Von der Leyen studies restricting minors' access to social networks by age groups

The European Commission will present after the summer a legislative proposal that will establish a common age verification model throughout the EU. The Community Executive is studying progressive access to social networks according to the age of the minor and is committed to holding platforms responsible for the security of their services

7 minutes

20250709 EP 188007A LD2 EG 154

20250709 EP 188007A LD2 EG 154

Add DEMÓCRATA to Google

Ask FREN

Published

Last updated

7 minutes

Most read

The European Commission is finalizing the details of its proposal to limit minors' access to social networks. The President of the Commission, Ursula von der Leyen, received this Monday the advisory report she commissioned from an independent panel of experts, a document that, as she has advanced, will serve as the basis for future "actions" on a European scale aimed at strengthening the protection of children and adolescents in the digital environment.

"We must consider gradual and phased access for different age groups," the German leader stated during the report's presentation, hinting that Brussels is leaning towards a staggered model in which the possibilities of access and use of digital platforms increase progressively as the minor gets older.

The European Executive will now analyze the recommendations of the group of experts, made public this Monday, with the aim of presenting a legislative proposal after the summer. The timeline coincides with one of the year's major political milestones: the State of the Union debate, scheduled for September, where the Commission usually announces its main legislative initiatives.

Von der Leyen considers the political context to be particularly favorable for addressing this debate. "There is already a consensus on the need to establish a minimum age for children to join social networks," the president assured, reflecting a growing concern among both Member States and European institutions themselves about the impact these platforms have on the mental health and development of minors.

Platforms will have to demonstrate that their services are safe

One of the main changes in philosophy proposed by Brussels consists of shifting responsibility from families to large technology platforms. The Commission wants companies to prove that their services are safe for minors, not the other way around. "In Europe, whoever develops a product is responsible for its safety," Von der Leyen argued, using a very graphic comparison. "We don't expect children to design their own seatbelts, nor do parents have to install airbags at home," she stated.

With this analogy, the president wanted to make it clear that the objective is to apply the same principle of protection to the digital environment that already exists in other areas of consumption.

Brussels' position comes just a few days after the Commission communicated its preliminary conclusions against Instagram and Facebook, considering that the design of both platforms could breach the Digital Services Act (DSA) by incorporating potentially addictive mechanisms, such as infinite scroll or automatic content playback. For the Community Executive, these investigations reinforce a fundamental idea: platforms have a legal duty to ensure the well-being of their users, especially when they are minors.

A European application to verify age without sharing personal data

One of the pillars of the future European strategy will be the creation of a common age verification system, valid for the twenty-seven Member States. The Commission has been working for months on an application that allows users to prove their age without needing to reveal their identity or share personal information with the platforms. "The question is no longer whether children run risks online, but what we can do to give them a safer start on the web," argued Von der Leyen.

For her part, the Executive Vice-President for Technological Sovereignty, Henna Virkkunen, explained that the European solution will be based on the so-called zero-knowledge proof, a cryptographic technology that allows demonstrating that a person meets a certain requirement—in this case, age—without revealing any other data. "When users want to access a service with age restrictions, they will maintain full control of their data," assured the Community Executive's technology chief.

In practice, Brussels intends to prevent each Member State from developing its own verification system, which could generate regulatory fragmentation, higher costs for companies, and differences in the protection of minors within the digital single market. The objective is to create a single European mechanism, interoperable and recognized throughout the Union.

Self-declaration no longer convinces Brussels

Currently, most social networks establish a minimum age of 13 years in their terms of use to open an account. However, in practice, it is enough to enter a false date of birth to overcome this requirement. The Commission considers that this system of self-declaration has significant security deficiencies and is clearly insufficient to guarantee the protection of minors.

Community services emphasize that this model does not prevent children under 13 from accessing platforms, nor does it allow for adequate verification of whether a user is under 17, an aspect they consider necessary to correctly adapt the digital experience to each stage of development.

Furthermore, Brussels warns that some platforms, such as Snapchat, do not offer sufficiently effective mechanisms to report profiles belonging to minors, thus increasing the risk of exposure to harmful content or potentially dangerous situations.

Despite the political momentum the debate has gained, the Commission avoids promising immediate solutions. "We must set the age from which they can legally access social networks. This will not be infallible," acknowledge community sources. Von der Leyen herself has argued that the transformation will require time, just as it happened with other major public safety measures. "It took years to ban driving under the influence of alcohol or to generalize the use of seat belts. Big changes do not happen overnight," she stated. Beyond regulation, Brussels insists that the protection of minors will also require a cultural change among families and technology companies themselves.

No screens before the age of three

One of the most forceful recommendations supported by the President of the Commission consists of completely avoiding the use of screens before the age of three. "Children should only be exposed to social networks under the supervision of their parents, caregivers, or teachers and for a limited time," Von der Leyen has repeated.

The leader has also called on families to reclaim spaces away from the digital world. "Children need time to play, to make face-to-face friends, to make mistakes and learn from their mistakes. They need time to develop their own identity and their own personality before an algorithm shapes it. I think we should give them that time," she concluded this Monday.

The European debate coincides with a legislative offensive promoted by the Spanish Government. In an interview with Demócrata, on the sidelines of a European Union Youth Council of Ministers, the Secretary of State for Youth and Childhood, Rubén Pérez, already announced that Spain is considering raising the minimum age for a minor to create social media accounts to 16 years. "Currently, in Spain, the age required for a minor to transfer their data to a private operator is already 14 years. What we are doing now is raising that limit to 16 years. No minor could open a WhatsApp, Facebook, or any other platform account because, by accepting their terms of use, they are transferring their personal data," he explained then.

The expert report received by the Commission proposes a progressive introduction to the digital environment, organized into three main stages:

From 0 to 2 years: no social media use

  • Complete absence of exposure to social media and similar platforms is recommended.

  • Control must rest entirely with parents or caregivers.

From 3 to 13 years: supervised access only

  • Use would only be possible under active supervision by parents, teachers, or guardians.

  • The general restriction for minors under 13 years of age throughout the European Union remains, except for educational exceptions or with parental consent.

From 13 to 18 years: progressive autonomy

  • The minor gradually gains greater independence in the use of platforms.

  • The role of adults evolves from direct supervision to accompaniment and digital education.

  • Member States may introduce additional restrictions based on their national legislation.

The Government also wants to toughen the Penal Code

In parallel, the Spanish Government has opened a new legislative front through two transactional amendments to the Bill for the Protection of Minors in Digital Environments. The initiative aims to prohibit access to social networks for minors under 16 years of age, except in cases where platforms prove to the National Commission of Markets and Competition (CNMC) that they offer a sufficiently safe environment or when there is a strictly educational purpose.

However, the Executive wants to go even further. The amendments include a profound reform of the Penal Code to criminalize certain algorithmic practices when they contribute to amplifying illicit content, such as incitement to suicide, child pornography, or any other material especially harmful to minors.

Likewise, the Government proposes to introduce direct criminal liability for the executives of large technology platforms when they fail to comply with judicial orders to remove dangerous content. The measure even contemplates prison sentences for those corporate executives who deliberately ignore court rulings.

With this, both Brussels and Madrid are beginning to converge on the same idea: the effective protection of minors in the digital environment cannot rest solely on families, but requires much greater responsibility from large technology platforms, which are called upon to assume an active role in risk prevention and in the creation of truly safe digital spaces for children and adolescents.

More key points, information and questions with FREN

AI-GENERATED CONTENT

What is the current status of the parliamentary process for the future European legislative proposal on minors' access to social networks?

As of today, there is still no formal EU legislative proposal (regulation or directive) on minors' access to social networks under joint European Parliament–Council procedure. What exists is a political resolution of the European Parliament, approved in 2025, which calls for setting a harmonized minimum age (16 years, with exceptions from 13 with parental consent) and urges the Commission to present a legislative proposal in the future. Therefore, there is no “COD” file number, no trilogues or readings in the Council: the “legislative procedure” as such has not yet started. Meanwhile, the Commission is using and developing already existing instruments such as the Digital Services Act (DSA) and a European age verification application.

What exactly the European Parliament has approved

The key piece is the report from the Committee on the Internal Market and Consumer Protection (IMCO) on online safety for minors, explained in the European Parliament press release «new EU measures needed to make online services safer for minors» and developed, from a Spanish perspective, by Demócrata in this piece. The text proposes:

  • A digital minimum age of 16 years across the EU to access social networks, video platforms, and certain “AI companions” on one's own, and an absolute minimum age of 13 years for any social network.
  • That access between 13 and 16 years is only possible with parental authorization.
  • Disabling by default addictive design features (infinite scroll, autoplay, aggressive gamification) and banning recommendation algorithms based on minors' engagement.
  • Restricting loot boxes and similar gambling mechanisms in games accessible to minors, as well as monetization of so-called kidfluencing.
  • Exploring personal liability of senior executives in case of serious infringements regarding minors' protection.

According to Demócrata's coverage, the IMCO report was approved in committee with 32 votes in favor, 5 against, and 9 abstentions, and then went to the Plenary, where it became a Parliament resolution serving as a political roadmap for future digital legislation negotiations. The EP press release on the position to restrict minors' access to networks is also summarized in Spanish in this reference.

Status of the parliamentary process and in the Council

From a procedural point of view, this resolution:

  • Is a non-binding act of the Parliament (resolution), not a draft regulation/directive.
  • Its adoption in Plenary in November 2025 closed the corresponding parliamentary file: there is no second reading, nor “co-decision” with the Council on this specific text.
  • The Council of the EU is not processing its own legislative file derived from this resolution, because it only co-legislates on formal Commission proposals.

In parallel, several governments — including Spain and France — have pushed to advance towards a common “digital age of majority” and mandatory age verification. Spain and ten other countries have asked the Commission for a common age verification framework through letters and initiatives detailed in press releases from the Ministry for Digital Transformation, for example in this note and in the corresponding La Moncloa version here, as well as another on the support of nine countries for the joint proposal of Spain, France, and Greece in [link].

What the European Commission is doing

The Commission has chosen to first advance in executive and technological instruments, without yet launching an autonomous legislative proposal on “minors' access to social networks”:

  • Development of a European age verification application, based on “zero-knowledge proof”, presented by Executive Vice-President Henna Virkkunen, as covered both by Demócrata's piece about the app and the Commission's official remarks in this speech.
  • Strict enforcement of the Digital Services Act (DSA) against platforms like Snapchat or Meta, including formal investigations summarized in this article and press releases such as [link].
  • Use of guides and outreach materials on DSA and minors, such as the brochure highlighted by the Portuguese regulator ANACOM in [link], and technical opinions on age verification, such as that of the European Data Protection Board summarized by the Spanish Data Protection Agency in [link].

Additionally, the Commission has worked with a Special Panel on online child safety, whose work and next steps are detailed in this note, and has used other forums (such as the European Summit on Artificial Intelligence and Children, speech at [link]) to prepare the political ground.

Expected next steps

As long as there is no formal legislative proposal from the Commission (with a file number like 20xx/xxxx(COD)), there is no “parliamentary processing” in the strict sense either in Parliament or Council on a “specific European law on minors' access to social networks”. The pending steps are:

  • The Commission deciding whether to translate this Parliament resolution and the pressure from Member States into a proposal for a regulation or directive that amends the DSA or creates a new rule.
  • Once that happens, opening a legislative file with rapporteur, amendments, trilogues, and formal votes in Parliament and Council.

Until July 2026, according to information available in the European Parliament, the Commission, and specialized press — including the newspaper Demócrata and other media such as the analysis by Ara or summaries like that of Club Cámara Madrid in [link] — this step has not yet occurred.

Other related or contextual contents and references where this debate is being followed, or contextualized with national and sectoral initiatives, can be found in Demócrata news such as Macron's French offensive ([link] and [link]), Sánchez's position calling for joint action in the EU ([link] and [link] / [link]), the general monitoring piece «Minors on the internet: massive use, growing risks and legislation under construction», or Brussels chronicles on Meta and Snapchat cases ([link] and [link]), among many others.

Also part of the reference ecosystem of this debate is the Spanish initiative to ban sexual deepfakes in the EU ([link]), regional notes such as those from the Basque Government on the DSA and the age verification application ([link] and [link]), as well as outreach materials from institutions and media (for example, the summary popularized by the PPE Group in [link] or verification and outreach pieces in Newtral).

Finally, the debate has also landed in more divulgative formats and institutional or journalistic social networks, such as various Instagram and Facebook contents summarizing the Parliament's position and the Commission's plans ([link], [link], [link], [link]), reflecting that, although the formal legislative file has not started, the political and social battle over minors' access age to social networks in the EU is fully open.

At what moment and with what specific content could the European Commission present a formal legislative proposal on the minimum age of access to social networks? How is the future Organic Law on the protection of minors in digital environments being articulated in Spain in relation to this European debate? What specific obligations does the Digital Services Act (DSA) already impose on large platforms regarding minors and age verification?

What are Ursula von der Leyen's legal powers as President of the European Commission?

The President of the European Commission, currently Ursula von der Leyen, does not have a “separate personal power” apart from the institution, but her legal powers derive from her role in leading and representing the Commission, which is the executive body and “guardian of the Treaties.” According to the Treaty on European Union (TEU) and the Treaty on the Functioning of the European Union (TFEU), this translates into directing the collective action of the Commissioners, setting political priorities, controlling the internal organization of the College, being politically accountable to the European Parliament, and representing the Commission internally and externally to the EU, with clear limits in foreign and security policy. Below are these powers as described in the Treaties and official institutional guides.

1. General role of the President according to the Treaties

The Treaties assign the Commission the role of safeguarding the general interest of the Union, proposing legislation, executing the budget, and ensuring the application of EU law. The explanatory note from the Spanish Ministry of Foreign Affairs on the Commission emphasizes that it is a “politically independent” institution exercising executive, legislative, and control functions, with a College of 27 Commissioners led by a President (what is the European Commission).

According to the TEU, the European Council proposes a person to preside over the Commission “taking into account the outcome of the European elections”; the European Parliament elects her, and once elected, that President negotiates with the States the list of Commissioners and presents the full College to Parliament for approval vote, as the Parliament itself recalls in von der Leyen's re-election (von der Leyen's re-election).

2. Internal organization and control of the College of Commissioners

A central power, noted in several institutional guides, is that the President “directs the action of the Commission” and allocates responsibilities among Commissioners. The European Commission fact sheet cited in the research summary indicates that the President:

  • Decides the structure of the College and the distribution of portfolios.
  • Can reorganize competences during the mandate.
  • Is the political reference before Parliament on behalf of the entire Commission.

La Moncloa explains that the Commissioners and the President form the College and that “the President of the Commission appoints the Vice-Presidents of the College” and coordinates their work (Commission fact sheet). In practice, this grants the President power to shape priorities and the weight of each portfolio, something Demócrata has described when analyzing the new Commission and the relevance of directorates-general and legal services (Spaniards in the Commission, profile of Alberto de Gregorio).

3. Political direction and legislative initiative

The TEU (art. 17.2, cited in the reference materials) assigns the Commission the near monopoly of legislative initiative: “the Commission shall submit the necessary legislative proposals.” The President does not personally sign laws but politically directs what is proposed, when, and with what ambition, setting the annual Work Programme and mandate priorities. Demócrata's article on the Parliament's attempt to limit that “monopoly of legislative initiative” describes how it tries to strengthen the use of article 225 TFEU to force the Commission to respond and, if appropriate, legislate when the Eurochamber requests it (legislative initiative monopoly).

Additionally, the Commission is “guardian of the Treaties,” a function highlighted by La Moncloa and other official sources, which projects into infringement procedures before the CJEU when a State breaches EU law (Commission analysis in the ERE case, sanctions for VAT on SMEs).

4. Political responsibility before the European Parliament

Another key power is collective political responsibility: the TEU and TFEU (art. 234) foresee that Parliament may adopt a motion of censure forcing the entire Commission, including its President, to resign. Demócrata recalls that for it to succeed “a two-thirds majority of votes cast is needed” and that, if approved, “the members of the Commission must resign collectively” (motion of censure against von der Leyen, fourth motion survived).

The President is therefore the political face of the Commission in investiture debates, orientation speeches, and control sessions, and is the one accountable for the entire College's performance.

5. External representation and limits in foreign policy

According to the cited institutional fact sheets, the Commission “represents the EU on the international stage” only in areas within its competence (e.g., common commercial policy), negotiating agreements that must then be signed and, if applicable, ratified by Council and Parliament. Demócrata has explained this in the context of agreements like Mercosur (article 218 TFEU, provisional application of Mercosur) or trade policy vis-à-vis the United States (response to a trade war, defense of Spain's interests).

However, the Treaties reserve the EU's representation in “common foreign and security policy matters” to the President of the European Council and the High Representative. Several Demócrata articles emphasize that von der Leyen's forays into foreign policy “are not her concern” as Josep Borrell has criticized (crisis with Iran, Borrell's criticisms, reply on International Law). This clearly shows the limit: she can give political messages, but the formal mandate to conduct the CFSP belongs to other figures.

6. Summary

In strictly legal terms, Ursula von der Leyen's powers as President of the Commission are: to direct the action of the College of Commissioners, assigning and reorganizing portfolios; to set and embody the Commission's political priorities, especially in its legislative initiative; to politically represent the Commission before Parliament, Council, and public opinion; to be politically accountable before the European Parliament for the Executive's performance; and to represent the Commission internationally in areas of its competence (especially trade and implementation of European policies), respecting the limits set in foreign and security policy. All this within the framework of a collegiate institution accountable to the Eurochamber, not a personalist executive power.

Additional related links (selection)

On Commission and Council: Council presidency, what is the European Council, general Commission fact sheet ([link]), additional explanations ([link], [link]).

On Parliament–Commission relations and accountability: updated framework agreement (Commission note, Representation in Spain note, regional summary, agreed principles).

Other general context resources on institutions and Treaties: institutional structure, regional explanation, social media outreach, digital power analysis of community leaders (European digital power).

How does the President of the Commission's legal role differ from that of the President of the European Council and the High Representative in foreign policy? What real margin does the European Parliament have to control or force changes in the legislative agenda of the Commission presided over by Von der Leyen? How is the motion of censure procedure against the European Commission articulated step by step and what effects would it have on Von der Leyen's mandate?

What legal requirements currently exist in Spain for a minor to create an account on a social network?

In Spain, the key legal factor for a minor to open an account on a social network is the age from which they can consent to the processing of their personal data. Currently, data protection regulations set that age at 14 years: from that age, the minor can register on their own; below that, parental or guardian consent is required. Additionally, there are specific child protection laws that oblige administrations and internet service providers to prevent violence and risks on networks, but they do not establish a different age for “having an account.” In practice, therefore, the central legal condition is valid consent for the processing of personal data.

1. Minimum age of consent in data protection

The reference point is the Organic Law 3/2018, on Personal Data Protection and guarantee of digital rights, which adapts the European data protection regulation to the Spanish legal system. Its preamble explicitly states that “the age from which the minor can give consent is maintained at fourteen years.” This law can be consulted in the Organic Law 3/2018.

This means, applied to social networks and similar services:

  • Minors under 14 years: cannot give valid consent on their own for the platform to process their personal data. Registration on the social network should be accompanied by the consent of their parents, guardians, or legal tutors.
  • From 14 years old: the minor can consent to the processing of their data themselves, so they can, in principle, create an account without additional authorization, provided they understand the information about the processing and other legal guarantees are respected.

The law itself states that consent must be a clear affirmative action, and cannot be based on the old “tacit consent.” The relevant excerpt can be seen in the text of the Organic Law 3/2018.

All this is framed within the general model of the information society already existing since the Law 34/2002 on information society services, although this law does not set a different age but generally regulates the provision of online services.

2. Protection against violence and risks on the Internet

Beyond the age/consent issue, Spain has strengthened child protection in digital environments with the Organic Law 8/2021, on comprehensive protection of children and adolescents against violence. This law specifically addresses digital violence, cyberbullying, dissemination of private data, and other risks on social networks and the Internet. It can be consulted in the Organic Law 8/2021.

Among other things, the law:

  • Emphasizes that violence also includes that carried out “through information and communication technologies, especially digital violence.”
  • Obliges public administrations to promote safe and responsible use of the Internet and social networks by children, adolescents, and families.
  • Requires awareness, prevention, and early detection of violence in family, educational, health, social, judicial, and new technology settings.

The text states that one of the law's aims is to provide public authorities, children, and families with effective instruments “in all areas, of social networks and the Internet,” to eliminate violence and protect minors. This approach appears in the consulted excerpts of the Organic Law 8/2021.

It is important to highlight that this law does not modify the age of consent for data processing but reinforces obligations for prevention and action against abuse, cyberbullying, non-consensual data dissemination, etc.

3. Other related regulations and European context

The Spanish personal data regime is also built on Regulation (EU) 2016/679 (General Data Protection Regulation), repeatedly mentioned in the Organic Law 3/2018 and various administrative resolutions, such as the Resolution of 1 August 2018 and its erratum of 2019, the Correction Resolution. However, in the sources consulted, the full text of the specific article on minors has not been located, only references.

In the broader audiovisual and digital field, there is a framework of regulations that indirectly affect online services and child protection (telecommunications, audiovisual communication, digital services, etc.), such as Law 11/2022, General Telecommunications Law or Royal Decree 1138/2023 on registries of audiovisual service providers and video-sharing platforms. However, in the extracts obtained, no different age or additional specific requirement for a minor to open a social network account is specified.

In short, with the available information, it can be summarized as follows: in Spain, the reference age for a minor to create a social network account on their own is 14 years (own consent for processing their personal data); below that age, registration should be based on the consent of their legal representatives. Additionally, there are reinforced obligations for administrations and digital actors regarding prevention of violence and online risks, without identifying another minimum age specifically applicable to the mere act of “opening an account.”

This response has used, among others, references from the BOE on Organic Law 3/2018, Organic Law 8/2021, Law 34/2002, Resolution of 8 July 2009 on codes of conduct, Directive 2000/31/EC, and other contextual provisions (for example, Order HAC/590/2021, Judgment 76/2019, or telecommunications regulations such as Royal Decree 1337/1999), none of which derive a different age than 14 years for minors' digital consent.

What legal responsibilities do parents assume if they authorize a minor under 14 to use a social network and the minor suffers cyberbullying? What complaint and protection mechanisms does Organic Law 8/2021 provide for cases of digital violence against minors? How are the main social networks adapting to the minimum age of 14 set by Spanish data protection regulations?

Play

Test your knowledge with FREN!

How much do you know about this topic? Answer the following 3 questions.

What model of access to social networks for minors is the European Commission considering implementing?

Question 1 of 3

Who should certify that platforms are safe for minors according to the European Commission's proposal?

Question 2 of 3

What recommendation about screen use for children under three years old does the European Commission support?

Question 3 of 3

Hola, soy Fren. ¿Cómo te ayudo?