure this information will not be misused by bad actors for malicious purposes, particularly blackmail, is also one of the major concerns.
Open Rights Group (ORG), a digital rights group in the UK, has expressed reservations regarding Ofcom’s proposed guidance. In a statement, ORG said: “Open Rights Group agrees that it is important that children are protected online; however, Ofcom’s proposed guidelines create serious risks to everyone’s privacy and security.”
