Social media bans may push kids to riskier sites

In the push to protect young people online, a growing number of governments are proposing to ban children under 16 from social media platforms. While the intent is safety, the practical implementation of these age verification laws creates a significant dilemma. The very systems designed to shield minors often demand unprecedented amounts of personal data, potentially exposing them to new and serious risks.

Australia set a precedent last year by introducing such a ban, and other nations are now considering similar legislation. However, cybersecurity experts point out that access restrictions frequently motivate users to find ways around them. Teenagers are already adept at bypassing controls by falsifying birth dates, borrowing credentials, or migrating to platforms not yet covered by regulations.

Privacy advocates view these measures with deep skepticism, arguing they represent a form of government surveillance and censorship disguised as child protection. The debate has extended into the tech industry itself, where companies are proposing conflicting solutions. Meta has advocated for shifting the verification burden to app stores, which would confirm a user’s age before allowing downloads. Google has strongly opposed this model, warning it fails on shared devices, excludes desktop use, and could leave pre-installed apps unregulated.

More critically, Google expressed “strong concerns” that this approach would force the sharing of sensitive age band data with countless app developers who have no legitimate need for it. Most verification systems require submitting highly sensitive information, such as government-issued IDs or facial biometrics, to link an online identity to a real person. This process effectively allows big tech companies to amass even more detailed data troves, which in turn become attractive targets for cybercriminal networks.

For a child, the choice often boils down to submitting to an intrusive check they may not fully comprehend or seeking a way to evade it. The consequences of a data breach in these systems are severe. A child’s personal information can be stolen and sold on illicit marketplaces, including the dark web, where it may be used for fraud, identity theft, or even to physically locate and target the minor. The 2025 breach involving Discord, linked to a third-party vendor handling age appeals, underscored this threat, potentially exposing government ID photos for about 70,000 global users. The risk is amplified on platforms popular with youth, like Discord, which recently expanded its own verification to include facial scans, stirring further controversy.

The instinct to circumvent rules is a near-universal part of growing up, and it doesn’t disappear online. The danger lies in where these attempts lead. Bypassing controls can drive young users toward less visible, less secure corners of the internet, including unverified platforms or secret accounts. In their search for access, children can easily fall victim to online scams that promise easy solutions. They might encounter ads for VPN services requiring personal sign-up details, some of which are designed to harvest data or install malware. Security researchers at firms like Zimperium have identified VPN apps that leak user data, demand excessive permissions, or are built on insecure code.

These scams often employ high-pressure tactics, like messages threatening account deletion unless immediate action is taken. In some instances, a child might use a parent’s email and password to register elsewhere. If those credentials are compromised, it can provide a gateway to the parent’s other critical accounts, including email or banking.

Ultimately, absolute bans are unlikely to solve the core problem and may inadvertently cause more harm. A more effective strategy involves comprehensive digital education for both children and parents, clearly outlining the real-world consequences of trying to skirt online protections. While governments react to public pressure and platforms prioritize business interests, the fundamental responsibility for navigating this complex landscape continues to rest with families.