Key data
| Regulation | Recommendation (EU) 2026/1035 of the Commission, of 29 April 2026 |
|---|---|
| Publication | 8 May 2026 |
| Entry into force | 29 April 2026 |
| Affected parties | Digital platforms, social networks, online services with age-restricted content operating in the EU |
| Category | European Regulation |
| Nature | Recommendation (non-binding, anticipates future mandatory regulation) |
| Related regulation | Digital Services Regulation (DSA) |
Digital platforms operating in Europe have a clear signal from Brussels: age verification of users will cease to be an optional practice. The Recommendation (EU) 2026/1035, adopted by the European Commission on 29 April 2026 and published in the Official Journal on 8 May 2026, establishes a common framework of age verification technologies at European scale.
It is not a mandatory rule, but in the European regulatory context, a Commission recommendation is the usual step prior to binding regulation. Platforms that act now will have competitive advantage and will avoid urgent adaptation costs in the future.
What does this regulation establish?
The recommendation has three main pillars:
- Technical harmonization: It establishes common criteria on what age verification technologies are suitable for the European digital market, preventing each Member State or platform from adopting incompatible solutions.
- Privacy standards: Age verification systems must comply with defined privacy criteria, which means that current solutions based on massive personal data collection may not be compliant with the recommended framework.
- Guidance to Member States and platforms: It directs its recommendations to both national governments and digital platforms that must implement these controls.
The recommendation explicitly aligns with the Digital Services Regulation (DSA), which already imposes concrete obligations on large platforms to protect minors. This new framework reinforces that protection and extends it to the entire European digital market.
| Aspect | Current situation | Recommended framework 2026 |
|---|---|---|
| Technical standards | Fragmented by country and platform | Common criteria at EU scale |
| Privacy in verification | Without harmonized criteria | Defined privacy standards |
| Nature | — | Recommendation (anticipates mandatory regulation) |
| Relationship with DSA | Obligations only for large platforms | Framework extended to the entire digital market |
Economic and operational impact
The immediate impact is operational, not sanctioning. Platforms must assess whether their current age verification systems are compatible with the recommended technical and privacy criteria. This may involve:
- Audit of existing age control mechanisms.
- Investment in new technology solutions compliant with European standards.
- Review of personal data flows involved in verification.
- Adaptation of user experience to incorporate age controls without excessive friction.
The cost of adaptation will depend on the size of the platform and the maturity of its current systems. Platforms that already comply with the DSA in terms of minor protection will have an advantage, but must verify that their technical solutions also align with the new common criteria.
The risk of not acting now is clear: when regulation becomes mandatory, adaptation timelines will be shorter and urgent implementation costs will be higher.
Who does it affect?
- Digital platforms with adult content operating in any EU Member State.
- Social networks with users in Europe, especially those with minors in their user base.
- Online services with age-restricted content: gambling, alcohol, tobacco, audiovisual content classified for adults, among others.
- Platforms subject to the DSA that already have obligations to protect minors and must align their systems with the new common framework.
- Technology companies that develop or provide identity and age verification solutions for third parties.
- Legal and compliance advisors who accompany digital platforms in their regulatory adaptation.
Practical example
A Spanish streaming platform that offers content classified for ages 18+ currently uses an age verification system based on a simple user declaration when registering. This mechanism, common in many platforms, does not respond to the technical criteria that the European Commission recommends in the new common framework.
Under Recommendation (EU) 2026/1035, this platform should review whether its verification system complies with the recommended technical and privacy standards. If regulation becomes mandatory in the future, maintaining that system could constitute a direct breach. The recommended action now is to audit the current mechanism, compare it with the criteria of the European common framework, and initiate a technological adaptation process before mandatory deadlines arrive.
What should companies do now?
- Identify if your platform is within the scope of application: Review whether you offer age-restricted content or have minors in your user base. If so, this recommendation directly affects you.
- Audit current age verification mechanisms: Document how you verify the age of your users today and what personal data is collected in that process.
- Compare with the criteria of the European common framework: Evaluate whether your current solutions comply with the technical and privacy standards recommended by the European Commission.
- Review compliance with the DSA: If your platform is subject to the Digital Services Regulation, verify that your obligations to protect minors also align with this new framework.
- Plan technological adaptation: If you detect gaps, start now the process of selecting and implementing compliant solutions. Doing so proactively is cheaper than doing it under regulatory pressure.
- Monitor regulatory evolution: This recommendation anticipates future mandatory regulation. Keep track of regulatory developments in the EU to anticipate compliance timelines.
Frequently asked questions
Is it mandatory to comply with this EU age verification recommendation?
It is not binding at this time. It is a recommendation from the European Commission published on 29 April 2026, which guides Member States and platforms on technical and privacy standards. However, it anticipates stricter future regulation and aligns with the Digital Services Regulation (DSA), which is mandatory.
Which digital platforms should review their age verification systems?
Mainly digital platforms with adult content, social networks, and online services with age-restricted content operating in the EU. Any service that must comply with minor protection regulations is in the focus of this recommendation.