Kinding Law Firm
China Game Law
COPPAFTCAgeVerification

U.S. Market Expansion: New Age Verification Method Under COPPA

美国出海:COPPA下新的年龄验证方法

April 8, 2026
4 views

Summary

To facilitate compliance with the Children’s Online Privacy Protection Act (COPPA), the Entertainment Software Rating Board (ESRB), together with other U.S. institutions, has proposed a new mechanism for obtaining verifiable parental consent (VPC). The proposal relies on privacy-protective facial age estimation technology, developed with technical support from Yoti and SuperAwesome. The U.S. Federal Trade Commission (FTC) is currently soliciting public comments on whether this method falls within existing COPPA-approved verification methods, whether it satisfies the statutory requirements for parental consent, and whether it introduces privacy risks, including those related to biometric information. The proposal signals a potentially significant development in age verification compliance for online platforms and gaming services operating in the United States.

In order to implement the relevant requirements of the U.S. COPPA (Children’s Online Privacy Protection Act), the Entertainment Software Rating Board (ESRB) and other U.S. institutions have proposed a new mechanism for obtaining parental consent.

At present, the U.S. Federal Trade Commission (FTC) is soliciting public comments on this application.

Under COPPA, where an online website or service is primarily directed to children under the age of 13, parental consent must be obtained before collecting or using a child’s personal information.

The rule sets out several example methods and also reserves a mechanism allowing the public to submit new methods of verifiable parental consent to the FTC for approval.

“If you intend to disclose a child’s personal information to a third party, or permit the child to publicly disclose such information (for example, through social networking services, online forums, or personal profiles), you must use a method that is reasonably calculated, in light of available technology, to ensure that the person providing consent is the child’s parent.

The specific methods set forth in the Rule or separately approved by the Commission include:

  • Providing a consent form signed by the parent and returned by U.S. mail, facsimile, or electronic scan (the “print-and-send” method);

  • Requiring the parent, in connection with a monetary transaction, to use a credit card, debit card, or other online payment system, and providing notification of each discrete transaction to the primary account holder;

  • Allowing the parent to call a toll-free telephone number staffed by trained personnel, or allowing the parent to contact trained personnel through a video conference;

  • Verifying the parent’s identity by checking a government-issued identification document against a database containing such information, provided that you promptly delete the parent’s identification document after verification is completed;

  • Requiring the parent to answer a series of knowledge-based challenge questions that would be difficult for anyone other than the parent to answer, with such questions separately approved by the Commission pursuant to the procedures set forth in FAQ I.12;

  • Verifying a photograph of the parent’s driver’s license or other photo identification, and then using facial recognition technology to compare that image with a second photograph submitted by the parent, subject to separate Commission approval under the procedures set forth in FAQ I.12; and

  • If you intend to use the child’s personal information solely for internal purposes (i.e., you will not disclose such information to third parties or make it public), you may use any of the methods above, or you may use the “email plus” method for obtaining parental consent.

Under the “email plus” method, the parent provides consent in response to a direct notice sent to the parent’s online contact address.

To properly use the email plus method, you must take an additional confirmation step after receiving the parent’s message (this is the “plus” factor).

The confirmation step may include:

  • In the initial message to the parent, requiring the parent’s reply to include a telephone number, fax number, or mailing address so that you may confirm consent by telephone, fax, or postal mail; or

  • After a reasonable delay, sending a second message to the parent’s online contact information to confirm consent. This confirmation message should include all of the original information contained in the direct notice, inform the parent that he or she may revoke consent, and explain how such consent may be withdrawn.”

(FTC-listed verifiable methods)

The ESRB is currently operating a COPPA Safe Harbor Program. Digital verification company Yoti and software company SuperAwesome have also joined the program to provide technical support and help companies comply with parental verification requirements.

The ESRB and these companies have requested that the FTC approve a new Verifiable Parental Consent (VPC)mechanism, namely “Privacy-Protective Facial Age Estimation” technology.

This technology accurately determines a person’s age by analyzing the geometric structure of the user’s face and further confirms whether the user is an adult.

The verification process includes the following steps:

  1. - The user takes a photograph of themselves;

  2. - The system then checks whether a real human face is present in the image;

  3. - The image is then uploaded to Yoti’s backend server for age estimation.

At present, the FTC is soliciting comments on the proposal, including:

  • whether the proposed age verification method falls within the scope of existing approved methods;

  • whether it complies with the requirements of the COPPA Rule; and

  • whether the proposed method may create privacy risks relating to consumers’ personal information, including biometric information.

中文原文

为贯彻美国COPPA(《儿童在线隐私保护法》)的相关规定,ESRB和美国其他机构提出一项获取家长同意的新机制。目前美国联邦贸易委员会(FTC)就这项申请征求意见。


根据COPPA规定,如在线网站或服务主要面向13岁以下儿童的,在收集或使用儿童的个人信息之前,必须获得父母的同意。该规则列举了一些示例方法,同时也保留了相关条款,包括允许公众向FTC提交可验证的父母同意的新方法。

(FTC列举的可验证方法)


ESRB(娱乐软件评级委员会)正在实行COPPA安全港计划,数字验证公司Yoti和软件公司SuperAwesome也加入了该计划,提供技术支持,帮助公司遵守家长验证要求。


ESRB及这些公司已请求美国FTC批准使用新的可验证家长同意(VPC)机制,即“隐私保护面部年龄评估技术”( Privacy-Protective Facial Age Estimation)。该技术通过分析用户面部的几何形状,准确确定一个人的年龄,进一步确认是否是成年人用户。验证的过程步骤包括:


  • 用户拍摄一张自己的照片;

  • 然后,系统会检查画面中是否存在实际的人脸;

  • 然后将图像上传到 Yoti 的后台服务器进行估算。

目前,美国FTC就该提议正在征求相关意见,包括提议的年龄验证方法是否属于现有方法范畴;是否符合COPPA规则的要求;以及提议的方法是否会对消费者的个人信息(包括生物识别信息)产生隐私风险。

分享文章
Read original article on Zhihu

相关文章

General

Game Licensing (ISBN Approval): Can Cultural Enforcement Be Exercised Across Regions?

游戏版号,文化执法也能异地?

This article analyzes the legality and rationality of cross-regional administrative enforcement in game licensing cases in China. It argues that, under the current legal framework, enforcement should follow the principle of territorial jurisdiction, as the place of illegal conduct is typically tied to the location of the game company. Cross-regional enforcement may lead to jurisdictional conflicts, increased compliance burdens, and risks of profit-driven enforcement, thereby undermining the business environment and procedural fairness.

5 views
General

Twitch bans streamers from “promoting or sponsoring” CS:GO skin gambling

Twitch禁止主播“推广或赞助”CSGO皮肤赌博

Twitch has updated its community guidelines to further restrict gambling-related content, explicitly banning the promotion and sponsorship of skin gambling websites, particularly those مرتبط with Counter-Strike: Global Offensive. Since 2022, Twitch has prohibited the promotion of gambling sites that are not licensed in jurisdictions with consumer protections, naming platforms such as Stake, Rollbit, and Roobet. The latest update expands these restrictions to include CS:GO skin gambling sites and their free social versions, while also banning links, promo codes, and visual displays of such content. Twitch stated that the move responds to renewed interest in CS:GO skin gambling.

3 views
General

Twitch Prohibits Streamers from “Promoting or Sponsoring” CS:GO Skin Gambling

Twitch禁止主播“推广或赞助”CSGO皮肤赌博

This article reports on Twitch’s updated Community Guidelines restricting gambling-related content, particularly the prohibition on promoting or sponsoring CS:GO skin gambling websites. The policy reflects increased platform scrutiny over unlicensed gambling activities while maintaining a distinction that allows certain regulated gambling categories such as sports betting and poker.

6 views