EU says Meta measures fall short in protecting children online

According to the Commission, Instagram and Facebook have not effectively enforced their own minimum age requirement, allowing underage users to access the services. Investigators found that children can easily bypass age checks by entering false birth dates, with no robust verification systems in place. Tools designed to report underage users were also described as difficult to use and ineffective, with limited follow-up once reports are submitted.

The findings also point to shortcomings in Meta’s risk assessment, which the Commission says does not sufficiently account for the presence and vulnerability of younger users. Data across the EU suggests that up to 12% of children under 13 may already be using these platforms.

“Meta’s own general conditions indicate their services are not intended for minors under 13. Yet, our preliminary findings show that Instagram and Facebook are doing very little to prevent children below this age from accessing their services. The DSA requires platforms to enforce their own rules: terms and conditions should not be mere written statements, but rather the basis for concrete action to protect users - including children,” said Henna Virkkunen, Executive Vice-President for Tech Sovereignty, Security and Democracy.

Meta now has the opportunity to respond to the findings. If confirmed, the company could face fines of up to 6% of its global annual turnover.

Earlier this month, The European Commission announced plans to launch a digital age verification app.