European Commission Makes New Announcements on the Protection of Minors Under the Digital Services Act

In this post, authors Dan Cooper, Shona O’Donovan, Madelaine Harrington & Laura Somaini (Covington & Burling) report on the European Commission’s final guidelines for protecting minors under the Digital Services Act (DSA), published on 14 July 2025. Aimed at providers of online platforms “accessible to minors,” the guidelines outline appropriate and proportionate measures to ensure a high level of privacy, safety, and security for young users, as required under Article 28(1) DSA. While non-binding, the Commission intends to treat them as a meaningful compliance benchmark. The final version builds on the draft guidelines released in May 2025, incorporating feedback from public consultation to refine and clarify recommendations.

The guidelines introduce a “risk review” process, requiring providers to assess and identify measures tailored to their platform’s nature and context. Providers must give primary consideration to the best interests of the child, consult children, guardians, and other stakeholders, and factor in the latest scientific and academic research. Risk reviews should be conducted at least annually, or following significant service changes. Very large online platforms and search engines may integrate this process into their broader systemic risk assessments under Article 34 DSA, though they are not required to do so.

The publication aligns with wider EU and UK efforts to strengthen child protection online, such as Ofcom’s new requirements under the UK Online Safety Act. Alongside the guidelines, the Commission unveiled a prototype EU age verification app, now entering a pilot phase with Member States, platforms, and end users to refine the tool before broader rollout…

CONTINUE READING…