The House of Commons Education Committee has submitted a formal response to the government’s consultation, urging a statutory ban on social‑media use for under‑16s and new “safety‑by‑design” duties for platforms. The proposal references the UK Online Safety Act 2023, the forthcoming Children’s Online Safety (Amendment) Regulations, and draws on international precedents such as Australia’s Social Media Safety Act 2025.
UK Education Committee Calls for Statutory Under‑16 Social‑Media Ban and Design‑Safety Rules
Regulatory action – The Education Committee has issued a formal response to the government’s Online Safety Consultation (opened March 2026). It recommends two linked measures:
- Statutory ban on social‑media access for anyone under 16 – modeled on the Australian Social Media Safety Act 2025 and the Greek Digital Services Act (2026).
- Safety‑by‑design obligations for all platforms that target users under 18, covering infinite scrolling, algorithmic amplification, and auto‑play video.
What the ban requires
| Requirement | Detail | Effective date (proposed) |
|---|---|---|
| Age‑verification | Platforms must implement a government‑approved age‑check system that links a user’s account to a verified guardian ID before any social‑media functionality is enabled. | 1 January 2027 (12‑month implementation period) |
| Access block | If a user is identified as under‑16, the platform must block all social‑media feeds, messaging, and story features. Only a restricted “parent‑supervised” view (e.g., read‑only public posts) may be offered. | 1 January 2027 |
| Enforcement | The UK Information Commissioner’s Office (ICO) will issue compliance notices and may levy fines up to £10 million or 4 % of global turnover for breaches, consistent with the Online Safety Act 2023 penalty framework. | Ongoing from 1 January 2027 |
Design‑safety duties (new regulations)
The Committee proposes amendments to the Children’s Online Safety (Amendment) Regulations 2026 that would impose the following duties on any service that:
- Targets users under 18, or
- Uses algorithmic recommendation engines that can be accessed by under‑18s.
| Duty | Practical steps for compliance |
|---|---|
| Restrict infinite scroll | Replace endless feeds with paginated or time‑boxed views for under‑18 accounts. Provide a clear “stop scrolling” button. |
| Algorithmic transparency | Publish a child‑focused summary of how content is ranked. Offer an opt‑out from personalized recommendation for under‑18 accounts. |
| Auto‑play control | Disable auto‑play for video content unless the user explicitly enables it. Default must be “off”. |
| Safety‑by‑design testing | Conduct independent usability and psychological impact assessments before releasing new features that affect under‑18s. Document findings and submit to the ICO within 30 days of launch. |
| Reporting | Quarterly reports to the ICO detailing age‑verification accuracy, incidents of harmful content, and steps taken to mitigate them. |
Failure to meet any of these duties will trigger the same fine regime as the ban itself, plus a mandatory remediation plan overseen by the ICO.
Compliance timeline for platforms
- April 2026 – July 2026 – Review existing age‑verification mechanisms and begin development of a government‑approved system. Begin internal audit of UI/UX for infinite scroll, auto‑play, and recommendation algorithms.
- August 2026 – December 2026 – Submit a draft compliance plan to the ICO, including:
- Technical specifications for age‑check APIs.
- Design‑safety impact assessments for each at‑risk feature.
- January 1 2027 – Legal enforcement date. All platforms must have the age‑verification system live and must have disabled the prohibited features for under‑16 accounts.
- January 2027 – March 2027 – ICO conducts compliance audits. Platforms that miss the deadline receive a formal notice and a 30‑day remediation window before fines are imposed.
- April 2027 onward – Ongoing quarterly reporting and periodic independent audits (minimum every 24 months).
---\n
Why this matters for compliance officers
- Legal certainty – By anchoring the ban to the Online Safety Act 2023 and the upcoming amendment regulations, the UK government provides a clear statutory basis. Non‑compliance is no longer a matter of “best practice” but a punishable offence.
- Operational impact – Age‑verification will require integration with the UK’s Digital Identity Verification Service (DIVS), currently being piloted for banking. Platforms should start a joint‑venture or API partnership now to avoid a rushed rollout.
- Product redesign – Features such as infinite scroll are not merely UI choices; they are now regulated functions. Development teams must treat them as separate product modules with their own compliance gate.
- Cross‑border relevance – Many global platforms already operate under the EU’s Digital Services Act (DSA), which includes similar “risk‑assessment” obligations for minors. Aligning UK compliance work with DSA processes can reduce duplication.
- Risk of indirect penalties – Even if a platform limits access for under‑16s, the ICO can still penalise the company for failing to protect under‑18s from harmful design. A holistic child‑safety program is therefore essential.
International context and best‑practice references
- Australia’s Social Media Safety Act 2025 – Provides the first full‑scale statutory ban. The Australian eSafety Commissioner publishes a compliance toolkit that can be adapted for the UK market: eSafety Toolkit.
- Greece’s Digital Services Regulation 2026 – Enforces a mid‑2026 ban and includes a mandatory “age‑gate” API. The Greek regulator’s technical specification is publicly available: Greek Age‑Gate Spec.
- UK’s own Online Safety Act 2023 – Already gives the ICO power to fine platforms for illegal content. The upcoming amendment will extend that power to design‑safety breaches.
Next steps for organisations
- Appoint a child‑safety lead – This role should report directly to the Chief Compliance Officer and be responsible for all age‑verification and design‑safety initiatives.
- Map existing features – Create an inventory of all UI components that could be classified as “addictive design” (e.g., endless feeds, auto‑play, push notifications).
- Engage with the ICO early – Request a pre‑submission meeting to clarify expectations around the age‑verification API and the required safety‑by‑design documentation.
- Pilot a compliant version – Use a controlled user group (e.g., a UK university cohort) to test the new age‑gate and design changes before the 1 January 2027 deadline.
- Prepare for reporting – Set up automated data pipelines to generate the quarterly compliance reports required by the ICO, ensuring data privacy for minors is maintained throughout.
By treating the Education Committee’s recommendations as a binding regulatory roadmap rather than a political statement, organisations can protect children, avoid hefty fines, and maintain public trust in their digital services.
Comments
Please log in or register to join the discussion