Meta is not doing enough to enforce its own minimum age policy
In Brussels, the European Union has formally challenged Meta's stewardship of its youngest would-be users, finding that Facebook and Instagram lack the mechanisms necessary to keep children under 13 from entering spaces built for older minds. The investigation reveals not a failure of stated intention but of enacted responsibility — a gap between the policy Meta claims and the protections it actually builds. At stake is not only regulatory compliance but the quieter question of what obligations a platform bears when it becomes, by default, part of childhood itself.
- The EU has determined that Meta's age verification systems are too weak to meaningfully enforce its own 13-year minimum, allowing young children to slip through into platforms designed for older users.
- Children under 13 are being exposed to algorithmic recommendations, content moderation standards, and data collection practices calibrated for teenagers and adults — a mismatch with real developmental consequences.
- European regulators are signaling that self-regulation has failed, and are moving toward mandatory compliance frameworks backed by the threat of substantial financial penalties.
- Meta now faces pressure to overhaul its signup flows and parental consent processes — changes that could slow user growth in one of the world's most consequential digital markets.
Brussels has concluded that Meta is not doing enough to keep children under 13 off Facebook and Instagram. The EU's investigation found that the company's age verification and parental consent systems are inadequate, allowing minors to access platforms explicitly designed for older users — and carrying the threat of significant fines if Meta fails to act.
Meta has long maintained a minimum age policy of 13 on both platforms, but the gap between that stated policy and its enforcement has proven wide. Regulators found that Meta lacks sufficient technical or procedural safeguards to verify age at signup or secure meaningful parental consent, leaving children well below the threshold free to create accounts, consume content, and have their data collected by systems never designed with them in mind.
The concern runs deeper than rule-breaking. Children under 13 encounter algorithmic recommendations and data practices calibrated for teenagers and adults, and European law — including the Digital Services Act — requires companies to prevent exactly this. Regulators suggest Meta has had the capacity to do more, but has not treated age enforcement as a core platform priority.
The EU has demonstrated a willingness to impose substantial penalties on technology companies, and child protection violations carry particular weight in European policy. Meta now faces a clear choice: invest seriously in age verification infrastructure, or prepare for enforcement action that could reshape how it operates across Europe's digital landscape. The Brussels finding is not an isolated complaint — it arrives alongside ongoing scrutiny of Meta's data practices, algorithmic transparency, and content moderation, signaling that the era of self-regulation for the region's largest platforms may be drawing to a close.
Brussels has concluded that Meta is not doing enough to keep children under 13 off Facebook and Instagram. The European Union's investigation found that the company's age verification and parental consent systems are inadequate, allowing minors to access platforms explicitly designed for users 13 and older. The finding represents a significant regulatory challenge to Meta's operations across Europe and carries the threat of substantial fines if the company fails to strengthen its protections.
Meta's stated policy has long required users to be at least 13 years old on both platforms. Yet the company has struggled to enforce this boundary effectively. The EU investigation determined that Meta is not implementing sufficient technical or procedural safeguards to verify a user's age at signup or to obtain meaningful parental consent when younger children do attempt to join. This gap between policy and practice has allowed children well below the age threshold to create accounts, access content, and have their data collected by systems built for older users.
The regulatory concern extends beyond simple rule-breaking. Children under 13 encounter content moderation standards, algorithmic recommendations, and data practices calibrated for teenagers and adults. They may be exposed to material inappropriate for their developmental stage, and their personal information is being processed in ways that European law—particularly the Digital Services Act and regulations protecting minors—requires companies to prevent. The EU's investigation suggests Meta has had the technical capacity to do more but has chosen not to prioritize age enforcement as a core feature of its platforms.
Brussels has signaled that fines are a realistic possibility if Meta does not act. The EU has demonstrated willingness to impose substantial penalties on technology companies for regulatory violations, and child protection violations carry particular weight in European policy. Meta faces pressure to redesign its signup flows, implement more robust age verification methods, and establish clearer parental consent processes—changes that could affect user acquisition and platform growth in the region.
The investigation reflects a broader European push to regulate how technology companies handle minors. Regulators across the continent have grown increasingly skeptical of Meta's self-regulatory approach and are moving toward mandatory compliance frameworks. For Meta, the Brussels finding is not an isolated complaint but part of a pattern of regulatory scrutiny that includes investigations into data practices, algorithmic transparency, and content moderation. The company now faces a choice: invest significantly in age verification infrastructure, or prepare for enforcement action that could reshape how it operates in Europe's largest digital market.
Notable Quotes
Meta is not doing enough to prevent minors under 13 from using Facebook and Instagram— European Union investigation conclusion
The Hearth Conversation Another angle on the story
Why does the EU care so much about this particular rule? Thirteen is an arbitrary number.
It's not arbitrary to European regulators. Thirteen is the legal threshold across EU member states for when a child can consent to their own data being collected. Below that age, you need parental permission. Meta's platforms collect enormous amounts of data—location, behavior, interests, contacts. Letting a ten-year-old on Instagram without parental knowledge violates that principle at its core.
But kids lie about their age all the time. How is Meta supposed to stop that?
That's the question, isn't it. Meta could require government ID verification at signup. It could use third-party age verification services. It could require a parent's payment method to confirm consent. These tools exist. Meta says they're too burdensome for users, but the EU is saying that's not Meta's choice to make—the law is.
What happens if Meta just ignores this?
Fines. Potentially very large ones. The EU has fined Meta billions before. But more than that, there's reputational damage and the possibility of forced changes to how the platforms operate. If Meta doesn't move, Brussels will likely impose a solution rather than let Meta design its own.
Does this actually protect kids, though, or just make parents feel better?
Both, probably. A thirteen-year-old on Instagram is exposed to content and algorithms designed to maximize engagement—which often means showing them the most provocative material. They're also being profiled for advertising in ways their parents don't know about. Keeping younger kids off isn't a perfect solution, but it's a legal floor. The harder question is what happens to the kids who do get on.