Insights

ANPD Opens Public Consultation on Age Assurance Mechanisms in the Digital Environment

The Brazilian National Data Protection Authority opened a call for inputs to receive contributions to the Guidance Document on “Age Assurance Mechanisms,” an initiative linked to the implementation of the Digital Statute of the Child and Adolescent, known as the Digital ECA.

The public consultation seeks to gather contributions from society, the public sector, and the private sector to improve guidance on the adoption of reliable age verification mechanisms by providers of digital products and services. Contributions may be submitted from May 22 to July 9, 2026.

The Guidance Document aims to assist organizations that offer information technology products and services directed at children and adolescents or likely to be accessed by this audience. The proposal further develops concepts, discusses the digital chain of responsibilities, and presents specific requirements for technical solutions, such as facial age estimation and document verification.

The initiative is part of a broader regulatory context focused on the protection of children and adolescents in the digital environment. With the advancement of platforms, apps, games, social media, marketplaces, digital educational environments, and artificial intelligence-based systems, the proper identification of users’ age groups has become a central issue for defining safeguards, parental controls, limitation of functionalities, and the adequacy of content and data processing activities.

From a legal and corporate perspective, age assurance must be implemented in compliance with the principles of the LGPD, especially purpose limitation, adequacy, necessity, transparency, security, and prevention. This means that age verification should not serve as a justification for excessive collection of personal data or the adoption of mechanisms that are disproportionate to the risk presented by the service.

The use of solutions such as facial age estimation or document verification requires additional attention. These mechanisms may involve the processing of sensitive data, biometric information, or identification documents, which requires prior risk assessment, robust security measures, transparency with data subjects, and proper documentation of processing decisions.

For technology companies, digital platforms, edtechs, games, social media networks, app stores, operating systems, and other players in the digital ecosystem, the public consultation represents a relevant opportunity to participate in the regulatory construction process. At the same time, it signals the need to prepare for an environment of increased oversight and compliance requirements.

Among the main risks are regulatory non-compliance, irregular collection of personal data, lack of transparency, security incidents, inadequate processing of children’s and adolescents’ data, and potential application of administrative sanctions.

In this scenario, organizations are advised to map products and services accessed by children and adolescents, assess the necessity and proportionality of age assurance mechanisms, review privacy policies, strengthen information security controls, document legal bases, and adopt governance compatible with the level of risk of their operations.

ANPD’s public consultation reinforces that the protection of children and adolescents in the digital environment must be built with a balance between innovation, security, privacy, and regulatory responsibility.

Conteúdo relacionado

ANPD and MEC Sign Partnership to Strengthen the Culture of Data Protection in Education

STJ Allows the Use of Evidence Obtained in an Extinguished Civil Lawsuit in a Criminal Investigation

STJ Rejects the Use of a Writ of Injunction to Authorize Domestic Cannabis Cultivation

MENU

Fale conosco
+55 (21) 99073 4906
contato@pdka.com.br