Open Rights Group warns of unregulated age verification in new UK online safety plans
Open Rights Group has criticised recent UK government proposals on online safety, arguing that expanded age restrictions and delegated powers could increase biometric data collection while limiting parliamentary oversight.
Open Rights Group (ORG) has raised concerns about the UK government’s latest online safety proposals, warning that millions of users could be required to undergo age verification through providers that are not subject to dedicated regulation.
The government has outlined several measures, including plans to introduce so-called ‘Henry VIII’ powers into the Children Wellbeing and Schools Bill. These powers would allow ministers to implement a social media ban for under-16s through secondary legislation rather than a full Act of Parliament. Additional proposals include extending Online Safety Act duties to AI chatbot providers, consulting on age restrictions for access to social media, VPN services and AI tools, and exploring technical restrictions on the sharing of suspected child sexual abuse material.
ORG argues that a social media ban for under-16s would require widespread age checks, meaning that users of all ages may have to prove their identity to access mainstream platforms. According to the organisation, this could significantly expand the use of biometric verification systems, such as facial scans, and embed identity-checking infrastructure deeper into everyday internet use.
The group has written to the Secretary of State for Science, Innovation and Technology, calling for specific regulation of age assurance providers operating under the Online Safety Act. The letter was also signed by the Age Verification Providers Association and members of the public. ORG is urging the government, the Information Commissioner’s Office and Ofcom to establish compulsory privacy and security standards for companies providing age verification services.
ORG has also raised concerns about governance. Henry VIII clauses allow ministers to amend or override primary legislation by means of secondary legislation, a process that typically involves less extensive parliamentary scrutiny. The organisation argues that expanding such powers could reduce oversight of significant policy changes affecting digital rights and access to online services.
In its response, ORG maintains that while protecting children online is an important objective, the current approach risks expanding sensitive data collection and concentrating control over digital identity systems in private companies, without sufficient regulatory safeguards or parliamentary debate.
