Executive Vice-President Henna Virkkunen, in a written answer on 29 June 2026, sought to reassure that the EU's age verification app, developed under the Digital Services Act (DSA), will remain voluntary and privacy-preserving, addressing concerns over potential mandatory use, metadata tracking, and mission creep. The answer, responding to a question by Afroditi Latinopoulou (PfE), aims to balance minor protection with fundamental rights, impacting online platforms, minors, privacy advocates, and EU digital identity wallet developers.

The Commission's answer clarifies that the DSA requires online platforms accessible to minors to ensure high privacy and safety, but age verification should only be used when no less restrictive measures exist. The EU Age Verification Blueprint employs zero-knowledge proofs, allowing users to prove age without sharing identity or personal details, and platforms receive only cryptographic confirmation with no centralised data storage. Strict compliance with data protection rules is enforced via contractual obligations and mandatory data protection impact assessments.

Virkkunen's response contains concrete technical measures (zero-knowledge proofs, no raw data sharing) and legal references (DSA, e-Commerce Directive, EDPB guidance) but lacks specific numerical targets or deadlines for implementation. The policy orientation is towards privacy-preserving, voluntary age assurance, with enforcement through DSA compliance. Institutional follow-up is expected via ongoing DSA enforcement and potential future guidelines, though no timeline is given.

Asked byAfroditi Latinopoulou (PfE) · answered by Henna Virkkunen
← Atlas › News › Digital & Communication